| Group Name | # of attack rules | # of warning rules | goto |
|---|---|---|---|
| OS | |||
| OS / Windows | 2319 | 2909 | goto rules ... |
| OS / Linux | 67 | 171 | goto rules ... |
| OS / Other | 1033 | 572 | goto rules ... |
| Server | |||
| Server / HTTP | |||
| Server / HTTP / Common | 14 | 67 | goto rules ... |
| Server / HTTP / Apache | 164 | 143 | goto rules ... |
| Server / HTTP / Microsoft IIS | 8 | 179 | goto rules ... |
| Server / HTTP / Other | |||
| Server / HTTP / Coldfusion | |||
| Server / HTTP / Frontpage | 0 | 3 | goto rules ... |
| Server / HTTP / PHP | 479 | 596 | goto rules ... |
| Server / HTTP / CGI | 211 | 279 | goto rules ... |
| Server / Mail | |||
| Server / Mail / Microsoft Exchange | 55 | 50 | goto rules ... |
| Server / Mail / Sendmail | 1 | 26 | goto rules ... |
| Server / Mail / POP3 | 1 | 2 | goto rules ... |
| Server / Mail / IMAP | 19 | 49 | goto rules ... |
| Server / Mail / SMTP | 8 | 123 | goto rules ... |
| Server / Database | |||
| Server / Database / Microsoft | 11 | 78 | goto rules ... |
| Server / Database / Oracle | |||
| Server / Database / MySQL | 21 | 64 | goto rules ... |
| Server / Database / Common SQL | 509 | 363 | goto rules ... |
| Server / Database / Common SQL | |||
| Server / Misc | |||
| Server / Misc / DNS | 159 | 218 | goto rules ... |
| Server / Misc / FTP | 36 | 253 | goto rules ... |
| Server / Misc / SSH | 2 | 25 | goto rules ... |
| Server / Misc / Backup | 45 | 75 | goto rules ... |
| Server / Misc / TFTP | |||
| Server / Misc / SNMP | 8 | 7 | goto rules ... |
| Server / Misc / Authentication | 18 | 54 | goto rules ... |
| Server / Misc / CVS | 1 | 17 | goto rules ... |
| Client | |||
| Client / Office | 1152 | 1246 | goto rules ... |
| Client / Browser | 2202 | 1799 | goto rules ... |
| Client / Email | 8 | 104 | goto rules ... |
| Client / Multimedia | 3261 | 1475 | goto rules ... |
| Client / Peer to Peer | |||
| Client / Instant Messenger | 17 | 26 | goto rules ... |
| Protocol Anomaly | |||
| Protocol Anomaly / Invalid Traffic | 8 | 149 | goto rules ... |
| Protocol Anomaly / ICMP | |||
| Protocol Anomaly / IGMP | |||
| Protocol Anomaly / RPC | |||
| Protocol Anomaly / Misc | |||
| Malware | 7727 | 15232 | goto rules ... |
| Malware / Trojans | |||
| Malware / DoS | |||
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 591 | PROTOCOL-RPC portmap ypupdated request TCP (more info ...) | rpc-portmap-decode | 1999-0208 | 1749 | ||
| 1277 | PROTOCOL-RPC portmap ypupdated request UDP (more info ...) | rpc-portmap-decode | 1999-0208 | 28383 | ||
| 2088 | PROTOCOL-RPC ypupdated arbitrary command attempt UDP (more info ...) | misc-attack | 1999-0208 | 28383 | ||
| 2089 | PROTOCOL-RPC ypupdated arbitrary command attempt TCP (more info ...) | misc-attack | 1999-0208 | 1749 | ||
| 2103 | NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 2185 | PROTOCOL-RPC mountd UDP mount path overflow attempt (more info ...) | misc-attack | 2010-4227 | 8179 | 11800 | |
| 2435 | FILE-IDENTIFY Microsoft emf file download request (more info ...) | misc-activity | 2007-5746 | 9707 | URL | |
| 2927 | OS-WINDOWS Microsoft Windows XPAT pattern overflow attempt (more info ...) | attempted-admin | 2004-0574 | URL | ||
| 3078 | PROTOCOL-NNTP Microsoft Windows SEARCH pattern overflow attempt (more info ...) | attempted-admin | 2004-0574 | URL | ||
| 3114 | OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc LlsrConnect overflow attempt (more info ...) | attempted-admin | 2005-0050 | 12481 | URL | |
| 3171 | OS-WINDOWS DCERPC NCADG-IP-UDP msqueue function 4 overflow attempt (more info ...) | attempted-admin | 2005-0059 | URL | ||
| 3590 | OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMDeleteObject overflow attempt (more info ...) | attempted-admin | 2005-0059 | 18027 | URL | |
| 3591 | OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMDeleteObject overflow attempt (more info ...) | attempted-admin | 2005-0059 | 18027 | URL | |
| 3632 | FILE-IMAGE Microsoft Windows Bitmap width integer overflow attempt (more info ...) | attempted-admin | 2008-3015 | 11171 | URL | |
| 3967 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_QueryResConfList attempt (more info ...) | protocol-command-decode | 2005-1983 | 14513 | URL | |
| 4072 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_DetectResourceConflict attempt (more info ...) | protocol-command-decode | 2005-1983 | 14513 | URL | |
| 5485 | OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (more info ...) | attempted-admin | 2009-2523 | 12481 | URL | |
| 6702 | NETBIOS SMB NT Trans Secondary Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6703 | NETBIOS SMB NT Trans Secondary unicode Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6704 | NETBIOS SMB-DS NT Trans Secondary Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6705 | NETBIOS SMB-DS NT Trans Secondary unicode Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6706 | NETBIOS SMB NT Trans Secondary Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6707 | NETBIOS SMB NT Trans Secondary unicode Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6708 | NETBIOS SMB NT Trans Secondary andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6709 | NETBIOS SMB NT Trans Secondary unicode andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6710 | NETBIOS SMB-DS NT Trans Secondary andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6711 | NETBIOS SMB-DS NT Trans Secondary unicode andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6712 | NETBIOS SMB NT Trans Secondary andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 6713 | NETBIOS SMB NT Trans Secondary unicode andx Param Count overflow attempt (more info ...) | protocol-command-decode | 2003-0085 | 7106 | ||
| 7007 | BROWSER-PLUGINS AxDebugger.Document.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 7209 | OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrPathCanonicalize overflow attempt (more info ...) | attempted-admin | 2006-3439 | 19409 | URL | |
| 9027 | OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrJoinDomain2 overflow attempt (more info ...) | attempted-admin | 2006-4691 | 11921 | URL | |
| 9769 | OS-WINDOWS DCERPC NCACN-IP-TCP msqueue function 4 overflow attempt (more info ...) | attempted-admin | 2005-0059 | URL | ||
| 10018 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc ReserveGroup attempt (more info ...) | protocol-command-decode | 2006-6917 | URL | ||
| 10030 | NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath_Function_45 overflow attempt (more info ...) | attempted-admin | 2006-6076 | 20365 | ||
| 10202 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetRealTimeScanConfigInfo attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 10208 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect COMN_NetTestConnection attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 10390 | BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX clsid access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10392 | BROWSER-PLUGINS Symantec Support Controls SmartIssue ActiveX function call access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10393 | BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX clsid access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10395 | BROWSER-PLUGINS Symantec SupportSoft SmartIssue ActiveX function call access (more info ...) | attempted-user | 2006-6490 | 22564 | URL | |
| 10486 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc corrupt user-supplied memory address attempt (more info ...) | protocol-command-decode | 2007-1447 | 22994 | URL | |
| 11442 | NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (more info ...) | attempted-admin | 2007-2446 | |||
| 11443 | NETBIOS DCERPC NCADG-IP-UDP lsarpc LsarAddPrivilegesToAccount overflow attempt (more info ...) | attempted-admin | 2007-2446 | |||
| 11684 | OS-WINDOWS Microsoft Windows WINS overflow attempt (more info ...) | misc-attack | 2004-1080 | 11922 | URL | |
| 11945 | NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11955 | NETBIOS SMB-DS Trans2 OPEN2 maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11956 | NETBIOS SMB-DS Trans2 OPEN2 unicode maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11957 | NETBIOS SMB Trans2 OPEN2 maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11958 | NETBIOS SMB Trans2 OPEN2 unicode maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11959 | NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11960 | NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11961 | NETBIOS SMB-DS Trans2 OPEN2 andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11962 | NETBIOS SMB-DS Trans2 OPEN2 unicode andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11963 | NETBIOS SMB Trans2 OPEN2 andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 11964 | NETBIOS SMB Trans2 OPEN2 unicode andx maximum param count overflow attempt (more info ...) | protocol-command-decode | 2003-0201 | |||
| 12069 | OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (more info ...) | attempted-admin | 2007-0040 | URL | ||
| 12198 | OS-WINDOWS Microsoft Windows getbulk request attempt (more info ...) | attempted-admin | 2006-5583 | URL | ||
| 12307 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetPagerNotifyConfig attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12317 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect-earthagent RPCFN_CopyAUSrc attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12326 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _AddTaskExportLogItem attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12332 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _TakeActionOnAFile attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12335 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_30010 overflow attempt (more info ...) | attempted-admin | 2007-4218 | 25395 | ||
| 12341 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect Trent_req_num_a0030 attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12347 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect _SetSvcImpersonateUser attempt (more info ...) | protocol-command-decode | 2007-4218 | 25395 | ||
| 12458 | PROTOCOL-RPC Solaris TCP portmap sadmin port query request attempt (more info ...) | rpc-portmap-decode | 2003-0722 | 8615 | ||
| 12612 | BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX clsid access (more info ...) | attempted-user | 2007-4916 | 25697 | ||
| 12614 | BROWSER-PLUGINS Microsoft Windows MFC Library ActiveX function call access (more info ...) | attempted-user | 2007-4916 | 25697 | ||
| 12627 | PROTOCOL-RPC Solaris TCP portmapper sadmin port query attempt (more info ...) | rpc-portmap-decode | 2003-0722 | 8615 | ||
| 12910 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 4 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12916 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 12 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12922 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 16 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12928 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 18 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12934 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc3 CA opcode 19 attempt (more info ...) | protocol-command-decode | 2007-5329 | 26015 | ||
| 12940 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 CA call 269 overflow attempt (more info ...) | attempted-admin | 2007-5327 | 26015 | ||
| 12972 | FILE-IDENTIFY Microsoft Media Player asf/wmv/wma file magic detected (more info ...) | misc-activity | ||||
| 12984 | NETBIOS DCERPC NCACN-IP-TCP srvsvc NetSetFileSecurity integer overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 12985 | NETBIOS DCERPC NCADG-IP-UDP srvsvc NetSetFileSecurity integer overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 13162 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (more info ...) | attempted-admin | 2008-0639 | 21220 | ||
| 13459 | BROWSER-PLUGINS Microsoft Windows Forms 2.0 ActiveX function call access (more info ...) | attempted-user | 2007-0065 | URL | ||
| 13474 | OS-WINDOWS Microsoft WebDAV MiniRedir remote code execution attempt (more info ...) | attempted-user | 2008-0080 | URL | ||
| 13525 | BROWSER-PLUGINS Novell iPrint ActiveX function call access (more info ...) | attempted-user | 2011-4185 | 29736 | URL | |
| 13619 | OS-WINDOWS Microsoft Windows getBulkRequest memory corruption attempt (more info ...) | attempted-admin | 2006-5583 | URL | ||
| 13965 | BROWSER-PLUGINS Microsoft Windows Message System ActiveX clsid access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 13967 | BROWSER-PLUGINS Microsoft Windows Message System ActiveX function call access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 14033 | BROWSER-PLUGINS Orbit Downloader ActiveX clsid access (more info ...) | attempted-user | 2008-1602 | |||
| 14035 | BROWSER-PLUGINS Orbit Downloader ActiveX function call access (more info ...) | attempted-user | 2008-1602 | |||
| 14037 | BROWSER-PLUGINS Novell iPrint ActiveX clsid access (more info ...) | attempted-user | 2011-4185 | 29736 | URL | |
| 14038 | BROWSER-PLUGINS Novell iPrint ActiveX function call access (more info ...) | attempted-user | 2011-4185 | 29736 | URL | |
| 14611 | BROWSER-PLUGINS VMWare VMCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3892 | 30934 | ||
| 14613 | BROWSER-PLUGINS VMWare VMCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3892 | 30934 | ||
| 14647 | OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14648 | OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14649 | OS-WINDOWS Microsoft Windows SMB Search Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14650 | OS-WINDOWS Microsoft Windows SMB Search unicode Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14651 | OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14652 | OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14653 | OS-WINDOWS Microsoft Windows SMB Search andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14654 | OS-WINDOWS Microsoft Windows SMB Search unicode andx Search filename size integer underflow attempt (more info ...) | protocol-command-decode | 2008-4038 | URL | ||
| 14725 | OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMGetRemoteQueueName overflow attempt (more info ...) | attempted-admin | 2008-3479 | URL | ||
| 14726 | OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMGetRemoteQueueName overflow attempt (more info ...) | attempted-admin | 2008-3479 | URL | ||
| 14782 | OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 14900 | NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum overflow attempt (more info ...) | attempted-admin | 2007-2446 | 24198 | ||
| 14988 | NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum overflow attempt (more info ...) | attempted-admin | 2007-2446 | 24198 | ||
| 15196 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15197 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15198 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15199 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15201 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15202 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15204 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15205 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15206 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15207 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15208 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE unicode andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15211 | OS-WINDOWS Microsoft Windows SMB NT Trans NT CREATE andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4834 | URL | ||
| 15212 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15214 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15215 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15216 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15219 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx max_param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15221 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15222 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15223 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15226 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15227 | OS-WINDOWS Microsoft Windows SMB Trans2 OPEN2 unicode andx param_count underflow attempt (more info ...) | protocol-command-decode | 2008-4835 | URL | ||
| 15508 | SERVER-OTHER DCERPC NCADG-IP-UDP lsarpc LsarLookupSids translated_names overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 15527 | OS-WINDOWS Microsoft Windows Active Directory LDAP denial of service attempt (more info ...) | attempted-admin | 2009-1138 | URL | ||
| 15528 | OS-WINDOWS Microsoft Windows DCERPC NCACN-IP-TCP spoolss RpcSetPrinterDataEx attempt (more info ...) | protocol-command-decode | 2009-0230 | URL | ||
| 15701 | OS-WINDOWS Microsoft Windows 2000 domain authentication bypass attempt (more info ...) | attempted-user | 2004-0540 | URL | ||
| 15881 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters Name Field attempt (more info ...) | protocol-command-decode | 2008-0639 | |||
| 15911 | NETBIOS DCERPC NCACN-IP-TCP spoolss RouteRefreshPrinterChangeNotification attempt (more info ...) | protocol-command-decode | 2007-2446 | |||
| 15930 | OS-WINDOWS Microsoft Windows SMB malformed process ID high field remote code execution attempt (more info ...) | attempted-admin | 2009-3103 | URL | ||
| 15965 | OS-WINDOWS Microsoft Explorer long share name buffer overflow attempt (more info ...) | attempted-user | 2004-0214 | 10213 | URL | |
| 16034 | SERVER-SAMBA Samba spools RPC smb_io_notify_option_type_data request handling buffer overflow attempt (more info ...) | attempted-user | 2007-2446 | |||
| 16143 | FILE-IDENTIFY Microsoft asf file magic detected (more info ...) | misc-activity | URL | |||
| 16238 | OS-WINDOWS DCERPC NCACN-IP-TCP llsrpc2 LlsrLicenseRequestW overflow attempt (more info ...) | attempted-admin | 2009-2523 | URL | ||
| 16239 | OS-WINDOWS DCERPC NCADG-IP-UDP llsrpc2 LlsrLicenseRequestW overflow attempt (more info ...) | attempted-admin | 2009-2523 | URL | ||
| 16329 | SERVER-OTHER Microsoft Internet Authentication Service EAP-MSCHAPv2 authentication bypass attempt (more info ...) | attempted-user | 2009-3677 | URL | ||
| 16395 | OS-WINDOWS Microsoft Windows SMB COPY command oversized pathname attempt (more info ...) | attempted-admin | 2010-0020 | URL | ||
| 16417 | OS-WINDOWS Microsoft Windows SMB Negotiate Protocol Response overflow attempt (more info ...) | attempted-admin | 2010-0016 | URL | ||
| 16538 | NETBIOS NT QUERY SECURITY DESC flowbit (more info ...) | misc-activity | ||||
| 16539 | OS-WINDOWS Microsoft Windows SMBv1 BytesNeeded ring0 buffer overflow attempt (more info ...) | attempted-admin | 2010-0269 | URL | ||
| 16540 | OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (more info ...) | attempted-admin | 2010-0477 | URL | ||
| 16706 | PROTOCOL-RPC Oracle Solaris sadmind TCP array size buffer overflow attempt (more info ...) | attempted-admin | 2008-3869 | 35083 | ||
| 16728 | NETBIOS Samba SMB1 chain_reply function memory corruption attempt (more info ...) | attempted-admin | 2010-2063 | 40884 | ||
| 16774 | BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX function call access (more info ...) | attempted-user | 2012-2515 | 36546 | ||
| 16776 | BROWSER-PLUGINS KeyWorks KeyHelp ActiveX control JumpURL method access attempt (more info ...) | attempted-user | 2012-2515 | 36546 | ||
| 16797 | PROTOCOL-RPC Oracle Solaris sadmind TCP data length integer overflow attempt (more info ...) | attempted-admin | 2008-3870 | 35083 | ||
| 17042 | FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (more info ...) | attempted-user | 2017-8464 | URL | ||
| 17056 | SERVER-OTHER Novell NetIdentity Agent XTIERRPCPIPE remote code execution attempt (more info ...) | attempted-admin | 2009-1350 | 34400 | ||
| 17125 | OS-WINDOWS Microsoft Windows SMB Trans2 MaxDataCount overflow attempt (more info ...) | attempted-admin | 2010-2550 | URL | ||
| 17205 | PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - udp (more info ...) | attempted-admin | 2009-2754 | 38472 | ||
| 17206 | PROTOCOL-RPC Multiple vendors librpc.dll stack buffer overflow attempt - tcp (more info ...) | attempted-admin | 2009-2754 | 38472 | ||
| 17249 | OS-WINDOWS Microsoft Windows LSASS integer overflow attempt (more info ...) | attempted-user | 2010-0820 | URL | ||
| 17707 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect trend_req_num buffer overflow attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 17714 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 17715 | NETBIOS DCERPC NCACN-IP-TCP trend-serverprotect CMON_ActiveUpdate attempt (more info ...) | protocol-command-decode | 2007-1070 | 22639 | URL | |
| 18189 | NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18190 | NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18191 | NETBIOS DCERPC NCACN-IP-TCP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18192 | NETBIOS DCERPC NCADG-IP-UDP netdfs NetrDfsEnum attempt (more info ...) | protocol-command-decode | 2007-2446 | 24198 | ||
| 18319 | SERVER-SAMBA Samba DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 18320 | OS-WINDOWS Microsoft Windows WINS association context validation overflow attempt (more info ...) | misc-attack | 2004-1080 | 11763 | URL | |
| 18462 | OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (more info ...) | attempted-admin | 2011-0654 | 46360 | URL | |
| 18472 | NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarLookupSids lsa_io_trans_name heap overflow attempt (more info ...) | protocol-command-decode | 2007-2446 | 24196 | ||
| 18557 | PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (more info ...) | attempted-admin | 2009-2753 | 38471 | ||
| 18558 | PROTOCOL-RPC IBM Informix Dynamic Server librpc.dll buffer overflow attempt (more info ...) | attempted-admin | 2009-2753 | 38471 | ||
| 18904 | BROWSER-PLUGINS KingView ActiveX clsid access (more info ...) | attempted-user | 2011-3142 | 46757 | URL | |
| 18994 | OS-WINDOWS Microsoft Windows 2003 browser election remote heap overflow attempt (more info ...) | attempted-admin | 2011-0654 | 46360 | URL | |
| 19102 | BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX clsid access (more info ...) | attempted-user | 2010-0108 | 38222 | URL | |
| 19103 | BROWSER-PLUGINS Symantec CLIProxy.dll ActiveX function call access (more info ...) | attempted-user | 2010-0108 | 38222 | URL | |
| 19290 | FILE-OTHER Microsoft LNK shortcut arbitary dll load attempt (more info ...) | attempted-user | 2010-2568 | URL | ||
| 20671 | OS-WINDOWS Microsoft Windows Active Directory Crafted LDAP ModifyRequest (more info ...) | attempted-admin | 2007-0040 | URL | ||
| 20850 | FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (more info ...) | misc-activity | ||||
| 20851 | FILE-IDENTIFY Microsoft Windows EMF metafile file attachment detected (more info ...) | misc-activity | ||||
| 20878 | OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (more info ...) | attempted-user | 2012-0009 | URL | ||
| 21078 | FILE-MULTIMEDIA Microsoft Windows DirectShow GraphEdt closed captioning memory corruption (more info ...) | attempted-user | 2012-0004 | URL | ||
| 21299 | BROWSER-PLUGINS Microsoft Silverlight privilege escalation attempt (more info ...) | attempted-admin | 2012-0014 | URL | ||
| 21305 | FILE-EXECUTABLE Microsoft .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (more info ...) | attempted-user | 2012-0015 | URL | ||
| 21308 | FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (more info ...) | attempted-user | 2012-0150 | URL | ||
| 21504 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 21505 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 21506 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 21507 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 21508 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 21529 | OS-WINDOWS Microsoft Windows SMB Trans2 Find_First2 filename overflow attempt (more info ...) | attempted-admin | 2008-4038 | URL | ||
| 21570 | OS-WINDOWS Microsoft Windows RemoteDesktop new session flood attempt (more info ...) | attempted-admin | 2012-0002 | URL | ||
| 21619 | OS-WINDOWS Microsoft Windows RemoteDesktop connect-initial pdu remote code execution attempt (more info ...) | attempted-admin | 2012-0002 | URL | ||
| 21792 | FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (more info ...) | attempted-user | 2012-0163 | URL | ||
| 21795 | FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (more info ...) | attempted-user | 2012-0151 | |||
| 22042 | FILE-EXECUTABLE Microsoft Windows .NET invalid parsing of graphics data attempt (more info ...) | attempted-user | 2012-0163 | URL | ||
| 22079 | OS-WINDOWS Microsoft .NET framework EvidenceBase class remote code execution attempt (more info ...) | attempted-user | 2012-0160 | URL | ||
| 22087 | FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (more info ...) | attempted-user | 2012-0159 | URL | ||
| 22090 | OS-WINDOWS Microsoft .NET framework malicious XBAP attempt (more info ...) | attempted-user | 2012-0162 | URL | ||
| 22942 | FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (more info ...) | attempted-user | 2012-0151 | |||
| 23127 | FILE-EXECUTABLE Microsoft Windows .NET xbap STGMEDIUM.unionmember arbitrary number overwrite attempt (more info ...) | attempted-user | 2012-1855 | URL | ||
| 23181 | FILE-EXECUTABLE Microsoft Windows .NET Framework xbap DataObject object pointer attempt (more info ...) | attempted-user | 2012-1855 | URL | ||
| 23232 | OS-WINDOWS Microsoft Windows NT DHCP client identifier length overflow attempt (more info ...) | attempted-user | 2004-0900 | 11920 | URL | |
| 23233 | OS-WINDOWS Microsoft Windows NT DHCP client identifier length overflow attempt (more info ...) | attempted-user | 2004-0900 | 11920 | URL | |
| 23237 | OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (more info ...) | attempted-admin | 2010-0477 | URL | ||
| 23283 | BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1709 | |||
| 23352 | BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0284 | URL | ||
| 23353 | BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX function call access attempt (more info ...) | attempted-user | 2012-0284 | URL | ||
| 23489 | FILE-OTHER Microsoft Windows Task Scheduler buffer overflow attempt (more info ...) | attempted-user | 2004-0212 | 10708 | ||
| 23703 | FILE-IDENTIFY Microsoft asf file magic detected (more info ...) | misc-activity | URL | |||
| 23732 | FILE-IDENTIFY Microsoft Media Player .asf file magic detected (more info ...) | misc-activity | ||||
| 23837 | OS-WINDOWS Microsoft Windows SMB host announcement format string exploit attempt (more info ...) | attempted-admin | 2012-1851 | URL | ||
| 23838 | OS-WINDOWS Microsoft Windows SMB NetServerEnum response host format string exploit attempt (more info ...) | attempted-admin | 2012-1851 | URL | ||
| 23839 | OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (more info ...) | attempted-dos | 2012-1853 | 54940 | URL | |
| 23846 | OS-WINDOWS Microsoft Windows Terminal server RDP freed memory write attempt (more info ...) | attempted-admin | 2012-2526 | URL | ||
| 24007 | OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long server name buffer overflow attempt (more info ...) | attempted-dos | 2012-1853 | 54940 | URL | |
| 24089 | OS-WINDOWS Microsoft WebDAV PROPFIND request (more info ...) | misc-activity | ||||
| 24090 | OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (more info ...) | attempted-user | 2012-0175 | 54307 | URL | |
| 24196 | BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (more info ...) | attempted-user | 2012-2516 | 54215 | URL | |
| 24197 | BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (more info ...) | attempted-user | 2012-2516 | 54215 | URL | |
| 24336 | OS-WINDOWS Microsoft Windows SMB RAP API NetServerEnum2 long comment buffer overflow attempt (more info ...) | attempted-admin | 2012-1852 | URL | ||
| 24446 | SERVER-OTHER EMC NetWorker SunRPC format string exploit attempt (more info ...) | attempted-admin | 2012-2288 | 55330 | ||
| 24500 | FILE-OTHER Microsoft LNK shortcut arbitrary dll load attempt (more info ...) | attempted-user | 2017-8464 | URL | ||
| 24503 | PROTOCOL-RPC xdrDecodeString caller_name stack overflow attempt (more info ...) | misc-attack | 2010-4227 | 46535 | ||
| 24649 | FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (more info ...) | attempted-admin | 2012-4786 | URL | ||
| 24650 | FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (more info ...) | attempted-admin | 2012-4786 | URL | ||
| 24664 | FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (more info ...) | misc-activity | 2012-1895 | URL | ||
| 24665 | FILE-EXECUTABLE Microsoft .NET blacklisted method reflection sandbox bypass attempt (more info ...) | misc-activity | 2012-1895 | URL | ||
| 24675 | BROWSER-PLUGINS Novell iPrint ActiveX realm parameter overflow attempt (more info ...) | attempted-user | 2011-4187 | |||
| 24696 | PROTOCOL-RPC EMC Networker nsrindexd.exe procedure 0x01 buffer overflow attempt (more info ...) | attempted-user | 2012-0395 | |||
| 24771 | BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (more info ...) | attempted-user | 2012-2175 | URL | ||
| 24772 | BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (more info ...) | attempted-user | 2012-2175 | 53879 | URL | |
| 24957 | BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 24958 | BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 24959 | BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 24960 | BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 24961 | BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 24962 | BROWSER-PLUGINS Microsoft dpnet.dll DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 24963 | BROWSER-PLUGINS Microsoft DirectPlay ActiveX clsid access (more info ...) | attempted-user | 2012-1537 | 56839 | URL | |
| 25032 | FILE-IDENTIFY Microsoft Silverlight application file download request (more info ...) | misc-activity | ||||
| 25033 | FILE-IDENTIFY Microsoft Silverlight application file attachment detected (more info ...) | misc-activity | ||||
| 25034 | FILE-IDENTIFY Microsoft Silverlight application file attachment detected (more info ...) | misc-activity | ||||
| 25253 | FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (more info ...) | attempted-user | 2012-0015 | URL | ||
| 25254 | BROWSER-PLUGINS Cisco Linksys PlayerPT ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0284 | URL | ||
| 25299 | BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (more info ...) | attempted-user | 2012-0189 | 51448 | URL | |
| 25300 | BROWSER-PLUGINS IBM VsVIEW ActiveX control directory traversal attempt (more info ...) | attempted-user | 2012-0189 | 51448 | URL | |
| 25312 | SERVER-OTHER Microsoft Threat Management Gateway heap buffer overflow attempt (more info ...) | attempted-user | 2011-1889 | 48181 | URL | |
| 25357 | FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (more info ...) | attempted-user | 2012-0151 | |||
| 25381 | SERVER-OTHER Microsoft Threat Management Gateway heap buffer overflow attempt (more info ...) | attempted-user | 2011-1889 | 48181 | URL | |
| 25542 | PROTOCOL-RPC EMC NetWorker nsrindexd service buffer overflow attempt (more info ...) | attempted-admin | 2012-4607 | 57182 | ||
| 25779 | FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (more info ...) | attempted-user | 2012-0151 | |||
| 25795 | FILE-MULTIMEDIA Microsoft Windows DirectShow MPEG heap overflow attempt (more info ...) | attempted-user | 2013-0077 | URL | ||
| 25796 | FILE-MULTIMEDIA Microsoft Windows DirectShow MPEG heap overflow attempt (more info ...) | attempted-user | 2013-0077 | URL | ||
| 26066 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 26067 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 26068 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 26069 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 26182 | BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX function call access attempt (more info ...) | attempted-user | 2012-4333 | 53193 | ||
| 26183 | BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4876 | 52760 | ||
| 26184 | BROWSER-PLUGINS TRENDNet SecurView internet camera UltraMJCam ActiveX function call access attempt (more info ...) | attempted-user | 2012-4876 | 52760 | ||
| 26355 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26356 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26357 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26358 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26359 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26360 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26361 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26362 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26363 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26365 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26643 | OS-WINDOWS Microsoft Windows SMB malformed process ID high field denial of service attempt (more info ...) | attempted-dos | 2009-3103 | URL | ||
| 26865 | FILE-IMAGE Microsoft Multiple Products malformed PNG detected tEXt overflow attempt (more info ...) | attempted-user | 2013-1331 | 18385 | URL | |
| 27136 | OS-WINDOWS Microsoft Windows .NET CLR mutlidimensional array handling remote code execution attempt (more info ...) | attempted-admin | 2013-3134 | URL | ||
| 27139 | OS-WINDOWS Microsoft Windows .NET CLR mutlidimensional array handling remote code execution attempt (more info ...) | attempted-admin | 2013-3134 | URL | ||
| 27576 | FILE-OTHER Microsoft Windows True Type Font maxComponentPoints overflow attempt (more info ...) | attempted-user | 2012-0159 | URL | ||
| 27798 | BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX clsid access attempt (more info ...) | attempted-user | 2012-2516 | 54215 | URL | |
| 27799 | BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (more info ...) | attempted-user | 2012-2516 | 54215 | URL | |
| 27822 | FILE-OTHER Microsoft Windows XP .theme file remote code execution attempt (more info ...) | attempted-admin | 2013-0810 | URL | ||
| 27869 | BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (more info ...) | attempted-user | 2013-4798 | 61443 | URL | |
| 27870 | BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (more info ...) | attempted-user | 2013-4798 | 61443 | URL | |
| 27871 | BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (more info ...) | attempted-user | 2013-4798 | 61443 | URL | |
| 27872 | BROWSER-PLUGINS HP LoadRunner WriteFileString ActiveX function call attempt (more info ...) | attempted-user | 2013-4798 | 61443 | URL | |
| 28425 | OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (more info ...) | misc-activity | ||||
| 28436 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0895 | 66116 | ||
| 28487 | OS-WINDOWS Microsoft GDI library TIFF handling memory corruption attempt (more info ...) | attempted-user | 2013-3906 | |||
| 28488 | OS-WINDOWS Microsoft GDI library TIFF handling memory corruption attempt (more info ...) | attempted-user | 2013-3906 | |||
| 28506 | BROWSER-PLUGINS InformationCardSigninHelper ActiveX function call access (more info ...) | attempted-user | 2013-3918 | URL | ||
| 28507 | FILE-IDENTIFY Microsoft Write file download file attachment detected (more info ...) | misc-activity | ||||
| 28508 | FILE-IDENTIFY Microsoft Write file download file attachment detected (more info ...) | misc-activity | ||||
| 28579 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 28580 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 28581 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 28582 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 28583 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 28584 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 29059 | BROWSER-PLUGINS CYME Power Engineering ChartFX.ClientServer ActiveX clsid access (more info ...) | attempted-user | ||||
| 29060 | BROWSER-PLUGINS CYME Power Engineering ChartFX.ClientServer ActiveX function call access (more info ...) | attempted-user | ||||
| 29506 | BROWSER-PLUGINS ABB Test Signal Viewer CWGraph3D ActiveX clsid access attempt (more info ...) | attempted-user | 2013-5022 | 61828 | ||
| 29507 | BROWSER-PLUGINS ABB Test Signal Viewer CWGraph3D ActiveX clsid access attempt (more info ...) | attempted-user | 2013-5022 | 61828 | ||
| 29508 | BROWSER-PLUGINS ABB Test Signal Viewer CWGraph3D ActiveX clsid access attempt (more info ...) | attempted-user | 2013-5022 | 61828 | ||
| 29512 | BROWSER-PLUGINS KingView ActiveX clsid access (more info ...) | attempted-user | 2011-3142 | 46757 | URL | |
| 29513 | OS-WINDOWS Microsoft Windows SMB Microsoft Windows RAP API NetServerEnum2 long comment buffer overflow attempt (more info ...) | attempted-admin | 2012-1852 | URL | ||
| 29514 | OS-WINDOWS Microsoft Windows SMB Microsoft Windows Remote Administration Protocol usage attempt (more info ...) | misc-activity | ||||
| 29538 | BROWSER-PLUGINS Microsoft Windows Message System ActiveX function call access (more info ...) | attempted-user | 2008-0082 | URL | ||
| 29618 | SERVER-WEBAPP Novell GroupWise Client activex InvokeContact untrusted pointer dereference (more info ...) | attempted-user | 2013-0804 | 57657 | ||
| 29619 | SERVER-WEBAPP Novell GroupWise Client activex GenerateSummaryPage untrusted pointer dereference (more info ...) | attempted-user | 2013-0804 | 57657 | ||
| 29621 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters overflow attempt (more info ...) | attempted-admin | 2008-0639 | 21220 | ||
| 29943 | OS-WINDOWS Microsoft Windows SMB2 client NetBufferList NULL entry remote code execution attempt (more info ...) | attempted-admin | 2010-0477 | URL | ||
| 29944 | FILE-IMAGE Microsoft Multiple Products potentially malicious PNG detected - large or invalid chunk size (more info ...) | attempted-user | 2013-1331 | 18385 | URL | |
| 29945 | FILE-IMAGE Microsoft Multiple Products potentially malicious PNG detected - large or invalid chunk size (more info ...) | attempted-user | 2013-1331 | 18385 | URL | |
| 30048 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 30049 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 30050 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 30051 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 30052 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 30053 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 30092 | BROWSER-PLUGINS Novell GroupWise Client for Windows ActiveX clsid access (more info ...) | attempted-user | 2013-0804 | URL | ||
| 30093 | BROWSER-PLUGINS Novell GroupWise Client for Windows ActiveX function call access (more info ...) | attempted-user | 2013-0804 | URL | ||
| 30972 | EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Silverlight landing page (more info ...) | trojan-activity | ||||
| 31369 | EXPLOIT-KIT Rig exploit kit outbound Microsoft Silverlight request (more info ...) | trojan-activity | ||||
| 31427 | FILE-OTHER Microsoft Windows C Run-Time Library remote code execution attempt (more info ...) | attempted-user | 2012-0150 | URL | ||
| 31702 | FILE-IDENTIFY Microsoft Silverlight application file magic detected (more info ...) | misc-activity | ||||
| 31703 | FILE-IDENTIFY Microsoft Silverlight application file magic detected (more info ...) | misc-activity | ||||
| 31877 | SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (more info ...) | attempted-user | 55272 | |||
| 31878 | SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (more info ...) | attempted-user | 55272 | |||
| 31879 | SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (more info ...) | attempted-user | 55272 | |||
| 31880 | SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (more info ...) | attempted-user | 55272 | |||
| 31881 | SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (more info ...) | attempted-user | 55272 | |||
| 31882 | SERVER-OTHER HP Application Life Cycle Management ActiveX arbitrary code execution attempt (more info ...) | attempted-user | 55272 | |||
| 32149 | FILE-OTHER Microsoft System.Uri heap corruption attempt (more info ...) | attempted-user | 2014-4121 | 70351 | URL | |
| 32150 | FILE-OTHER Microsoft System.Uri heap corruption attempt (more info ...) | attempted-user | 2014-4121 | 70351 | URL | |
| 32151 | FILE-OTHER Microsoft System.Uri heap corruption attempt (more info ...) | attempted-user | 2014-4121 | 70351 | URL | |
| 32152 | FILE-OTHER Microsoft System.Uri heap corruption attempt (more info ...) | attempted-user | 2014-4121 | 70351 | URL | |
| 32190 | OS-WINDOWS Microsoft Windows TrueType Font parsing remote code execution attempt (more info ...) | attempted-user | 2014-4148 | URL | ||
| 32191 | OS-WINDOWS Microsoft Windows TrueType Font parsing remote code execution attempt (more info ...) | attempted-user | 2014-4148 | URL | ||
| 32356 | PROTOCOL-RPC mountd UDP unmount path overflow attempt (more info ...) | misc-attack | 2010-4227 | 8179 | 11800 | |
| 32361 | FILE-OTHER Microsoft Windows Briefcase integer overflow (more info ...) | attempted-user | 2012-1528 | URL | ||
| 32404 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32405 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32406 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32407 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32408 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32409 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32410 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32411 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32412 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32413 | OS-WINDOWS Microsoft Windows ECDSA certificate validation bypass attempt (more info ...) | misc-attack | 2014-6321 | URL | ||
| 32414 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32415 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32416 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32417 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32422 | OS-WINDOWS Microsoft Windows DTLSv1.0 handshake cookie buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32423 | OS-WINDOWS Microsoft Windows DTLSv1.0 hello verify request out of bounds read attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32501 | FILE-OTHER Microsoft XML invalid priority in xsl template (more info ...) | attempted-user | 2014-4118 | URL | ||
| 32502 | FILE-OTHER Microsoft XML invalid priority in xsl template (more info ...) | attempted-user | 2014-4118 | URL | ||
| 32730 | FILE-OTHER Microsoft Windows XP .theme file remote code execution attempt (more info ...) | attempted-admin | 2013-0010 | URL | ||
| 32731 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32732 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32876 | EXPLOIT-KIT Nuclear exploit kit outbound Microsoft Silverlight exploit request (more info ...) | trojan-activity | ||||
| 33003 | BROWSER-PLUGINS SolarWinds Orion Pepco32c ActiveX clsid access attempt (more info ...) | attempted-user | 62585 | |||
| 33004 | BROWSER-PLUGINS SolarWinds Orion Pepco32c ActiveX clsid access attempt (more info ...) | attempted-user | 62585 | |||
| 33016 | OS-WINDOWS Microsoft Windows NT DHCP client identifier length overflow attempt (more info ...) | attempted-user | 2004-0900 | 11920 | URL | |
| 33017 | OS-WINDOWS Microsoft Windows NT DHCP client identifier length overflow attempt (more info ...) | attempted-user | 2004-0900 | 11920 | URL | |
| 33018 | BROWSER-IE Oracle WebCenter BlackIceDevMode ActiveX clsid access attempt (more info ...) | attempted-user | 2013-1516 | URL | ||
| 33019 | BROWSER-IE Oracle WebCenter BlackIceDevMode ActiveX clsid access attempt (more info ...) | attempted-user | 2013-1516 | URL | ||
| 33020 | BROWSER-IE Oracle WebCenter BlackIceDevMode ActiveX clsid access attempt (more info ...) | attempted-user | 2013-1516 | URL | ||
| 33021 | BROWSER-IE Oracle WebCenter BlackIceDevMode ActiveX clsid access attempt (more info ...) | attempted-user | 2013-1516 | URL | ||
| 33050 | PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (more info ...) | attempted-user | 2015-0014 | URL | ||
| 33051 | BROWSER-PLUGINS CTSWebProxy ActiveX privilege escalation attempt (more info ...) | attempted-admin | 2015-0016 | URL | ||
| 33052 | BROWSER-PLUGINS CTSWebProxy ActiveX privilege escalation attempt (more info ...) | attempted-admin | 2015-0016 | URL | ||
| 33451 | PROTOCOL-TELNET Microsoft Telnet Server buffer overflow attempt (more info ...) | attempted-user | 2015-0014 | URL | ||
| 34057 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 34058 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 34178 | OS-WINDOWS Microsoft Windows CreateWindowEx privilege escalation attempt (more info ...) | attempted-admin | ||||
| 34179 | OS-WINDOWS Microsoft Windows CreateWindowEx privilege escalation attempt (more info ...) | attempted-admin | ||||
| 34331 | EXPLOIT-KIT Fiesta exploit kit Microsoft SilverLight exploit download (more info ...) | trojan-activity | ||||
| 34371 | FILE-OTHER Microsoft Journal memory corruption attempt (more info ...) | attempted-user | 2015-1698 | URL | ||
| 34372 | FILE-OTHER Microsoft Journal memory corruption attempt (more info ...) | attempted-user | 2015-1698 | URL | ||
| 34385 | FILE-OTHER Microsoft Journal memory corruption attempt (more info ...) | attempted-user | 2015-1697 | URL | ||
| 34386 | FILE-OTHER Microsoft Journal memory corruption attempt (more info ...) | attempted-user | 2015-1697 | URL | ||
| 34387 | FILE-OTHER Microsoft Journal out of bounds write attempt (more info ...) | attempted-user | 2015-1695 | URL | ||
| 34388 | FILE-OTHER Microsoft Journal out of bounds write attempt (more info ...) | attempted-user | 2015-1695 | URL | ||
| 34389 | FILE-OTHER Microsoft Journal out of bounds read attempt (more info ...) | attempted-user | 2015-1696 | URL | ||
| 34390 | FILE-OTHER Microsoft Journal out of bounds read attempt (more info ...) | attempted-user | 2015-1696 | URL | ||
| 34399 | FILE-OTHER Microsoft Journal file exploitation attempt (more info ...) | attempted-user | 2015-1675 | URL | ||
| 34400 | FILE-OTHER Microsoft Journal file exploitation attempt (more info ...) | attempted-user | 2015-1675 | URL | ||
| 34401 | OS-WINDOWS Microsoft Windows Calendar object heap corruption attempt (more info ...) | attempted-user | 2015-1673 | URL | ||
| 34402 | OS-WINDOWS Microsoft Windows Calendar object heap corruption attempt (more info ...) | attempted-user | 2015-1673 | URL | ||
| 34403 | FILE-OTHER Microsoft Journal out of bounds read attempt (more info ...) | attempted-user | 2015-1699 | URL | ||
| 34404 | FILE-OTHER Microsoft Journal out of bounds read attempt (more info ...) | attempted-user | 2015-1699 | URL | ||
| 34440 | OS-WINDOWS Microsoft Windows Win32k TrueType Font parsing out of bounds attempt (more info ...) | attempted-user | 2015-1671 | URL | ||
| 34441 | OS-WINDOWS Microsoft Windows Win32k TrueType Font parsing out of bounds attempt (more info ...) | attempted-user | 2015-1671 | URL | ||
| 34638 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8511 | |||
| 34639 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access attempt (more info ...) | attempted-user | 2014-8511 | |||
| 34640 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access attempt (more info ...) | attempted-user | 2014-8511 | |||
| 34641 | BROWSER-PLUGINS McAfee Virtual Technician ActiveX clsid access attempt (more info ...) | attempted-user | 2012-5879 | |||
| 35151 | OS-WINDOWS Microsoft Windows RDP server PDU length heap overflow attempt (more info ...) | attempted-admin | 2015-2373 | URL | ||
| 35304 | FILE-OTHER Microsoft Windows ATMFD kernel pool overflow attempt (more info ...) | attempted-admin | 2015-2426 | URL | ||
| 35305 | FILE-OTHER Microsoft Windows ATMFD kernel pool overflow attempt (more info ...) | attempted-admin | 2015-2426 | URL | ||
| 35483 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (more info ...) | attempted-admin | 2015-2432 | URL | ||
| 35484 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (more info ...) | attempted-admin | 2015-2432 | URL | ||
| 35485 | FILE-OTHER Microsoft Windows atmfd.dll font driver malformed OTF file remote code execution attempt (more info ...) | attempted-admin | 2015-2462 | URL | ||
| 35486 | FILE-OTHER Microsoft Windows atmfd.dll font driver malformed OTF file remote code execution attempt (more info ...) | attempted-admin | 2015-2462 | URL | ||
| 35489 | FILE-OTHER Microsoft Windows OTF file parsing error exploitation attempt (more info ...) | attempted-user | 2015-2458 | URL | ||
| 35490 | FILE-OTHER Microsoft Windows OTF file parsing error exploitation attempt (more info ...) | attempted-user | 2015-2458 | URL | ||
| 35491 | FILE-OTHER Microsoft Windows GDI DrvQueryFontData function uninitialized glyph data remote code execution attempt (more info ...) | attempted-user | 2015-2435 | URL | ||
| 35492 | FILE-OTHER Microsoft Windows GDI DrvQueryFontData function uninitialized glyph data remote code execution attempt (more info ...) | attempted-user | 2015-2435 | URL | ||
| 35495 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (more info ...) | attempted-admin | 2015-2459 | URL | ||
| 35496 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file remote code execution attempt (more info ...) | attempted-admin | 2015-2459 | URL | ||
| 35515 | OS-WINDOWS Microsoft Windows ATFM.DLL malformed OTF use-after-free attempt (more info ...) | attempted-user | 2015-2460 | URL | ||
| 35516 | OS-WINDOWS Microsoft Windows ATFM.DLL malformed OTF use-after-free attempt (more info ...) | attempted-user | 2015-2460 | URL | ||
| 35517 | FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (more info ...) | attempted-admin | 2015-2461 | URL | ||
| 35518 | FILE-OTHER Microsoft Windows FontView OpenType Font atmfd.dll invalid memory reference attempt (more info ...) | attempted-admin | 2015-2461 | URL | ||
| 35519 | FILE-OTHER Microsoft Windows kernel-mode driver TTF file glyf table out of bounds attempt (more info ...) | attempted-admin | 2015-2463 | URL | ||
| 35520 | FILE-OTHER Microsoft Windows kernel-mode driver TTF file glyf table out of bounds attempt (more info ...) | attempted-admin | 2015-2463 | URL | ||
| 35523 | OS-WINDOWS Microsoft Windows TTF invalid system memory access attempt (more info ...) | attempted-admin | 2015-2464 | URL | ||
| 35524 | OS-WINDOWS Microsoft Windows TTF invalid system memory access attempt (more info ...) | attempted-admin | 2015-2464 | URL | ||
| 35525 | OS-WINDOWS Microsoft Windows TrueType font parsing integer underflow attempt (more info ...) | attempted-admin | 2015-2455 | URL | ||
| 35526 | OS-WINDOWS Microsoft Windows TrueType font parsing integer underflow attempt (more info ...) | attempted-admin | 2015-2455 | URL | ||
| 35705 | BROWSER-IE Microsoft Edge history.state use after free attempt (more info ...) | attempted-user | ||||
| 35706 | BROWSER-IE Microsoft Edge history.state use after free attempt (more info ...) | attempted-user | ||||
| 35719 | OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (more info ...) | attempted-admin | 2015-2506 | URL | ||
| 35720 | OS-WINDOWS Microsoft Windows CDD font parsing kernel memory corruption attempt (more info ...) | attempted-admin | 2015-2506 | URL | ||
| 35731 | OS-WINDOWS Microsoft Windows WebDAV invalid character argument injection attempt (more info ...) | attempted-user | 2012-0175 | 54307 | URL | |
| 35848 | FILE-IMAGE Microsoft Windows Bitmap width integer overflow attempt (more info ...) | attempted-admin | 2008-3015 | 11171 | URL | |
| 35857 | FILE-OTHER Microsoft System.Uri heap corruption attempt (more info ...) | attempted-user | 2014-4121 | 70351 | URL | |
| 35872 | BROWSER-PLUGINS Steema Software SL TeeChart Pro ActiveX clsid access (more info ...) | attempted-user | ||||
| 35873 | BROWSER-PLUGINS Steema Software SL TeeChart Pro ActiveX clsid access (more info ...) | attempted-user | ||||
| 35874 | BROWSER-PLUGINS Steema Software SL TeeChart Pro ActiveX clsid access (more info ...) | attempted-user | ||||
| 35875 | BROWSER-PLUGINS Steema Software SL TeeChart Pro ActiveX clsid access (more info ...) | attempted-user | ||||
| 35955 | BROWSER-IE Microsoft Edge CStr object use after free attempt (more info ...) | attempted-user | 2015-2490 | URL | ||
| 35956 | BROWSER-IE Microsoft Edge CStr object use after free attempt (more info ...) | attempted-user | 2015-6087 | URL | ||
| 35957 | BROWSER-IE Microsoft Edge CStr object use after free attempt (more info ...) | attempted-user | 2015-2490 | URL | ||
| 35958 | BROWSER-IE Microsoft Edge CStr object use after free attempt (more info ...) | attempted-user | 2015-6087 | URL | ||
| 35960 | BROWSER-IE Microsoft Edge DOMNode manipulation use after free attempt (more info ...) | attempted-user | 2015-2488 | URL | ||
| 35961 | FILE-OTHER Microsoft Journal file parsing remote code execution attempt (more info ...) | attempted-user | 2015-2513 | URL | ||
| 35962 | FILE-OTHER Microsoft Journal file parsing remote code execution attempt (more info ...) | attempted-user | 2015-2513 | URL | ||
| 35984 | OS-WINDOWS Microsoft Windows GDI+ denial of service attempt (more info ...) | attempted-user | 2015-2510 | URL | ||
| 35985 | OS-WINDOWS Microsoft Windows GDI+ denial of service attempt (more info ...) | attempted-user | 2015-2510 | URL | ||
| 36014 | OS-WINDOWS Microsoft Windows System.DirectoryServices.Protocols.Utility class memory overflow attempt (more info ...) | attempted-user | 2015-2504 | URL | ||
| 36015 | OS-WINDOWS Microsoft Windows System.DirectoryServices.Protocols.Utility class memory overflow attempt (more info ...) | attempted-user | 2015-2504 | URL | ||
| 36109 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven InterfaceFilter ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | URL | ||
| 36111 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven InterfaceFilter ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | URL | ||
| 36112 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven InterfaceFilter ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | URL | ||
| 36472 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven ConvToSafeArray ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36473 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven ConvToSafeArray ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36475 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven ConvToSafeArray ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36618 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven GetWideStrCpy ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36619 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven GetWideStrCpy ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36620 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven GetWideStrCpy ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36621 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven GetWideStrCpy ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36641 | BROWSER-PLUGINS Advantech WebAccess SCADA webdact.ocx AccessCode ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0767 | 66728 | ||
| 36642 | BROWSER-PLUGINS Advantech WebAccess SCADA webdact.ocx AccessCode ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0767 | 66728 | ||
| 36643 | BROWSER-PLUGINS Advantech WebAccess SCADA webdact.ocx AccessCode ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0767 | 66728 | ||
| 36644 | BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (more info ...) | attempted-user | 2012-2175 | 53879 | ||
| 36645 | BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (more info ...) | attempted-user | 2012-2175 | 53879 | ||
| 36646 | BROWSER-PLUGINS IBM Lotus iNotes Attachment_Times ActiveX clsid access (more info ...) | attempted-user | 2012-2175 | 53879 | ||
| 36653 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 36654 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2013-6040 | 65038 | ||
| 36697 | FILE-OTHER Microsoft Windows Journal integer overflow attempt (more info ...) | attempted-user | 2015-6097 | URL | ||
| 36698 | FILE-OTHER Microsoft Windows Journal integer overflow attempt (more info ...) | attempted-user | 2015-6097 | URL | ||
| 36703 | OS-WINDOWS Microsoft Windows DeferWindowPos privilege escalation attempt (more info ...) | attempted-admin | 2015-6101 | URL | ||
| 36704 | OS-WINDOWS Microsoft Windows DeferWindowPos privilege escalation attempt (more info ...) | attempted-admin | 2015-6101 | URL | ||
| 36705 | OS-WINDOWS Microsoft Windows afd.sys memory corruption attempt (more info ...) | attempted-admin | 2015-2478 | URL | ||
| 36706 | OS-WINDOWS Microsoft Windows afd.sys memory corruption attempt (more info ...) | attempted-admin | 2015-2478 | URL | ||
| 36709 | OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (more info ...) | attempted-admin | 2015-6100 | URL | ||
| 36710 | OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (more info ...) | attempted-admin | 2015-6100 | URL | ||
| 36711 | FILE-IDENTIFY Microsoft Windows .NET Application file attachment detected (more info ...) | misc-activity | ||||
| 36712 | OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (more info ...) | attempted-user | 2015-6096 | URL | ||
| 36713 | OS-WINDOWS Microsoft Windows ClickOnce information disclosure attempt (more info ...) | attempted-user | 2015-6096 | URL | ||
| 36722 | OS-WINDOWS Microsoft Windows win32k information disclosure attempt (more info ...) | attempted-recon | 2015-6109 | URL | ||
| 36723 | OS-WINDOWS Microsoft Windows win32k information disclosure attempt (more info ...) | attempted-recon | 2015-6109 | URL | ||
| 36736 | FILE-OTHER Microsoft Windows malformed TrueType file remote code execution attempt (more info ...) | attempted-user | 2015-6104 | URL | ||
| 36737 | FILE-OTHER Microsoft Windows malformed TrueType file remote code execution attempt (more info ...) | attempted-user | 2015-6104 | URL | ||
| 36746 | BROWSER-IE Microsoft Edge click method use after free attempt (more info ...) | attempted-user | 2015-6088 | URL | ||
| 36747 | BROWSER-IE Microsoft Edge click method use after free attempt (more info ...) | attempted-user | 2015-6088 | URL | ||
| 36749 | FILE-OTHER Microsoft Windows TrueType font parsing out of bounds write attempt (more info ...) | attempted-user | 2015-6103 | URL | ||
| 36750 | FILE-OTHER Microsoft Windows TrueType font parsing out of bounds write attempt (more info ...) | attempted-user | 2015-6103 | URL | ||
| 36761 | OS-WINDOWS Microsoft Windows NtSetInformationFile hard link sandbox bypass attempt (more info ...) | policy-violation | 2015-6113 | URL | ||
| 36762 | OS-WINDOWS Microsoft Windows NtSetInformationFile hard link sandbox bypass attempt (more info ...) | policy-violation | 2015-6113 | URL | ||
| 36817 | FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (more info ...) | attempted-user | 2010-0028 | URL | ||
| 36818 | FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (more info ...) | attempted-user | 2010-0028 | URL | ||
| 36865 | BROWSER-PLUGINS IDAutomation IDAuto.BarCode ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36866 | BROWSER-PLUGINS IDAutomation IDAuto.Datamatrix ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36867 | BROWSER-PLUGINS IDAutomation IDAuto.Datamatrix ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36868 | BROWSER-PLUGINS IDAutomation IDAuto.BarCode ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36869 | BROWSER-PLUGINS IDAutomation IDAuto.PDF417 ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36870 | BROWSER-PLUGINS IDAutomation IDAuto.PDF417 ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36871 | BROWSER-PLUGINS IDAutomation IDAuto.Aztec ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36872 | BROWSER-PLUGINS IDAutomation IDAuto.Aztec ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2283 | |||
| 36884 | FILE-IMAGE Microsoft Windows Paint jpeg with malformed SOFx field integer overflow attempt (more info ...) | attempted-user | 2010-0028 | URL | ||
| 36932 | BROWSER-IE Microsoft Edge iframe climbing cross site scripting attempt (more info ...) | attempted-user | 2015-6170 | URL | ||
| 36933 | BROWSER-IE Microsoft Edge iframe climbing cross site scripting attempt (more info ...) | attempted-user | 2015-6170 | URL | ||
| 36952 | FILE-OTHER Microsoft Windows Font Viewer cmap offset integer underflow attempt (more info ...) | attempted-user | 2015-6130 | URL | ||
| 36953 | FILE-OTHER Microsoft Windows Font Viewer cmap offset integer underflow attempt (more info ...) | attempted-user | 2015-6130 | URL | ||
| 36970 | OS-WINDOWS Microsoft Windows win32k.sys palette double free attempt (more info ...) | attempted-admin | 2015-6173 | URL | ||
| 36971 | OS-WINDOWS Microsoft Windows win32k.sys palette double free attempt (more info ...) | attempted-admin | 2015-6173 | URL | ||
| 36976 | OS-WINDOWS Microsoft Windows thread lock desynchronization null pointer dereference attempt (more info ...) | attempted-admin | 2015-6174 | URL | ||
| 36977 | OS-WINDOWS Microsoft Windows thread lock desynchronization null pointer dereference attempt (more info ...) | attempted-admin | 2015-6174 | URL | ||
| 36984 | BROWSER-IE Microsoft Edge CAttrArray out of bounds read attempt (more info ...) | attempted-user | 2015-6168 | URL | ||
| 36985 | BROWSER-IE Microsoft Edge CAttrArray out of bounds read attempt (more info ...) | attempted-user | 2015-6168 | URL | ||
| 36989 | OS-WINDOWS Microsoft Windows gpuenergydrv.sys driver privilege escalation attempt (more info ...) | attempted-admin | 2015-6175 | URL | ||
| 36990 | OS-WINDOWS Microsoft Windows gpuenergydrv.sys driver privilege escalation attempt (more info ...) | attempted-admin | 2015-6175 | URL | ||
| 36997 | OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (more info ...) | attempted-recon | 2015-6114 | URL | ||
| 36998 | OS-WINDOWS Microsoft .NET Silverlight manifest resource file information disclosure attempt (more info ...) | attempted-recon | 2015-6114 | URL | ||
| 37005 | BROWSER-PLUGINS AAA EasyGrid DoSaveFile ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0134 | |||
| 37006 | BROWSER-PLUGINS AAA EasyGrid DoSaveFile ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0134 | |||
| 37007 | BROWSER-PLUGINS AAA EasyGrid DoSaveFile ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0134 | |||
| 37008 | BROWSER-PLUGINS AAA EasyGrid DoSaveFile ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0134 | |||
| 37021 | BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 37022 | BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 37023 | BROWSER-PLUGINS MW6 Technologies Barcode.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 37267 | BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (more info ...) | attempted-user | 2016-0034 | URL | ||
| 37268 | BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (more info ...) | attempted-user | 2016-0034 | URL | ||
| 37269 | OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (more info ...) | attempted-user | 2016-0007 | URL | ||
| 37270 | OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (more info ...) | attempted-user | 2016-0007 | URL | ||
| 37271 | OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (more info ...) | attempted-user | 2016-0006 | URL | ||
| 37272 | OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (more info ...) | attempted-user | 2016-0006 | URL | ||
| 37275 | OS-WINDOWS Microsoft Windows feclient.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0014 | URL | ||
| 37276 | OS-WINDOWS Microsoft Windows request for feclient.dll over SMB attempt (more info ...) | attempted-user | 2016-0014 | URL | ||
| 37277 | OS-WINDOWS Microsoft Windows devenum.dll device moniker underflow attempt (more info ...) | attempted-admin | 2016-0015 | URL | ||
| 37278 | OS-WINDOWS Microsoft Windows devenum.dll device moniker underflow attempt (more info ...) | attempted-admin | 2016-0015 | URL | ||
| 37279 | BROWSER-IE Microsoft Edge mutation event memory corruption attempt (more info ...) | attempted-user | 2016-0124 | URL | ||
| 37280 | BROWSER-IE Microsoft Edge mutation event memory corruption attempt (more info ...) | attempted-user | 2016-0124 | URL | ||
| 37512 | BROWSER-PLUGINS Schneider Electric ProClima F1BookView ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8561 | |||
| 37513 | BROWSER-PLUGINS Schneider Electric ProClima F1BookView ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8561 | |||
| 37515 | BROWSER-PLUGINS Schneider Electric ProClima F1BookView ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8561 | |||
| 37537 | BROWSER-PLUGINS Siemens Solid Edge SEListCtrlX ActiveX clsid access attempt (more info ...) | attempted-user | 60161 | |||
| 37538 | BROWSER-PLUGINS Siemens Solid Edge SEListCtrlX ActiveX clsid access attempt (more info ...) | attempted-user | 60161 | |||
| 37539 | BROWSER-PLUGINS Siemens Solid Edge WebPartHelper ActiveX clsid access attempt (more info ...) | attempted-user | 60158 | |||
| 37540 | BROWSER-PLUGINS Siemens Solid Edge WebPartHelper ActiveX clsid access attempt (more info ...) | attempted-user | 60158 | |||
| 37541 | BROWSER-PLUGINS Siemens Solid Edge SEListCtrlX ActiveX clsid access attempt (more info ...) | attempted-user | 60161 | |||
| 37542 | BROWSER-PLUGINS Siemens Solid Edge SEListCtrlX ActiveX clsid access attempt (more info ...) | attempted-user | 60161 | |||
| 37543 | BROWSER-PLUGINS Siemens Solid Edge WebPartHelper ActiveX clsid access attempt (more info ...) | attempted-user | 60158 | |||
| 37544 | BROWSER-PLUGINS Siemens Solid Edge WebPartHelper ActiveX clsid access attempt (more info ...) | attempted-user | 60158 | |||
| 37565 | FILE-PDF Microsoft Reader dynamic object stream uninitialized memory corruption attempt (more info ...) | attempted-user | 2016-0046 | URL | ||
| 37566 | FILE-PDF Microsoft Reader dynamic object stream uninitialized memory corruption attempt (more info ...) | attempted-user | 2016-0046 | URL | ||
| 37567 | OS-WINDOWS Microsoft Windows WmipReceiveNotifications out of bounds write attempt (more info ...) | attempted-admin | 2016-0040 | URL | ||
| 37568 | OS-WINDOWS Microsoft Windows WmipReceiveNotifications out of bounds write attempt (more info ...) | attempted-admin | 2016-0040 | URL | ||
| 37569 | OS-WINDOWS Microsoft Windows WmipReceiveNotifications out of bounds write attempt (more info ...) | attempted-admin | 2016-0040 | URL | ||
| 37570 | OS-WINDOWS Microsoft Windows WmipReceiveNotifications out of bounds write attempt (more info ...) | attempted-admin | 2016-0040 | URL | ||
| 37575 | BROWSER-IE Microsoft Edge CTextBlock out of bounds read attempt (more info ...) | attempted-user | 2016-0083 | URL | ||
| 37576 | BROWSER-IE Microsoft Edge CTextBlock out of bounds read attempt (more info ...) | attempted-user | 2016-0083 | URL | ||
| 37577 | FILE-OTHER Microsoft Windows Journal CWispTiss use after free attempt (more info ...) | attempted-user | 2016-0038 | URL | ||
| 37578 | FILE-OTHER Microsoft Windows Journal CWispTiss use after free attempt (more info ...) | attempted-user | 2016-0038 | URL | ||
| 37581 | BROWSER-IE Microsoft Edge SysFreeString double free attempt (more info ...) | attempted-user | 2016-0060 | URL | ||
| 37582 | BROWSER-IE Microsoft Edge SysFreeString double free attempt (more info ...) | attempted-user | 2016-0060 | URL | ||
| 37584 | OS-WINDOWS Microsoft Windows wind32kfull.sys out of bounds write attempt (more info ...) | attempted-admin | 2016-0048 | URL | ||
| 37585 | OS-WINDOWS Microsoft Windows wind32kfull.sys out of bounds write attempt (more info ...) | attempted-admin | 2016-0048 | URL | ||
| 37586 | OS-WINDOWS Microsoft Windows WebDAV mini redirector driver privilege escalation attempt (more info ...) | attempted-admin | 2016-0051 | URL | ||
| 37587 | OS-WINDOWS Microsoft Windows WebDAV mini redirector driver privilege escalation attempt (more info ...) | attempted-admin | 2016-0051 | URL | ||
| 37594 | FILE-PDF Microsoft Windows PDF Library invalid JPX image heap corruption attempt (more info ...) | attempted-user | 2016-0058 | URL | ||
| 37595 | FILE-PDF Microsoft Windows PDF Library invalid JPX image heap corruption attempt (more info ...) | attempted-user | 2016-0058 | URL | ||
| 37655 | OS-WINDOWS Microsoft .NET Framework XSLT parser stack exhaustion attempt (more info ...) | attempted-dos | 2016-0033 | URL | ||
| 37656 | OS-WINDOWS Microsoft .NET Framework XSLT parser stack exhaustion attempt (more info ...) | attempted-dos | 2016-0033 | URL | ||
| 37663 | FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (more info ...) | attempted-user | 2010-0265 | URL | ||
| 37677 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0895 | 66116 | ||
| 37678 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0895 | 66116 | ||
| 37801 | BROWSER-PLUGINS Microsoft Silverlight ScriptObject untrusted pointer dereference attempt (more info ...) | attempted-user | 2013-0074 | 58327 | URL | |
| 37823 | BROWSER-PLUGINS InformationCardSigninHelper ActiveX function call access (more info ...) | attempted-user | 2013-3918 | URL | ||
| 37995 | BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (more info ...) | attempted-user | 2013-1302 | |||
| 37998 | BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (more info ...) | attempted-user | 2013-1302 | |||
| 37999 | BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (more info ...) | attempted-user | 2013-1302 | |||
| 38000 | BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (more info ...) | attempted-user | 2013-1302 | |||
| 38001 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38002 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38003 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38004 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38005 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38006 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38007 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38008 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38009 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38010 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38011 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 38061 | OS-WINDOWS Microsoft Windows rpdesk remote code execution attempt (more info ...) | attempted-user | 2016-0095 | URL | ||
| 38062 | OS-WINDOWS Microsoft Windows rpdesk remote code execution attempt (more info ...) | attempted-user | 2016-0095 | URL | ||
| 38063 | FILE-OTHER Microsoft Windows atmfd.dll font driver malformed OTF file remote code execution attempt (more info ...) | attempted-user | 2016-0121 | URL | ||
| 38064 | FILE-OTHER Microsoft Windows atmfd.dll font driver malformed OTF file remote code execution attempt (more info ...) | attempted-user | 2016-0121 | URL | ||
| 38071 | OS-WINDOWS Microsoft Windows ValidateParentDepth out of bounds read attempt (more info ...) | attempted-admin | 2016-0096 | URL | ||
| 38072 | OS-WINDOWS Microsoft Windows ValidateParentDepth out of bounds read attempt (more info ...) | attempted-admin | 2016-0096 | URL | ||
| 38073 | BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (more info ...) | attempted-user | 2016-0118 | URL | ||
| 38076 | BROWSER-IE Microsoft Edge CAsyncTpWorker Windows.Data.Pdf.dll object use after free attempt (more info ...) | attempted-user | 2016-0118 | URL | ||
| 38077 | BROWSER-IE Microsoft Edge CPostScriptEvaluator out of bounds read attempt (more info ...) | attempted-user | 2016-0117 | URL | ||
| 38078 | BROWSER-IE Microsoft Edge CPostScriptEvaluator out of bounds read attempt (more info ...) | attempted-user | 2016-0117 | URL | ||
| 38083 | OS-WINDOWS Microsoft Windows GreCreateDisplayDC surface object use after free attempt (more info ...) | attempted-admin | 2016-0093 | URL | ||
| 38084 | OS-WINDOWS Microsoft Windows GreCreateDisplayDC surface object use after free attempt (more info ...) | attempted-admin | 2016-0093 | URL | ||
| 38092 | OS-WINDOWS Microsoft Windows ObReferenceObjectByHandle function privilege escalation attempt (more info ...) | attempted-user | 2016-0087 | URL | ||
| 38093 | OS-WINDOWS Microsoft Windows ObReferenceObjectByHandle function privilege escalation attempt (more info ...) | attempted-user | 2016-0087 | URL | ||
| 38106 | BROWSER-IE Microsoft Edge LineBoxBuilder out-of-bound memory access attempt (more info ...) | attempted-user | 2016-0123 | URL | ||
| 38107 | BROWSER-IE Microsoft Edge LineBoxBuilder out-of-bound memory access attempt (more info ...) | attempted-user | 2016-0123 | URL | ||
| 38114 | OS-WINDOWS Microsoft Windows WebDAV mini redirector driver privilege escalation attempt (more info ...) | attempted-admin | 2016-0099 | URL | ||
| 38115 | OS-WINDOWS Microsoft Windows WebDAV mini redirector driver privilege escalation attempt (more info ...) | attempted-admin | 2016-0099 | URL | ||
| 38119 | OS-WINDOWS Microsoft Windows EPOINTQF privilege escalation attempt (more info ...) | attempted-admin | 2016-0094 | URL | ||
| 38120 | OS-WINDOWS Microsoft Windows EPOINTQF privilege escalation attempt (more info ...) | attempted-admin | 2016-0094 | URL | ||
| 38146 | BROWSER-PLUGINS SolarWinds Server Monitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-1500 | 72600 | ||
| 38147 | BROWSER-PLUGINS SolarWinds Server Monitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-1500 | 72600 | ||
| 38148 | BROWSER-PLUGINS SolarWinds Server Monitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-1500 | 72600 | ||
| 38149 | BROWSER-PLUGINS SolarWinds Server Monitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-1500 | 72600 | ||
| 38152 | BROWSER-PLUGINS WebGate WESPDiscovery ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2100 | 72843 | ||
| 38154 | BROWSER-PLUGINS WebGate WESPDiscovery ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2100 | 72843 | ||
| 38155 | BROWSER-PLUGINS WebGate WESPDiscovery ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2100 | 72843 | ||
| 38384 | BROWSER-PLUGINS Advantech WebAccess ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 38435 | BROWSER-PLUGINS Schneider F1 Bookview ActiveX clsid access attempt (more info ...) | attempted-user | 2015-7918 | |||
| 38436 | BROWSER-PLUGINS Schneider F1 Bookview ActiveX clsid access attempt (more info ...) | attempted-user | 2015-7918 | |||
| 38458 | OS-WINDOWS Microsoft Windows LSARPC LsapLookupSids denial of service attempt (more info ...) | attempted-dos | 2016-0135 | URL | ||
| 38459 | OS-WINDOWS Microsoft Windows DrawMenuBarTemp memory corruption attempt (more info ...) | attempted-admin | 2016-0143 | URL | ||
| 38460 | OS-WINDOWS Microsoft Windows DrawMenuBarTemp memory corruption attempt (more info ...) | attempted-admin | 2016-0143 | URL | ||
| 38461 | OS-WINDOWS DCERPC Bind auth level packet privacy connection detected (more info ...) | protocol-command-decode | URL | |||
| 38462 | OS-WINDOWS DCERPC Bind auth level packet privacy downgrade attempt (more info ...) | attempted-recon | 2016-0128 | URL | ||
| 38463 | BROWSER-PLUGINS Microsoft XML Core Services ActiveX control use after free attempt (more info ...) | attempted-user | 2016-0147 | URL | ||
| 38464 | BROWSER-PLUGINS Microsoft XML Core Services ActiveX control use after free attempt (more info ...) | attempted-user | 2016-0147 | URL | ||
| 38469 | OS-WINDOWS Microsoft Windows api-ms-win-appmodel-runtime dll-load exploit attempt (more info ...) | attempted-user | 2016-0160 | URL | ||
| 38470 | OS-WINDOWS Microsoft Windows api-ms-win-appmodel-runtime dll-load exploit attempt (more info ...) | attempted-user | 2016-0160 | URL | ||
| 38473 | BROWSER-IE Microsoft Edge iframe cross-site scripting attempt (more info ...) | attempted-user | 2016-0158 | URL | ||
| 38474 | BROWSER-IE Microsoft Edge iframe cross-site scripting attempt (more info ...) | attempted-user | 2016-0158 | URL | ||
| 38475 | OS-WINDOWS Microsoft Windows anonymous user token impersonation attempt (more info ...) | attempted-admin | 2016-0151 | URL | ||
| 38476 | OS-WINDOWS Microsoft Windows anonymous user token impersonation attempt (more info ...) | attempted-admin | 2016-0151 | URL | ||
| 38479 | BROWSER-IE Microsoft Edge remove range out of bounds read attempt (more info ...) | attempted-user | 2016-0156 | URL | ||
| 38480 | BROWSER-IE Microsoft Edge remove range out of bounds read attempt (more info ...) | attempted-user | 2016-0156 | URL | ||
| 38483 | BROWSER-IE Microsoft Edge CStyleSheet keyframes out of bounds read attempt (more info ...) | attempted-user | 2016-0157 | URL | ||
| 38484 | BROWSER-IE Microsoft Edge CStyleSheet keyframes out of bounds read attempt (more info ...) | attempted-user | 2016-0157 | URL | ||
| 38485 | BROWSER-IE Microsoft Edge TextDataSlice type confusion attempt (more info ...) | attempted-user | 2016-0155 | URL | ||
| 38486 | BROWSER-IE Microsoft Edge TextDataSlice type confusion attempt (more info ...) | attempted-user | 2016-0155 | URL | ||
| 38487 | OS-WINDOWS Microsoft Windows win32k.sys PathToRegion buffer overflow attempt (more info ...) | attempted-admin | 2016-0165 | URL | ||
| 38488 | OS-WINDOWS Microsoft Windows win32k.sys PathToRegion buffer overflow attempt (more info ...) | attempted-admin | 2016-0165 | URL | ||
| 38491 | OS-WINDOWS Microsoft Windows CreatePopupMenu win32k.sys use after free attempt (more info ...) | attempted-user | 2016-0167 | URL | ||
| 38492 | OS-WINDOWS Microsoft Windows CreatePopupMenu win32k.sys use after free attempt (more info ...) | attempted-user | 2016-0167 | URL | ||
| 38493 | FILE-OTHER Microsoft Windows win32k.sys glyph bitmap boundary out of bounds memory access attempt (more info ...) | attempted-admin | 2016-0145 | URL | ||
| 38494 | FILE-OTHER Microsoft Windows win32k.sys glyph bitmap boundary out of bounds memory access attempt (more info ...) | attempted-admin | 2016-0145 | URL | ||
| 38759 | OS-WINDOWS Microsoft Windows Win32k window handle use after free attempt (more info ...) | attempted-admin | 2016-0196 | URL | ||
| 38760 | OS-WINDOWS Microsoft Windows Win32k window handle use after free attempt (more info ...) | attempted-admin | 2016-0196 | URL | ||
| 38761 | OS-WINDOWS Microsoft Windows win32kfull.sys font object use after free attempt (more info ...) | attempted-admin | 2016-0174 | URL | ||
| 38762 | OS-WINDOWS Microsoft Windows win32kfull.sys font object use after free attempt (more info ...) | attempted-admin | 2016-0174 | URL | ||
| 38765 | OS-WINDOWS Microsoft Windows Dxgkrnl.sys RtlMemoryCopy buffer overflow attempt (more info ...) | attempted-admin | 2016-0167 | URL | ||
| 38766 | OS-WINDOWS Microsoft Windows Dxgkrnl.sys RtlMemoryCopy buffer overflow attempt (more info ...) | attempted-admin | 2016-0167 | URL | ||
| 38774 | OS-WINDOWS Microsoft Windows device content surface bitmap use after free attempt (more info ...) | attempted-user | 2016-0171 | URL | ||
| 38775 | OS-WINDOWS Microsoft Windows device content surface bitmap use after free attempt (more info ...) | attempted-user | 2016-0171 | URL | ||
| 38787 | OS-WINDOWS Microsoft Windows Device Context bitmap use after free attempt (more info ...) | attempted-user | 2016-0172 | URL | ||
| 38788 | OS-WINDOWS Microsoft Windows Device Context bitmap use after free attempt (more info ...) | attempted-user | 2016-0172 | URL | ||
| 38797 | BROWSER-IE Microsoft Edge graphics subcomponent use after free attempt (more info ...) | attempted-user | 2016-0184 | URL | ||
| 38798 | BROWSER-IE Microsoft Edge graphics subcomponent use after free attempt (more info ...) | attempted-user | 2016-0184 | URL | ||
| 38801 | OS-WINDOWS Microsoft Windows NtGdiGetEmbUFI kernel information disclosure attempt (more info ...) | attempted-user | 2016-0175 | URL | ||
| 38802 | OS-WINDOWS Microsoft Windows NtGdiGetEmbUFI kernel information disclosure attempt (more info ...) | attempted-user | 2016-0175 | URL | ||
| 38803 | OS-WINDOWS Microsoft Windows kernel Configuration Manager failure attempt (more info ...) | attempted-user | 2016-0180 | URL | ||
| 38804 | OS-WINDOWS Microsoft Windows kernel Configuration Manager failure attempt (more info ...) | attempted-user | 2016-0180 | URL | ||
| 38805 | BROWSER-IE Microsoft Edge Array.prototype.fill out of bounds write attempt (more info ...) | attempted-user | 2016-0193 | URL | ||
| 38806 | BROWSER-IE Microsoft Edge Array.prototype.fill out of bounds write attempt (more info ...) | attempted-user | 2016-0193 | URL | ||
| 38808 | OS-WINDOWS Microsoft Windows win32kfull.sys device context use after free attempt (more info ...) | attempted-admin | 2016-0173 | URL | ||
| 38809 | OS-WINDOWS Microsoft Windows win32kfull.sys device context use after free attempt (more info ...) | attempted-admin | 2016-0173 | URL | ||
| 38817 | FILE-OTHER Microsoft Windows gdi32 malformed EMF file ExtEscape buffer overflow attempt (more info ...) | attempted-user | 2016-0170 | URL | ||
| 38839 | OS-WINDOWS Microsoft Windows RPC NDR64 denial of service attempt (more info ...) | attempted-dos | 2016-0178 | URL | ||
| 38840 | OS-WINDOWS Microsoft Windows RPC NDR64 denial of service attempt (more info ...) | attempted-dos | 2016-0178 | URL | ||
| 39038 | BROWSER-PLUGINS Emerson ROCLINK800 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 39039 | BROWSER-PLUGINS Emerson ROCLINK800 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 39041 | BROWSER-PLUGINS National Instruments ActiveX clsid access attempt (more info ...) | attempted-user | 2013-5025 | |||
| 39042 | BROWSER-PLUGINS National Instruments ActiveX clsid access attempt (more info ...) | attempted-user | 2013-5025 | |||
| 39043 | BROWSER-PLUGINS Mitsubishi MX ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 39044 | BROWSER-PLUGINS Mitsubishi MX ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 39054 | BROWSER-PLUGINS Siemens Automation License Manager ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4529 | |||
| 39055 | BROWSER-PLUGINS Siemens Automation License Manager ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4529 | |||
| 39193 | OS-WINDOWS Microsoft Windows Win32k.sys MakeWindowForegroundWithState null pointer dereference attempt (more info ...) | attempted-admin | 2016-3221 | URL | ||
| 39194 | OS-WINDOWS Microsoft Windows Win32k.sys MakeWindowForegroundWithState null pointer dereference attempt (more info ...) | attempted-admin | 2016-3221 | URL | ||
| 39195 | OS-WINDOWS Microsoft Windows Win32k.sys MakeWindowForegroundWithState null pointer dereference attempt (more info ...) | attempted-admin | 2016-3221 | URL | ||
| 39196 | OS-WINDOWS Microsoft Windows Win32k.sys MakeWindowForegroundWithState null pointer dereference attempt (more info ...) | attempted-admin | 2016-3221 | URL | ||
| 39199 | BROWSER-IE Microsoft Edge class object confusion attempt (more info ...) | attempted-user | 2016-3199 | URL | ||
| 39200 | BROWSER-IE Microsoft Edge class object confusion attempt (more info ...) | attempted-user | 2016-3199 | URL | ||
| 39205 | BROWSER-IE Microsoft Edge PDF reader out of bounds memory access attempt (more info ...) | attempted-user | 2016-3203 | URL | ||
| 39206 | BROWSER-IE Microsoft Edge PDF reader out of bounds memory access attempt (more info ...) | attempted-user | 2016-3203 | URL | ||
| 39209 | OS-WINDOWS Microsoft Windows sandbox ProcessFontDisablePolicy check bypass attempt (more info ...) | attempted-user | 2016-3219 | URL | ||
| 39210 | OS-WINDOWS Microsoft Windows sandbox ProcessFontDisablePolicy check bypass attempt (more info ...) | attempted-user | 2016-3219 | URL | ||
| 39213 | OS-WINDOWS Microsoft Windows WebDAV NTLM reflection attack attempt (more info ...) | attempted-admin | 2016-3225 | URL | ||
| 39214 | OS-WINDOWS Microsoft Windows WebDAV NTLM reflection attack attempt (more info ...) | attempted-admin | 2016-3225 | URL | ||
| 39215 | OS-WINDOWS Microsoft Windows WebDAV NTLM reflection attack attempt (more info ...) | attempted-admin | 2016-3225 | URL | ||
| 39216 | OS-WINDOWS Microsoft Windows WebDAV NTLM reflection attack attempt (more info ...) | attempted-admin | 2016-3225 | URL | ||
| 39217 | OS-WINDOWS Microsoft Windows win32kfull.sys NtGdiExtFloodFill use after free attempt (more info ...) | attempted-user | 2016-3218 | URL | ||
| 39218 | OS-WINDOWS Microsoft Windows win32kfull.sys NtGdiExtFloodFill use after free attempt (more info ...) | attempted-user | 2016-3218 | URL | ||
| 39219 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 39220 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 39225 | OS-WINDOWS Microsoft Windows Diagnostics Hub directory traversal attempt (more info ...) | attempted-admin | 2016-3231 | URL | ||
| 39226 | OS-WINDOWS Microsoft Windows Diagnostics Hub directory traversal attempt (more info ...) | attempted-admin | 2016-3231 | URL | ||
| 39227 | OS-WINDOWS Microsoft Windows WPAD spoofing attempt (more info ...) | attempted-user | 2016-3236 | URL | ||
| 39232 | BROWSER-IE Microsoft Edge Content Security Policy bypass attempt (more info ...) | attempted-user | 2016-3198 | URL | ||
| 39233 | BROWSER-IE Microsoft Edge Content Security Policy bypass attempt (more info ...) | attempted-user | 2016-3198 | URL | ||
| 39238 | BROWSER-IE Microsoft Edge malformed PDF JPEG2000 object out of bounds memory access attempt (more info ...) | attempted-user | 2016-3215 | URL | ||
| 39239 | BROWSER-IE Microsoft Edge malformed PDF JPEG2000 object out of bounds memory access attempt (more info ...) | attempted-user | 2016-3215 | URL | ||
| 39260 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-3220 | URL | ||
| 39261 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (more info ...) | attempted-admin | 2016-3220 | URL | ||
| 39267 | OS-WINDOWS Microsoft Windows GdiPlus malformed EMF file out of bounds read attempt (more info ...) | attempted-user | 2016-3216 | URL | ||
| 39478 | OS-WINDOWS Microsoft Windows NtGdiSelectPen privilege escalation attempt (more info ...) | attempted-admin | 2016-3252 | URL | ||
| 39479 | OS-WINDOWS Microsoft Windows NtGdiSelectPen privilege escalation attempt (more info ...) | attempted-admin | 2016-3252 | URL | ||
| 39480 | OS-WINDOWS Microsoft Windows win32k out of bound read attempt (more info ...) | attempted-admin | 2016-3251 | URL | ||
| 39481 | OS-WINDOWS Microsoft Windows win32k out of bound read attempt (more info ...) | attempted-admin | 2016-3251 | URL | ||
| 39482 | OS-WINDOWS Microsoft Windows NtUserDraw privilege escalation attempt (more info ...) | attempted-admin | 2016-3249 | URL | ||
| 39483 | OS-WINDOWS Microsoft Windows NtUserDraw privilege escalation attempt (more info ...) | attempted-admin | 2016-3249 | URL | ||
| 39486 | BROWSER-IE Microsoft Edge chakra.dll invalid pointer access attempt (more info ...) | attempted-user | 2016-3259 | URL | ||
| 39487 | BROWSER-IE Microsoft Edge chakra.dll invalid pointer access attempt (more info ...) | attempted-user | 2016-3259 | URL | ||
| 39493 | BROWSER-IE Microsoft Edge edgehtml negative length out of bound memory copy attempt (more info ...) | attempted-user | 2016-3246 | URL | ||
| 39494 | BROWSER-IE Microsoft Edge edgehtml negative length out of bound memory copy attempt (more info ...) | attempted-user | 2016-3246 | URL | ||
| 39495 | OS-WINDOWS Microsoft Windows win32k.sys desktop switch use after free attempt (more info ...) | attempted-admin | 2016-3250 | URL | ||
| 39496 | OS-WINDOWS Microsoft Windows win32k.sys desktop switch use after free attempt (more info ...) | attempted-admin | 2016-3250 | URL | ||
| 39506 | BROWSER-IE Microsoft Edge ArrayBuffer.transfer information disclosure attempt (more info ...) | attempted-recon | 2016-3271 | URL | ||
| 39507 | BROWSER-IE Microsoft Edge ArrayBuffer.transfer information disclosure attempt (more info ...) | attempted-recon | 2016-3271 | URL | ||
| 39508 | OS-WINDOWS Microsoft Windows EndDeferWindowPos null page dereference attempt (more info ...) | attempted-admin | 2016-3254 | URL | ||
| 39509 | OS-WINDOWS Microsoft Windows EndDeferWindowPos null page dereference attempt (more info ...) | attempted-admin | 2016-3254 | URL | ||
| 39510 | BROWSER-IE Microsoft Edge bypassing window.opener protection attempt (more info ...) | attempted-user | 2016-3274 | URL | ||
| 39511 | BROWSER-IE Microsoft Edge bypassing window.opener protection attempt (more info ...) | attempted-user | 2016-3274 | URL | ||
| 39516 | OS-WINDOWS Microsoft Windows win32kfull.sys out of bounds read attempt (more info ...) | attempted-admin | 2016-3286 | URL | ||
| 39517 | OS-WINDOWS Microsoft Windows win32kfull.sys out of bounds read attempt (more info ...) | attempted-admin | 2016-3286 | URL | ||
| 39530 | BROWSER-IE Microsoft Edge clientInformation.geolocation.getCurrentPosition use-after-free attempt (more info ...) | attempted-user | 2016-3264 | URL | ||
| 39531 | BROWSER-IE Microsoft Edge clientInformation.geolocation.getCurrentPosition use-after-free attempt (more info ...) | attempted-user | 2016-3264 | URL | ||
| 39743 | SERVER-WEBAPP Dell SonicWall GMS set_time_config XMLRPC method command injection attempt (more info ...) | web-application-attack | 2018-9866 | URL | ||
| 39808 | OS-WINDOWS Microsoft Windows graphics subcomponent local privilege escalation attempt (more info ...) | attempted-admin | 2016-3310 | URL | ||
| 39809 | OS-WINDOWS Microsoft Windows graphics subcomponent local privilege escalation attempt (more info ...) | attempted-admin | 2016-3310 | URL | ||
| 39814 | OS-WINDOWS Microsoft Windows Win32kfull FloodFillWindow privilege escalation attempt (more info ...) | attempted-admin | 2016-3311 | URL | ||
| 39815 | OS-WINDOWS Microsoft Windows Win32kfull FloodFillWindow privilege escalation attempt (more info ...) | attempted-admin | 2016-3311 | URL | ||
| 39822 | BROWSER-IE Microsoft Edge edgehtml.dll invalid history state use after free attempt (more info ...) | attempted-user | 2016-3293 | URL | ||
| 39823 | BROWSER-IE Microsoft Edge edgehtml.dll invalid history state use after free attempt (more info ...) | attempted-user | 2016-3293 | URL | ||
| 39824 | OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (more info ...) | attempted-user | 2016-3303 | URL | ||
| 39825 | OS-WINDOWS Microsoft Windows GDI emf file integer overflow attempt (more info ...) | attempted-user | 2016-3303 | URL | ||
| 39841 | OS-WINDOWS Microsoft Windows win32kbase bOutline out of bounds read attempt (more info ...) | attempted-admin | 2016-3309 | URL | ||
| 39842 | OS-WINDOWS Microsoft Windows win32kbase bOutline out of bounds read attempt (more info ...) | attempted-admin | 2016-3309 | URL | ||
| 39843 | OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (more info ...) | attempted-user | 2017-3121 | URL | ||
| 39844 | OS-WINDOWS Microsoft Windows gdiplus EMF EmrText out of bounds write attempt (more info ...) | attempted-user | 2017-3121 | URL | ||
| 39873 | FILE-OTHER Microsoft Windows PDF parsing invalid JPEG2000 SIZ marker attempt (more info ...) | attempted-user | 2016-3319 | URL | ||
| 39875 | NETBIOS DCERPC NCACN-IP-TCP lsarpc LsarAddPrivilegesToAccount overflow attempt (more info ...) | attempted-admin | 2007-2446 | |||
| 39932 | BROWSER-PLUGINS Iocomp Software ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39933 | BROWSER-PLUGINS Iocomp Software ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39934 | BROWSER-PLUGINS Iocomp Software ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39935 | BROWSER-PLUGINS Iocomp Software ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39959 | BROWSER-PLUGINS AdvantechNVS VideoDAQ ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39960 | BROWSER-PLUGINS AdvantechNVS VideoDAQ ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39961 | BROWSER-PLUGINS AdvantechNVS VideoDAQ ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39962 | BROWSER-PLUGINS AdvantechNVS VideoDAQ ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39963 | BROWSER-PLUGINS Moxa VPort SDK PLUS ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0986 | |||
| 39964 | BROWSER-PLUGINS Moxa VPort SDK PLUS ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0986 | |||
| 39965 | BROWSER-PLUGINS Moxa VPort SDK PLUS ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0986 | |||
| 39966 | BROWSER-PLUGINS Moxa VPort SDK PLUS ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0986 | |||
| 39970 | BROWSER-PLUGINS UCanCode Visualization Enterprise Suite ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39971 | BROWSER-PLUGINS UCanCode Visualization Enterprise Suite ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39972 | BROWSER-PLUGINS UCanCode Visualization Enterprise Suite ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 39973 | BROWSER-PLUGINS UCanCode Visualization Enterprise Suite ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 40008 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-admin | 2016-0856 | 80745 | URL | |
| 40064 | OS-WINDOWS Microsoft Windows NFS Server NULL pointer dereference denial-of-service attempt (more info ...) | attempted-dos | 2013-1281 | URL | ||
| 40065 | OS-WINDOWS Microsoft Windows NFS Server NULL pointer dereference denial-of-service attempt (more info ...) | attempted-dos | 2013-1281 | URL | ||
| 40073 | BROWSER-IE Microsoft Edge white-space information disclosure attempt (more info ...) | attempted-recon | 2016-3247 | URL | ||
| 40074 | BROWSER-IE Microsoft Edge white-space information disclosure attempt (more info ...) | attempted-user | 2016-3247 | URL | ||
| 40096 | OS-WINDOWS Microsoft Windows 7 Win32k ValidateZorder privilege escalation attempt (more info ...) | attempted-admin | 2016-3348 | URL | ||
| 40097 | OS-WINDOWS Microsoft Windows 7 Win32k ValidateZorder privilege escalation attempt (more info ...) | attempted-admin | 2016-3348 | URL | ||
| 40098 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-3377 | URL | ||
| 40099 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-3377 | URL | ||
| 40100 | BROWSER-IE Microsoft Edge PDF PostScript calculator out of bounds read attempt (more info ...) | attempted-recon | 2016-3374 | URL | ||
| 40101 | BROWSER-IE Microsoft Edge PDF PostScript calculator out of bounds read attempt (more info ...) | attempted-recon | 2016-3374 | URL | ||
| 40110 | OS-WINDOWS Microsoft Windows Server Ntoskrnl concurrent login attempt (more info ...) | attempted-user | 2016-3306 | URL | ||
| 40111 | OS-WINDOWS Microsoft Windows Server Ntoskrnl concurrent login attempt (more info ...) | attempted-user | 2016-3306 | URL | ||
| 40112 | OS-WINDOWS Microsoft Windows 10 GDI privilege escalation attempt (more info ...) | attempted-admin | 2016-3355 | URL | ||
| 40113 | OS-WINDOWS Microsoft Windows 10 GDI privilege escalation attempt (more info ...) | attempted-admin | 2016-3355 | URL | ||
| 40114 | OS-WINDOWS Microsoft Windows 10 privilege escalation attempt (more info ...) | attempted-admin | 2016-3373 | URL | ||
| 40115 | OS-WINDOWS Microsoft Windows 10 privilege escalation attempt (more info ...) | attempted-admin | 2016-3373 | URL | ||
| 40123 | BROWSER-IE Microsoft Edge edgehtml.dll normalize missing div child use after free attempt (more info ...) | attempted-user | 2016-3294 | URL | ||
| 40124 | BROWSER-IE Microsoft Edge edgehtml.dll normalize missing div child use after free attempt (more info ...) | attempted-user | 2016-3294 | URL | ||
| 40127 | OS-WINDOWS Microsoft Windows 10 and 8.1 registry key privilege escalation attempt (more info ...) | attempted-user | 2016-3371 | URL | ||
| 40128 | OS-WINDOWS Microsoft Windows 10 and 8.1 registry key privilege escalation attempt (more info ...) | attempted-user | 2016-3371 | URL | ||
| 40129 | OS-WINDOWS Microsoft Windows Server lsass.exe memory corruption attempt (more info ...) | attempted-admin | 2016-3368 | URL | ||
| 40134 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40135 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40136 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40137 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40138 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40139 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40140 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40141 | BROWSER-IE Microsoft Edge HTML normalize caption memory corruption attempt (more info ...) | attempted-user | 2016-3295 | URL | ||
| 40372 | BROWSER-IE Microsoft Windows Edge emodel use after free attempt (more info ...) | attempted-user | 2016-3331 | URL | ||
| 40373 | BROWSER-IE Microsoft Windows Edge emodel use after free attempt (more info ...) | attempted-user | 2016-3331 | URL | ||
| 40374 | OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (more info ...) | attempted-admin | 2016-3387 | URL | ||
| 40375 | OS-WINDOWS Microsoft Windows insecure BoundaryDescriptor privilege escalation attempt (more info ...) | attempted-admin | 2016-3387 | URL | ||
| 40380 | OS-WINDOWS Microsoft Windows win32kfull.sys FBitsTouch use after free attempt (more info ...) | attempted-user | 2016-7211 | URL | ||
| 40381 | OS-WINDOWS Microsoft Windows win32kfull.sys FBitsTouch use after free attempt (more info ...) | attempted-user | 2016-7211 | URL | ||
| 40383 | BROWSER-IE Microsoft Edge array.join information disclosure attempt (more info ...) | attempted-user | 2016-7189 | URL | ||
| 40384 | BROWSER-IE Microsoft Edge array.join information disclosure attempt (more info ...) | attempted-user | 2016-7189 | URL | ||
| 40392 | OS-WINDOWS Microsoft Windows Ntoskrnl privilege escalation attempt (more info ...) | attempted-admin | 2016-3376 | URL | ||
| 40393 | OS-WINDOWS Microsoft Windows Ntoskrnl privilege escalation attempt (more info ...) | attempted-admin | 2016-3376 | URL | ||
| 40394 | OS-WINDOWS Microsoft Windows Ntoskrnl integer overflow privilege escalation attempt (more info ...) | attempted-admin | 2017-0103 | URL | ||
| 40395 | OS-WINDOWS Microsoft Windows Ntoskrnl integer overflow privilege escalation attempt (more info ...) | attempted-admin | 2017-0103 | URL | ||
| 40396 | OS-WINDOWS Microsoft Windows Edge DACL privilege escalation attempt (more info ...) | attempted-admin | 2016-3388 | URL | ||
| 40397 | OS-WINDOWS Microsoft Windows Edge DACL privilege escalation attempt (more info ...) | attempted-admin | 2016-3388 | URL | ||
| 40398 | OS-WINDOWS Microsoft Windows Diagnostics Hub dll load from stream attempt (more info ...) | attempted-admin | 2016-7188 | URL | ||
| 40399 | OS-WINDOWS Microsoft Windows Diagnostics Hub dll load from stream attempt (more info ...) | attempted-admin | 2016-7188 | URL | ||
| 40400 | OS-WINDOWS Microsoft Windows 10 arbitrary registry key access privelege escalation attempt (more info ...) | attempted-admin | 2016-0075 | URL | ||
| 40401 | OS-WINDOWS Microsoft Windows 10 arbitrary registry key access privelege escalation attempt (more info ...) | attempted-admin | 2016-0075 | URL | ||
| 40402 | OS-WINDOWS Microsoft Windows user hive impersonation privelege escalation attempt (more info ...) | attempted-admin | 2016-0073 | URL | ||
| 40403 | OS-WINDOWS Microsoft Windows user hive impersonation privelege escalation attempt (more info ...) | attempted-admin | 2016-0073 | URL | ||
| 40408 | FILE-OTHER Microsoft Windows malformed TrueType file RCVT out of bounds read attempt (more info ...) | attempted-user | 2016-3209 | URL | ||
| 40409 | FILE-OTHER Microsoft Windows malformed TrueType file RCVT out of bounds read attempt (more info ...) | attempted-user | 2016-3209 | URL | ||
| 40410 | OS-WINDOWS Microsoft Windows win32k.sys ExtTextOut memory corruption attempt (more info ...) | attempted-admin | 2016-3270 | URL | ||
| 40411 | OS-WINDOWS Microsoft Windows win32k.sys ExtTextOut memory corruption attempt (more info ...) | attempted-admin | 2016-3270 | URL | ||
| 40412 | OS-WINDOWS Microsoft Windows registry hive privilege escalation attempt (more info ...) | attempted-admin | 2016-0079 | URL | ||
| 40413 | OS-WINDOWS Microsoft Windows registry hive privilege escalation attempt (more info ...) | attempted-admin | 2016-0079 | URL | ||
| 40418 | OS-WINDOWS Microsoft Windows DFS client driver privilege escalation attempt (more info ...) | attempted-user | 2016-7185 | URL | ||
| 40419 | OS-WINDOWS Microsoft Windows DFS client driver privilege escalation attempt (more info ...) | attempted-user | 2016-7185 | URL | ||
| 40423 | BROWSER-IE Microsoft Windows Edge function.apply use afterfree attempt (more info ...) | attempted-user | 2016-7194 | URL | ||
| 40424 | BROWSER-IE Microsoft Windows Edge function.apply use afterfree attempt (more info ...) | attempted-user | 2016-7194 | URL | ||
| 40425 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (more info ...) | attempted-user | 2016-3263 | URL | ||
| 40426 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overread attempt (more info ...) | attempted-user | 2016-3263 | URL | ||
| 40427 | OS-WINDOWS Microsoft Windows Win32k.sys sbit_Embolden use after free attempt (more info ...) | attempted-admin | 2016-7182 | URL | ||
| 40428 | OS-WINDOWS Microsoft Windows Win32k.sys sbit_Embolden use after free attempt (more info ...) | attempted-admin | 2016-7182 | URL | ||
| 40555 | OS-WINDOWS Microsoft Windows AHCACHE.SYS remote denial of service attempt (more info ...) | attempted-dos | 2016-3369 | URL | ||
| 40556 | OS-WINDOWS Microsoft Windows AHCACHE.SYS remote denial of service attempt (more info ...) | attempted-dos | 2016-3369 | URL | ||
| 40645 | FILE-IMAGE Microsoft Windows asycfilt.dll malformed jpeg buffer overread attempt (more info ...) | attempted-user | 2016-7212 | URL | ||
| 40646 | FILE-IMAGE Microsoft Windows asycfilt.dll malformed jpeg buffer overread attempt (more info ...) | attempted-user | 2016-7212 | URL | ||
| 40657 | OS-WINDOWS Microsoft Windows clfs.sys local privilege escalation attempt (more info ...) | attempted-admin | 2016-3343 | URL | ||
| 40658 | OS-WINDOWS Microsoft Windows clfs.sys local privilege escalation attempt (more info ...) | attempted-admin | 2016-3343 | URL | ||
| 40659 | BROWSER-IE Microsoft Edge Chakra.dll Array.splice heap overflow attempt (more info ...) | attempted-user | 2016-7203 | URL | ||
| 40660 | BROWSER-IE Microsoft Edge Chakra.dll Array.splice heap overflow attempt (more info ...) | attempted-user | 2016-7203 | URL | ||
| 40661 | BROWSER-IE Microsoft Edge Array.concat type confusion attempt (more info ...) | attempted-user | 2016-7242 | URL | ||
| 40662 | BROWSER-IE Microsoft Edge Array.concat type confusion attempt (more info ...) | attempted-user | 2016-7242 | URL | ||
| 40663 | OS-WINDOWS Microsoft Windows NtGdiSetBitmapAttributes privilege escalation attempt (more info ...) | attempted-admin | 2016-7215 | URL | ||
| 40664 | OS-WINDOWS Microsoft Windows NtGdiSetBitmapAttributes privilege escalation attempt (more info ...) | attempted-admin | 2016-7215 | URL | ||
| 40665 | OS-WINDOWS Microsoft Windows keybd_event type confusion code execution attempt (more info ...) | attempted-admin | 2016-7255 | URL | ||
| 40666 | OS-WINDOWS Microsoft Windows keybd_event type confusion code execution attempt (more info ...) | attempted-admin | 2016-7255 | URL | ||
| 40671 | OS-WINDOWS Microsoft windows InProcServer32 privilege escalation attempt (more info ...) | attempted-user | 2016-7221 | URL | ||
| 40672 | OS-WINDOWS Microsoft windows InProcServer32 privilege escalation attempt (more info ...) | attempted-user | 2016-7221 | URL | ||
| 40675 | BROWSER-IE Microsoft Edge video html tag buffer overflow attempt (more info ...) | attempted-admin | 2016-7217 | URL | ||
| 40676 | BROWSER-IE Microsoft Edge video html tag buffer overflow attempt (more info ...) | attempted-admin | 2016-7217 | URL | ||
| 40677 | OS-WINDOWS Microsoft Windows Task Scheduler SystemLocal NTLM remote path authentication challenge attempt (more info ...) | attempted-admin | 2016-7222 | URL | ||
| 40678 | OS-WINDOWS Microsoft Windows Task Scheduler SystemLocal NTLM remote path authentication challenge attempt (more info ...) | attempted-admin | 2016-7222 | URL | ||
| 40683 | BROWSER-IE Microsoft Edge stack variable memory access attempt (more info ...) | attempted-user | 2016-7198 | URL | ||
| 40684 | BROWSER-IE Microsoft Edge stack variable memory access attempt (more info ...) | attempted-user | 2016-7198 | URL | ||
| 40685 | OS-WINDOWS Microsoft Windows win32kfull.sys MegSetLensContextInformation use after free attempt (more info ...) | attempted-user | 2016-7246 | URL | ||
| 40686 | OS-WINDOWS Microsoft Windows win32kfull.sys MegSetLensContextInformation use after free attempt (more info ...) | attempted-user | 2016-7246 | URL | ||
| 40687 | OS-WINDOWS Microsoft Windows win32k.sys GetDIBits out of bounds read attempt (more info ...) | attempted-user | 2016-7214 | URL | ||
| 40688 | OS-WINDOWS Microsoft Windows win32k.sys GetDIBits out of bounds read attempt (more info ...) | attempted-user | 2016-7214 | URL | ||
| 40689 | FILE-OTHER Microsoft Windows BLF file local privilege escalation attempt (more info ...) | attempted-admin | 2022-21897 | URL | ||
| 40690 | FILE-OTHER Microsoft Windows BLF file local privilege escalation attempt (more info ...) | attempted-admin | 2022-21897 | URL | ||
| 40691 | FILE-OTHER Microsoft Windows BLF file local privilege escalation attempt (more info ...) | attempted-user | 2018-0846 | URL | ||
| 40692 | FILE-OTHER Microsoft Windows BLF file local privilege escalation attempt (more info ...) | attempted-user | 2018-0846 | URL | ||
| 40693 | OS-WINDOWS Microsoft Windows VHDMP generic privilege escalation attempt (more info ...) | attempted-user | 2016-7226 | URL | ||
| 40694 | OS-WINDOWS Microsoft Windows VHDMP generic privilege escalation attempt (more info ...) | attempted-user | 2016-7226 | URL | ||
| 40705 | FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (more info ...) | attempted-admin | 2016-7210 | URL | ||
| 40706 | FILE-OTHER Microsoft Windows OTF cmap table parsing integer overflow attempt (more info ...) | attempted-admin | 2016-7210 | URL | ||
| 40729 | FILE-OTHER Microsoft Windows OTF parsing memory corruption attempt (more info ...) | attempted-admin | 2016-7256 | URL | ||
| 40730 | FILE-OTHER Microsoft Windows OTF parsing memory corruption attempt (more info ...) | attempted-admin | 2016-7256 | URL | ||
| 40759 | OS-WINDOWS Microsoft Windows LSASS GSS-API DER decoding null pointer dereference attempt (more info ...) | attempted-dos | 2017-0004 | URL | ||
| 40813 | BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (more info ...) | attempted-user | 2016-0034 | URL | ||
| 40814 | BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (more info ...) | attempted-user | 2016-0034 | URL | ||
| 40886 | OS-WINDOWS Microsoft Windows keybd_event type confusion code execution attempt (more info ...) | attempted-admin | 2016-7255 | URL | ||
| 40887 | OS-WINDOWS Microsoft Windows keybd_event type confusion code execution attempt (more info ...) | attempted-admin | 2016-7255 | URL | ||
| 40936 | FILE-EXECUTABLE Microsoft CLFS.sys information leak attempt (more info ...) | attempted-recon | 2016-7295 | URL | ||
| 40937 | FILE-EXECUTABLE Microsoft CLFS.sys information leak attempt (more info ...) | attempted-recon | 2016-7295 | URL | ||
| 40942 | FILE-OTHER Microsoft Windows GDI32.dll cmap numUVSMappings overflow attempt (more info ...) | attempted-user | 2016-7274 | URL | ||
| 40943 | FILE-OTHER Microsoft Windows GDI32.dll cmap numUVSMappings overflow attempt (more info ...) | attempted-user | 2016-7274 | URL | ||
| 40947 | OS-WINDOWS Microsoft Windows StripSolidHorizontal out of bounds memory access attempt (more info ...) | attempted-admin | 2016-7260 | URL | ||
| 40948 | OS-WINDOWS Microsoft Windows StripSolidHorizontal out of bounds memory access attempt (more info ...) | attempted-admin | 2016-7260 | URL | ||
| 40953 | OS-WINDOWS Microsoft Windows ksecdd.sys kernel information disclosure attempt (more info ...) | attempted-user | 2016-7219 | URL | ||
| 40954 | OS-WINDOWS Microsoft Windows ksecdd.sys kernel information disclosure attempt (more info ...) | attempted-user | 2016-7219 | URL | ||
| 40955 | OS-WINDOWS Microsoft Windows ksecdd.sys kernel information disclosure attempt (more info ...) | attempted-user | 2016-7219 | URL | ||
| 40956 | OS-WINDOWS Microsoft Windows ksecdd.sys kernel information disclosure attempt (more info ...) | attempted-user | 2016-7219 | URL | ||
| 40975 | BROWSER-IE Microsoft Edge iframe information disclosure attempt (more info ...) | attempted-recon | 2016-7282 | URL | ||
| 40976 | BROWSER-IE Microsoft Edge iframe information disclosure attempt (more info ...) | attempted-recon | 2016-7282 | URL | ||
| 40984 | OS-WINDOWS Microsoft Windows MSIEXEC privilege escalation attempt (more info ...) | attempted-admin | 2016-7292 | URL | ||
| 40985 | OS-WINDOWS Microsoft Windows MSIEXEC privilege escalation attempt (more info ...) | attempted-admin | 2016-7292 | URL | ||
| 41385 | BROWSER-IE Microsoft Edge mutation event memory corruption attempt (more info ...) | attempted-user | 2016-0124 | URL | ||
| 41386 | BROWSER-IE Microsoft Edge mutation event memory corruption attempt (more info ...) | attempted-user | 2016-0124 | URL | ||
| 41499 | SERVER-SAMBA Microsoft Windows SMBv2/SMBv3 Buffer Overflow attempt (more info ...) | attempted-dos | 2017-0016 | |||
| 41501 | BROWSER-PLUGINS NTR ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0267 | 51374 | ||
| 41553 | BROWSER-IE Microsoft Edge url forgery attempt (more info ...) | attempted-user | 2017-0033 | URL | ||
| 41554 | BROWSER-IE Microsoft Edge url forgery attempt (more info ...) | attempted-user | 2017-0033 | URL | ||
| 41557 | BROWSER-IE Microsoft Edge Array out of bounds memory corruption attempt (more info ...) | attempted-user | 2017-0046 | URL | ||
| 41558 | BROWSER-IE Microsoft Edge Array out of bounds memory corruption attempt (more info ...) | attempted-user | 2017-0046 | URL | ||
| 41559 | BROWSER-IE Microsoft Edge Array out of bounds memory corruption attempt (more info ...) | attempted-user | 2017-0046 | URL | ||
| 41560 | BROWSER-IE Microsoft Edge Array out of bounds memory corruption attempt (more info ...) | attempted-user | 2017-0046 | URL | ||
| 41567 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0007 | URL | ||
| 41568 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0007 | URL | ||
| 41569 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0007 | URL | ||
| 41570 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0007 | URL | ||
| 41571 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0007 | URL | ||
| 41572 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0007 | URL | ||
| 41573 | BROWSER-IE Microsoft Edge CSS animation style information disclosure attempt (more info ...) | attempted-recon | 2017-0011 | URL | ||
| 41574 | BROWSER-IE Microsoft Edge CSS animation style information disclosure attempt (more info ...) | attempted-recon | 2017-0011 | URL | ||
| 41579 | OS-WINDOWS Microsoft Windows DirectComposition double free attempt (more info ...) | attempted-admin | 2017-0026 | URL | ||
| 41580 | OS-WINDOWS Microsoft Windows DirectComposition double free attempt (more info ...) | attempted-admin | 2017-0026 | URL | ||
| 41591 | OS-WINDOWS Microsoft Windows GDI privilege escalation attempt (more info ...) | attempted-admin | 2017-0047 | URL | ||
| 41592 | OS-WINDOWS Microsoft Windows GDI privilege escalation attempt (more info ...) | attempted-admin | 2017-0047 | URL | ||
| 41595 | OS-WINDOWS Microsoft Windows GDI invalid EMF cbBitsSrc memory disclosure attempt (more info ...) | attempted-recon | 2017-0038 | URL | ||
| 41596 | OS-WINDOWS Microsoft Windows GDI invalid EMF cbBitsSrc memory disclosure attempt (more info ...) | attempted-recon | 2017-0038 | URL | ||
| 41601 | FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (more info ...) | attempted-user | 2017-0023 | URL | ||
| 41602 | FILE-PDF Microsoft Edge PDF Builder out of bounds read attempt (more info ...) | attempted-user | 2017-0023 | URL | ||
| 41605 | BROWSER-IE Microsoft Edge AsmJs memory corruption attempt (more info ...) | denial-of-service | 2017-0035 | URL | ||
| 41606 | BROWSER-IE Microsoft Edge AsmJs memory corruption attempt (more info ...) | denial-of-service | 2017-0035 | URL | ||
| 41607 | OS-WINDOWS Microsoft Windows Kernel NtCreateProfile privilege escalation attempt (more info ...) | attempted-user | 2017-0050 | URL | ||
| 41608 | OS-WINDOWS Microsoft Windows Kernel NtCreateProfile privilege escalation attempt (more info ...) | attempted-user | 2017-0050 | URL | ||
| 41609 | OS-WINDOWS Microsoft Windows Kernel NtCreateProfile privilege escalation attempt (more info ...) | attempted-user | 2017-0050 | URL | ||
| 41610 | OS-WINDOWS Microsoft Windows Kernel NtCreateProfile privilege escalation attempt (more info ...) | attempted-user | 2017-0050 | URL | ||
| 41625 | BROWSER-IE Microsoft Edge HandleColumnBreakOnColumnSpanningElement type confusion attempt (more info ...) | attempted-admin | 2017-0037 | URL | ||
| 41626 | BROWSER-IE Microsoft Edge HandleColumnBreakOnColumnSpanningElement type confusion attempt (more info ...) | attempted-admin | 2017-0037 | URL | ||
| 41666 | BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2827 | |||
| 41667 | BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2827 | |||
| 41668 | BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2827 | |||
| 41669 | BROWSER-PLUGINS KingScada kxClientDownload ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2827 | |||
| 41710 | INDICATOR-COMPROMISE Binary file download request from internationalized domain name using Microsoft BITS (more info ...) | trojan-activity | ||||
| 41763 | BROWSER-IE Microsoft Edge HandleColumnBreakOnColumnSpanningElement type confusion attempt (more info ...) | attempted-admin | 2017-0037 | |||
| 41764 | BROWSER-IE Microsoft Edge HandleColumnBreakOnColumnSpanningElement type confusion attempt (more info ...) | attempted-admin | 2017-0037 | |||
| 41803 | BROWSER-PLUGINS Elipse E3 ActiveReports ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3982 | |||
| 41804 | BROWSER-PLUGINS Elipse E3 ActiveReports ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3982 | |||
| 41805 | BROWSER-PLUGINS Elipse E3 ActiveReports ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3982 | |||
| 41806 | BROWSER-PLUGINS Elipse E3 ActiveReports ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3982 | |||
| 41839 | BROWSER-IE Microsoft Edge object mutation memory corruption attempt (more info ...) | attempted-user | 2016-0003 | URL | ||
| 41840 | BROWSER-IE Microsoft Edge object mutation memory corruption attempt (more info ...) | attempted-user | 2016-0003 | URL | ||
| 41846 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-admin | 2016-0856 | 80745 | URL | |
| 41847 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-admin | 2016-0856 | 80745 | URL | |
| 41848 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-admin | 2016-0856 | 80745 | URL | |
| 41849 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-admin | 2016-0856 | 80745 | URL | |
| 41882 | SERVER-OTHER Advantech WebAccess DCERPC heap buffer overflow attempt (more info ...) | attempted-admin | 2016-0857 | 80745 | URL | |
| 41926 | OS-WINDOWS Microsoft Win32u NtUserThunkedMenuItemInfo use after free attempt (more info ...) | attempted-admin | 2017-0056 | URL | ||
| 41927 | OS-WINDOWS Microsoft Win32u NtUserThunkedMenuItemInfo use after free attempt (more info ...) | attempted-admin | 2017-0056 | URL | ||
| 41928 | OS-WINDOWS Microsoft Win32k DDI use after free attempt (more info ...) | attempted-admin | 2017-0079 | URL | ||
| 41929 | OS-WINDOWS Microsoft Win32k DDI use after free attempt (more info ...) | attempted-admin | 2017-0079 | URL | ||
| 41930 | OS-WINDOWS Microsoft Win32k DDI use after free attempt (more info ...) | attempted-admin | 2017-0082 | URL | ||
| 41931 | OS-WINDOWS Microsoft Win32k DDI use after free attempt (more info ...) | attempted-admin | 2017-0082 | URL | ||
| 41932 | FILE-OTHER Microsoft Windows Uniscribe privilege escalation attempt (more info ...) | attempted-admin | 2017-0108 | URL | ||
| 41933 | FILE-OTHER Microsoft Windows Uniscribe privilege escalation attempt (more info ...) | attempted-admin | 2017-0108 | URL | ||
| 41934 | FILE-OTHER Microsoft Windows Uniscribe privilege escalation attempt (more info ...) | attempted-admin | 2017-0086 | URL | ||
| 41935 | FILE-OTHER Microsoft Windows Uniscribe privilege escalation attempt (more info ...) | attempted-admin | 2017-0086 | URL | ||
| 41936 | BROWSER-IE Microsoft Edge TypedArray setter arbitrary write attempt (more info ...) | attempted-user | 2017-0071 | URL | ||
| 41937 | BROWSER-IE Microsoft Edge TypedArray setter arbitrary write attempt (more info ...) | attempted-user | 2017-0071 | URL | ||
| 41938 | BROWSER-IE Microsoft Edge reverse helper heap buffer overflow attempt (more info ...) | attempted-user | 2017-0141 | URL | ||
| 41939 | BROWSER-IE Microsoft Edge reverse helper heap buffer overflow attempt (more info ...) | attempted-user | 2017-0141 | URL | ||
| 41940 | OS-WINDOWS Microsoft Windows TrueTypeFont post table out of bounds write attempt (more info ...) | attempted-user | 2017-0088 | URL | ||
| 41941 | OS-WINDOWS Microsoft Windows TrueTypeFont post table out of bounds write attempt (more info ...) | attempted-user | 2017-0088 | URL | ||
| 41942 | BROWSER-IE Microsoft Edge EntrySimpleSlotGetter use after free attempt (more info ...) | attempted-user | 2017-0070 | URL | ||
| 41943 | BROWSER-IE Microsoft Edge EntrySimpleSlotGetter use after free attempt (more info ...) | attempted-user | 2017-0070 | URL | ||
| 41944 | BROWSER-IE Microsoft Edge scripting engine security bypass css attempt (more info ...) | attempted-user | 2017-0066 | URL | ||
| 41945 | BROWSER-IE Microsoft Edge scripting engine security bypass css attempt (more info ...) | attempted-user | 2017-0066 | URL | ||
| 41950 | BROWSER-IE Microsoft Edge WebAssembly memory corruption attempt (more info ...) | attempted-user | 2017-0133 | URL | ||
| 41951 | BROWSER-IE Microsoft Edge WebAssembly memory corruption attempt (more info ...) | attempted-user | 2017-0133 | URL | ||
| 41952 | BROWSER-IE Microsoft Edge local file read information leak attempt (more info ...) | attempted-user | 2017-0065 | URL | ||
| 41953 | BROWSER-IE Microsoft Edge local file read information leak attempt (more info ...) | attempted-user | 2017-0065 | URL | ||
| 41958 | BROWSER-IE Microsoft Edge malformed UTF-8 decode arbitrary read attempt (more info ...) | attempted-user | 2017-0131 | URL | ||
| 41959 | BROWSER-IE Microsoft Edge malformed UTF-8 decode arbitrary read attempt (more info ...) | attempted-user | 2017-0131 | URL | ||
| 41960 | OS-WINDOWS Microsoft Windows TrueType Font LookupTable out of bounds write attempt (more info ...) | attempted-user | 2017-0089 | URL | ||
| 41961 | OS-WINDOWS Microsoft Windows TrueType Font LookupTable out of bounds write attempt (more info ...) | attempted-user | 2017-0089 | URL | ||
| 41966 | OS-WINDOWS Microsoft Windows TrueTypeFont GSUB table out of bounds write attempt (more info ...) | attempted-user | 2017-0087 | URL | ||
| 41967 | OS-WINDOWS Microsoft Windows TrueTypeFont GSUB table out of bounds write attempt (more info ...) | attempted-user | 2017-0087 | URL | ||
| 41972 | OS-WINDOWS Microsoft Windows TrueType Font out of bounds write attempt (more info ...) | attempted-user | 2017-0072 | URL | ||
| 41973 | OS-WINDOWS Microsoft Windows TrueType Font out of bounds write attempt (more info ...) | attempted-user | 2017-0072 | URL | ||
| 41974 | OS-WINDOWS Microsoft Windows TrueType Font out of bounds write attempt (more info ...) | attempted-user | 2017-0090 | URL | ||
| 41975 | OS-WINDOWS Microsoft Windows TrueType Font out of bounds write attempt (more info ...) | attempted-user | 2017-0090 | URL | ||
| 41978 | OS-WINDOWS Microsoft Windows SMB remote code execution attempt (more info ...) | attempted-admin | 2017-0146 | URL | ||
| 41984 | OS-WINDOWS Microsoft Windows SMBv1 identical MID and FID type confusion attempt (more info ...) | attempted-admin | 2017-0143 | URL | ||
| 41985 | OS-WINDOWS Microsoft Windows TrueTypeFont post table out of bounds write attempt (more info ...) | attempted-user | 2017-0121 | URL | ||
| 41986 | OS-WINDOWS Microsoft Windows TrueTypeFont post table out of bounds write attempt (more info ...) | attempted-user | 2017-0121 | URL | ||
| 41991 | FILE-OTHER Microsoft Windows TTF file out of bounds access attempt (more info ...) | attempted-admin | 2017-0083 | URL | ||
| 41992 | FILE-OTHER Microsoft Windows TTF file out of bounds access attempt (more info ...) | attempted-admin | 2017-0083 | URL | ||
| 41994 | OS-WINDOWS Microsoft Windows GDI WMF out of bounds read attempt (more info ...) | attempted-user | 2017-0073 | URL | ||
| 41995 | OS-WINDOWS Microsoft Windows DDI privilege escalation attempt (more info ...) | attempted-admin | 2017-0080 | URL | ||
| 41996 | OS-WINDOWS Microsoft Windows DDI privilege escalation attempt (more info ...) | attempted-admin | 2017-0080 | URL | ||
| 41998 | OS-WINDOWS Microsoft GDI+ privilege escalation attempt (more info ...) | attempted-admin | 2017-0188 | URL | ||
| 42041 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2018-4438 | URL | ||
| 42122 | BROWSER-PLUGINS Invensys Wonderware Archestra ActiveX clsid access attempt (more info ...) | attempted-user | 2010-2974 | |||
| 42123 | BROWSER-PLUGINS Invensys Wonderware Archestra ActiveX clsid access attempt (more info ...) | attempted-user | 2010-2974 | |||
| 42124 | BROWSER-PLUGINS Invensys Wonderware Archestra ActiveX clsid access attempt (more info ...) | attempted-user | 2010-2974 | |||
| 42125 | BROWSER-PLUGINS Invensys Wonderware Archestra ActiveX clsid access attempt (more info ...) | attempted-user | 2010-2974 | |||
| 42148 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (more info ...) | attempted-user | 2017-0192 | |||
| 42149 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (more info ...) | attempted-user | 2017-0192 | |||
| 42150 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (more info ...) | attempted-user | 2017-0192 | |||
| 42151 | FILE-OTHER Microsoft Windows ATMFD font driver malformed OTF file out-of-bounds memory access attempt (more info ...) | attempted-user | 2017-0192 | |||
| 42154 | OS-WINDOWS Microsoft Windows win32k information disclosure attempt (more info ...) | attempted-admin | 2017-0167 | |||
| 42155 | OS-WINDOWS Microsoft Windows win32k information disclosure attempt (more info ...) | attempted-admin | 2017-0167 | |||
| 42158 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2017-0189 | |||
| 42159 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2017-0189 | |||
| 42160 | SERVER-OTHER Microsoft LDAP MaxBuffSize buffer overflow attempt (more info ...) | attempted-user | 2017-0166 | |||
| 42173 | OS-WINDOWS Microsoft GDI PolyTextOutW out of bounds memory write attempt (more info ...) | attempted-user | 2017-0155 | |||
| 42174 | OS-WINDOWS Microsoft GDI PolyTextOutW out of bounds memory write attempt (more info ...) | attempted-user | 2017-0155 | |||
| 42183 | BROWSER-IE Microsoft Edge format rendering type confusion attempt (more info ...) | attempted-user | 2017-0205 | |||
| 42184 | BROWSER-IE Microsoft Edge format rendering type confusion attempt (more info ...) | attempted-user | 2017-0205 | |||
| 42185 | OS-WINDOWS Microsoft Windows WMI DCOM arbitrary .NET serialization code execution attempt (more info ...) | attempted-user | 2017-0160 | URL | ||
| 42186 | OS-WINDOWS Microsoft Windows WMI DCOM arbitrary .NET serialization code execution attempt (more info ...) | attempted-user | 2017-0160 | URL | ||
| 42187 | OS-WINDOWS Microsoft Windows IE ETW Collector Service privilege escalation attempt (more info ...) | attempted-user | 2017-0165 | |||
| 42188 | OS-WINDOWS Microsoft Windows IE ETW Collector Service privilege escalation attempt (more info ...) | attempted-user | 2017-0165 | |||
| 42199 | OS-WINDOWS Microsoft Windows GDI null pointer dereference attempt (more info ...) | attempted-admin | 2017-0156 | |||
| 42200 | OS-WINDOWS Microsoft Windows GDI null pointer dereference attempt (more info ...) | attempted-admin | 2017-0156 | |||
| 42208 | OS-WINDOWS Microsoft Windows Clipboard Broker privilege escalation vulnerability attempt (more info ...) | attempted-user | 2017-0211 | |||
| 42209 | OS-WINDOWS Microsoft Windows Clipboard Broker privilege escalation vulnerability attempt (more info ...) | attempted-user | 2017-0211 | |||
| 42210 | BROWSER-IE Microsoft Edge xlink type confusion memory corruption attempt (more info ...) | attempted-user | 2017-0200 | |||
| 42211 | BROWSER-IE Microsoft Edge xlink type confusion memory corruption attempt (more info ...) | attempted-user | 2017-0200 | |||
| 42226 | OS-SOLARIS Solaris RPC XDR overflow code execution attempt (more info ...) | attempted-admin | 2017-3623 | URL | ||
| 42255 | OS-WINDOWS Microsoft Windows empty RDP cookie negotiation attempt (more info ...) | policy-violation | 2017-9073 | URL | ||
| 42294 | OS-WINDOWS Microsoft Windows SMBv1 WriteAndX and TransSecondaryRequest TotalDataCount out of bounds write attempt (more info ...) | attempted-admin | 2017-0145 | URL | ||
| 42338 | OS-WINDOWS Microsoft Windows SMB large NT RENAME transaction request memory leak attempt (more info ...) | attempted-recon | URL | |||
| 42339 | OS-WINDOWS Microsoft Windows SMB possible leak of kernel heap memory (more info ...) | attempted-recon | 2017-0147 | URL | ||
| 42443 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42749 | BROWSER-IE Microsoft Edge scripting engine postMessage use after free attempt (more info ...) | attempted-user | 2021-34448 | URL | ||
| 42750 | BROWSER-IE Microsoft Edge scripting engine postMessage use after free attempt (more info ...) | attempted-user | 2021-34448 | URL | ||
| 42751 | OS-WINDOWS Microsoft Windows AFD.sys double fetch race condition attempt (more info ...) | attempted-admin | 2017-0220 | |||
| 42752 | OS-WINDOWS Microsoft Windows AFD.sys double fetch race condition attempt (more info ...) | attempted-admin | 2017-0220 | |||
| 42753 | BROWSER-IE Microsoft Edge Chakra Core type confusion attempt (more info ...) | attempted-user | 2017-8605 | |||
| 42754 | BROWSER-IE Microsoft Edge Chakra Core type confusion attempt (more info ...) | attempted-user | 2017-8605 | |||
| 42757 | OS-WINDOWS Microsoft Windows dxgkrnl CreateDriverAllocations null pointer dereference attempt (more info ...) | attempted-admin | 2017-0077 | |||
| 42758 | OS-WINDOWS Microsoft Windows dxgkrnl CreateDriverAllocations null pointer dereference attempt (more info ...) | attempted-admin | 2017-0077 | |||
| 42759 | OS-WINDOWS Microsoft Windows COM privilege escalation attempt (more info ...) | attempted-admin | 2017-0214 | |||
| 42760 | OS-WINDOWS Microsoft Windows COM privilege escalation attempt (more info ...) | attempted-admin | 2017-0214 | |||
| 42761 | BROWSER-IE Microsoft Edge Chakra array unshift heap overflow attempt (more info ...) | attempted-user | 2017-0238 | |||
| 42762 | BROWSER-IE Microsoft Edge Chakra array unshift heap overflow attempt (more info ...) | attempted-user | 2017-0238 | |||
| 42763 | OS-WINDOWS Microsoft Windows NtTraceControl information disclosure attempt (more info ...) | attempted-recon | 2017-0259 | |||
| 42764 | OS-WINDOWS Microsoft Windows NtTraceControl information disclosure attempt (more info ...) | attempted-recon | 2017-0259 | |||
| 42765 | OS-WINDOWS Microsoft win32k privilege escalation attempt (more info ...) | attempted-admin | 2017-0263 | |||
| 42766 | OS-WINDOWS Microsoft win32k privilege escalation attempt (more info ...) | attempted-admin | 2017-0263 | |||
| 42767 | OS-WINDOWS Microsoft Windows DeviceIoControl double fetch race condition attempt (more info ...) | attempted-admin | URL | |||
| 42768 | OS-WINDOWS Microsoft Windows DeviceIoControl double fetch race condition attempt (more info ...) | attempted-admin | URL | |||
| 42769 | OS-WINDOWS Microsoft Win32k kernel memory leak attempt (more info ...) | attempted-user | 2017-0245 | |||
| 42770 | OS-WINDOWS Microsoft Win32k kernel memory leak attempt (more info ...) | attempted-user | 2017-0245 | |||
| 42771 | OS-WINDOWS Microsoft Windows GdiGradientFill null pointer dereference attempt (more info ...) | attempted-admin | 2017-0246 | |||
| 42772 | OS-WINDOWS Microsoft Windows GdiGradientFill null pointer dereference attempt (more info ...) | attempted-admin | 2017-0246 | |||
| 42775 | BROWSER-IE Microsoft Edge Chakra JIT memory corruption attempt (more info ...) | attempted-user | 2017-0234 | |||
| 42776 | BROWSER-IE Microsoft Edge Chakra JIT memory corruption attempt (more info ...) | attempted-user | 2017-0234 | |||
| 42777 | BROWSER-IE Microsoft Edge scripting engine security bypass css attempt (more info ...) | attempted-user | 2017-0064 | URL | ||
| 42778 | BROWSER-IE Microsoft Edge scripting engine security bypass css attempt (more info ...) | attempted-user | 2017-0064 | URL | ||
| 42779 | BROWSER-IE Microsoft Edge CSS writing mode type confusion attempt (more info ...) | attempted-user | 2017-0227 | |||
| 42780 | BROWSER-IE Microsoft Edge CSS writing mode type confusion attempt (more info ...) | attempted-user | 2017-0227 | |||
| 42781 | BROWSER-IE Microsoft Windows Edge AudioContext use after free attempt (more info ...) | attempted-user | 2017-0240 | |||
| 42782 | BROWSER-IE Microsoft Windows Edge AudioContext use after free attempt (more info ...) | attempted-user | 2017-0240 | |||
| 42783 | OS-WINDOWS Microsoft Windows ntoskrnl information disclosure attempt (more info ...) | attempted-admin | 2017-0258 | |||
| 42784 | OS-WINDOWS Microsoft Windows ntoskrnl information disclosure attempt (more info ...) | attempted-admin | 2017-0258 | |||
| 42798 | BROWSER-IE Microsoft Edge out of bounds read attempt (more info ...) | attempted-admin | 2017-0221 | |||
| 42799 | BROWSER-IE Microsoft Edge out of bounds read attempt (more info ...) | attempted-admin | 2017-0221 | |||
| 42811 | BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (more info ...) | attempted-user | 2017-0228 | |||
| 42812 | BROWSER-IE Microsoft Edge Chakra Engine use-after-free attempt (more info ...) | attempted-user | 2017-0228 | |||
| 42820 | OS-WINDOWS Microsoft Malware Protection Engine type confusion attempt (more info ...) | attempted-admin | 2017-0290 | URL | ||
| 42821 | OS-WINDOWS Microsoft Malware Protection Engine type confusion attempt (more info ...) | attempted-admin | 2017-0290 | URL | ||
| 42855 | BROWSER-PLUGINS Schneider SoMachine ActiveX clsid access attempt (more info ...) | attempted-user | 2016-4529 | |||
| 42856 | BROWSER-PLUGINS Schneider SoMachine ActiveX clsid access attempt (more info ...) | attempted-user | 2016-4529 | |||
| 42906 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 42907 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 42908 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 42909 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 42944 | OS-WINDOWS Microsoft Windows SMB remote code execution attempt (more info ...) | attempted-admin | 2017-0146 | URL | ||
| 43002 | PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (more info ...) | misc-activity | URL | |||
| 43003 | PROTOCOL-OTHER NETBIOS SMB IPC share access attempt (more info ...) | misc-activity | URL | |||
| 43114 | FILE-OTHER Microsoft Windows OTF parsing memory corruption attempt (more info ...) | attempted-admin | 2016-7256 | URL | ||
| 43115 | FILE-OTHER Microsoft Windows OTF parsing memory corruption attempt (more info ...) | attempted-admin | 2016-7256 | URL | ||
| 43157 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0215 | |||
| 43158 | OS-WINDOWS Microsoft Windows Device Guard code execution attempt (more info ...) | attempted-user | 2017-0215 | |||
| 43163 | BROWSER-IE Microsoft Edge object property type confusion attempt (more info ...) | attempted-user | 2017-8524 | |||
| 43164 | BROWSER-IE Microsoft Edge object property type confusion attempt (more info ...) | attempted-user | 2017-8524 | |||
| 43165 | BROWSER-IE Microsoft Edge cssText use after free attempt (more info ...) | attempted-user | 2017-8496 | |||
| 43166 | BROWSER-IE Microsoft Edge cssText use after free attempt (more info ...) | attempted-user | 2017-8496 | |||
| 43170 | BROWSER-IE Microsoft Edge textContent use after free attempt (more info ...) | attempted-user | 2017-8497 | |||
| 43173 | OS-WINDOWS Microsoft Windows 10 RS2 x64 linked cursor double free attempt (more info ...) | attempted-user | 2017-8468 | |||
| 43174 | OS-WINDOWS Microsoft Windows 10 RS2 x64 linked cursor double free attempt (more info ...) | attempted-user | 2017-8468 | |||
| 43175 | OS-WINDOWS Microsoft Windows Search Service out of bounds memory access attempt (more info ...) | attempted-admin | 2017-8543 | |||
| 43176 | OS-WINDOWS Microsoft Windows Search Service out of bounds memory access attempt (more info ...) | attempted-admin | 2017-8543 | |||
| 43188 | PROTOCOL-RPC Linux kernel NFSv2 malformed WRITE arbitrary memory read attempt (more info ...) | attempted-user | 2017-7895 | |||
| 43189 | PROTOCOL-RPC Linux kernel NFSv3 malformed WRITE arbitrary memory read attempt (more info ...) | attempted-user | 2017-7895 | |||
| 43312 | BROWSER-PLUGINS MagnetoSoft NetworkResources ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43313 | BROWSER-PLUGINS MagnetoSoft NetworkResources ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43314 | BROWSER-PLUGINS MagnetoSoft SNTP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43315 | BROWSER-PLUGINS MagnetoSoft SNTP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43320 | BROWSER-PLUGINS MagnetoSoft NetworkResources ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43321 | BROWSER-PLUGINS MagnetoSoft NetworkResources ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43322 | BROWSER-PLUGINS MagnetoSoft SNTP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43323 | BROWSER-PLUGINS MagnetoSoft SNTP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43380 | OS-WINDOWS Microsoft Windows MsMpEng custom apicall instruction use detected (more info ...) | attempted-admin | 2017-8558 | |||
| 43381 | OS-WINDOWS Microsoft Windows MsMpEng custom apicall instruction use detected (more info ...) | attempted-admin | 2017-8558 | |||
| 43460 | BROWSER-IE Microsoft Edge use-after-free attempt (more info ...) | attempted-user | 2017-8617 | |||
| 43461 | BROWSER-IE Microsoft Edge use-after-free attempt (more info ...) | attempted-user | 2017-8617 | |||
| 43462 | BROWSER-IE Microsoft Edge use-after-free attempt (more info ...) | attempted-user | 2017-8617 | |||
| 43463 | BROWSER-IE Microsoft Edge use-after-free attempt (more info ...) | attempted-user | 2017-8617 | |||
| 43465 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-admin | 2017-8601 | |||
| 43466 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-admin | 2017-8601 | |||
| 43469 | BROWSER-IE Microsoft Edge uninitialized memory attempt (more info ...) | attempted-user | 2017-8598 | |||
| 43470 | BROWSER-IE Microsoft Edge uninitialized memory attempt (more info ...) | attempted-user | 2017-8598 | |||
| 43471 | BROWSER-IE Microsoft Edge VBScript VarType out of bounds read attempt (more info ...) | attempted-user | 2017-8618 | |||
| 43472 | BROWSER-IE Microsoft Edge VBScript VarType out of bounds read attempt (more info ...) | attempted-user | 2017-8618 | |||
| 43473 | OS-WINDOWS Microsoft win32u PlgBlt out of bounds memory write attempt (more info ...) | attempted-admin | 2017-8578 | |||
| 43474 | OS-WINDOWS Microsoft win32u PlgBlt out of bounds memory write attempt (more info ...) | attempted-admin | 2017-8578 | |||
| 43490 | OS-WINDOWS Microsoft Windows unsafe memory access privilege escalation attempt (more info ...) | attempted-admin | 2017-8577 | |||
| 43491 | OS-WINDOWS Microsoft Windows unsafe memory access privilege escalation attempt (more info ...) | attempted-admin | 2017-8577 | |||
| 43492 | BROWSER-IE Microsoft Windows Edge array out of bounds write (more info ...) | attempted-user | 2017-8619 | |||
| 43493 | BROWSER-IE Microsoft Windows Edge array out of bounds write (more info ...) | attempted-user | 2017-8619 | |||
| 43851 | FILE-OTHER Microsoft Windows Device Guard bypass via compiled help file attempt (more info ...) | attempted-user | 2017-8625 | |||
| 43852 | FILE-OTHER Microsoft Windows Device Guard bypass via compiled help file attempt (more info ...) | attempted-user | 2017-8625 | |||
| 44331 | BROWSER-IE Microsoft Windows Edge memory corruption attempt (more info ...) | attempted-user | 2018-15991 | |||
| 44332 | BROWSER-IE Microsoft Windows Edge memory corruption attempt (more info ...) | attempted-user | 2018-15991 | |||
| 44333 | BROWSER-IE Microsoft Edge Chakra Core type confusion attempt (more info ...) | attempted-user | 2017-8738 | |||
| 44334 | BROWSER-IE Microsoft Edge Chakra Core type confusion attempt (more info ...) | attempted-user | 2017-8738 | |||
| 44335 | OS-WINDOWS Microsoft Windows Win32k.sys TrueType font out of bounds write attempt (more info ...) | attempted-admin | 2017-8682 | |||
| 44336 | OS-WINDOWS Microsoft Windows Win32k.sys TrueType font out of bounds write attempt (more info ...) | attempted-admin | 2017-8682 | |||
| 44338 | BROWSER-IE Microsoft Edge denial of service attempt (more info ...) | attempted-dos | 2017-8757 | URL | ||
| 44339 | BROWSER-IE Microsoft Edge denial of service attempt (more info ...) | attempted-dos | 2017-8757 | URL | ||
| 44340 | BROWSER-IE Microsoft Edge setSelectionRange memory corruption attempt (more info ...) | attempted-user | 2017-8734 | URL | ||
| 44341 | BROWSER-IE Microsoft Edge setSelectionRange memory corruption attempt (more info ...) | attempted-user | 2017-8734 | URL | ||
| 44514 | OS-WINDOWS Microsoft Windows Win32kfull.sys privilege escalation attempt (more info ...) | attempted-admin | 2017-8694 | URL | ||
| 44515 | OS-WINDOWS Microsoft Windows Win32kfull.sys privilege escalation attempt (more info ...) | attempted-admin | 2017-8694 | URL | ||
| 44516 | OS-WINDOWS Microsoft Windows CreateMenu use after free attempt (more info ...) | attempted-admin | 2017-8689 | URL | ||
| 44517 | OS-WINDOWS Microsoft Windows CreateMenu use after free attempt (more info ...) | attempted-admin | 2017-8689 | URL | ||
| 44528 | FILE-OTHER Microsoft Graphics remote code execution attempt (more info ...) | attempted-admin | 2017-11763 | URL | ||
| 44529 | FILE-OTHER Microsoft Graphics remote code execution attempt (more info ...) | attempted-admin | 2017-11763 | URL | ||
| 44532 | BROWSER-IE Microsoft Edge getOwnPropertyDescriptor memory corruption attempt (more info ...) | attempted-user | 2017-11798 | URL | ||
| 44533 | BROWSER-IE Microsoft Edge getOwnPropertyDescriptor memory corruption attempt (more info ...) | attempted-user | 2017-11798 | URL | ||
| 44637 | PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (more info ...) | attempted-dos | 2017-8797 | 99298 | URL | |
| 44638 | PROTOCOL-RPC Linux kernel nfsd nfsd4_layout_verify out of bounds read attempt (more info ...) | attempted-dos | 2017-8797 | 99298 | URL | |
| 44696 | SERVER-OTHER Advantech WebAccess MSRPC server integer overflow attempt (more info ...) | attempted-user | 2016-0859 | 80745 | URL | |
| 44809 | BROWSER-IE Microsoft Edge postMessage use after free attempt (more info ...) | attempted-user | 2017-11837 | URL | ||
| 44810 | BROWSER-IE Microsoft Edge postMessage use after free attempt (more info ...) | attempted-user | 2017-11837 | URL | ||
| 44811 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2017-11840 | URL | ||
| 44812 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2017-11840 | URL | ||
| 44813 | BROWSER-IE Microsoft Edge Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1023 | URL | ||
| 44814 | BROWSER-IE Microsoft Edge Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1023 | URL | ||
| 44815 | BROWSER-IE Microsoft Edge use after free attempt (more info ...) | attempted-admin | 2017-11843 | |||
| 44816 | BROWSER-IE Microsoft Edge use after free attempt (more info ...) | attempted-admin | 2017-11843 | |||
| 44817 | BROWSER-IE Microsoft Edge custom property memory corruption attempt (more info ...) | attempted-user | 2017-11845 | URL | ||
| 44818 | BROWSER-IE Microsoft Edge custom property memory corruption attempt (more info ...) | attempted-user | 2017-11845 | URL | ||
| 44819 | BROWSER-IE Microsoft Edge array use after free attempt (more info ...) | attempted-user | 2017-11791 | |||
| 44820 | BROWSER-IE Microsoft Edge array use after free attempt (more info ...) | attempted-user | 2017-11791 | |||
| 44827 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-admin | 2017-11858 | |||
| 44828 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-admin | 2017-11858 | |||
| 44831 | BROWSER-IE Microsoft Edge memory corruption exploitation attempt (more info ...) | attempted-admin | 2017-11855 | |||
| 44832 | BROWSER-IE Microsoft Edge memory corruption exploitation attempt (more info ...) | attempted-admin | 2017-11855 | |||
| 44833 | OS-WINDOWS Microsoft Windows win32k.sys use after free attempt (more info ...) | attempted-user | 2017-11847 | URL | ||
| 44834 | OS-WINDOWS Microsoft Windows win32k.sys use after free attempt (more info ...) | attempted-user | 2017-11847 | URL | ||
| 44845 | BROWSER-IE Microsoft Edge heap overflow attempt (more info ...) | attempted-user | 2017-11846 | URL | ||
| 44846 | BROWSER-IE Microsoft Edge heap overflow attempt (more info ...) | attempted-user | 2017-11846 | URL | ||
| 45128 | BROWSER-IE Microsoft Edge defineGetter type confusion attempt (more info ...) | attempted-user | 2017-11914 | URL | ||
| 45129 | BROWSER-IE Microsoft Edge defineGetter type confusion attempt (more info ...) | attempted-user | 2017-11914 | URL | ||
| 45130 | OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (more info ...) | attempted-user | 2017-11885 | URL | ||
| 45131 | OS-WINDOWS Microsoft Windows RRAS service arbitrary pointer dereference attempt (more info ...) | attempted-user | 2017-11885 | URL | ||
| 45140 | BROWSER-IE Microsoft Edge Chakra RegExp engine memory corruption attempt (more info ...) | attempted-user | 2017-11894 | URL | ||
| 45141 | BROWSER-IE Microsoft Edge Chakra RegExp engine memory corruption attempt (more info ...) | attempted-user | 2017-11894 | URL | ||
| 45143 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-1195 | |||
| 45150 | BROWSER-IE Microsoft Edge JsSetCurrentContext out of bounds read attempt (more info ...) | attempted-user | 2017-11909 | URL | ||
| 45151 | BROWSER-IE Microsoft Edge JsSetCurrentContext out of bounds read attempt (more info ...) | attempted-user | 2017-11909 | URL | ||
| 45160 | BROWSER-IE Microsoft Edge null pointer dereference attempt (more info ...) | attempted-user | 2017-11918 | URL | ||
| 45161 | BROWSER-IE Microsoft Edge null pointer dereference attempt (more info ...) | attempted-user | 2017-11918 | URL | ||
| 45162 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2017-11893 | URL | ||
| 45163 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2017-11893 | URL | ||
| 45167 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-admin | 2017-11930 | |||
| 45168 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-admin | 2017-11930 | |||
| 45169 | BROWSER-IE Microsoft Edge array type confusion attempt (more info ...) | attempted-user | 2017-11916 | URL | ||
| 45170 | BROWSER-IE Microsoft Edge array type confusion attempt (more info ...) | attempted-user | 2017-11916 | URL | ||
| 45198 | SERVER-OTHER Advantech WebAccess dcerpc service opcode 80061 stack buffer overflow attempt (more info ...) | attempted-admin | 2017-14016 | 101685 | URL | |
| 45270 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45271 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45272 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45273 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45274 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45275 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45276 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45277 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45278 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45279 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45280 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45281 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45282 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45283 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45284 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45285 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45286 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45287 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45288 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45289 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45290 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45291 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45292 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45293 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45294 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45295 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45296 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45297 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45298 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45299 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45300 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45301 | BROWSER-PLUGINS UCanCode ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 45374 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2018-0777 | URL | ||
| 45375 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2018-0777 | URL | ||
| 45376 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0769 | URL | ||
| 45377 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0769 | URL | ||
| 45378 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2018-0933 | URL | ||
| 45379 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2018-0933 | URL | ||
| 45383 | BROWSER-IE Microsoft Edge scripting engine integer overflow attempt (more info ...) | attempted-user | 2018-0758 | URL | ||
| 45384 | BROWSER-IE Microsoft Edge scripting engine integer overflow attempt (more info ...) | attempted-user | 2018-0758 | URL | ||
| 45387 | BROWSER-IE Microsoft Edge anonymous function type confusion attempt (more info ...) | attempted-user | 2018-0774 | URL | ||
| 45388 | BROWSER-IE Microsoft Edge anonymous function type confusion attempt (more info ...) | attempted-user | 2018-0774 | URL | ||
| 45389 | BROWSER-IE Microsoft IE array type confusion attempt (more info ...) | attempted-user | 2018-0762 | URL | ||
| 45390 | BROWSER-IE Microsoft IE array type confusion attempt (more info ...) | attempted-user | 2018-0762 | URL | ||
| 45391 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2018-0775 | URL | ||
| 45392 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2018-0775 | URL | ||
| 45395 | BROWSER-IE Microsoft Edge scripting engine toString use after free attempt (more info ...) | attempted-user | 2018-0773 | URL | ||
| 45396 | BROWSER-IE Microsoft Edge scripting engine toString use after free attempt (more info ...) | attempted-user | 2018-0773 | URL | ||
| 45445 | BROWSER-IE Microsoft Edge scripting engine ArrayBuffer memory corruption attempt (more info ...) | attempted-user | 2017-11812 | URL | ||
| 45446 | BROWSER-IE Microsoft Edge scripting engine ArrayBuffer memory corruption attempt (more info ...) | attempted-user | 2017-11812 | URL | ||
| 45508 | BROWSER-IE Microsoft Edge Scripting Engine array memory corruption attempt (more info ...) | attempted-user | 2017-11811 | URL | ||
| 45509 | BROWSER-IE Microsoft Edge Scripting Engine array memory corruption attempt (more info ...) | attempted-user | 2017-11811 | URL | ||
| 45516 | BROWSER-IE Microsoft Edge Scripting Engine array memory corruption attempt (more info ...) | attempted-user | 2017-11802 | URL | ||
| 45517 | BROWSER-IE Microsoft Edge Scripting Engine array memory corruption attempt (more info ...) | attempted-user | 2017-11802 | URL | ||
| 45554 | FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (more info ...) | attempted-user | 2010-0265 | URL | ||
| 45624 | OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (more info ...) | attempted-user | 2018-0825 | URL | ||
| 45625 | OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (more info ...) | attempted-user | 2018-0825 | URL | ||
| 45626 | BROWSER-IE Microsoft Edge Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2018-0834 | URL | ||
| 45627 | BROWSER-IE Microsoft Edge Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2018-0834 | URL | ||
| 45628 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8466 | |||
| 45629 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8466 | |||
| 45632 | OS-WINDOWS Microsoft Windows use after free win32kbase.sys privilege escalation attempt (more info ...) | attempted-admin | 2019-0814 | URL | ||
| 45633 | OS-WINDOWS Microsoft Windows use after free win32kbase.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-0756 | URL | ||
| 45634 | OS-WINDOWS Microsoft Windows use after free win32kbase.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-0756 | URL | ||
| 45635 | OS-WINDOWS Microsoft Windows use after free win32kbase.sys privilege escalation attempt (more info ...) | attempted-admin | 2019-0814 | URL | ||
| 45636 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2018-0860 | URL | ||
| 45637 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2018-0860 | URL | ||
| 45649 | OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt (more info ...) | attempted-user | 2018-0742 | URL | ||
| 45650 | OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt (more info ...) | attempted-user | 2018-0742 | URL | ||
| 45656 | OS-WINDOWS Microsoft Windows HIDPARSE.sys memory corruption attempt (more info ...) | attempted-user | 2018-0842 | URL | ||
| 45657 | OS-WINDOWS Microsoft Windows HIDPARSE.sys memory corruption attempt (more info ...) | attempted-user | 2018-0842 | URL | ||
| 45659 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-admin | 2018-0858 | URL | ||
| 45660 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-admin | 2018-0858 | URL | ||
| 45807 | OS-WINDOWS Microsoft Windows GetThreadContext kernel memory leak attempt (more info ...) | attempted-recon | 2018-0832 | URL | ||
| 45808 | OS-WINDOWS Microsoft Windows GetThreadContext kernel memory leak attempt (more info ...) | attempted-recon | 2018-0832 | URL | ||
| 45854 | OS-WINDOWS Microsoft Windows SMBv3 null pointer dereference attempt (more info ...) | denial-of-service | 2018-0833 | URL | ||
| 45873 | OS-WINDOWS Microsoft Windows SetProcessDeviceMap arbitrary file read attempt (more info ...) | attempted-admin | 2018-0877 | URL | ||
| 45874 | OS-WINDOWS Microsoft Windows SetProcessDeviceMap arbitrary file read attempt (more info ...) | attempted-admin | 2018-0877 | URL | ||
| 45875 | BROWSER-IE Microsoft Edge uninitialized memory use attempt (more info ...) | attempted-user | 2018-0874 | URL | ||
| 45876 | BROWSER-IE Microsoft Edge uninitialized memory use attempt (more info ...) | attempted-user | 2018-0874 | URL | ||
| 45881 | OS-WINDOWS Microsoft Windows 10 gdi32 library integer overflow attempt (more info ...) | attempted-admin | 2018-0817 | URL | ||
| 45882 | OS-WINDOWS Microsoft Windows 10 gdi32 library integer overflow attempt (more info ...) | attempted-admin | 2018-0817 | URL | ||
| 45889 | BROWSER-IE Microsoft Edge Chakra Core type confusion attempt (more info ...) | attempted-user | 2018-0930 | URL | ||
| 45890 | BROWSER-IE Microsoft Edge Chakra Core type confusion attempt (more info ...) | attempted-user | 2018-0930 | URL | ||
| 45898 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0893 | |||
| 45899 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0893 | |||
| 45900 | OS-WINDOWS Microsoft Windows Desktop Bridge privilege escalation attempt (more info ...) | attempted-admin | 2018-0882 | URL | ||
| 45901 | OS-WINDOWS Microsoft Windows Desktop Bridge privilege escalation attempt (more info ...) | attempted-admin | 2018-0882 | URL | ||
| 45902 | OS-WINDOWS Microsoft Windows Desktop Bridge privilege escalation attempt (more info ...) | attempted-admin | 2018-0880 | URL | ||
| 45903 | OS-WINDOWS Microsoft Windows Desktop Bridge privilege escalation attempt (more info ...) | attempted-admin | 2018-0880 | URL | ||
| 45977 | OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (more info ...) | attempted-recon | 2017-0147 | URL | ||
| 45978 | OS-WINDOWS Microsoft Windows SMB kernel heap memory leak attempt (more info ...) | attempted-recon | 2017-0147 | URL | ||
| 46055 | FILE-OTHER Microsoft wimgapi LoadIntegrityInfo heap buffer overflow attempt (more info ...) | attempted-user | 2018-8210 | URL | ||
| 46056 | FILE-OTHER Microsoft wimgapi LoadIntegrityInfo heap buffer overflow attempt (more info ...) | attempted-user | 2018-8210 | URL | ||
| 46058 | FILE-OTHER Microsoft wimgapi LoadIntegrityInfo heap buffer overflow attempt (more info ...) | attempted-user | 2018-8210 | URL | ||
| 46059 | FILE-OTHER Microsoft wimgapi LoadIntegrityInfo heap buffer overflow attempt (more info ...) | attempted-user | 2018-8210 | URL | ||
| 46061 | SERVER-OTHER Advantech WebAccess webvrpcs service arbitrary pointer dereference attempt (more info ...) | attempted-admin | 2017-16728 | 102424 | URL | |
| 46076 | NETBIOS MikroTik RouterOS buffer overflow attempt (more info ...) | attempted-user | 2018-7445 | 103427 | ||
| 46163 | FILE-OTHER Microsoft Windows Defender malformed RAR memory corruption attempt (more info ...) | attempted-user | 2018-0986 | URL | ||
| 46164 | FILE-OTHER Microsoft Windows Defender malformed RAR memory corruption attempt (more info ...) | attempted-user | 2018-0986 | URL | ||
| 46176 | BROWSER-IE Microsoft Edge Chakra use after free attempt (more info ...) | attempted-admin | 2018-0995 | URL | ||
| 46177 | BROWSER-IE Microsoft Edge Chakra use after free attempt (more info ...) | attempted-admin | 2018-0995 | URL | ||
| 46188 | FILE-OTHER Microsoft Windows malformed TTF integer overflow attempt (more info ...) | attempted-admin | 2018-1013 | URL | ||
| 46189 | FILE-OTHER Microsoft Windows malformed TTF integer overflow attempt (more info ...) | attempted-admin | 2018-1013 | URL | ||
| 46194 | BROWSER-IE Microsoft Edge Chakra use after free attempt (more info ...) | attempted-user | 2018-0990 | URL | ||
| 46195 | BROWSER-IE Microsoft Edge Chakra use after free attempt (more info ...) | attempted-user | 2018-0990 | URL | ||
| 46200 | OS-WINDOWS Microsoft Windows TrueType font heap overflow attempt (more info ...) | attempted-user | 2018-1010 | URL | ||
| 46201 | OS-WINDOWS Microsoft Windows TrueType font heap overflow attempt (more info ...) | attempted-user | 2018-1010 | URL | ||
| 46206 | BROWSER-IE Microsoft Windows Edge use-after-free attempt (more info ...) | attempted-user | 2018-0991 | URL | ||
| 46207 | BROWSER-IE Microsoft Windows Edge use-after-free attempt (more info ...) | attempted-user | 2018-0991 | URL | ||
| 46212 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0993 | URL | ||
| 46213 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0993 | URL | ||
| 46214 | OS-WINDOWS Microsoft Windows TrueType font heap overflow attempt (more info ...) | attempted-user | 2018-1015 | URL | ||
| 46215 | OS-WINDOWS Microsoft Windows TrueType font heap overflow attempt (more info ...) | attempted-user | 2018-1015 | URL | ||
| 46218 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2018-0996 | URL | ||
| 46219 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2018-0996 | URL | ||
| 46226 | FILE-PDF Microsoft Edge pdf parsing information disclosure attempt (more info ...) | attempted-recon | 2018-0998 | URL | ||
| 46227 | FILE-PDF Microsoft Edge pdf parsing information disclosure attempt (more info ...) | attempted-recon | 2018-0998 | URL | ||
| 46230 | OS-WINDOWS Microsoft Windows malformed TTF integer overflow attempt (more info ...) | attempted-admin | 2018-1012 | URL | ||
| 46231 | OS-WINDOWS Microsoft Windows malformed TTF integer overflow attempt (more info ...) | attempted-admin | 2018-1012 | URL | ||
| 46538 | OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-8124 | URL | ||
| 46539 | OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-8124 | URL | ||
| 46544 | BROWSER-IE Microsoft Edge scripting engine use after free attempt (more info ...) | attempted-user | 2018-0946 | URL | ||
| 46545 | BROWSER-IE Microsoft Edge scripting engine use after free attempt (more info ...) | attempted-user | 2018-0946 | URL | ||
| 46546 | OS-WINDOWS Microsoft Windows win32k NtUserSetImeInfoEx privilege escalation attempt (more info ...) | attempted-admin | 2018-8120 | URL | ||
| 46547 | OS-WINDOWS Microsoft Windows win32k NtUserSetImeInfoEx privilege escalation attempt (more info ...) | attempted-admin | 2018-8120 | URL | ||
| 46562 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2018-8164 | URL | ||
| 46563 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2018-8164 | URL | ||
| 46564 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2018-8166 | URL | ||
| 46565 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2018-8166 | URL | ||
| 46603 | OS-WINDOWS Microsoft Windows clfs.sys out of bounds local privilege escalation attempt (more info ...) | attempted-admin | 2018-8167 | URL | ||
| 46604 | OS-WINDOWS Microsoft Windows clfs.sys out of bounds local privilege escalation attempt (more info ...) | attempted-admin | 2018-8167 | URL | ||
| 46606 | BROWSER-IE Microsoft Edge out-of-bounds memory access attempt (more info ...) | attempted-user | 2018-8137 | URL | ||
| 46607 | BROWSER-IE Microsoft Edge out-of-bounds memory access attempt (more info ...) | attempted-user | 2018-8137 | URL | ||
| 46637 | NETBIOS SMB client NULL deref race condition attempt (more info ...) | attempted-admin | 2010-0231 | URL | ||
| 46754 | OS-WINDOWS Microsoft Windows win32k NtUserSetImeInfoEx privilege escalation attempt (more info ...) | attempted-admin | 2018-8120 | URL | ||
| 46755 | OS-WINDOWS Microsoft Windows win32k NtUserSetImeInfoEx privilege escalation attempt (more info ...) | attempted-admin | 2018-8120 | URL | ||
| 46811 | FILE-OTHER Microsoft Windows Host Compute Service Shim remote code execution attempt (more info ...) | attempted-user | 2018-8115 | URL | ||
| 46830 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2018-8897 | URL | ||
| 46831 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2018-8897 | URL | ||
| 46832 | OS-WINDOWS Microsoft Windows ROP gadget locate attempt (more info ...) | attempted-admin | 2018-8897 | |||
| 46833 | OS-WINDOWS Microsoft Windows ROP gadget locate attempt (more info ...) | attempted-admin | 2018-8897 | |||
| 46834 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2018-8897 | URL | ||
| 46835 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2018-8897 | URL | ||
| 46927 | BROWSER-IE Microsoft Edge ClipPath out of bounds write attempt (more info ...) | attempted-user | 2018-8110 | URL | ||
| 46928 | BROWSER-IE Microsoft Edge ClipPath out of bounds write attempt (more info ...) | attempted-user | 2018-8110 | |||
| 46929 | BROWSER-IE Microsoft Edge type confusion memory corruption attempt (more info ...) | attempted-user | 2018-8111 | URL | ||
| 46930 | BROWSER-IE Microsoft Edge type confusion memory corruption attempt (more info ...) | attempted-user | 2018-8111 | URL | ||
| 46933 | BROWSER-IE Microsoft Edge Chakra scripting engine type confusion attempt (more info ...) | attempted-user | 2018-8229 | URL | ||
| 46934 | BROWSER-IE Microsoft Edge Chakra scripting engine type confusion attempt (more info ...) | attempted-user | 2018-8229 | URL | ||
| 46938 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2018-8233 | URL | ||
| 46939 | OS-WINDOWS Microsoft Win32k privilege escalation attempt (more info ...) | attempted-admin | 2018-8233 | URL | ||
| 46943 | FILE-OTHER Microsoft Windows .lnk shortcut file executing system32 executable attempt (more info ...) | attempted-user | 2018-0978 | URL | ||
| 47057 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 47058 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | |||
| 47096 | OS-WINDOWS Microsoft Windows xxxNextWindow NULL pointer dereference attempt (more info ...) | attempted-admin | 2018-8282 | URL | ||
| 47097 | OS-WINDOWS Microsoft Windows xxxNextWindow NULL pointer dereference attempt (more info ...) | attempted-admin | 2018-8282 | URL | ||
| 47098 | BROWSER-IE Microsoft Edge parseFloat type confusion attempt (more info ...) | attempted-user | 2018-8279 | URL | ||
| 47099 | BROWSER-IE Microsoft Edge parseFloat type confusion attempt (more info ...) | attempted-user | 2018-8279 | URL | ||
| 47100 | BROWSER-IE Microsoft Edge TryArraySplice memory corruption attempt (more info ...) | attempted-user | 2018-8275 | URL | ||
| 47101 | BROWSER-IE Microsoft Edge TryArraySplice memory corruption attempt (more info ...) | attempted-user | 2018-8275 | URL | ||
| 47103 | BROWSER-IE Microsoft Edge Intl.js memory corruption attempt (more info ...) | attempted-user | 2018-8298 | URL | ||
| 47107 | BROWSER-IE Microsoft Edge event handling use-after-free attempt (more info ...) | attempted-user | 2018-8274 | URL | ||
| 47108 | BROWSER-IE Microsoft Edge event handling use-after-free attempt (more info ...) | attempted-user | 2018-8274 | URL | ||
| 47109 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-admin | 2018-8291 | URL | ||
| 47110 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-admin | 2018-8291 | URL | ||
| 47111 | BROWSER-IE Microsoft Edge Form buffer overflow attempt (more info ...) | attempted-user | 2018-8289 | URL | ||
| 47112 | BROWSER-IE Microsoft Edge Form buffer overflow attempt (more info ...) | attempted-user | 2018-8289 | URL | ||
| 47113 | BROWSER-IE Microsoft Edge heap overflow attempt (more info ...) | attempted-user | 2018-8262 | URL | ||
| 47114 | BROWSER-IE Microsoft Edge heap overflow attempt (more info ...) | attempted-user | 2018-8262 | URL | ||
| 47117 | BROWSER-IE Microsoft Edge browser memory corruption attempt (more info ...) | attempted-user | 2018-8125 | URL | ||
| 47118 | BROWSER-IE Microsoft Edge browser memory corruption attempt (more info ...) | attempted-user | 2018-8125 | URL | ||
| 47119 | BROWSER-OTHER Microsoft Edge url spoofing attempt (more info ...) | attempted-user | 2018-8278 | URL | ||
| 47120 | BROWSER-OTHER Microsoft Edge url spoofing attempt (more info ...) | attempted-user | 2018-8278 | URL | ||
| 47121 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8283 | URL | ||
| 47122 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8283 | URL | ||
| 47141 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2018-8324 | URL | ||
| 47142 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2018-8324 | URL | ||
| 47161 | BROWSER-IE Microsoft Edge mutation event memory corruption attempt (more info ...) | attempted-user | 2016-0124 | URL | ||
| 47219 | FILE-OTHER Microsoft Windows OTF parsing memory corruption attempt (more info ...) | attempted-admin | 2016-7256 | URL | ||
| 47220 | FILE-OTHER Microsoft Windows OTF parsing memory corruption attempt (more info ...) | attempted-admin | 2016-7256 | URL | ||
| 47461 | BROWSER-PLUGINS CTSWebProxy ActiveX privilege escalation attempt (more info ...) | attempted-admin | 2015-0016 | URL | ||
| 47462 | BROWSER-PLUGINS CTSWebProxy ActiveX privilege escalation attempt (more info ...) | attempted-admin | 2015-0016 | URL | ||
| 47474 | BROWSER-IE Microsoft Edge browser redirection vulnerability attempt (more info ...) | attempted-user | 2018-8383 | URL | ||
| 47475 | BROWSER-IE Microsoft Edge browser redirection vulnerability attempt (more info ...) | attempted-user | 2018-8383 | URL | ||
| 47477 | FILE-OTHER Microsoft LNK remote code execution attempt (more info ...) | attempted-admin | 2018-8345 | URL | ||
| 47478 | BROWSER-IE Microsoft Edge Chakra Scripting Engine type confusion attempt (more info ...) | attempted-user | 2018-8372 | URL | ||
| 47479 | BROWSER-IE Microsoft Edge Chakra Scripting Engine type confusion attempt (more info ...) | attempted-user | 2018-8372 | URL | ||
| 47480 | BROWSER-IE Microsoft Edge type confusion vulnerability attempt (more info ...) | attempted-user | 2018-8384 | URL | ||
| 47481 | BROWSER-IE Microsoft Edge type confusion vulnerability attempt (more info ...) | attempted-user | 2018-8384 | URL | ||
| 47486 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-user | 2018-8387 | URL | ||
| 47487 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-user | 2018-8387 | URL | ||
| 47488 | BROWSER-IE Microsoft Edge transform type confusion attempt (more info ...) | attempted-user | 2018-8403 | URL | ||
| 47489 | BROWSER-IE Microsoft Edge transform type confusion attempt (more info ...) | attempted-user | 2018-8403 | URL | ||
| 47490 | BROWSER-IE Microsoft Edge Chakra Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2018-8266 | URL | ||
| 47491 | BROWSER-IE Microsoft Edge Chakra Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2018-8266 | URL | ||
| 47492 | BROWSER-IE Microsoft Edge Chakra Scripting Engine localeCompare type confusion attempt (more info ...) | attempted-user | 2018-8355 | URL | ||
| 47493 | BROWSER-IE Microsoft Edge Chakra Scripting Engine localeCompare type confusion attempt (more info ...) | attempted-user | 2018-8355 | URL | ||
| 47503 | FILE-EXECUTABLE Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-user | 2018-8404 | URL | ||
| 47504 | FILE-EXECUTABLE Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-user | 2018-8404 | URL | ||
| 47512 | OS-WINDOWS Microsoft Windows D3D memory corruption attempt (more info ...) | attempted-user | 2018-8406 | URL | ||
| 47513 | OS-WINDOWS Microsoft Windows D3D memory corruption attempt (more info ...) | attempted-user | 2018-8406 | URL | ||
| 47515 | OS-WINDOWS Microsoft Windows D3D memory corruption attempt (more info ...) | attempted-user | 2018-8405 | URL | ||
| 47516 | OS-WINDOWS Microsoft Windows D3D memory corruption attempt (more info ...) | attempted-user | 2018-8405 | URL | ||
| 47517 | OS-WINDOWS Microsoft Windows D3D memory corruption attempt (more info ...) | attempted-user | 2018-8401 | URL | ||
| 47518 | OS-WINDOWS Microsoft Windows D3D memory corruption attempt (more info ...) | attempted-user | 2018-8401 | URL | ||
| 47519 | FILE-OTHER Microsoft Graphics remote code execution attempt (more info ...) | attempted-user | 2018-8344 | URL | ||
| 47520 | FILE-OTHER Microsoft Graphics remote code execution attempt (more info ...) | attempted-user | 2018-8344 | URL | ||
| 47635 | BROWSER-IE Microsoft Edge Chakra floating point type confusion attempt (more info ...) | attempted-user | 2018-0953 | URL | ||
| 47636 | BROWSER-IE Microsoft Edge Chakra floating point type confusion attempt (more info ...) | attempted-user | 2018-0953 | URL | ||
| 47637 | BROWSER-IE Microsoft Edge Chakra floating point type confusion attempt (more info ...) | attempted-user | 2018-0953 | URL | ||
| 47638 | BROWSER-IE Microsoft Edge Chakra floating point type confusion attempt (more info ...) | attempted-user | 2018-0953 | URL | ||
| 47702 | OS-WINDOWS Microsoft Windows ALPC task scheduler local privilege escalation attempt (more info ...) | attempted-admin | 2018-8440 | URL | ||
| 47703 | OS-WINDOWS Microsoft Windows ALPC task scheduler local privilege escalation attempt (more info ...) | attempted-admin | 2018-8440 | URL | ||
| 47717 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-user | 2018-8442 | URL | ||
| 47718 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-user | 2018-8442 | URL | ||
| 47732 | BROWSER-IE Microsoft Edge empty prototype use-after-free attempt (more info ...) | attempted-user | 2018-8459 | URL | ||
| 47733 | BROWSER-IE Microsoft Edge empty prototype use-after-free attempt (more info ...) | attempted-user | 2018-8459 | URL | ||
| 47734 | BROWSER-IE Microsoft Edge Chakra engine use after free exploit attempt (more info ...) | attempted-user | 2018-8367 | URL | ||
| 47735 | BROWSER-IE Microsoft Edge Chakra engine use after free exploit attempt (more info ...) | attempted-user | 2018-8367 | URL | ||
| 47736 | BROWSER-IE Microsoft Edge type confusion memory corruption attempt (more info ...) | attempted-user | 2018-8391 | URL | ||
| 47737 | BROWSER-IE Microsoft Edge type confusion memory corruption attempt (more info ...) | attempted-user | 2018-8391 | URL | ||
| 47740 | OS-WINDOWS Microsoft Windows Device Guard bypass attempt (more info ...) | attempted-user | 2018-8449 | URL | ||
| 47741 | OS-WINDOWS Microsoft Windows Device Guard bypass attempt (more info ...) | attempted-user | 2018-8449 | URL | ||
| 47742 | BROWSER-IE Microsoft Edge type confusion code execution attempt (more info ...) | attempted-user | 2018-8467 | URL | ||
| 47743 | BROWSER-IE Microsoft Edge type confusion code execution attempt (more info ...) | attempted-user | 2018-8467 | URL | ||
| 47745 | OS-WINDOWS Microsoft Windows predefined registry keys double free attempt (more info ...) | attempted-user | 2018-8410 | URL | ||
| 47764 | FILE-IMAGE Microsoft Windows malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2018-8475 | URL | ||
| 47765 | FILE-IMAGE Microsoft Windows malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2018-8475 | URL | ||
| 47850 | OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (more info ...) | attempted-admin | 2018-0952 | URL | ||
| 47851 | OS-WINDOWS Microsoft Windows SystemCollector privilege escalation attempt (more info ...) | attempted-admin | 2018-0952 | URL | ||
| 48045 | BROWSER-IE Microsoft Edge DomAttrModified use after free attempt (more info ...) | attempted-user | 2018-8460 | URL | ||
| 48046 | BROWSER-IE Microsoft Edge DomAttrModified use after free attempt (more info ...) | attempted-user | 2018-8460 | URL | ||
| 48047 | OS-WINDOWS Microsoft Windows dxgkrnl.sys kernel memory information leak attempt (more info ...) | attempted-admin | 2018-8486 | URL | ||
| 48048 | OS-WINDOWS Microsoft Windows dxgkrnl.sys kernel memory information leak attempt (more info ...) | attempted-admin | 2018-8486 | URL | ||
| 48054 | BROWSER-IE Microsoft Edge App-v vbs command attempt (more info ...) | attempted-user | 2018-8495 | URL | ||
| 48056 | OS-WINDOWS Microsoft Windows Filter Manager Elevation Of Privilege attempt (more info ...) | denial-of-service | 2018-8333 | URL | ||
| 48057 | FILE-EXECUTABLE Microsoft Windows NTFS privilege escalation attempt (more info ...) | attempted-user | 2018-8411 | URL | ||
| 48058 | FILE-EXECUTABLE Microsoft Windows NTFS privilege escalation attempt (more info ...) | attempted-user | 2018-8411 | URL | ||
| 48059 | FILE-OTHER Microsoft Windows malformed .themepack Theme API remote code execution attempt (more info ...) | attempted-user | 2018-8413 | URL | ||
| 48060 | FILE-OTHER Microsoft Windows malformed .themepack Theme API remote code execution attempt (more info ...) | attempted-user | 2018-8413 | URL | ||
| 48062 | FILE-OTHER Microsoft Powershell XML instantiation constrained language mode bypass attempt (more info ...) | attempted-user | 2018-8492 | URL | ||
| 48063 | FILE-OTHER Microsoft Powershell XML instantiation constrained language mode bypass attempt (more info ...) | attempted-user | 2018-8492 | URL | ||
| 48072 | OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt (more info ...) | attempted-user | 2018-8453 | URL | ||
| 48073 | OS-WINDOWS Microsoft Windows win32k.sys privilege escalation attempt (more info ...) | attempted-user | 2018-8453 | URL | ||
| 48122 | FILE-OTHER Microsoft .NET Resources file remote code execution attempt (more info ...) | attempted-user | 2018-8172 | URL | ||
| 48123 | FILE-OTHER Microsoft .NET Resources file remote code execution attempt (more info ...) | attempted-user | 2018-8172 | URL | ||
| 48128 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2018-8468 | URL | ||
| 48129 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2018-8468 | URL | ||
| 48130 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-user | 2018-8469 | URL | ||
| 48131 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-user | 2018-8469 | URL | ||
| 48132 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-user | 2018-8469 | URL | ||
| 48133 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-user | 2018-8469 | URL | ||
| 48162 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-user | 2018-8469 | URL | ||
| 48163 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-user | 2018-8469 | URL | ||
| 48237 | OS-WINDOWS Microsoft Data Sharing dssvc.dll arbitrary file deletion attempt (more info ...) | attempted-admin | 2018-8584 | URL | ||
| 48238 | OS-WINDOWS Microsoft Data Sharing dssvc.dll arbitrary file deletion attempt (more info ...) | attempted-admin | 2018-8584 | URL | ||
| 48241 | NETBIOS Cisco WebEx WebExService.exe remote code execution attempt (more info ...) | attempted-admin | 2018-15442 | URL | ||
| 48360 | BROWSER-IE Microsoft Edge JIT floating point value type confusion attempt (more info ...) | attempted-admin | 2018-8555 | URL | ||
| 48361 | BROWSER-IE Microsoft Edge JIT floating point value type confusion attempt (more info ...) | attempted-user | 2018-8555 | URL | ||
| 48362 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-user | 2018-8562 | URL | ||
| 48363 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-user | 2018-8562 | URL | ||
| 48364 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-user | 2018-8589 | URL | ||
| 48365 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-user | 2018-8589 | URL | ||
| 48366 | OS-WINDOWS Microsoft Windows dxgkrnl.sys elevation of privilege attempt (more info ...) | attempted-admin | 2018-8554 | URL | ||
| 48367 | OS-WINDOWS Microsoft Windows dxgkrnl.sys elevation of privilege attempt (more info ...) | attempted-admin | 2018-8554 | URL | ||
| 48374 | FILE-IMAGE Microsoft Graphics component WMF code execution attempt (more info ...) | attempted-user | 2018-8553 | URL | ||
| 48375 | FILE-IMAGE Microsoft Graphics component WMF code execution attempt (more info ...) | attempted-user | 2018-8553 | URL | ||
| 48376 | BROWSER-IE Microsoft Edge bailOnImplicitCall type confusion attempt (more info ...) | attempted-user | 2018-8556 | URL | ||
| 48377 | BROWSER-IE Microsoft Edge bailOnImplicitCall type confusion attempt (more info ...) | attempted-user | 2018-8556 | URL | ||
| 48387 | BROWSER-IE Microsoft Edge information disclosure attempt (more info ...) | attempted-user | 2018-8545 | URL | ||
| 48388 | BROWSER-IE Microsoft Edge information disclosure attempt (more info ...) | attempted-user | 2018-8545 | URL | ||
| 48393 | OS-WINDOWS Microsoft Windows Win32k information disclosure attempt (more info ...) | attempted-recon | 2018-8565 | URL | ||
| 48394 | OS-WINDOWS Microsoft Windows Win32k information disclosure attempt (more info ...) | attempted-recon | 2018-8565 | URL | ||
| 48398 | OS-WINDOWS Microsoft Windows potential Device Guard evasion via Jscript9 scripting engine attempt (more info ...) | attempted-user | 2018-8417 | URL | ||
| 48399 | OS-WINDOWS Microsoft Windows potential Device Guard evasion via Jscript9 scripting engine attempt (more info ...) | attempted-user | 2018-8417 | URL | ||
| 48409 | OS-WINDOWS Microsoft Windows kernel ioctlsocket information disclosure attempt (more info ...) | attempted-admin | 2018-8408 | URL | ||
| 48410 | OS-WINDOWS Microsoft Windows kernel ioctlsocket information disclosure attempt (more info ...) | attempted-admin | 2018-8408 | URL | ||
| 48441 | BROWSER-PLUGINS Fourier Systems DaqLab ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48442 | BROWSER-PLUGINS Fourier Systems DaqLab ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48509 | BROWSER-IE Microsoft Edge Browser Chakra script type confusion exploit attempt (more info ...) | attempted-user | 2018-8618 | URL | ||
| 48510 | BROWSER-IE Microsoft Edge Browser Chakra script type confusion exploit attempt (more info ...) | attempted-user | 2018-8618 | URL | ||
| 48513 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-user | 2018-8629 | URL | ||
| 48514 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-user | 2018-8629 | URL | ||
| 48515 | BROWSER-IE Microsoft Edge Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8583 | URL | ||
| 48516 | BROWSER-IE Microsoft Edge Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8583 | URL | ||
| 48519 | BROWSER-IE Microsoft Edge buffer overflow attempt (more info ...) | attempted-user | 2018-8634 | URL | ||
| 48520 | BROWSER-IE Microsoft Edge buffer overflow attempt (more info ...) | attempted-user | 2018-8634 | URL | ||
| 48535 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48536 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48537 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48538 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48539 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48540 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48541 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48542 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48543 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48544 | BROWSER-PLUGINS Advantech WebAccess 7.0 ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 48606 | OS-WINDOWS Microsoft Windows win32k NtGdiCreateDIBitmapInternal memory corruption attempt (more info ...) | attempted-user | 2018-8639 | URL | ||
| 48607 | OS-WINDOWS Microsoft Windows win32k NtGdiCreateDIBitmapInternal memory corruption attempt (more info ...) | attempted-user | 2018-8639 | URL | ||
| 48612 | FILE-EXECUTABLE Microsoft Windows kernel use-after-free attempt (more info ...) | attempted-user | 2018-8611 | URL | ||
| 48613 | FILE-EXECUTABLE Microsoft Windows kernel use-after-free attempt (more info ...) | attempted-user | 2018-8611 | URL | ||
| 48733 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | ||||
| 48734 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | ||||
| 48768 | FILE-EXECUTABLE Microsoft Windows data sharing service privilege escalation attempt (more info ...) | attempted-admin | 2019-0574 | URL | ||
| 48769 | FILE-EXECUTABLE Microsoft Windows data sharing service privilege escalation attempt (more info ...) | attempted-admin | 2019-0574 | URL | ||
| 48770 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0565 | URL | ||
| 48771 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0565 | URL | ||
| 48772 | BROWSER-IE Microsoft Edge Chakra scripting engine type confusion attempt (more info ...) | attempted-user | 2019-0539 | URL | ||
| 48773 | BROWSER-IE Microsoft Edge Chakra scripting engine type confusion attempt (more info ...) | attempted-user | 2019-0539 | URL | ||
| 48776 | OS-WINDOWS Microsoft Windows Data Sharing Service privilege escalation attempt (more info ...) | attempted-admin | 2019-0572 | URL | ||
| 48777 | OS-WINDOWS Microsoft Windows Data Sharing Service privilege escalation attempt (more info ...) | attempted-admin | 2019-0572 | URL | ||
| 48778 | BROWSER-IE Microsoft Edge prototype JsBuiltInEngineInterfaceExtensionObject use-after-free attempt (more info ...) | attempted-user | 2019-0568 | URL | ||
| 48779 | BROWSER-IE Microsoft Edge prototype JsBuiltInEngineInterfaceExtensionObject use-after-free attempt (more info ...) | attempted-user | 2019-0568 | URL | ||
| 48780 | BROWSER-IE Microsoft Edge object manipulation use-after-free attempt (more info ...) | attempted-user | 2019-0567 | URL | ||
| 48781 | BROWSER-IE Microsoft Edge object manipulation use-after-free attempt (more info ...) | attempted-user | 2019-0567 | URL | ||
| 48787 | OS-WINDOWS Microsoft Windows COM Desktop Broker sandbox escape attempt (more info ...) | attempted-user | 2019-0552 | URL | ||
| 48788 | OS-WINDOWS Microsoft Windows COM Desktop Broker sandbox escape attempt (more info ...) | attempted-user | 2019-0552 | URL | ||
| 48789 | OS-WINDOWS Microsoft Windows kernel out of bounds read attempt (more info ...) | attempted-admin | 2019-0569 | URL | ||
| 48790 | OS-WINDOWS Microsoft Windows kernel out of bounds read attempt (more info ...) | attempted-admin | 2019-0569 | URL | ||
| 48793 | OS-WINDOWS Microsoft Windows Data Sharing Service privilege escalation attempt (more info ...) | attempted-user | 2019-0573 | URL | ||
| 48794 | OS-WINDOWS Microsoft Windows Data Sharing Service privilege escalation attempt (more info ...) | attempted-user | 2019-0573 | URL | ||
| 48795 | OS-WINDOWS Microsoft XmlDocument privilege escalation attempt (more info ...) | attempted-user | 2019-0555 | URL | ||
| 48796 | OS-WINDOWS Microsoft XmlDocument privilege escalation attempt (more info ...) | attempted-user | 2019-0555 | URL | ||
| 48797 | OS-WINDOWS Microsoft XmlDocument privilege escalation attempt (more info ...) | attempted-user | 2019-0555 | URL | ||
| 48798 | OS-WINDOWS Microsoft XmlDocument privilege escalation attempt (more info ...) | attempted-user | 2019-0555 | URL | ||
| 48799 | OS-WINDOWS Microsoft Windows arbitrary file read attempt (more info ...) | attempted-admin | 2019-0636 | URL | ||
| 48800 | OS-WINDOWS Microsoft Windows arbitrary file read attempt (more info ...) | attempted-admin | 2019-0636 | URL | ||
| 48807 | OS-WINDOWS Microsoft Windows 10 AcquireCredentialsHandle privilege escalation attempt (more info ...) | attempted-admin | 2019-0543 | URL | ||
| 48808 | OS-WINDOWS Microsoft Windows 10 AcquireCredentialsHandle privilege escalation attempt (more info ...) | attempted-admin | 2019-0543 | URL | ||
| 48809 | OS-WINDOWS Microsoft Edge session boundary violation attempt (more info ...) | attempted-user | 2019-0566 | URL | ||
| 48810 | OS-WINDOWS Microsoft Edge session boundary violation attempt (more info ...) | attempted-user | 2019-0566 | URL | ||
| 48963 | OS-WINDOWS Microsoft Windows Task Scheduler privileged file overwrite attempt (more info ...) | attempted-user | ||||
| 48964 | OS-WINDOWS Microsoft Windows Task Scheduler privileged file overwrite attempt (more info ...) | attempted-user | ||||
| 49038 | FILE-OTHER Microsoft Windows Contact file email address remote code execution attempt (more info ...) | attempted-user | URL | |||
| 49039 | FILE-OTHER Microsoft Windows Contact file email address remote code execution attempt (more info ...) | attempted-user | URL | |||
| 49041 | OS-WINDOWS Microsoft Windows Terminal server RDP over non-standard port attempt (more info ...) | attempted-user | URL | |||
| 49073 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49074 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49075 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49076 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49077 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49078 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49079 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49080 | FILE-OTHER Microsoft Windows device metadata file directory traversal attempt (more info ...) | attempted-user | ||||
| 49118 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 49119 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 49128 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-0590 | URL | ||
| 49129 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-0590 | URL | ||
| 49130 | BROWSER-IE Microsoft Edge type confusion exploit attempt (more info ...) | attempted-user | 2019-0593 | URL | ||
| 49131 | BROWSER-IE Microsoft Edge type confusion exploit attempt (more info ...) | attempted-user | 2019-0593 | URL | ||
| 49134 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-0591 | URL | ||
| 49135 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-0591 | URL | ||
| 49136 | BROWSER-IE Microsoft Edge scripting engine remote code execution attempt (more info ...) | attempted-user | 2019-0652 | URL | ||
| 49137 | BROWSER-IE Microsoft Edge scripting engine remote code execution attempt (more info ...) | attempted-user | 2019-0652 | URL | ||
| 49138 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2019-0651 | URL | ||
| 49139 | BROWSER-IE Microsoft Edge scripting engine type confusion attempt (more info ...) | attempted-user | 2019-0651 | URL | ||
| 49140 | BROWSER-IE Microsoft Edge ArrayBuffer out of bounds write attempt (more info ...) | attempted-user | 2019-0610 | URL | ||
| 49141 | BROWSER-IE Microsoft Edge ArrayBuffer out of bounds write attempt (more info ...) | attempted-user | 2019-0610 | URL | ||
| 49142 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0645 | URL | ||
| 49143 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0645 | URL | ||
| 49144 | BROWSER-IE Microsoft Edge type confusion exploit attempt (more info ...) | attempted-user | 2019-0606 | URL | ||
| 49145 | BROWSER-IE Microsoft Edge type confusion exploit attempt (more info ...) | attempted-user | 2019-0606 | URL | ||
| 49146 | OS-WINDOWS Microsoft Windows SMB named pipe buffer overflow attempt (more info ...) | attempted-admin | 2019-0630 | URL | ||
| 49147 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-0650 | URL | ||
| 49148 | BROWSER-IE Microsoft Edge type confusion attempt (more info ...) | attempted-user | 2019-0650 | URL | ||
| 49149 | BROWSER-IE Microsoft Edge WebAssembly type confusion exploit attempt (more info ...) | attempted-user | 2019-0607 | URL | ||
| 49150 | BROWSER-IE Microsoft Edge WebAssembly type confusion exploit attempt (more info ...) | attempted-user | 2019-0607 | URL | ||
| 49151 | BROWSER-IE Microsoft Edge Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2019-0644 | URL | ||
| 49152 | BROWSER-IE Microsoft Edge Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2019-0644 | URL | ||
| 49153 | BROWSER-IE Microsoft Edge Promise object context switch use-after-free attempt (more info ...) | attempted-user | 2019-0640 | URL | ||
| 49154 | BROWSER-IE Microsoft Edge Promise object context switch use-after-free attempt (more info ...) | attempted-user | 2019-0640 | URL | ||
| 49157 | BROWSER-IE Microsoft Edge out of bounds read attempt (more info ...) | attempted-user | 2019-0648 | URL | ||
| 49158 | BROWSER-IE Microsoft Edge out of bounds read attempt (more info ...) | attempted-user | 2019-0648 | URL | ||
| 49159 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0656 | URL | ||
| 49160 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0656 | URL | ||
| 49161 | OS-WINDOWS Microsoft Windows NtTraceControl information disclosure attempt (more info ...) | attempted-admin | 2019-0661 | URL | ||
| 49162 | OS-WINDOWS Microsoft Windows NtTraceControl information disclosure attempt (more info ...) | attempted-admin | 2019-0661 | URL | ||
| 49165 | BROWSER-IE Microsoft Edge buffer manipulation out-of-bounds read attempt (more info ...) | attempted-user | 2019-0658 | URL | ||
| 49166 | BROWSER-IE Microsoft Edge buffer manipulation out-of-bounds read attempt (more info ...) | attempted-user | 2019-0658 | URL | ||
| 49167 | BROWSER-IE Microsoft Edge variable length manipulation type confusion attempt (more info ...) | attempted-user | 2019-0655 | URL | ||
| 49168 | BROWSER-IE Microsoft Edge variable length manipulation type confusion attempt (more info ...) | attempted-user | 2019-0655 | URL | ||
| 49169 | BROWSER-IE Microsoft Edge isSealed object buffer overrun attempt (more info ...) | attempted-user | 2019-0642 | URL | ||
| 49170 | BROWSER-IE Microsoft Edge isSealed object buffer overrun attempt (more info ...) | attempted-user | 2019-0642 | URL | ||
| 49172 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2019-0767 | URL | ||
| 49173 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2019-0767 | URL | ||
| 49174 | OS-WINDOWS Microsoft Windows SMB remote code execution attempt (more info ...) | attempted-user | 2019-0633 | URL | ||
| 49175 | OS-WINDOWS Microsoft Windows SMB remote code execution attempt (more info ...) | attempted-user | 2019-0633 | URL | ||
| 49176 | OS-WINDOWS Microsoft Windows SMB remote code execution attempt (more info ...) | attempted-user | 2019-0633 | URL | ||
| 49177 | OS-WINDOWS Microsoft Windows SMB remote code execution attempt (more info ...) | attempted-user | 2019-0633 | URL | ||
| 49180 | OS-WINDOWS Microsoft Windows Win32k SendMessageTimeout kernel information leak attempt (more info ...) | attempted-admin | 2019-0628 | URL | ||
| 49181 | OS-WINDOWS Microsoft Windows Win32k SendMessageTimeout kernel information leak attempt (more info ...) | attempted-admin | 2019-0628 | URL | ||
| 49199 | FILE-OTHER Microsoft Windows Contact file arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 49200 | FILE-OTHER Microsoft Windows VCF arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 49293 | NETBIOS Cisco WebEx WebExService.exe remote code execution attempt (more info ...) | attempted-admin | 2019-1674 | URL | ||
| 49333 | OS-WINDOWS Microsoft Windows DHCP Server remote code execution attempt (more info ...) | attempted-user | 2019-0626 | URL | ||
| 49364 | BROWSER-IE Microsoft Edge reference count memory corruption attempt (more info ...) | attempted-user | 2019-0665 | URL | ||
| 49365 | BROWSER-IE Microsoft Edge reference count memory corruption attempt (more info ...) | attempted-user | 2019-0665 | URL | ||
| 49368 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0592 | URL | ||
| 49369 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0592 | URL | ||
| 49371 | BROWSER-IE Microsoft Edge security feature bypass attempt (more info ...) | attempted-user | 2019-0612 | URL | ||
| 49372 | BROWSER-IE Microsoft Edge security feature bypass attempt (more info ...) | attempted-user | 2019-0612 | URL | ||
| 49380 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-1092 | URL | ||
| 49381 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-1092 | URL | ||
| 49382 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0639 | URL | ||
| 49383 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0639 | URL | ||
| 49386 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0667 | URL | ||
| 49387 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0667 | URL | ||
| 49388 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2021-31959 | URL | ||
| 49389 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2021-31959 | URL | ||
| 49390 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2019-0775 | URL | ||
| 49391 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2019-0775 | URL | ||
| 49392 | OS-WINDOWS Microsoft Windows mailslot kernel information leak attempt (more info ...) | attempted-admin | 2019-0755 | URL | ||
| 49393 | OS-WINDOWS Microsoft Windows mailslot kernel information leak attempt (more info ...) | attempted-admin | 2019-0755 | URL | ||
| 49394 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0609 | URL | ||
| 49395 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0609 | URL | ||
| 49400 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-0797 | URL | ||
| 49401 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-0797 | URL | ||
| 49402 | OS-WINDOWS Microsoft Windows NT kernel null pointer dereference attempt (more info ...) | attempted-admin | 2019-0808 | URL | ||
| 49403 | OS-WINDOWS Microsoft Windows NT kernel null pointer dereference attempt (more info ...) | attempted-admin | 2019-0808 | URL | ||
| 49482 | FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (more info ...) | attempted-admin | 2012-4786 | URL | ||
| 49483 | FILE-OTHER Microsoft Windows TTF parsing counter overflow attempt (more info ...) | attempted-admin | 2012-4786 | URL | ||
| 49626 | BROWSER-IE Microsoft Edge resource entry same-origin-policy bypass attempt (more info ...) | attempted-user | ||||
| 49627 | BROWSER-IE Microsoft Edge resource entry same-origin-policy bypass attempt (more info ...) | attempted-user | ||||
| 49636 | BROWSER-PLUGINS Foscam IPCWebComponents ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49637 | BROWSER-PLUGINS Foscam IPCWebComponents ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49638 | BROWSER-PLUGINS Foscam IPCWebComponents ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49639 | BROWSER-PLUGINS Foscam IPCWebComponents ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49683 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access attempt (more info ...) | attempted-user | 2014-8511 | |||
| 49688 | FILE-EXECUTABLE Microsoft Windows kernel user after free attempt (more info ...) | attempted-admin | 2019-0685 | URL | ||
| 49689 | FILE-EXECUTABLE Microsoft Windows kernel user after free attempt (more info ...) | attempted-admin | 2019-0685 | URL | ||
| 49692 | OS-WINDOWS Microsoft Windows LUAFV driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0730 | URL | ||
| 49693 | OS-WINDOWS Microsoft Windows LUAFV driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0730 | URL | ||
| 49696 | OS-WINDOWS Microsoft Windows LUAFV privilege escalation attempt (more info ...) | attempted-admin | 2019-0731 | URL | ||
| 49697 | OS-WINDOWS Microsoft Windows LUAFV privilege escalation attempt (more info ...) | attempted-admin | 2019-0731 | URL | ||
| 49698 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0812 | URL | ||
| 49699 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0812 | URL | ||
| 49702 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0752 | URL | ||
| 49703 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0752 | URL | ||
| 49704 | OS-WINDOWS Microsoft Windows NtSetCachedSigningLevel Device Guard bypass attempt (more info ...) | policy-violation | 2019-0732 | URL | ||
| 49705 | OS-WINDOWS Microsoft Windows NtSetCachedSigningLevel Device Guard bypass attempt (more info ...) | policy-violation | 2019-0732 | URL | ||
| 49706 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0860 | URL | ||
| 49707 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0860 | URL | ||
| 49708 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0753 | URL | ||
| 49709 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0753 | URL | ||
| 49710 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0810 | URL | ||
| 49711 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0810 | URL | ||
| 49712 | OS-WINDOWS Microsoft Windows GDI component use after free attempt (more info ...) | attempted-admin | 2019-0803 | URL | ||
| 49713 | OS-WINDOWS Microsoft Windows GDI component use after free attempt (more info ...) | attempted-admin | 2019-0803 | URL | ||
| 49716 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0806 | URL | ||
| 49717 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0806 | URL | ||
| 49718 | OS-WINDOWS Microsoft windows LUAFV privilege escalation attempt (more info ...) | attempted-admin | 2019-0796 | URL | ||
| 49719 | OS-WINDOWS Microsoft windows LUAFV privilege escalation attempt (more info ...) | attempted-admin | 2019-0796 | URL | ||
| 49720 | OS-WINDOWS Microsoft Windows LuafvPostReadWrite privilege escalation attempt (more info ...) | attempted-admin | 2019-0836 | URL | ||
| 49721 | OS-WINDOWS Microsoft Windows LuafvPostReadWrite privilege escalation attempt (more info ...) | attempted-admin | 2019-0836 | URL | ||
| 49722 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0829 | URL | ||
| 49723 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0829 | URL | ||
| 49725 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 49726 | BROWSER-IE Microsoft Edge edgehtml.dll uninitialized pointer vulnerability attempt (more info ...) | attempted-user | 2016-3222 | URL | ||
| 49746 | OS-WINDOWS Microsoft Windows win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-0859 | URL | ||
| 49747 | OS-WINDOWS Microsoft Windows win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-0859 | URL | ||
| 49748 | OS-WINDOWS Microsoft Windows LUAFV privilege escalation attempt (more info ...) | attempted-admin | 2019-0805 | URL | ||
| 49749 | OS-WINDOWS Microsoft Windows LUAFV privilege escalation attempt (more info ...) | attempted-admin | 2019-0805 | URL | ||
| 49750 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-recon | 2019-0840 | URL | ||
| 49751 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-recon | 2019-0840 | URL | ||
| 49754 | OS-WINDOWS Microsoft Windows Kernel information disclosure attempt (more info ...) | attempted-admin | 2019-0844 | URL | ||
| 49755 | OS-WINDOWS Microsoft Windows Kernel information disclosure attempt (more info ...) | attempted-admin | 2019-0844 | URL | ||
| 49762 | OS-WINDOWS Microsoft Windows AppXSVC privilege escalation attempt (more info ...) | attempted-admin | 2019-0841 | URL | ||
| 49763 | OS-WINDOWS Microsoft Windows AppXSVC privilege escalation attempt (more info ...) | attempted-admin | 2019-0841 | URL | ||
| 49764 | OS-WINDOWS Microsoft Windows AppXSVC privilege escalation attempt (more info ...) | attempted-admin | 2019-0841 | URL | ||
| 49765 | OS-WINDOWS Microsoft Windows AppXSVC privilege escalation attempt (more info ...) | attempted-admin | 2019-0841 | URL | ||
| 49861 | SERVER-WEBAPP Microsoft SharePoint EntityInstanceIdEncoder remote code execution attempt (more info ...) | attempted-user | 2019-0604 | URL | ||
| 49964 | OS-WINDOWS Microsoft Windows DHCP client domain search integer underflow attempt (more info ...) | attempted-user | 2019-0726 | URL | ||
| 50068 | OS-WINDOWS Microsoft Windows arbitrary registry access privilege escalation attempt (more info ...) | attempted-admin | 2019-0931 | URL | ||
| 50069 | OS-WINDOWS Microsoft Windows arbitrary registry access privilege escalation attempt (more info ...) | attempted-admin | 2019-0931 | URL | ||
| 50070 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0911 | URL | ||
| 50071 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0911 | URL | ||
| 50072 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0918 | URL | ||
| 50073 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0918 | URL | ||
| 50074 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0884 | URL | ||
| 50075 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0884 | URL | ||
| 50076 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0926 | URL | ||
| 50077 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0926 | URL | ||
| 50078 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0940 | URL | ||
| 50079 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0940 | URL | ||
| 50080 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0938 | URL | ||
| 50081 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0938 | URL | ||
| 50088 | FILE-IMAGE Microsoft Windows OLE Load Picture remote code execution attempt (more info ...) | attempted-user | 2019-0885 | URL | ||
| 50089 | FILE-IMAGE Microsoft Windows OLE Load Picture remote code execution attempt (more info ...) | attempted-user | 2019-0885 | URL | ||
| 50090 | OS-WINDOWS Microsoft Windows NDIS elevation of privilege attempt (more info ...) | attempted-admin | 2019-0707 | URL | ||
| 50091 | OS-WINDOWS Microsoft Windows NDIS elevation of privilege attempt (more info ...) | attempted-admin | 2019-0707 | URL | ||
| 50115 | OS-WINDOWS Microsoft Windows Error Reporting elevation of privilege attempt (more info ...) | attempted-admin | 2019-0863 | URL | ||
| 50116 | OS-WINDOWS Microsoft Windows Error Reporting elevation of privilege attempt (more info ...) | attempted-admin | 2019-0863 | URL | ||
| 50121 | OS-WINDOWS Microsoft Windows TrueType font parsing integer underflow attempt (more info ...) | attempted-admin | 2019-0903 | URL | ||
| 50122 | OS-WINDOWS Microsoft Windows TrueType font parsing integer underflow attempt (more info ...) | attempted-admin | 2019-0903 | URL | ||
| 50137 | OS-WINDOWS Microsoft Windows RDP MS_T120 channel bind attempt (more info ...) | attempted-admin | 2019-0708 | URL | ||
| 50162 | OS-WINDOWS Microsoft Windows Task Scheduler _SchRpcRegisterTask privilege escalation attempt (more info ...) | attempted-admin | 2019-1069 | URL | ||
| 50163 | OS-WINDOWS Microsoft Windows Task Scheduler _SchRpcRegisterTask privilege escalation attempt (more info ...) | attempted-admin | 2019-1069 | URL | ||
| 50174 | OS-WINDOWS Microsoft Windows GDI component use after free attempt (more info ...) | attempted-admin | 2019-0803 | URL | ||
| 50175 | OS-WINDOWS Microsoft Windows GDI component use after free attempt (more info ...) | attempted-admin | 2019-0803 | URL | ||
| 50275 | SERVER-WEBAPP Microsoft SharePoint EntityInstanceIdEncoder remote code execution attempt (more info ...) | attempted-user | 2019-0604 | URL | ||
| 50357 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0990 | URL | ||
| 50358 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0990 | URL | ||
| 50361 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1024 | URL | ||
| 50362 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1024 | URL | ||
| 50363 | OS-WINDOWS Microsoft Windows win32k NtGdiExtFloodFill memory corruption attempt (more info ...) | attempted-admin | 2019-1017 | URL | ||
| 50364 | OS-WINDOWS Microsoft Windows win32k NtGdiExtFloodFill memory corruption attempt (more info ...) | attempted-admin | 2019-1017 | URL | ||
| 50365 | OS-WINDOWS Microsoft Windows DComposition privilege escalation attempt (more info ...) | attempted-admin | 2019-1041 | URL | ||
| 50366 | OS-WINDOWS Microsoft Windows DComposition privilege escalation attempt (more info ...) | attempted-admin | 2019-1041 | URL | ||
| 50369 | OS-WINDOWS Microsoft Windows user profile service elevation of privilege attempt (more info ...) | attempted-user | 2019-0986 | URL | ||
| 50370 | OS-WINDOWS Microsoft Windows user profile service elevation of privilege attempt (more info ...) | attempted-user | 2019-0986 | URL | ||
| 50371 | OS-WINDOWS Microsoft Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0959 | URL | ||
| 50372 | OS-WINDOWS Microsoft Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0959 | URL | ||
| 50373 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0920 | URL | ||
| 50374 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0920 | URL | ||
| 50393 | FILE-PDF Microsoft Speech API remote code execution attempt (more info ...) | attempted-user | 2019-0985 | URL | ||
| 50394 | FILE-PDF Microsoft Speech API remote code execution attempt (more info ...) | attempted-user | 2019-0985 | URL | ||
| 50395 | BROWSER-IE Microsoft Edge Chakra memory corruption attempt (more info ...) | attempted-user | 2019-1003 | URL | ||
| 50396 | BROWSER-IE Microsoft Edge Chakra memory corruption attempt (more info ...) | attempted-user | 2019-1003 | URL | ||
| 50397 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-1005 | URL | ||
| 50398 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-1005 | URL | ||
| 50399 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-1002 | URL | ||
| 50400 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-1002 | URL | ||
| 50401 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-0993 | URL | ||
| 50402 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-0993 | URL | ||
| 50403 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-0991 | URL | ||
| 50404 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-0991 | URL | ||
| 50405 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0988 | URL | ||
| 50406 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-0988 | URL | ||
| 50407 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-0989 | URL | ||
| 50408 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-0989 | URL | ||
| 50413 | OS-WINDOWS Microsoft Windows ALPC privilege escalation attempt (more info ...) | attempted-admin | 2019-0943 | URL | ||
| 50414 | OS-WINDOWS Microsoft Windows ALPC privilege escalation attempt (more info ...) | attempted-admin | 2019-0943 | URL | ||
| 50450 | OS-WINDOWS Microsoft Windows SymCrypt modular inverse algorithm denial of service attempt (more info ...) | denial-of-service | URL | |||
| 50625 | OS-WINDOWS Microsoft Windows SMB Transaction heap groom attempt (more info ...) | attempted-admin | ||||
| 50626 | OS-WINDOWS Microsoft Windows raw WriteAndX InData pointer adjustment attempt (more info ...) | attempted-admin | ||||
| 50627 | OS-WINDOWS Microsoft SMB Trans secondary out of bounds write attempt (more info ...) | attempted-admin | ||||
| 50662 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1001 | URL | ||
| 50663 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1001 | URL | ||
| 50664 | OS-WINDOWS Microsoft Windows COM object privilege escalation attempt (more info ...) | attempted-admin | 2019-1074 | URL | ||
| 50665 | OS-WINDOWS Microsoft Windows COM object privilege escalation attempt (more info ...) | attempted-admin | 2019-1074 | URL | ||
| 50666 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1004 | URL | ||
| 50667 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1004 | URL | ||
| 50668 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-1104 | URL | ||
| 50669 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2019-1104 | URL | ||
| 50670 | OS-WINDOWS Microsoft Windows Win32k null pointer dereference attempt (more info ...) | attempted-admin | 2019-1132 | URL | ||
| 50671 | OS-WINDOWS Microsoft Windows Win32k null pointer dereference attempt (more info ...) | attempted-admin | 2019-1132 | URL | ||
| 50672 | OS-WINDOWS Microsoft Windows splwow64 privilege escalation attempt (more info ...) | attempted-admin | 2019-0880 | URL | ||
| 50673 | OS-WINDOWS Microsoft Windows splwow64 privilege escalation attempt (more info ...) | attempted-admin | 2019-0880 | URL | ||
| 50674 | OS-WINDOWS Microsoft Windows RPCSS privilege escalation attempt (more info ...) | attempted-user | 2019-1089 | URL | ||
| 50675 | OS-WINDOWS Microsoft Windows RPCSS privilege escalation attempt (more info ...) | attempted-user | 2019-1089 | URL | ||
| 50678 | OS-WINDOWS Microsoft Windows win32k use after free attempt (more info ...) | attempted-admin | 2019-1071 | URL | ||
| 50679 | OS-WINDOWS Microsoft Windows win32k use after free attempt (more info ...) | attempted-user | 2019-1071 | URL | ||
| 50777 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1014 | URL | ||
| 50778 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1014 | URL | ||
| 50936 | OS-WINDOWS Microsoft Windows shell privilege escalation attempt (more info ...) | attempted-admin | 2019-1170 | URL | ||
| 50937 | OS-WINDOWS Microsoft Windows shell privilege escalation attempt (more info ...) | attempted-admin | 2019-1170 | URL | ||
| 50938 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-1140 | URL | ||
| 50939 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-1140 | URL | ||
| 50940 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-1196 | URL | ||
| 50941 | BROWSER-IE Microsoft Edge scripting engine memory corruption vulnerability attempt (more info ...) | attempted-user | 2019-1196 | URL | ||
| 50942 | OS-WINDOWS Microsoft Windows graphics component privilege escalation attempt (more info ...) | attempted-admin | 2019-1164 | URL | ||
| 50943 | OS-WINDOWS Microsoft Windows graphics component privilege escalation attempt (more info ...) | attempted-admin | 2019-1164 | URL | ||
| 50963 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1159 | URL | ||
| 50964 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1159 | URL | ||
| 50966 | OS-WINDOWS Microsoft Windows CoreShellCOMServerRegistrar privilege escalation attempt (more info ...) | attempted-user | 2019-1184 | URL | ||
| 50967 | OS-WINDOWS Microsoft Windows CoreShellCOMServerRegistrar privilege escalation attempt (more info ...) | attempted-user | 2019-1184 | URL | ||
| 50969 | OS-WINDOWS Microsoft win32k driver buffer over read attempt (more info ...) | attempted-user | 2019-1078 | URL | ||
| 50970 | OS-WINDOWS Microsoft win32k driver buffer over read attempt (more info ...) | attempted-user | 2019-1078 | URL | ||
| 50971 | OS-WINDOWS Microsoft win32k driver buffer over read attempt (more info ...) | attempted-user | 2019-1078 | URL | ||
| 50972 | OS-WINDOWS Microsoft win32k driver buffer over read attempt (more info ...) | attempted-user | 2019-1078 | URL | ||
| 50973 | OS-WINDOWS Microsoft win32k driver buffer over read attempt (more info ...) | attempted-user | 2019-1078 | URL | ||
| 50974 | OS-WINDOWS Microsoft win32k driver buffer over read attempt (more info ...) | attempted-user | 2019-1078 | URL | ||
| 51015 | OS-WINDOWS Microsoft Windows PsmSrvDisconnect privilege escalation attempt (more info ...) | attempted-admin | 2019-1175 | URL | ||
| 51016 | OS-WINDOWS Microsoft Windows PsmSrvDisconnect privilege escalation attempt (more info ...) | attempted-admin | 2019-1175 | URL | ||
| 51369 | OS-WINDOWS Microsoft Windows RDP DecompressUnchopper integer overflow attempt (more info ...) | attempted-admin | 2019-1182 | URL | ||
| 51419 | BROWSER-IE Microsoft Edge Scripting Engine array memory corruption attempt (more info ...) | attempted-user | 2017-11811 | URL | ||
| 51421 | BROWSER-IE Microsoft Edge Scripting Engine array memory corruption attempt (more info ...) | attempted-user | 2017-11811 | URL | ||
| 51425 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0838 | |||
| 51426 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0838 | |||
| 51431 | BROWSER-IE Microsoft Edge Chakra setPrototypeOf use-after-free attempt (more info ...) | attempted-user | 2017-8751 | |||
| 51432 | BROWSER-IE Microsoft Edge Chakra setPrototypeOf use-after-free attempt (more info ...) | attempted-user | 2017-8751 | |||
| 51436 | OS-WINDOWS Microsoft Windows common log file system driver escalation of privilege attempt (more info ...) | attempted-admin | 2019-1214 | URL | ||
| 51437 | OS-WINDOWS Microsoft Windows common log file system driver escalation of privilege attempt (more info ...) | attempted-admin | 2019-1214 | URL | ||
| 51438 | SERVER-WEBAPP Microsoft SharePoint BdcAdminService remote code execution attempt (more info ...) | attempted-user | 2019-1295 | URL | ||
| 51445 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2019-1215 | URL | ||
| 51446 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2019-1215 | URL | ||
| 51449 | OS-WINDOWS Microsoft Windows DirectX kernel memory information leak attempt (more info ...) | attempted-admin | 2019-1216 | URL | ||
| 51450 | OS-WINDOWS Microsoft Windows DirectX kernel memory information leak attempt (more info ...) | attempted-admin | 2019-1216 | URL | ||
| 51451 | OS-WINDOWS Microsoft Windows Common Log File information disclosure attempt (more info ...) | attempted-recon | 2019-1219 | URL | ||
| 51452 | OS-WINDOWS Microsoft Windows Common Log File information disclosure attempt (more info ...) | attempted-recon | 2019-1219 | URL | ||
| 51454 | OS-WINDOWS Microsoft Windows win32k kernel information leak attempt (more info ...) | attempted-admin | 2019-1285 | URL | ||
| 51455 | OS-WINDOWS Microsoft Windows win32k kernel information leak attempt (more info ...) | attempted-admin | 2019-1285 | URL | ||
| 51456 | OS-WINDOWS Microsoft Windows gdi32 graphics adapter handling null pointer dereference attempt (more info ...) | attempted-admin | 2019-1284 | URL | ||
| 51457 | OS-WINDOWS Microsoft Windows gdi32 graphics adapter handling null pointer dereference attempt (more info ...) | attempted-admin | 2019-1284 | URL | ||
| 51458 | BROWSER-IE Microsoft Edge print function information disclosure attempt (more info ...) | attempted-user | 2019-1030 | URL | ||
| 51459 | BROWSER-IE Microsoft Edge print function information disclosure attempt (more info ...) | attempted-user | 2019-1030 | URL | ||
| 51463 | OS-WINDOWS Microsoft Windows elevation of privilege attempt (more info ...) | attempted-admin | 2019-1256 | URL | ||
| 51464 | OS-WINDOWS Microsoft Windows elevation of privilege attempt (more info ...) | attempted-admin | 2019-1256 | URL | ||
| 51474 | FILE-OTHER Microsoft SharePoint deserialization attempt (more info ...) | attempted-admin | 2019-1257 | URL | ||
| 51475 | FILE-OTHER Microsoft SharePoint deserialization attempt (more info ...) | attempted-admin | 2019-1257 | URL | ||
| 51479 | FILE-OTHER Microsoft SharePoint remote code execution attempt (more info ...) | attempted-admin | 2019-1296 | URL | ||
| 51480 | FILE-OTHER Microsoft SharePoint remote code execution attempt (more info ...) | attempted-admin | 2019-1296 | URL | ||
| 51481 | OS-WINDOWS Microsoft Windows RDP client buffer overflow attempt (more info ...) | attempted-user | 2019-0787 | URL | ||
| 51482 | FILE-EXECUTABLE Windows Microsoft Remote Desktop Services remote code execution attempt (more info ...) | attempted-user | 2019-0788 | URL | ||
| 51483 | FILE-EXECUTABLE Windows Microsoft Remote Desktop Services remote code execution attempt (more info ...) | attempted-user | 2019-0788 | URL | ||
| 51649 | OS-WINDOWS Microsoft Windows Remote Desktop Services license negotiation denial of service attempt (more info ...) | attempted-dos | 2019-1453 | URL | ||
| 51733 | OS-WINDOWS Microsoft Windows Win32k font file privilege escalation attempt (more info ...) | attempted-admin | 2019-1364 | URL | ||
| 51734 | OS-WINDOWS Microsoft Windows Win32k font file privilege escalation attempt (more info ...) | attempted-admin | 2019-1364 | URL | ||
| 51735 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1335 | URL | ||
| 51736 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1335 | URL | ||
| 51739 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-1362 | URL | ||
| 51740 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-1362 | URL | ||
| 51777 | FILE-OTHER Microsoft Windows dismHost.exe dll-load exploit attempt (more info ...) | attempted-admin | 2019-1082 | URL | ||
| 51781 | OS-WINDOWS Microsoft Windows registry key deletion privilege escalation attempt (more info ...) | attempted-admin | 2019-1341 | URL | ||
| 51782 | OS-WINDOWS Microsoft Windows registry key deletion privilege escalation attempt (more info ...) | attempted-admin | 2019-1341 | URL | ||
| 51783 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1366 | URL | ||
| 51784 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1366 | URL | ||
| 51785 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1308 | URL | ||
| 51786 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1308 | URL | ||
| 51787 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1307 | URL | ||
| 51788 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1307 | URL | ||
| 51791 | BROWSER-IE Microsoft Edge VBScript engine memory corruption attempt (more info ...) | attempted-user | 2019-1238 | URL | ||
| 51792 | BROWSER-IE Microsoft Edge VBScript engine memory corruption attempt (more info ...) | attempted-user | 2019-1238 | URL | ||
| 51793 | BROWSER-IE Microsoft Edge MSXML memory corruption attempt (more info ...) | attempted-user | 2019-1060 | URL | ||
| 51794 | BROWSER-IE Microsoft Edge MSXML memory corruption attempt (more info ...) | attempted-user | 2019-1060 | URL | ||
| 51814 | BROWSER-IE Microsoft Edge defineGetter type confusion attempt (more info ...) | attempted-user | 2017-11914 | URL | ||
| 51815 | BROWSER-IE Microsoft Edge defineGetter type confusion attempt (more info ...) | attempted-user | 2017-11914 | URL | ||
| 51827 | OS-WINDOWS Microsoft Windows NT MiRelocateImage out of bounds read attempt (more info ...) | attempted-admin | 2019-1347 | URL | ||
| 51828 | OS-WINDOWS Microsoft Windows NT MiRelocateImage out of bounds read attempt (more info ...) | attempted-admin | 2019-1347 | URL | ||
| 51829 | OS-WINDOWS Microsoft Windows NT MiRelocateImage out of bounds read attempt (more info ...) | attempted-admin | 2019-1347 | URL | ||
| 51830 | OS-WINDOWS Microsoft Windows NT MiRelocateImage out of bounds read attempt (more info ...) | attempted-admin | 2019-1347 | URL | ||
| 51843 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51844 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51845 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51846 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51847 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51848 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51849 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51850 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51851 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51852 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51853 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51854 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51855 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51856 | OS-WINDOWS Microsoft Windows NT MiOffsetToProtos NULL pointer dereference attempt (more info ...) | attempted-admin | 2019-1343 | URL | ||
| 51872 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51873 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51874 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51875 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51876 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51877 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51878 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51879 | OS-WINDOWS Microsoft Windows DLL Load Configuration Directory out of bounds read attempt (more info ...) | attempted-admin | 2019-1345 | URL | ||
| 51882 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51883 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51884 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51885 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51886 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51887 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51888 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51889 | OS-WINDOWS Microsoft Windows NT CipFixImageType out of bounds read attempt (more info ...) | attempted-admin | 2019-1344 | URL | ||
| 51981 | SERVER-WEBAPP Microsoft Sharepoint DestinationFolder cross site scripting attempt (more info ...) | attempted-user | 2019-1262 | URL | ||
| 52084 | BROWSER-IE Microsoft Edge scripting engine Map prototype memory corruption attempt (more info ...) | attempted-user | 2018-8288 | URL | ||
| 52085 | BROWSER-IE Microsoft Edge scripting engine Map prototype memory corruption attempt (more info ...) | attempted-user | 2018-8288 | URL | ||
| 52205 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1393 | URL | ||
| 52206 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1393 | URL | ||
| 52207 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1393 | URL | ||
| 52208 | OS-WINDOWS Microsoft Windows win32k.sys memory corruption attempt (more info ...) | attempted-admin | 2019-1393 | URL | ||
| 52209 | OS-WINDOWS Microsoft Windows vMatchAPal privilege escalation attempt (more info ...) | attempted-admin | 2019-1394 | URL | ||
| 52210 | OS-WINDOWS Microsoft Windows vMatchAPal privilege escalation attempt (more info ...) | attempted-admin | 2019-1394 | URL | ||
| 52211 | OS-WINDOWS Microsoft Windows vMatchAPal privilege escalation attempt (more info ...) | attempted-admin | 2019-1394 | URL | ||
| 52212 | OS-WINDOWS Microsoft Windows vMatchAPal privilege escalation attempt (more info ...) | attempted-admin | 2019-1394 | URL | ||
| 52213 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2020-1207 | URL | ||
| 52214 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2020-1207 | URL | ||
| 52215 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-1396 | URL | ||
| 52216 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2019-1396 | URL | ||
| 52217 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2019-1395 | URL | ||
| 52218 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2019-1395 | URL | ||
| 52219 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2019-1395 | URL | ||
| 52220 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2019-1395 | URL | ||
| 52221 | OS-WINDOWS Microsoft Windows NtGdiPlgBlt out-of-bounds write attempt (more info ...) | attempted-admin | 2019-1438 | URL | ||
| 52222 | OS-WINDOWS Microsoft Windows NtGdiPlgBlt out-of-bounds write attempt (more info ...) | attempted-admin | 2019-1438 | URL | ||
| 52223 | OS-WINDOWS Microsoft Windows CRedirectVisualMarshaler privilege escalation attempt (more info ...) | attempted-admin | 2019-1437 | URL | ||
| 52224 | OS-WINDOWS Microsoft Windows CRedirectVisualMarshaler privilege escalation attempt (more info ...) | attempted-admin | 2019-1437 | URL | ||
| 52225 | OS-WINDOWS Microsoft Windows Win32k printer driver pallet privilege escalation attempt (more info ...) | attempted-admin | 2019-1408 | URL | ||
| 52226 | OS-WINDOWS Microsoft Windows Win32k printer driver pallet privilege escalation attempt (more info ...) | attempted-admin | 2019-1408 | URL | ||
| 52227 | OS-WINDOWS Microsoft Windows Win32k printer driver pallet privilege escalation attempt (more info ...) | attempted-admin | 2019-1408 | URL | ||
| 52228 | OS-WINDOWS Microsoft Windows Win32k printer driver pallet privilege escalation attempt (more info ...) | attempted-admin | 2019-1408 | URL | ||
| 52229 | OS-WINDOWS Microsoft Windows GDI glyph bitmap elevation of privilege attempt (more info ...) | attempted-admin | 2019-1435 | URL | ||
| 52230 | OS-WINDOWS Microsoft Windows GDI glyph bitmap elevation of privilege attempt (more info ...) | attempted-admin | 2019-1435 | URL | ||
| 52231 | OS-WINDOWS Microsoft Windows GDI glyph bitmap elevation of privilege attempt (more info ...) | attempted-admin | 2019-1435 | URL | ||
| 52232 | OS-WINDOWS Microsoft Windows GDI glyph bitmap elevation of privilege attempt (more info ...) | attempted-admin | 2019-1435 | URL | ||
| 52233 | OS-WINDOWS Microsoft Windows Win32k kernel information disclosure attempt (more info ...) | attempted-user | 2019-1436 | URL | ||
| 52234 | OS-WINDOWS Microsoft Windows Win32k kernel information disclosure attempt (more info ...) | attempted-user | 2019-1436 | URL | ||
| 52333 | OS-SOLARIS Solaris RPC XDR overflow code execution attempt (more info ...) | attempted-admin | 2017-3623 | URL | ||
| 52334 | OS-SOLARIS Solaris RPC XDR overflow code execution attempt (more info ...) | attempted-admin | 2017-3623 | URL | ||
| 52402 | BROWSER-IE Microsoft Edge VBScript SafeArray memory corruption attempt (more info ...) | attempted-user | 2019-1485 | URL | ||
| 52403 | BROWSER-IE Microsoft Edge VBScript SafeArray memory corruption attempt (more info ...) | attempted-user | 2019-1485 | URL | ||
| 52419 | OS-WINDOWS Microsoft Windows win32k information disclosure attempt (more info ...) | attempted-admin | 2019-1469 | URL | ||
| 52420 | OS-WINDOWS Microsoft Windows win32k information disclosure attempt (more info ...) | attempted-admin | 2019-1469 | URL | ||
| 52593 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52594 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52595 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52596 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52604 | OS-WINDOWS Microsoft Windows clfs.sys local privilege escalation attempt (more info ...) | attempted-admin | 2020-0634 | URL | ||
| 52605 | OS-WINDOWS Microsoft Windows clfs.sys local privilege escalation attempt (more info ...) | attempted-admin | 2020-0634 | URL | ||
| 52610 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11870 | URL | ||
| 52611 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11870 | URL | ||
| 52617 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52618 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52619 | OS-WINDOWS Microsoft Windows CryptoAPI TLS handshake with spoofed certificate attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52987 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0767 | URL | ||
| 52989 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0767 | URL | ||
| 53047 | OS-WINDOWS Microsoft Win32k SendMinRectMessages use after free attempt (more info ...) | attempted-admin | 2020-0726 | URL | ||
| 53048 | OS-WINDOWS Microsoft Win32k SendMinRectMessages use after free attempt (more info ...) | attempted-admin | 2020-0726 | URL | ||
| 53050 | OS-WINDOWS Microsoft Windows win32k.sys rectangle region use after free attempt (more info ...) | attempted-admin | 2020-0745 | URL | ||
| 53051 | OS-WINDOWS Microsoft Windows win32k.sys rectangle region use after free attempt (more info ...) | attempted-admin | 2020-0745 | URL | ||
| 53052 | OS-WINDOWS Microsoft Windows Win32k driver DestroyThreadsTimers use after free attempt (more info ...) | attempted-admin | 2020-0720 | URL | ||
| 53053 | OS-WINDOWS Microsoft Windows Win32k driver DestroyThreadsTimers use after free attempt (more info ...) | attempted-admin | 2020-0720 | URL | ||
| 53054 | OS-WINDOWS Microsoft Windows Graphics component privilege escalation attempt (more info ...) | attempted-admin | 2020-0715 | URL | ||
| 53056 | OS-WINDOWS Microsoft Windows Remote Desktop client DYNVC PDU handling integer overflow attempt (more info ...) | attempted-admin | 2020-0681 | URL | ||
| 53072 | OS-WINDOWS Microsoft Windows win32k use after free privilege escalation attempt (more info ...) | attempted-admin | 2020-0722 | URL | ||
| 53073 | OS-WINDOWS Microsoft Windows win32k use after free privilege escalation attempt (more info ...) | attempted-admin | 2020-0722 | URL | ||
| 53079 | OS-WINDOWS Microsoft Windows Win32k driver tagQ object use after free attempt (more info ...) | attempted-admin | 2020-0725 | URL | ||
| 53080 | OS-WINDOWS Microsoft Windows Win32k driver tagQ object use after free attempt (more info ...) | attempted-admin | 2020-0725 | URL | ||
| 53082 | OS-WINDOWS Microsoft Windows Remote Desktop client RDPGFX PDU handling integer overflow attempt (more info ...) | attempted-admin | 2020-0734 | URL | ||
| 53083 | OS-WINDOWS Microsoft Windows Remote Desktop client RDPGFX PDU handling integer overflow attempt (more info ...) | attempted-admin | 2020-0734 | URL | ||
| 53084 | OS-WINDOWS Microsoft Windows Win32k local privilege escalation attempt (more info ...) | attempted-admin | 2020-0723 | URL | ||
| 53085 | OS-WINDOWS Microsoft Windows Win32k local privilege escalation attempt (more info ...) | attempted-admin | 2020-0723 | URL | ||
| 53086 | OS-WINDOWS Microsoft Windows Common Log File System Driver memory corruption attempt (more info ...) | attempted-admin | 2020-0658 | URL | ||
| 53087 | OS-WINDOWS Microsoft Windows Common Log File System Driver memory corruption attempt (more info ...) | attempted-admin | 2020-0658 | URL | ||
| 53088 | OS-WINDOWS Microsoft Windows Common Log File System Driver memory corruption attempt (more info ...) | attempted-admin | 2020-0658 | URL | ||
| 53089 | OS-WINDOWS Microsoft Windows Common Log File System Driver memory corruption attempt (more info ...) | attempted-admin | 2020-0658 | URL | ||
| 53104 | OS-WINDOWS Microsoft Windows Remote Desktop client PDU parsing integer overflow attempt (more info ...) | attempted-admin | 2020-0817 | URL | ||
| 53402 | BROWSER-IE Microsoft Edge Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2020-0832 | URL | ||
| 53403 | BROWSER-IE Microsoft Edge Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2020-0832 | URL | ||
| 53406 | OS-WINDOWS Microsoft Windows DirectComposition elevation of privilege attempt (more info ...) | attempted-admin | 2020-0898 | URL | ||
| 53407 | OS-WINDOWS Microsoft Windows DirectComposition elevation of privilege attempt (more info ...) | attempted-admin | 2020-0898 | URL | ||
| 53414 | OS-WINDOWS Microsoft Windows DirectX kernel memory leak attempt (more info ...) | attempted-admin | 2020-0690 | URL | ||
| 53415 | OS-WINDOWS Microsoft Windows DirectX kernel memory leak attempt (more info ...) | attempted-admin | 2020-0690 | URL | ||
| 53416 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-0847 | URL | ||
| 53417 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-0847 | URL | ||
| 53419 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-0824 | URL | ||
| 53420 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-0824 | URL | ||
| 53421 | OS-WINDOWS Microsoft Windows win32k privilege escalation attempt (more info ...) | attempted-admin | 2020-0877 | URL | ||
| 53422 | OS-WINDOWS Microsoft Windows win32k privilege escalation attempt (more info ...) | attempted-admin | 2020-0877 | URL | ||
| 53423 | OS-WINDOWS Microsoft Windows win32k privilege escalation attempt (more info ...) | attempted-admin | 2020-0877 | URL | ||
| 53424 | OS-WINDOWS Microsoft Windows win32k privilege escalation attempt (more info ...) | attempted-admin | 2020-0877 | URL | ||
| 53425 | OS-WINDOWS Microsoft Windows SMB srv2.sys remote code execution attempt (more info ...) | attempted-admin | 2020-0796 | URL | ||
| 53426 | OS-WINDOWS Microsoft Windows SMB srv2.sys remote code execution attempt (more info ...) | attempted-admin | 2020-0796 | URL | ||
| 53427 | OS-WINDOWS Microsoft Windows SMB srv2.sys remote code execution attempt (more info ...) | attempted-admin | 2020-0796 | URL | ||
| 53428 | OS-WINDOWS Microsoft Windows SMB srv2.sys remote code execution attempt (more info ...) | attempted-admin | 2020-0796 | URL | ||
| 53447 | OS-WINDOWS Microsoft Windows SMB srv2.sys remote code execution attempt (more info ...) | attempted-admin | 2020-0796 | URL | ||
| 53448 | OS-WINDOWS Microsoft Windows SMB srv2.sys remote code execution attempt (more info ...) | attempted-admin | 2020-0796 | URL | ||
| 53469 | POLICY-OTHER FreeSWITCH mod_xml_rpc default credential login detected (more info ...) | policy-violation | 2018-19911 | URL | ||
| 53489 | FILE-OTHER Microsoft Windows fontdrvhost SetBlendDesignPositions out of bounds write attempt (more info ...) | attempted-user | 2020-0938 | URL | ||
| 53490 | FILE-OTHER Microsoft Windows fontdrvhost SetBlendDesignPositions out of bounds write attempt (more info ...) | attempted-user | 2020-0938 | URL | ||
| 53491 | FILE-OTHER Microsoft Windows Type 1 font stack overflow attempt (more info ...) | attempted-user | 2020-1020 | URL | ||
| 53492 | FILE-OTHER Microsoft Windows Type 1 font stack overflow attempt (more info ...) | attempted-user | 2020-1020 | URL | ||
| 53529 | MALWARE-OTHER Win.Malware.Winspy-7644935-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53530 | MALWARE-OTHER Win.Malware.Winspy-7644935-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53621 | OS-WINDOWS Microsoft Windows DirectX elevation of privilege attempt (more info ...) | attempted-admin | 2020-0784 | URL | ||
| 53622 | OS-WINDOWS Microsoft Windows DirectX elevation of privilege attempt (more info ...) | attempted-admin | 2020-0784 | URL | ||
| 53624 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-0968 | URL | ||
| 53627 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2020-0958 | URL | ||
| 53628 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2020-0958 | URL | ||
| 53629 | OS-WINDOWS Microsoft Windows Kernel CSRSS privilege escalation attempt (more info ...) | attempted-admin | 2020-1027 | URL | ||
| 53630 | OS-WINDOWS Microsoft Windows Kernel CSRSS privilege escalation attempt (more info ...) | attempted-admin | 2020-1027 | URL | ||
| 53652 | OS-WINDOWS Microsoft Windows CF_PALETTE privilege escalation attempt (more info ...) | attempted-admin | 2020-0956 | URL | ||
| 53653 | OS-WINDOWS Microsoft Windows CF_PALETTE privilege escalation attempt (more info ...) | attempted-admin | 2020-0956 | URL | ||
| 53654 | OS-WINDOWS Microsoft Windows 10 Win32k driver elevation of privileges attempt (more info ...) | attempted-admin | 2020-0957 | URL | ||
| 53655 | OS-WINDOWS Microsoft Windows 10 Win32k driver elevation of privileges attempt (more info ...) | attempted-admin | 2020-0957 | URL | ||
| 53866 | SERVER-WEBAPP Microsoft SharePoint TypeConverter remote code execution attempt (more info ...) | attempted-user | 2020-0932 | URL | ||
| 53924 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1058 | URL | ||
| 53925 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1058 | URL | ||
| 53926 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1060 | URL | ||
| 53927 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1060 | URL | ||
| 53950 | OS-WINDOWS Microsoft Windows fontdrvhost remote code execution attempt (more info ...) | attempted-admin | 2020-1153 | URL | ||
| 53951 | OS-WINDOWS Microsoft Windows fontdrvhost remote code execution attempt (more info ...) | attempted-admin | 2020-1153 | URL | ||
| 54191 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1215 | URL | ||
| 54192 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1215 | URL | ||
| 54193 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1214 | URL | ||
| 54194 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1214 | URL | ||
| 54215 | OS-WINDOWS Microsoft Windows win32k type confusion attempt (more info ...) | attempted-admin | 2020-1253 | URL | ||
| 54216 | OS-WINDOWS Microsoft Windows win32k type confusion attempt (more info ...) | attempted-admin | 2020-1253 | URL | ||
| 54217 | OS-WINDOWS Microsoft Windows SMB srv2.sys information disclosure attempt (more info ...) | attempted-recon | 2020-1206 | URL | ||
| 54236 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1219 | URL | ||
| 54237 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1219 | URL | ||
| 54238 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1230 | URL | ||
| 54239 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1230 | URL | ||
| 54240 | OS-WINDOWS Microsoft Windows SMBv1 remote code execution attempt (more info ...) | attempted-admin | 2020-1301 | URL | ||
| 54241 | OS-WINDOWS Microsoft Windows CreateDIBitmap privilege escalation attempt (more info ...) | attempted-admin | 2020-1247 | URL | ||
| 54242 | OS-WINDOWS Microsoft Windows CreateDIBitmap privilege escalation attempt (more info ...) | attempted-admin | 2020-1247 | URL | ||
| 54245 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1260 | URL | ||
| 54246 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1260 | URL | ||
| 54247 | OS-WINDOWS Microsoft Windows win32k.sys remote code execution attempt (more info ...) | attempted-admin | 2020-1251 | URL | ||
| 54248 | OS-WINDOWS Microsoft Windows win32k.sys remote code execution attempt (more info ...) | attempted-admin | 2020-1251 | URL | ||
| 54249 | OS-WINDOWS Microsoft Windows kernel security feature bypass attempt (more info ...) | attempted-admin | 2020-1241 | URL | ||
| 54250 | OS-WINDOWS Microsoft Windows kernel security feature bypass attempt (more info ...) | attempted-admin | 2020-1241 | URL | ||
| 54270 | OS-WINDOWS Microsoft Windows SMB chained compression out of bounds read attempt (more info ...) | denial-of-service | 2020-1284 | URL | ||
| 54271 | OS-WINDOWS Microsoft Windows SMB chained compression out of bounds read attempt (more info ...) | denial-of-service | 2020-1284 | URL | ||
| 54296 | OS-WINDOWS Microsoft Windows GDI+ printer out of bounds write attempt (more info ...) | attempted-user | 2020-0986 | URL | ||
| 54297 | OS-WINDOWS Microsoft Windows GDI+ printer out of bounds write attempt (more info ...) | attempted-user | 2020-0986 | URL | ||
| 54511 | SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt (more info ...) | attempted-user | 2020-1147 | URL | ||
| 54523 | OS-WINDOWS Microsoft Windows RDP Client remote code execution attempt (more info ...) | attempted-user | 2020-1374 | URL | ||
| 54528 | FILE-OTHER Microsoft Windows Address Book Contact file integer overflow attempt (more info ...) | attempted-user | 2020-1410 | URL | ||
| 54529 | FILE-OTHER Microsoft Windows Address Book Contact file integer overflow attempt (more info ...) | attempted-user | 2020-1410 | URL | ||
| 54530 | FILE-OTHER Microsoft Windows Address Book Contact file integer overflow attempt (more info ...) | attempted-user | 2020-1410 | URL | ||
| 54531 | FILE-OTHER Microsoft Windows Address Book Contact file integer overflow attempt (more info ...) | attempted-user | 2020-1410 | URL | ||
| 54532 | FILE-OTHER Microsoft Windows Address Book Contact file integer overflow attempt (more info ...) | attempted-user | 2020-1410 | URL | ||
| 54533 | FILE-OTHER Microsoft Windows Address Book Contact file integer overflow attempt (more info ...) | attempted-user | 2020-1410 | URL | ||
| 54534 | OS-WINDOWS Microsoft Windows null pointer dereference attempt (more info ...) | attempted-admin | 2020-1399 | URL | ||
| 54535 | OS-WINDOWS Microsoft Windows null pointer dereference attempt (more info ...) | attempted-admin | 2020-1399 | URL | ||
| 54629 | SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt (more info ...) | attempted-user | 2020-1147 | URL | ||
| 54684 | SERVER-WEBAPP Microsoft Windows .NET API XML unsafe deserialization attempt (more info ...) | attempted-user | 2020-1147 | URL | ||
| 54733 | OS-WINDOWS Microsoft Windows AFD kernel driver privilege escalation attempt (more info ...) | attempted-admin | 2020-1587 | URL | ||
| 54734 | OS-WINDOWS Microsoft Windows AFD kernel driver privilege escalation attempt (more info ...) | attempted-admin | 2020-1587 | URL | ||
| 54737 | OS-WINDOWS Microsoft Windows GDI privilege escalation attempt (more info ...) | attempted-admin | 2020-1529 | URL | ||
| 54738 | OS-WINDOWS Microsoft Windows GDI privilege escalation attempt (more info ...) | attempted-admin | 2020-1529 | URL | ||
| 54739 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1570 | URL | ||
| 54740 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1570 | URL | ||
| 54743 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1380 | URL | ||
| 54744 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-1380 | URL | ||
| 54745 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt (more info ...) | attempted-admin | 2020-1480 | URL | ||
| 54746 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt (more info ...) | attempted-admin | 2020-1480 | URL | ||
| 54753 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2020-1578 | URL | ||
| 54765 | OS-WINDOWS Microsoft Windows TCPIP kernel driver use-after-free attempt (more info ...) | attempted-admin | 2020-1566 | URL | ||
| 54766 | OS-WINDOWS Microsoft Windows TCPIP kernel driver use-after-free attempt (more info ...) | attempted-admin | 2020-1566 | URL | ||
| 55143 | OS-WINDOWS Microsoft Windows win32k kernel driver use after free attempt (more info ...) | attempted-admin | 2020-1245 | URL | ||
| 55144 | OS-WINDOWS Microsoft Windows win32k kernel driver use after free attempt (more info ...) | attempted-admin | 2020-1245 | URL | ||
| 55161 | OS-WINDOWS Microsoft Windows kernel DirectComposition use after free attempt (more info ...) | attempted-user | 2020-1152 | URL | ||
| 55162 | OS-WINDOWS Microsoft Windows kernel DirectComposition use after free attempt (more info ...) | attempted-user | 2020-1152 | URL | ||
| 55187 | OS-WINDOWS Microsoft Windows kernel driver escalation of privilege attempt (more info ...) | attempted-user | 2020-0941 | URL | ||
| 55188 | OS-WINDOWS Microsoft Windows kernel driver escalation of privilege attempt (more info ...) | attempted-user | 2020-0941 | URL | ||
| 55703 | OS-WINDOWS Microsoft Windows Netlogon crafted NetrServerReqChallenge elevation of privilege attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 55704 | OS-WINDOWS Microsoft Windows Netlogon crafted NetrServerAuthenticate elevation of privilege attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 55802 | OS-WINDOWS Microsoft Windows NetrServerReqChallenge RPC transport sign and seal disabling attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 55862 | SERVER-WEBAPP Microsoft SharePoint EntityInstanceIdEncoder remote code execution attempt (more info ...) | attempted-user | 2019-0604 | URL | ||
| 55922 | OS-WINDOWS Microsoft Windows Defender privilege escalation attempt (more info ...) | attempted-admin | 2020-1170 | URL | ||
| 55923 | OS-WINDOWS Microsoft Windows Defender privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 55942 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2020-16907 | URL | ||
| 55982 | OS-WINDOWS Microsoft Windows digital signature spoofing attempt (more info ...) | attempted-user | 2020-16922 | URL | ||
| 55983 | OS-WINDOWS Microsoft Windows digital signature spoofing attempt (more info ...) | attempted-user | 2020-16922 | URL | ||
| 55989 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | attempted-admin | 2020-16913 | URL | ||
| 55990 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | attempted-admin | 2020-16913 | URL | ||
| 55994 | OS-WINDOWS Microsoft Windows Remote Desktop information disclosure attempt (more info ...) | attempted-admin | 2020-16896 | URL | ||
| 56134 | SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (more info ...) | attempted-user | 2020-16952 | URL | ||
| 56135 | SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (more info ...) | attempted-user | 2020-16952 | URL | ||
| 56136 | SERVER-WEBAPP Microsoft Sharepoint DataFormWebPart remote code execution attempt (more info ...) | attempted-user | 2020-16952 | URL | ||
| 56230 | OS-WINDOWS Microsoft Windows Kernel Cryptography Driver privilege escalation attempt (more info ...) | attempted-admin | 2020-17087 | URL | ||
| 56231 | OS-WINDOWS Microsoft Windows Kernel Cryptography Driver privilege escalation attempt (more info ...) | attempted-admin | 2020-17087 | URL | ||
| 56254 | OS-WINDOWS Microsoft Windows DirectX graphics kernel subsystem privilege escalation attempt (more info ...) | attempted-admin | 2020-16998 | URL | ||
| 56255 | OS-WINDOWS Microsoft Windows DirectX graphics kernel subsystem privilege escalation attempt (more info ...) | attempted-admin | 2020-16998 | URL | ||
| 56259 | OS-WINDOWS Microsoft Windows Win32k DirectComposition privilege escalation attempt (more info ...) | attempted-admin | 2020-17057 | URL | ||
| 56260 | OS-WINDOWS Microsoft Windows Win32k DirectComposition privilege escalation attempt (more info ...) | attempted-admin | 2020-17057 | URL | ||
| 56261 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2020-17038 | URL | ||
| 56262 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2020-17038 | URL | ||
| 56286 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-17052 | URL | ||
| 56287 | BROWSER-IE Microsoft Edge memory corruption attempt (more info ...) | attempted-user | 2020-17052 | URL | ||
| 56290 | OS-WINDOWS Microsoft Windows malicious Netlogon NetrServerAuthenticate3 request attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 56295 | FILE-OTHER Microsoft Windows Common Log Files System driver privilege escalation attempt (more info ...) | attempted-admin | 2020-17088 | URL | ||
| 56296 | FILE-OTHER Microsoft Windows Common Log Files System driver privilege escalation attempt (more info ...) | attempted-admin | 2020-17088 | URL | ||
| 56301 | OS-WINDOWS Microsoft Windows NFS read procedure remote code execution attempt (more info ...) | attempted-admin | 2020-17056 | URL | ||
| 56302 | OS-WINDOWS Microsoft Windows NFS read procedure remote code execution attempt (more info ...) | attempted-user | 2020-17056 | URL | ||
| 56304 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2020-17061 | URL | ||
| 56305 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2020-17061 | URL | ||
| 56309 | PROTOCOL-RPC Windows Network File System denial of service attempt (more info ...) | attempted-dos | 2020-17047 | URL | ||
| 56310 | PROTOCOL-RPC Windows Network File System RPCSEC_GSS_INIT message attempt (more info ...) | misc-activity | ||||
| 56311 | OS-WINDOWS Microsoft Windows NFS v3 Server heap overflow denial of service attempt (more info ...) | attempted-dos | 2020-17051 | URL | ||
| 56312 | OS-WINDOWS Microsoft Windows NFS v3 Server heap overflow denial of service attempt (more info ...) | attempted-dos | 2020-17051 | URL | ||
| 56561 | OS-WINDOWS Microsoft Windows SMB authenticated remote code execution attempt (more info ...) | attempted-admin | 2020-17096 | URL | ||
| 56562 | OS-WINDOWS Microsoft Windows SMB authenticated remote code execution attempt (more info ...) | attempted-admin | 2020-17096 | URL | ||
| 56571 | OS-WINDOWS Microsoft Windows SMB2 SET_INFO information disclosure attempt (more info ...) | attempted-recon | 2020-17140 | URL | ||
| 56574 | BROWSER-OTHER Microsoft Teams mention functionality displayName remote code execution attempt (more info ...) | attempted-user | 2020-10146 | URL | ||
| 56604 | SERVER-WEBAPP Microsoft Dynamics NAV remote code execution attempt (more info ...) | attempted-admin | 2020-17158 | URL | ||
| 56849 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56850 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56851 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56852 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56853 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56854 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56855 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56856 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | trojan-activity | 2021-1709 | URL | ||
| 56857 | FILE-EXECUTABLE Microsoft Windows Defender buffer overflow attempt (more info ...) | attempted-admin | 2021-1647 | URL | ||
| 56858 | FILE-EXECUTABLE Microsoft Windows Defender buffer overflow attempt (more info ...) | attempted-admin | 2021-1647 | URL | ||
| 56859 | FILE-EXECUTABLE Microsoft Windows Defender buffer overflow attempt (more info ...) | attempted-admin | 2021-1647 | URL | ||
| 56860 | FILE-EXECUTABLE Microsoft Windows Defender buffer overflow attempt (more info ...) | attempted-admin | 2021-1647 | URL | ||
| 56865 | SERVER-OTHER Microsoft Sharepoint Server remote code execution attempt (more info ...) | attempted-user | 2021-1707 | URL | ||
| 57104 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-user | 2021-1732 | URL | ||
| 57106 | OS-WINDOWS Microsoft Win32k Windows privilege escalation attempt (more info ...) | attempted-admin | 2021-1698 | URL | ||
| 57107 | OS-WINDOWS Microsoft Win32k Windows privilege escalation attempt (more info ...) | attempted-admin | 2021-1698 | URL | ||
| 57108 | SERVER-WEBAPP Microsoft SharePoint Server XML external entity injection attempt (more info ...) | web-application-attack | 2021-24072 | URL | ||
| 57136 | NETBIOS TRUFFLEHUNTER TALOS-2021-1246 attack attempt (more info ...) | attempted-admin | URL | |||
| 57232 | NETBIOS TRUFFLEHUNTER TALOS-2021-1258 attack attempt (more info ...) | attempted-admin | URL | |||
| 57259 | OS-WINDOWS Microsoft Windows DirectX kernel driver use after free attempt (more info ...) | attempted-admin | 2021-24095 | URL | ||
| 57260 | OS-WINDOWS Microsoft Windows DirectX kernel driver use after free attempt (more info ...) | attempted-admin | 2021-24095 | URL | ||
| 57261 | OS-WINDOWS Microsoft Windows Graphics Component privilege escalation attempt (more info ...) | attempted-admin | 2021-26868 | URL | ||
| 57262 | OS-WINDOWS Microsoft Windows Graphics Component privilege escalation attempt (more info ...) | attempted-admin | 2021-26868 | URL | ||
| 57263 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-26863 | URL | ||
| 57264 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-26863 | URL | ||
| 57265 | NETBIOS TRUFFLEHUNTER TALOS-2021-1263 attack attempt (more info ...) | attempted-dos | URL | |||
| 57279 | OS-WINDOWS Microsoft Windows Netlogon DCERPC over SMB NetrServerAuthenticate failed elevation of privilege attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 57280 | OS-WINDOWS Microsoft Windows Netlogon NetrServerAuthenticate failed elevation of privilege attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 57281 | OS-WINDOWS Microsoft Windows Netlogon NetrServerAuthenticate failed elevation of privilege attempt (more info ...) | attempted-admin | 2020-1472 | URL | ||
| 57310 | NETBIOS TRUFFLEHUNTER TALOS-2021-1268 attack attempt (more info ...) | attempted-recon | URL | |||
| 57347 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-1732 | URL | ||
| 57348 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-1732 | URL | ||
| 57386 | BROWSER-IE Microsoft Edge Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0770 | URL | ||
| 57387 | BROWSER-IE Microsoft Edge Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0770 | URL | ||
| 57403 | OS-WINDOWS Microsoft Windows win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-28310 | URL | ||
| 57404 | OS-WINDOWS Microsoft Windows win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-28310 | URL | ||
| 57549 | OS-WINDOWS Microsoft Windows HTTP protocol stack remote code execution attempt (more info ...) | attempted-user | 2021-31166 | URL | ||
| 57550 | OS-WINDOWS Microsoft Windows HTTP protocol stack remote code execution attempt (more info ...) | attempted-user | 2021-31166 | URL | ||
| 57605 | OS-WINDOWS Microsoft Windows HTTP protocol stack remote code execution attempt (more info ...) | attempted-user | 2022-21907 | URL | ||
| 57722 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2021-31952 | URL | ||
| 57723 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2021-31952 | URL | ||
| 57724 | OS-WINDOWS Microsoft Windows cryptographic API integer overflow attempt (more info ...) | attempted-admin | 2021-31199 | URL | ||
| 57725 | OS-WINDOWS Microsoft Windows cryptographic API integer overflow attempt (more info ...) | attempted-admin | 2021-31199 | URL | ||
| 57726 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2021-31955 | URL | ||
| 57727 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2021-31955 | URL | ||
| 57730 | OS-WINDOWS Microsoft Windows dssenh.dll privilege escalation attempt (more info ...) | attempted-admin | 2021-31201 | URL | ||
| 57731 | OS-WINDOWS Microsoft Windows dssenh.dll privilege escalation attempt (more info ...) | attempted-admin | 2021-31201 | URL | ||
| 57734 | OS-WINDOWS Microsoft Windows common log file system driver elevation of privilege attempt (more info ...) | attempted-admin | 2021-31954 | URL | ||
| 57735 | OS-WINDOWS Microsoft Windows common log file system driver elevation of privilege attempt (more info ...) | attempted-admin | 2021-31954 | URL | ||
| 57736 | OS-WINDOWS Microsoft Windows Dynamic Window Manager privilege escalation attempt (more info ...) | attempted-admin | 2021-33739 | URL | ||
| 57737 | OS-WINDOWS Microsoft Windows Dynamic Window Manager privilege escalation attempt (more info ...) | attempted-admin | 2021-33739 | URL | ||
| 57876 | OS-WINDOWS Microsoft Windows Print Spooler remote code execution attempt (more info ...) | attempted-admin | 2021-34527 | URL | ||
| 57877 | OS-WINDOWS Microsoft Windows Print Spooler remote code execution attempt (more info ...) | attempted-admin | 2021-34527 | URL | ||
| 57951 | OS-WINDOWS Microsoft Windows SAM database improper ACLs elevation of privilege attempt (more info ...) | attempted-admin | 2021-36934 | URL | ||
| 57965 | OS-WINDOWS Microsoft Windows EFSRPC bind detected (more info ...) | protocol-command-decode | 2021-36942 | URL | ||
| 57966 | OS-WINDOWS Microsoft Windows NTLM relay attack attempt (more info ...) | attempted-user | 2021-36942 | URL | ||
| 58004 | OS-WINDOWS Microsoft Windows BITS privilege escalation attempt (more info ...) | attempted-admin | 2020-0787 | URL | ||
| 58005 | OS-WINDOWS Microsoft Windows BITS privilege escalation attempt (more info ...) | attempted-admin | 2020-0787 | URL | ||
| 58011 | OS-WINDOWS Microsoft Windows Update Medic service elevation of privilege attempt (more info ...) | attempted-user | 2021-36948 | URL | ||
| 58012 | OS-WINDOWS Microsoft Windows Update Medic service elevation of privilege attempt (more info ...) | attempted-user | 2021-36948 | URL | ||
| 58111 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2021-28474 | URL | ||
| 58112 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2021-28474 | URL | ||
| 58114 | OS-WINDOWS Microsoft Windows EFSRPC bind detected (more info ...) | protocol-command-decode | 2021-36942 | URL | ||
| 58136 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | attempted-user | 2021-36975 | URL | ||
| 58137 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | attempted-user | 2021-36975 | URL | ||
| 58140 | OS-WINDOWS Microsoft Windows CLFS local privilege escalation attempt (more info ...) | attempted-admin | 2021-38633 | URL | ||
| 58141 | OS-WINDOWS Microsoft Windows CLFS local privilege escalation attempt (more info ...) | attempted-admin | 2021-38633 | URL | ||
| 58169 | SERVER-WEBAPP Microsoft Windows Open Management Infrastructure remote code execution attempt (more info ...) | web-application-attack | 2021-38647 | |||
| 58196 | OS-WINDOWS Microsoft Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2021-36955 | URL | ||
| 58197 | OS-WINDOWS Microsoft Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2021-36955 | URL | ||
| 58198 | OS-WINDOWS Microsoft Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2021-36955 | URL | ||
| 58199 | OS-WINDOWS Microsoft Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2021-36955 | URL | ||
| 58286 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2021-41357 | URL | ||
| 58287 | OS-WINDOWS Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-admin | 2021-41357 | URL | ||
| 58288 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege exploit download attempt (more info ...) | attempted-admin | 2021-40449 | URL | ||
| 58294 | OS-WINDOWS Microsoft DirectX graphics kernel privilege escalation attempt (more info ...) | attempted-admin | 2021-40470 | URL | ||
| 58295 | OS-WINDOWS Microsoft DirectX graphics kernel privilege escalation attempt (more info ...) | attempted-admin | 2021-40470 | URL | ||
| 58305 | OS-WINDOWS Microsoft Windows Common Log File System driver privilege escalation attempt (more info ...) | attempted-admin | 2021-40467 | URL | ||
| 58306 | OS-WINDOWS Microsoft Windows Common Log File System driver privilege escalation attempt (more info ...) | attempted-admin | 2021-40467 | URL | ||
| 58308 | OS-WINDOWS Microsoft Windows CLFS kernel driver buffer overflow attempt (more info ...) | attempted-user | 2021-40466 | URL | ||
| 58309 | OS-WINDOWS Microsoft Windows CLFS kernel driver buffer overflow attempt (more info ...) | attempted-user | 2021-40466 | URL | ||
| 58310 | OS-WINDOWS Microsoft Windows 10 Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-40450 | URL | ||
| 58311 | OS-WINDOWS Microsoft Windows 10 Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-40450 | URL | ||
| 58312 | OS-WINDOWS Microsoft Windows 10 Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-40450 | URL | ||
| 58313 | OS-WINDOWS Microsoft Windows 10 Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2021-40450 | URL | ||
| 58314 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | web-application-attack | 2021-40487 | URL | ||
| 58315 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | web-application-attack | 2021-40487 | URL | ||
| 58316 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | web-application-attack | 2021-40487 | URL | ||
| 58317 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | web-application-attack | 2021-40487 | URL | ||
| 58318 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | web-application-attack | 2021-40487 | URL | ||
| 58319 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | web-application-attack | 2021-40487 | URL | ||
| 58519 | BROWSER-IE Microsoft Defender memory corruption attempt (more info ...) | attempted-user | 2021-42298 | URL | ||
| 58520 | BROWSER-IE Microsoft Defender memory corruption attempt (more info ...) | attempted-user | 2021-42298 | URL | ||
| 58586 | OS-WINDOWS Microsoft Windows Installer elevation of privilege attempt (more info ...) | attempted-admin | 2020-0683 | URL | ||
| 58615 | OS-WINDOWS Microsoft Windows Content-Disposition CLSID command attempt (more info ...) | attempted-user | 2004-0420 | 9510 | URL | |
| 58616 | OS-WINDOWS Microsoft Windows Content-Disposition CLSID command attempt (more info ...) | attempted-user | 2004-0420 | 9510 | URL | |
| 58617 | OS-WINDOWS Microsoft Windows Content-Disposition CLSID command attempt (more info ...) | attempted-user | 2004-0420 | 9510 | URL | |
| 58635 | OS-WINDOWS Microsoft Windows Installer privilege escalation attempt (more info ...) | attempted-admin | 2021-43883 | URL | ||
| 58636 | OS-WINDOWS Microsoft Windows Installer privilege escalation attempt (more info ...) | attempted-admin | 2021-43883 | URL | ||
| 58753 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2021-41333 | URL | ||
| 58754 | OS-WINDOWS Microsoft Windows Common Log File System Driver elevation of privilege attempt (more info ...) | attempted-admin | 2021-43226 | URL | ||
| 58755 | OS-WINDOWS Microsoft Windows Common Log File System Driver elevation of privilege attempt (more info ...) | attempted-admin | 2021-43226 | URL | ||
| 58756 | OS-WINDOWS Microsoft Windows Common Log File System Driver elevation of privilege attempt (more info ...) | attempted-admin | 2021-43226 | URL | ||
| 58757 | OS-WINDOWS Microsoft Windows Common Log File System Driver elevation of privilege attempt (more info ...) | attempted-admin | 2021-43226 | URL | ||
| 58774 | OS-WINDOWS Microsoft Windows Remote Desktop Protocol remote code execution attempt (more info ...) | attempted-user | 2021-43233 | URL | ||
| 58775 | OS-WINDOWS Microsoft Windows Common Log File System driver privilege escalation attempt (more info ...) | attempted-admin | 2021-43207 | URL | ||
| 58776 | OS-WINDOWS Microsoft Windows Common Log File System driver privilege escalation attempt (more info ...) | attempted-admin | 2021-43207 | URL | ||
| 58859 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2022-21882 | URL | ||
| 58860 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2022-21882 | URL | ||
| 58866 | OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt (more info ...) | attempted-admin | 2022-21881 | URL | ||
| 58867 | OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt (more info ...) | attempted-admin | 2022-21881 | URL | ||
| 58868 | OS-WINDOWS Microsoft Windows privilege escalation via path redirection attempt (more info ...) | attempted-admin | 2022-21919 | URL | ||
| 58869 | OS-WINDOWS Microsoft Windows privilege escalation via path redirection attempt (more info ...) | attempted-admin | 2022-21919 | URL | ||
| 58870 | OS-WINDOWS Microsoft Windows 10 elevation of privilege attempt (more info ...) | attempted-user | 2022-21908 | URL | ||
| 58871 | OS-WINDOWS Microsoft Windows 10 elevation of privilege attempt (more info ...) | attempted-user | 2022-21908 | URL | ||
| 58872 | OS-WINDOWS Microsoft Windows Common Log File System driver privilege escalation attempt (more info ...) | attempted-admin | 2022-21916 | URL | ||
| 58873 | OS-WINDOWS Microsoft Windows Common Log File System driver privilege escalation attempt (more info ...) | attempted-admin | 2022-21916 | URL | ||
| 58874 | OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt (more info ...) | attempted-admin | 2022-21887 | URL | ||
| 58875 | OS-WINDOWS Microsoft Windows kernel elevation of privilege attempt (more info ...) | attempted-admin | 2022-21887 | URL | ||
| 58993 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-22718 | URL | ||
| 58994 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-22718 | URL | ||
| 58999 | OS-WINDOWS Microsoft Windows Desktop Window Manager type confusion attempt (more info ...) | attempted-admin | 2022-21994 | URL | ||
| 59000 | OS-WINDOWS Microsoft Windows Desktop Window Manager type confusion attempt (more info ...) | attempted-admin | 2022-21994 | URL | ||
| 59001 | OS-WINDOWS Microsoft Windows Kernel privilege escalation attempt (more info ...) | attempted-admin | 2022-21989 | URL | ||
| 59002 | OS-WINDOWS Microsoft Windows Kernel privilege escalation attempt (more info ...) | attempted-admin | 2022-21989 | URL | ||
| 59004 | OS-WINDOWS Microsoft Windows NPFS file system privilege escalation attempt (more info ...) | attempted-user | 2022-22715 | URL | ||
| 59005 | OS-WINDOWS Microsoft Windows NPFS file system privilege escalation attempt (more info ...) | attempted-user | 2022-22715 | URL | ||
| 59008 | OS-WINDOWS Microsoft Windows win32k local privilege escalation attempt (more info ...) | attempted-admin | 2022-21996 | URL | ||
| 59009 | OS-WINDOWS Microsoft Windows win32k local privilege escalation attempt (more info ...) | attempted-admin | 2022-21996 | URL | ||
| 59052 | OS-WINDOWS Microsoft Windows AD DS potential elevation of privilege attempt (more info ...) | attempted-admin | 2021-42291 | URL | ||
| 59107 | OS-WINDOWS Microsoft Windows RDP path redirection remote code execution attempt (more info ...) | attempted-admin | 2022-21990 | URL | ||
| 59108 | OS-WINDOWS Microsoft Windows RDP path redirection remote code execution attempt (more info ...) | attempted-admin | 2022-21990 | URL | ||
| 59212 | OS-WINDOWS Microsoft Windows PPTP denial-of-service attempt (more info ...) | denial-of-service | 2022-23253 | URL | ||
| 59213 | OS-WINDOWS Microsoft Windows Cloud Files Mini Filter driver elevation of privilege attempt (more info ...) | attempted-admin | 2022-23286 | URL | ||
| 59214 | OS-WINDOWS Microsoft Windows Cloud Files Mini Filter driver elevation of privilege attempt (more info ...) | attempted-admin | 2022-23286 | URL | ||
| 59215 | OS-WINDOWS Microsoft Windows Remote Desktop client remote code execution attempt (more info ...) | attempted-user | 2022-23285 | URL | ||
| 59220 | OS-WINDOWS Microsoft Windows Winsock local privilege escalation attempt (more info ...) | attempted-admin | 2022-24507 | URL | ||
| 59221 | OS-WINDOWS Microsoft Windows Winsock local privilege escalation attempt (more info ...) | attempted-admin | 2022-24507 | URL | ||
| 59476 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-user | 2019-3975 | URL | ||
| 59477 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-user | 2019-3953 | URL | ||
| 59492 | FILE-OTHER Microsoft Windows GDI memory corruption attempt (more info ...) | attempted-user | 2018-8472 | URL | ||
| 59493 | FILE-OTHER Microsoft Windows GDI memory corruption attempt (more info ...) | attempted-admin | 2018-8472 | URL | ||
| 59497 | OS-WINDOWS Microsoft Windows Win32k escalation of privileges attempt (more info ...) | attempted-admin | 2022-24474 | URL | ||
| 59498 | OS-WINDOWS Microsoft Windows Win32k escalation of privileges attempt (more info ...) | attempted-admin | 2022-24474 | URL | ||
| 59502 | OS-WINDOWS Microsoft Windows Server 2003 smart card authentication buffer overflow attempt (more info ...) | attempted-admin | 2017-9073 | URL | ||
| 59511 | OS-WINDOWS Microsoft Windows User Profile Service privilege escalation attempt (more info ...) | attempted-admin | 2022-26904 | URL | ||
| 59512 | OS-WINDOWS Microsoft Windows User Profile Service privilege escalation attempt (more info ...) | attempted-admin | 2022-26904 | URL | ||
| 59519 | OS-WINDOWS Microsoft Windows win32k.sys driver local privilege escalation attempt (more info ...) | attempted-admin | 2022-26914 | URL | ||
| 59520 | OS-WINDOWS Microsoft Windows win32k.sys driver local privilege escalation attempt (more info ...) | attempted-admin | 2022-26914 | URL | ||
| 59521 | OS-WINDOWS Microsoft Windows CLFS driver local privilege escalation attempt (more info ...) | attempted-admin | 2022-24481 | URL | ||
| 59522 | OS-WINDOWS Microsoft Windows CLFS driver local privilege escalation attempt (more info ...) | attempted-admin | 2022-24481 | URL | ||
| 59523 | FILE-OTHER Microsoft Windows CLFS driver privilege escalation attempt (more info ...) | attempted-admin | 2022-24521 | URL | ||
| 59524 | FILE-OTHER Microsoft Windows CLFS driver privilege escalation attempt (more info ...) | attempted-admin | 2022-24521 | URL | ||
| 59531 | OS-WINDOWS Microsoft Windows Digital Media Receiver privilege escalation attempt (more info ...) | attempted-admin | 2022-24547 | URL | ||
| 59532 | OS-WINDOWS Microsoft Windows Digital Media Receiver privilege escalation attempt (more info ...) | attempted-admin | 2022-24547 | URL | ||
| 59533 | OS-WINDOWS Microsoft Windows Server portmap.sys out of bounds write attempt (more info ...) | attempted-admin | 2022-24497 | URL | ||
| 59534 | OS-WINDOWS Microsoft Windows Server portmap.sys out of bounds write attempt (more info ...) | attempted-admin | 2022-24491 | URL | ||
| 59535 | OS-WINDOWS Microsoft Windows Server portmap.sys out of bounds write attempt (more info ...) | attempted-admin | 2022-24491 | URL | ||
| 59614 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-user | 2019-3954 | URL | ||
| 59726 | OS-WINDOWS Microsoft Windows Kernel Point-to-Point Tunneling Protocol remote code execution attempt (more info ...) | attempted-admin | 2022-23270 | URL | ||
| 59727 | OS-WINDOWS Microsoft Windows ALPC privilege escalation attempt (more info ...) | attempted-admin | 2022-23279 | URL | ||
| 59728 | OS-WINDOWS Microsoft Windows ALPC privilege escalation attempt (more info ...) | attempted-admin | 2022-23279 | URL | ||
| 59733 | OS-WINDOWS Microsoft Windows win32k local privilege escalation attempt (more info ...) | attempted-admin | 2022-29142 | URL | ||
| 59734 | OS-WINDOWS Microsoft Windows win32k local privilege escalation attempt (more info ...) | attempted-admin | 2022-29142 | URL | ||
| 59737 | OS-WINDOWS Microsoft Windows LSA authentication spoofing attempt (more info ...) | attempted-user | 2022-26925 | URL | ||
| 59739 | PROTOCOL-RPC Portmapper NLM GETADDR call attempt (more info ...) | attempted-admin | 2022-26937 | URL | ||
| 59741 | PROTOCOL-RPC Portmapper NLM GETADDR call attempt (more info ...) | attempted-admin | 2022-26937 | URL | ||
| 59889 | OS-WINDOWS Microsoft Support Diagnostic Tool ms-msdt protocol use attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59890 | OS-WINDOWS Microsoft Support Diagnostic Tool ms-msdt protocol use attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59891 | OS-WINDOWS Microsoft Support Diagnostic Tool remote code execution attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59892 | OS-WINDOWS Microsoft Support Diagnostic Tool remote code execution attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59893 | OS-WINDOWS Microsoft Support Diagnostic Tool remote code execution attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59894 | OS-WINDOWS Microsoft Support Diagnostic Tool remote code execution attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59919 | OS-WINDOWS Microsoft Windows search-ms protocol invocation attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59920 | OS-WINDOWS Microsoft Windows search-ms protocol invocation attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59949 | OS-WINDOWS Microsoft Support Diagnostic Tool remote code execution attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59950 | OS-WINDOWS Microsoft Support Diagnostic Tool remote code execution attempt (more info ...) | attempted-user | 2022-30190 | URL | ||
| 59967 | OS-WINDOWS Microsoft Windows Installer privilege escalation attempt (more info ...) | attempted-admin | 2022-30147 | URL | ||
| 59968 | OS-WINDOWS Microsoft Windows Installer privilege escalation attempt (more info ...) | attempted-admin | 2022-30147 | URL | ||
| 59971 | OS-WINDOWS Microsoft Windows Advanced Local Procedure Call elevation of privilege attempt (more info ...) | attempted-admin | 2022-30160 | URL | ||
| 59972 | OS-WINDOWS Microsoft Windows Advanced Local Procedure Call elevation of privilege attempt (more info ...) | attempted-admin | 2022-30160 | URL | ||
| 60117 | SERVER-WEBAPP Microsoft SharePoint Workflow XOML injection attempt (more info ...) | web-application-attack | 2020-0646 | URL | ||
| 60191 | OS-WINDOWS Microsoft Windows storage elevation of privilege attempt (more info ...) | attempted-admin | 2022-30220 | URL | ||
| 60192 | OS-WINDOWS Microsoft Windows storage elevation of privilege attempt (more info ...) | attempted-admin | 2022-30220 | URL | ||
| 60198 | OS-WINDOWS Microsoft Windows Advanced Local Procedure Call elevation of privilege attempt (more info ...) | attempted-admin | 2022-30202 | URL | ||
| 60199 | OS-WINDOWS Microsoft Windows Advanced Local Procedure Call elevation of privilege attempt (more info ...) | attempted-admin | 2022-30202 | URL | ||
| 60201 | OS-WINDOWS Microsoft Windows Server Service tampering attempt (more info ...) | attempted-user | 2022-30216 | URL | ||
| 60202 | OS-WINDOWS Microsoft Windows Server Service tampering attempt (more info ...) | attempted-user | 2022-30216 | URL | ||
| 60203 | OS-WINDOWS Microsoft Windows SRVSVC bind detected (more info ...) | protocol-command-decode | ||||
| 60206 | OS-WINDOWS Microsoft Windows Graphics Component elevation of privilege attempt (more info ...) | attempted-admin | 2022-22034 | URL | ||
| 60207 | OS-WINDOWS Microsoft Windows Graphics Component elevation of privilege attempt (more info ...) | attempted-admin | 2022-22034 | URL | ||
| 60213 | OS-WINDOWS Microsoft Windows CSRS subsytem elevation of privilege attempt (more info ...) | attempted-admin | 2022-22047 | URL | ||
| 60214 | OS-WINDOWS Microsoft Windows CSRS subsytem elevation of privilege attempt (more info ...) | attempted-admin | 2022-22047 | URL | ||
| 60314 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-21999 | URL | ||
| 60315 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-21999 | URL | ||
| 60316 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-21999 | URL | ||
| 60317 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-21999 | URL | ||
| 60371 | OS-WINDOWS Microsoft Windows Print Spooler privilege escalation attempt (more info ...) | attempted-admin | 2022-35755 | URL | ||
| 60372 | OS-WINDOWS Microsoft Windows Print Spooler privilege escalation attempt (more info ...) | attempted-admin | 2022-35755 | URL | ||
| 60373 | OS-WINDOWS Microsoft Windows Kernel elevation of privilege attempt (more info ...) | attempted-admin | 2022-35761 | URL | ||
| 60374 | OS-WINDOWS Microsoft Windows Kernel elevation of privilege attempt (more info ...) | attempted-admin | 2022-35761 | URL | ||
| 60375 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-35793 | URL | ||
| 60376 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2022-35793 | URL | ||
| 60382 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-35750 | URL | ||
| 60383 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-35750 | URL | ||
| 60384 | OS-WINDOWS Microsoft Windows Support Diagnostic Tool directory traversal attempt (more info ...) | attempted-user | 2022-34713 | URL | ||
| 60386 | OS-WINDOWS Microsoft Windows Hyper-V elevation of privilege attempt (more info ...) | attempted-admin | 2022-35751 | URL | ||
| 60387 | OS-WINDOWS Microsoft Windows Hyper-V elevation of privilege attempt (more info ...) | attempted-admin | 2022-35751 | URL | ||
| 60429 | OS-WINDOWS Microsoft Windows Event Tracing privilege escalation attempt (more info ...) | attempted-admin | 2021-34486 | URL | ||
| 60430 | OS-WINDOWS Microsoft Windows Event Tracing privilege escalation attempt (more info ...) | attempted-admin | 2021-34486 | URL | ||
| 60478 | OS-WINDOWS Microsoft Windows Runtime remote code execution attempt (more info ...) | attempted-user | 2022-21971 | URL | ||
| 60479 | OS-WINDOWS Microsoft Windows Runtime remote code execution attempt (more info ...) | attempted-user | 2022-21971 | URL | ||
| 60546 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2022-37957 | URL | ||
| 60547 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2022-37957 | URL | ||
| 60549 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt (more info ...) | attempted-admin | 2022-34729 | URL | ||
| 60550 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt (more info ...) | attempted-admin | 2022-34729 | URL | ||
| 60646 | OS-WINDOWS Microsoft Windows IKE remote code execution attempt (more info ...) | attempted-user | 2022-34721 | URL | ||
| 60693 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-38050 | URL | ||
| 60694 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-38050 | URL | ||
| 60695 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-38050 | URL | ||
| 60696 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-38050 | URL | ||
| 60700 | OS-WINDOWS Microsoft Windows Perception Simulation service remote code execution attempt (more info ...) | attempted-user | 2022-37974 | URL | ||
| 60701 | OS-WINDOWS Microsoft Windows Perception Simulation service remote code execution attempt (more info ...) | attempted-user | 2022-37974 | URL | ||
| 60704 | OS-WINDOWS Microsoft Windows Client-Server Runtime Subsystem privilege escalation attempt (more info ...) | attempted-admin | 2022-37989 | URL | ||
| 60705 | OS-WINDOWS Microsoft Windows Client-Server Runtime Subsystem privilege escalation attempt (more info ...) | attempted-admin | 2022-37989 | URL | ||
| 60706 | OS-WINDOWS Microsoft Windows Client-Server Runtime Subsystem privilege escalation attempt (more info ...) | attempted-admin | 2022-37987 | URL | ||
| 60707 | OS-WINDOWS Microsoft Windows Client-Server Runtime Subsystem privilege escalation attempt (more info ...) | attempted-admin | 2022-37987 | URL | ||
| 60815 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-41109 | URL | ||
| 60816 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-41109 | URL | ||
| 60820 | OS-WINDOWS Microsoft Windows DWM core library elevation of privilege attempt (more info ...) | attempted-admin | 2022-41096 | URL | ||
| 60821 | OS-WINDOWS Microsoft Windows DWM core library elevation of privilege attempt (more info ...) | attempted-admin | 2022-41096 | URL | ||
| 60822 | OS-WINDOWS Microsoft Windows HTTP.sys elevation of privilege attempt (more info ...) | attempted-admin | 2022-41057 | URL | ||
| 60823 | OS-WINDOWS Microsoft Windows HTTP.sys elevation of privilege attempt (more info ...) | attempted-admin | 2022-41057 | URL | ||
| 60831 | OS-WINDOWS Microsoft Windows CNG Key Isolation Service elevation of privilege attempt (more info ...) | attempted-admin | 2022-41125 | URL | ||
| 60832 | OS-WINDOWS Microsoft Windows CNG Key Isolation Service elevation of privilege attempt (more info ...) | attempted-admin | 2022-41125 | URL | ||
| 60833 | BROWSER-IE Microsoft Windows Scripting Engine use-after-free attempt (more info ...) | attempted-user | 2022-41118 | URL | ||
| 60834 | BROWSER-IE Microsoft Windows Scripting Engine use-after-free attempt (more info ...) | attempted-user | 2022-41118 | URL | ||
| 60972 | OS-WINDOWS Microsoft Windows Client Server Run-Time Subsystem privilege escalation attempt (more info ...) | attempted-admin | 2022-44673 | URL | ||
| 60973 | OS-WINDOWS Microsoft Windows Client Server Run-Time Subsystem privilege escalation attempt (more info ...) | attempted-admin | 2022-44673 | URL | ||
| 60974 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2022-44683 | URL | ||
| 60975 | OS-WINDOWS Microsoft Windows kernel privilege escalation attempt (more info ...) | attempted-admin | 2022-44683 | URL | ||
| 61060 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2023-21552 | URL | ||
| 61061 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2023-21552 | URL | ||
| 61062 | OS-WINDOWS Microsoft Windows ALPC privilege escalation attempt (more info ...) | attempted-admin | 2023-21674 | URL | ||
| 61063 | OS-WINDOWS Microsoft Windows ALPC privilege escalation attempt (more info ...) | attempted-admin | 2023-21674 | URL | ||
| 61064 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt (more info ...) | attempted-admin | 2023-21768 | URL | ||
| 61065 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt (more info ...) | attempted-admin | 2023-21768 | URL | ||
| 61099 | OS-WINDOWS Microsoft Windows malicious LNK file download attempt (more info ...) | attempted-user | ||||
| 61100 | OS-WINDOWS Microsoft Windows malicious LNK file download attempt (more info ...) | attempted-user | ||||
| 61101 | OS-WINDOWS Microsoft Windows malicious LNK file download attempt (more info ...) | attempted-user | ||||
| 61102 | OS-WINDOWS Microsoft Windows malicious LNK file download attempt (more info ...) | attempted-user | ||||
| 61312 | OS-WINDOWS Microsoft Windows Kernel elevation of privilege attempt (more info ...) | attempted-admin | 2023-21688 | URL | ||
| 61313 | OS-WINDOWS Microsoft Windows Kernel elevation of privilege attempt (more info ...) | attempted-admin | 2023-21688 | URL | ||
| 61314 | OS-WINDOWS Microsoft Windows Graphics Component elevation of privilege attempt (more info ...) | attempted-admin | 2023-21823 | URL | ||
| 61315 | OS-WINDOWS Microsoft Windows Graphics Component elevation of privilege attempt (more info ...) | attempted-admin | 2023-21823 | URL | ||
| 61320 | OS-WINDOWS Microsoft Windows Common Log File System Driver elevation of privilege attempt (more info ...) | attempted-admin | 2023-23376 | URL | ||
| 61321 | OS-WINDOWS Microsoft Windows Common Log File System Driver elevation of privilege attempt (more info ...) | attempted-admin | 2023-23376 | URL | ||
| 61464 | OS-WINDOWS Microsoft Windows http.sys elevation of privilege attempt (more info ...) | attempted-admin | 2023-23410 | URL | ||
| 61465 | OS-WINDOWS Microsoft Windows http.sys elevation of privilege attempt (more info ...) | attempted-admin | 2023-23410 | URL | ||
| 61523 | FILE-IDENTIFY Microsoft OneNote file magic detected (more info ...) | misc-activity | ||||
| 61524 | FILE-IDENTIFY Microsoft OneNote file magic detected (more info ...) | misc-activity | ||||
| 61554 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt (more info ...) | attempted-admin | 2023-21768 | URL | ||
| 61555 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt (more info ...) | attempted-admin | 2023-21768 | URL | ||
| 61613 | OS-WINDOWS Microsoft Windows Server L2TP remote code execution attempt (more info ...) | attempted-user | 2023-28220 | URL | ||
| 61614 | OS-WINDOWS Microsoft Windows VPN Server rasl2tp.sys remote code execution attempt (more info ...) | attempted-user | 2023-28219 | URL | ||
| 61615 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt (more info ...) | attempted-admin | 2023-28218 | URL | ||
| 61616 | OS-WINDOWS Microsoft Windows AFD.sys privilege escalation attempt (more info ...) | attempted-admin | 2023-28218 | URL | ||
| 61617 | OS-WINDOWS Microsoft Windows graphics component elevation of privilege attempt (more info ...) | attempted-admin | 2023-24912 | URL | ||
| 61618 | OS-WINDOWS Microsoft Windows graphics component elevation of privilege attempt (more info ...) | attempted-admin | 2023-24912 | URL | ||
| 61619 | OS-WINDOWS Microsoft Windows MSMQ remote code execution attempt (more info ...) | attempted-user | 2023-21554 | URL | ||
| 61621 | SERVER-WEBAPP Microsoft Azure Fabric Explorer cross site scripting attempt (more info ...) | web-application-attack | 2022-35829 | URL | ||
| 61622 | SERVER-WEBAPP Microsoft Azure Fabric Explorer cross site scripting attempt (more info ...) | web-application-attack | 2022-35829 | URL | ||
| 61623 | SERVER-WEBAPP Microsoft Azure Fabric Explorer cross site scripting attempt (more info ...) | web-application-attack | 2022-35829 | URL | ||
| 61666 | FILE-IDENTIFY Microsoft OneNote with embedded structure detected (more info ...) | misc-activity | URL | |||
| 61667 | FILE-IDENTIFY Microsoft OneNote with embedded structure detected (more info ...) | misc-activity | URL | |||
| 61705 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2023-24902 | URL | ||
| 61706 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2023-24902 | URL | ||
| 61707 | OS-WINDOWS Microsoft Windows NFS server memory corruption attempt (more info ...) | attempted-admin | 2023-24941 | URL | ||
| 61718 | OS-WINDOWS Microsoft Windows Scripting elevation of privilege attempt (more info ...) | attempted-admin | 2023-29324 | URL | ||
| 61719 | OS-WINDOWS Microsoft Windows Scripting elevation of privilege attempt (more info ...) | attempted-admin | 2023-29324 | URL | ||
| 61720 | SERVER-WEBAPP Microsoft SharePoint WebControls AdRotator NTLM relay attempt (more info ...) | attempted-admin | 2023-24950 | URL | ||
| 61722 | OS-WINDOWS Microsoft Windows local privilege escalation attempt (more info ...) | attempted-admin | 2023-29336 | URL | ||
| 61723 | OS-WINDOWS Microsoft Windows local privilege escalation attempt (more info ...) | attempted-admin | 2023-29336 | URL | ||
| 61802 | FILE-OTHER Microsoft Visual Studio Code Markdown Preview Enhanced extension command injection attempt (more info ...) | attempted-user | 2022-45025 | |||
| 61803 | FILE-OTHER Microsoft Visual Studio Code Markdown Preview Enhanced extension command injection attempt (more info ...) | attempted-user | 2022-45025 | |||
| 61893 | INDICATOR-COMPROMISE Microsoft Windows ntds.dit file exfiltration attempt (more info ...) | misc-activity | URL | |||
| 61894 | FILE-IDENTIFY Microsoft Extensible Storage Engine database detected (more info ...) | misc-activity | ||||
| 61907 | OS-WINDOWS Microsoft Windows Cloud Files Mini Filter driver elevation of privilege attempt (more info ...) | attempted-admin | 2023-29361 | URL | ||
| 61908 | OS-WINDOWS Microsoft Windows Cloud Files Mini Filter driver elevation of privilege attempt (more info ...) | attempted-admin | 2023-29361 | URL | ||
| 61909 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt (more info ...) | attempted-admin | 2023-29358 | URL | ||
| 61910 | OS-WINDOWS Microsoft Windows GDI elevation of privilege attempt (more info ...) | attempted-admin | 2023-29358 | URL | ||
| 61911 | OS-WINDOWS Microsoft Windows User-mode Printer Driver privilege escalation attempt (more info ...) | attempted-admin | 2023-29371 | URL | ||
| 61912 | OS-WINDOWS Microsoft Windows User-mode Printer Driver privilege escalation attempt (more info ...) | attempted-admin | 2023-29371 | URL | ||
| 61915 | OS-WINDOWS Microsoft Windows TPM device driver elevation of privilege attempt (more info ...) | attempted-admin | 2023-29360 | URL | ||
| 61916 | OS-WINDOWS Microsoft Windows TPM device driver elevation of privilege attempt (more info ...) | attempted-admin | 2023-29360 | URL | ||
| 61937 | SERVER-WEBAPP Microsoft SharePoint OAuth authentication bypass attempt (more info ...) | attempted-admin | 2023-29357 | URL | ||
| 61938 | SERVER-WEBAPP Microsoft SharePoint OAuth authentication bypass attempt (more info ...) | attempted-admin | 2023-29357 | URL | ||
| 61939 | SERVER-WEBAPP Microsoft SharePoint OAuth authentication bypass attempt (more info ...) | attempted-admin | 2023-29357 | URL | ||
| 62012 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2023-33157 | URL | ||
| 62022 | OS-WINDOWS Microsoft Windows MSHTML platform elevation of privilege attempt (more info ...) | attempted-admin | 2023-32046 | URL | ||
| 62023 | OS-WINDOWS Microsoft Windows MSHTML platform elevation of privilege attempt (more info ...) | attempted-admin | 2023-32046 | URL | ||
| 62024 | OS-WINDOWS Microsoft Windows MSHTML platform elevation of privilege attempt (more info ...) | attempted-admin | 2023-32046 | URL | ||
| 62025 | OS-WINDOWS Microsoft Windows MSHTML platform elevation of privilege attempt (more info ...) | attempted-admin | 2023-32046 | URL | ||
| 62026 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | attempted-admin | 2023-33134 | URL | ||
| 62027 | SERVER-WEBAPP Microsoft SharePoint Server remote code execution attempt (more info ...) | attempted-admin | 2023-33134 | URL | ||
| 62034 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2023-36874 | URL | ||
| 62035 | OS-WINDOWS Microsoft Windows privilege escalation attempt (more info ...) | attempted-admin | 2023-36874 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 534 | NETBIOS SMB CD.. (more info ...) | attempted-recon | ||||
| 535 | NETBIOS SMB CD... (more info ...) | attempted-recon | ||||
| 572 | PROTOCOL-RPC DOS ttdbserv Solaris (more info ...) | attempted-dos | 1999-0003 | 122 | ||
| 574 | PROTOCOL-RPC mountd TCP export request (more info ...) | attempted-recon | ||||
| 575 | PROTOCOL-RPC portmap admind request UDP (more info ...) | rpc-portmap-decode | ||||
| 577 | PROTOCOL-RPC portmap bootparam request UDP (more info ...) | rpc-portmap-decode | ||||
| 580 | PROTOCOL-RPC portmap nisd request UDP (more info ...) | rpc-portmap-decode | 1999-0008 | |||
| 581 | PROTOCOL-RPC portmap pcnfsd request UDP (more info ...) | rpc-portmap-decode | 2002-0910 | 4816 | ||
| 582 | PROTOCOL-RPC portmap rexd request UDP (more info ...) | rpc-portmap-decode | ||||
| 583 | PROTOCOL-RPC portmap rstatd request UDP (more info ...) | rpc-portmap-decode | ||||
| 584 | PROTOCOL-RPC portmap rusers request UDP (more info ...) | rpc-portmap-decode | 1999-0626 | |||
| 586 | PROTOCOL-RPC portmap selection_svc request UDP (more info ...) | rpc-portmap-decode | 1999-0209 | 8 | ||
| 587 | PROTOCOL-RPC portmap status request UDP (more info ...) | rpc-portmap-decode | ||||
| 588 | PROTOCOL-RPC portmap ttdbserv request UDP (more info ...) | rpc-portmap-decode | 2001-0717 | 3382 | URL | |
| 589 | PROTOCOL-RPC portmap yppasswd request UDP (more info ...) | rpc-portmap-decode | ||||
| 590 | PROTOCOL-RPC portmap ypserv request UDP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | ||
| 595 | PROTOCOL-RPC portmap espd request TCP (more info ...) | rpc-portmap-decode | 2001-0331 | 2714 | ||
| 598 | PROTOCOL-RPC portmap listing TCP 111 (more info ...) | rpc-portmap-decode | ||||
| 599 | PROTOCOL-RPC portmap listing TCP 32771 (more info ...) | rpc-portmap-decode | ||||
| 612 | PROTOCOL-RPC rusers query UDP (more info ...) | attempted-recon | 1999-0626 | |||
| 1079 | OS-WINDOWS Microsoft Windows WebDAV propfind access (more info ...) | web-application-activity | 2003-0718 | 1656 | 10505 | URL |
| 1262 | PROTOCOL-RPC portmap admind request TCP (more info ...) | rpc-portmap-decode | ||||
| 1263 | PROTOCOL-RPC portmap amountd request TCP (more info ...) | rpc-portmap-decode | 1999-0704 | 614 | ||
| 1264 | PROTOCOL-RPC portmap bootparam request TCP (more info ...) | rpc-portmap-decode | ||||
| 1265 | PROTOCOL-RPC portmap cmsd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1267 | PROTOCOL-RPC portmap nisd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1268 | PROTOCOL-RPC portmap pcnfsd request TCP (more info ...) | rpc-portmap-decode | 2002-0910 | 4816 | ||
| 1269 | PROTOCOL-RPC portmap rexd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1270 | PROTOCOL-RPC portmap rstatd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1271 | PROTOCOL-RPC portmap rusers request TCP (more info ...) | rpc-portmap-decode | 1999-0626 | |||
| 1272 | PROTOCOL-RPC portmap sadmind request TCP (more info ...) | rpc-portmap-decode | ||||
| 1273 | PROTOCOL-RPC portmap selection_svc request TCP (more info ...) | rpc-portmap-decode | 1999-0209 | 205 | ||
| 1274 | PROTOCOL-RPC portmap ttdbserv request TCP (more info ...) | rpc-portmap-decode | 2001-0717 | 3382 | URL | |
| 1275 | PROTOCOL-RPC portmap yppasswd request TCP (more info ...) | rpc-portmap-decode | ||||
| 1276 | PROTOCOL-RPC portmap ypserv request TCP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | ||
| 1280 | PROTOCOL-RPC portmap listing UDP 111 (more info ...) | rpc-portmap-decode | ||||
| 1281 | PROTOCOL-RPC portmap listing UDP 32771 (more info ...) | rpc-portmap-decode | ||||
| 1388 | OS-WINDOWS Microsoft Windows UPnP Location overflow attempt (more info ...) | misc-attack | 2007-2386 | 3723 | 10829 | URL |
| 1447 | POLICY-OTHER Microsoft Windows Terminal server RDP attempt (more info ...) | protocol-command-decode | 2001-0663 | 3099 | 10940 | URL |
| 1732 | PROTOCOL-RPC portmap rwalld request UDP (more info ...) | rpc-portmap-decode | 1999-0181 | 205 | ||
| 1733 | PROTOCOL-RPC portmap rwalld request TCP (more info ...) | rpc-portmap-decode | 1999-0181 | 205 | ||
| 1746 | PROTOCOL-RPC portmap cachefsd request UDP (more info ...) | rpc-portmap-decode | 2002-0084 | 4674 | 10951 | |
| 1747 | PROTOCOL-RPC portmap cachefsd request TCP (more info ...) | rpc-portmap-decode | 2002-0084 | 4674 | 10951 | |
| 1890 | PROTOCOL-RPC status GHBN format string attack (more info ...) | misc-attack | 2000-0666 | 1480 | 10544 | |
| 1891 | PROTOCOL-RPC status GHBN format string attack (more info ...) | misc-attack | 2000-0666 | 1480 | 10544 | |
| 1905 | PROTOCOL-RPC AMD UDP amqproc_mount plog overflow attempt (more info ...) | misc-attack | 1999-0704 | 614 | ||
| 1906 | PROTOCOL-RPC AMD TCP amqproc_mount plog overflow attempt (more info ...) | misc-attack | 1999-0704 | 614 | ||
| 1907 | PROTOCOL-RPC CMSD UDP CMSD_CREATE buffer overflow attempt (more info ...) | attempted-admin | 2009-3699 | 524 | ||
| 1908 | PROTOCOL-RPC CMSD TCP CMSD_CREATE buffer overflow attempt (more info ...) | attempted-admin | 1999-0696 | 524 | ||
| 1909 | PROTOCOL-RPC CMSD TCP CMSD_INSERT buffer overflow attempt (more info ...) | misc-attack | 1999-0696 | 524 | URL | |
| 1910 | PROTOCOL-RPC CMSD udp CMSD_INSERT buffer overflow attempt (more info ...) | misc-attack | 1999-0696 | URL | ||
| 1912 | PROTOCOL-RPC sadmind TCP NETMGT_PROC_SERVICE CLIENT_DOMAIN overflow attempt (more info ...) | attempted-admin | 1999-0977 | 866 | ||
| 1913 | PROTOCOL-RPC STATD UDP stat mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1914 | PROTOCOL-RPC STATD TCP stat mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1915 | PROTOCOL-RPC STATD UDP monitor mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1916 | PROTOCOL-RPC STATD TCP monitor mon_name format string exploit attempt (more info ...) | attempted-admin | 2000-0666 | 1480 | 10544 | |
| 1922 | PROTOCOL-RPC portmap proxy attempt TCP (more info ...) | rpc-portmap-decode | ||||
| 1924 | PROTOCOL-RPC mountd UDP export request (more info ...) | attempted-recon | ||||
| 1925 | PROTOCOL-RPC mountd TCP exportall request (more info ...) | attempted-recon | ||||
| 1926 | PROTOCOL-RPC mountd UDP exportall request (more info ...) | attempted-recon | ||||
| 1931 | SERVER-WEBAPP rpc-nlog.pl access (more info ...) | web-application-activity | 1999-1278 | URL | ||
| 1932 | SERVER-WEBAPP rpc-smb.pl access (more info ...) | web-application-activity | 1999-1278 | |||
| 1949 | PROTOCOL-RPC portmap SET attempt TCP 111 (more info ...) | rpc-portmap-decode | ||||
| 1950 | PROTOCOL-RPC portmap SET attempt UDP 111 (more info ...) | rpc-portmap-decode | ||||
| 1951 | PROTOCOL-RPC mountd TCP mount request (more info ...) | attempted-recon | 1999-0210 | |||
| 1952 | PROTOCOL-RPC mountd UDP mount request (more info ...) | attempted-recon | ||||
| 1953 | PROTOCOL-RPC AMD TCP pid request (more info ...) | rpc-portmap-decode | ||||
| 1954 | PROTOCOL-RPC AMD UDP pid request (more info ...) | rpc-portmap-decode | ||||
| 1955 | PROTOCOL-RPC AMD TCP version request (more info ...) | rpc-portmap-decode | ||||
| 1956 | PROTOCOL-RPC AMD UDP version request (more info ...) | rpc-portmap-decode | 2000-0696 | 1554 | ||
| 1957 | PROTOCOL-RPC sadmind UDP PING (more info ...) | protocol-command-decode | 1999-0977 | 866 | 10229 | |
| 1958 | PROTOCOL-RPC sadmind TCP PING (more info ...) | protocol-command-decode | 1999-0977 | 866 | 10229 | |
| 1959 | PROTOCOL-RPC portmap NFS request UDP (more info ...) | rpc-portmap-decode | ||||
| 1960 | PROTOCOL-RPC portmap NFS request TCP (more info ...) | rpc-portmap-decode | ||||
| 1961 | PROTOCOL-RPC portmap RQUOTA request UDP (more info ...) | rpc-portmap-decode | ||||
| 1962 | PROTOCOL-RPC portmap RQUOTA request TCP (more info ...) | rpc-portmap-decode | ||||
| 1963 | PROTOCOL-RPC RQUOTA getquota overflow attempt UDP (more info ...) | misc-attack | 1999-0974 | 864 | ||
| 1964 | PROTOCOL-RPC tooltalk UDP overflow attempt (more info ...) | attempted-admin | 1999-0003 | 122 | ||
| 1965 | PROTOCOL-RPC tooltalk TCP overflow attempt (more info ...) | attempted-admin | 2001-0717 | 122 | ||
| 2005 | PROTOCOL-RPC portmap kcms_server request UDP (more info ...) | rpc-portmap-decode | 2003-0027 | 6665 | URL | |
| 2006 | PROTOCOL-RPC portmap kcms_server request TCP (more info ...) | rpc-portmap-decode | 2003-0027 | 6665 | URL | |
| 2007 | PROTOCOL-RPC kcms_server directory traversal attempt (more info ...) | misc-attack | 2003-0027 | 6665 | URL | |
| 2014 | PROTOCOL-RPC portmap UNSET attempt TCP 111 (more info ...) | rpc-portmap-decode | 1892 | |||
| 2015 | PROTOCOL-RPC portmap UNSET attempt UDP 111 (more info ...) | rpc-portmap-decode | 2011-0321 | 1892 | ||
| 2016 | PROTOCOL-RPC portmap status request TCP (more info ...) | rpc-portmap-decode | ||||
| 2017 | PROTOCOL-RPC portmap espd request UDP (more info ...) | rpc-portmap-decode | 2001-0331 | 2714 | ||
| 2018 | PROTOCOL-RPC mountd TCP dump request (more info ...) | attempted-recon | ||||
| 2019 | PROTOCOL-RPC mountd UDP dump request (more info ...) | attempted-recon | ||||
| 2020 | PROTOCOL-RPC mountd TCP unmount request (more info ...) | attempted-recon | ||||
| 2021 | PROTOCOL-RPC mountd UDP unmount request (more info ...) | attempted-recon | ||||
| 2022 | PROTOCOL-RPC mountd TCP unmountall request (more info ...) | attempted-recon | ||||
| 2023 | PROTOCOL-RPC mountd UDP unmountall request (more info ...) | attempted-recon | ||||
| 2024 | PROTOCOL-RPC RQUOTA getquota overflow attempt TCP (more info ...) | misc-attack | 1999-0974 | 864 | ||
| 2025 | PROTOCOL-RPC yppasswd username overflow attempt UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | 10684 | |
| 2026 | PROTOCOL-RPC yppasswd username overflow attempt TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | 10684 | |
| 2031 | PROTOCOL-RPC yppasswd user update UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2032 | PROTOCOL-RPC yppasswd user update TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2033 | PROTOCOL-RPC ypserv maplist request UDP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | 13976 | |
| 2034 | PROTOCOL-RPC ypserv maplist request TCP (more info ...) | rpc-portmap-decode | 2002-1232 | 6016 | ||
| 2035 | PROTOCOL-RPC portmap network-status-monitor request UDP (more info ...) | rpc-portmap-decode | ||||
| 2036 | PROTOCOL-RPC portmap network-status-monitor request TCP (more info ...) | rpc-portmap-decode | ||||
| 2037 | PROTOCOL-RPC network-status-monitor mon-callback request UDP (more info ...) | rpc-portmap-decode | ||||
| 2038 | PROTOCOL-RPC network-status-monitor mon-callback request TCP (more info ...) | rpc-portmap-decode | ||||
| 2079 | PROTOCOL-RPC portmap nlockmgr request UDP (more info ...) | rpc-portmap-decode | 2000-0508 | 1372 | 10220 | |
| 2080 | PROTOCOL-RPC portmap nlockmgr request TCP (more info ...) | rpc-portmap-decode | 2000-0508 | 1372 | 10220 | |
| 2081 | PROTOCOL-RPC portmap rpc.xfsmd request UDP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2082 | PROTOCOL-RPC portmap rpc.xfsmd request TCP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2083 | PROTOCOL-RPC rpc.xfsmd xfs_export attempt UDP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2084 | PROTOCOL-RPC rpc.xfsmd xfs_export attempt TCP (more info ...) | rpc-portmap-decode | 2002-0359 | 5075 | ||
| 2092 | PROTOCOL-RPC portmap proxy integer overflow attempt UDP (more info ...) | rpc-portmap-decode | 2003-0028 | 7123 | 11420 | |
| 2093 | PROTOCOL-RPC portmap proxy integer overflow attempt TCP (more info ...) | rpc-portmap-decode | 2003-0028 | 7123 | 11420 | |
| 2094 | PROTOCOL-RPC CMSD UDP CMSD_CREATE array buffer overflow attempt (more info ...) | attempted-admin | 2009-3699 | 5356 | 11418 | |
| 2095 | PROTOCOL-RPC CMSD TCP CMSD_CREATE array buffer overflow attempt (more info ...) | attempted-admin | 2002-0391 | 5356 | 11418 | |
| 2101 | OS-WINDOWS Microsoft Windows SMB Trans Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 2123 | INDICATOR-COMPROMISE Microsoft cmd.exe banner (more info ...) | successful-admin | 11633 | |||
| 2126 | OS-WINDOWS Microsoft Windows PPTP Start Control Request buffer overflow attempt (more info ...) | attempted-admin | 2002-1214 | 5807 | 11178 | URL |
| 2176 | OS-WINDOWS Microsoft Windows SMB startup folder access (more info ...) | attempted-recon | URL | |||
| 2177 | OS-WINDOWS Microsoft Windows SMB startup folder unicode access (more info ...) | attempted-recon | URL | |||
| 2184 | PROTOCOL-RPC mountd TCP mount path overflow attempt (more info ...) | misc-attack | 2003-0252 | 8179 | 11800 | |
| 2190 | NETBIOS DCERPC invalid bind attempt (more info ...) | attempted-dos | ||||
| 2191 | NETBIOS SMB DCERPC invalid bind attempt (more info ...) | attempted-dos | ||||
| 2252 | OS-WINDOWS Microsoft Windows SMB-DS DCERPC Remote Activation bind attempt (more info ...) | attempted-admin | 2003-0715 | 8458 | 11835 | URL |
| 2255 | PROTOCOL-RPC sadmind query with root credentials attempt TCP (more info ...) | misc-attack | ||||
| 2256 | PROTOCOL-RPC sadmind query with root credentials attempt UDP (more info ...) | misc-attack | ||||
| 2257 | OS-WINDOWS DCERPC Messenger Service buffer overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | 11890 | URL |
| 2258 | OS-WINDOWS Microsoft Windows SMB-DS DCERPC Messenger Service buffer overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | 11890 | URL |
| 2382 | OS-WINDOWS Microsoft Windows SMB Session Setup NTLMSSP asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 2383 | OS-WINDOWS Microsoft Windows SMB-DS Session Setup NTLMSSP asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 2401 | NETBIOS SMB Session Setup andx username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 2402 | NETBIOS SMB-DS Session Setup andx username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 2403 | NETBIOS SMB Session Setup unicode username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 2404 | NETBIOS SMB-DS Session Setup unicode andx username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 2436 | FILE-IDENTIFY Microsoft Windows Audio wmf file download request (more info ...) | misc-activity | URL | |||
| 2474 | NETBIOS SMB-DS ADMIN$ share access (more info ...) | protocol-command-decode | ||||
| 2485 | BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX clsid access (more info ...) | attempted-user | 2004-0363 | 9916 | ||
| 2508 | OS-WINDOWS DCERPC NCACN-IP-TCP lsass DsRolerUpgradeDownlevelServer overflow attempt (more info ...) | attempted-admin | 2003-0533 | 10108 | 12205 | URL |
| 2511 | OS-WINDOWS DCERPC NCADG-IP-UDP lsass DsRolerUpgradeDownlevelServer overflow attempt (more info ...) | attempted-admin | 2003-0533 | 10108 | 12205 | URL |
| 2563 | NETBIOS NS lookup response name overflow attempt (more info ...) | attempted-admin | 2004-0444 | 10333 | URL | |
| 2564 | NETBIOS NS lookup short response attempt (more info ...) | attempted-admin | 2004-0444 | 10335 | URL | |
| 2705 | FILE-IMAGE Microsoft Multiple Products JPEG parser heap overflow attempt (more info ...) | attempted-user | 2004-0200 | 11173 | URL | |
| 2936 | OS-WINDOWS DCERPC NCACN-IP-TCP nddeapi NDdeSetTrustedShareW overflow attempt (more info ...) | attempted-admin | 2004-0206 | 11372 | URL | |
| 2942 | NETBIOS DCERPC NCACN-IP-TCP winreg InitiateSystemShutdown attempt (more info ...) | protocol-command-decode | URL | |||
| 3001 | OS-WINDOWS Microsoft Windows SMB Session Setup NTLMSSP andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3002 | OS-WINDOWS Microsoft Windows SMB Session Setup NTLMSSP unicode andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3004 | OS-WINDOWS Microsoft Windows SMB-DS Session Setup NTLMSSP andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3005 | OS-WINDOWS Microsoft Windows SMB-DS Session Setup NTLMSSP unicode andx asn1 overflow attempt (more info ...) | protocol-command-decode | 2003-0818 | 9635 | 12065 | URL |
| 3017 | OS-WINDOWS Microsoft Windows WINS overflow attempt (more info ...) | misc-attack | 2004-1080 | 11763 | URL | |
| 3020 | NETBIOS SMB NT Trans NT CREATE unicode oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3022 | NETBIOS SMB-DS NT Trans NT CREATE oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3024 | NETBIOS SMB-DS NT Trans NT CREATE unicode oversized Security Descriptor attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3026 | NETBIOS SMB NT Trans NT CREATE SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3027 | NETBIOS SMB NT Trans NT CREATE andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3028 | NETBIOS SMB NT Trans NT CREATE unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3030 | NETBIOS SMB-DS NT Trans NT CREATE SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3031 | NETBIOS SMB-DS NT Trans NT CREATE andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3032 | NETBIOS SMB-DS NT Trans NT CREATE unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3034 | NETBIOS SMB NT Trans NT CREATE DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3035 | NETBIOS SMB NT Trans NT CREATE andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3036 | NETBIOS SMB NT Trans NT CREATE unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3038 | NETBIOS SMB-DS NT Trans NT CREATE DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3039 | NETBIOS SMB-DS NT Trans NT CREATE andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3040 | NETBIOS SMB-DS NT Trans NT CREATE unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3041 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 3042 | NETBIOS SMB NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3043 | NETBIOS SMB NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3044 | NETBIOS SMB NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3045 | NETBIOS SMB NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3046 | NETBIOS SMB-DS NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3047 | NETBIOS SMB-DS NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3048 | NETBIOS SMB-DS NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3049 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3050 | NETBIOS SMB NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3051 | NETBIOS SMB NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3052 | NETBIOS SMB NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3053 | NETBIOS SMB NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3054 | NETBIOS SMB-DS NT Trans NT CREATE invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3055 | NETBIOS SMB-DS NT Trans NT CREATE andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3056 | NETBIOS SMB-DS NT Trans NT CREATE unicode invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3057 | NETBIOS SMB-DS NT Trans NT CREATE unicode andx invalid SACL ace size dos attempt (more info ...) | protocol-command-decode | ||||
| 3132 | FILE-IMAGE Microsoft and libpng multiple products PNG large image width overflow attempt (more info ...) | attempted-user | 2007-5503 | 11523 | URL | |
| 3133 | FILE-IMAGE Microsoft Multiple Products PNG large image height download attempt (more info ...) | attempted-user | 2007-5503 | 11523 | URL | |
| 3134 | FILE-IMAGE Microsoft PNG large colour depth download attempt (more info ...) | attempted-user | 2004-1244 | 11523 | URL | |
| 3135 | NETBIOS SMB Trans2 QUERY_FILE_INFO attempt (more info ...) | protocol-command-decode | ||||
| 3137 | NETBIOS SMB-DS Trans2 QUERY_FILE_INFO attempt (more info ...) | protocol-command-decode | ||||
| 3139 | NETBIOS SMB Trans2 FIND_FIRST2 attempt (more info ...) | protocol-command-decode | ||||
| 3141 | NETBIOS SMB-DS Trans2 FIND_FIRST2 attempt (more info ...) | protocol-command-decode | ||||
| 3143 | OS-WINDOWS Microsoft Windows SMB Trans2 FIND_FIRST2 command response overflow attempt (more info ...) | protocol-command-decode | 2005-0045 | 12484 | URL | |
| 3144 | OS-WINDOWS Microsoft Windows SMB Trans2 FIND_FIRST2 response andx overflow attempt (more info ...) | protocol-command-decode | 2005-0045 | 12484 | URL | |
| 3146 | OS-WINDOWS Microsoft Windows SMB-DS Trans2 FIND_FIRST2 response andx overflow attempt (more info ...) | protocol-command-decode | 2005-0045 | 12484 | URL | |
| 3158 | OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator CoGetInstanceFromFile attempt (more info ...) | protocol-command-decode | 2003-0715 | URL | ||
| 3159 | OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator CoGetInstanceFromFile attempt (more info ...) | protocol-command-decode | 2003-0715 | URL | ||
| 3238 | OS-WINDOWS DCERPC NCACN-IP-TCP irot IrotIsRunning/Revoke overflow attempt (more info ...) | attempted-admin | 2002-1561 | 6005 | URL | |
| 3239 | OS-WINDOWS DCERPC NCADG-IP-UDP irot IrotIsRunning/Revoke overflow attempt (more info ...) | attempted-admin | 2002-1561 | 6005 | URL | |
| 3397 | OS-WINDOWS DCERPC NCACN-IP-TCP ISystemActivator RemoteCreateInstance attempt (more info ...) | protocol-command-decode | 2003-0715 | 8205 | URL | |
| 3398 | OS-WINDOWS DCERPC NCADG-IP-UDP ISystemActivator RemoteCreateInstance attempt (more info ...) | protocol-command-decode | 2003-0715 | 8205 | URL | |
| 3409 | OS-WINDOWS DCERPC NCACN-IP-TCP IActivation remoteactivation overflow attempt (more info ...) | attempted-admin | 2003-0715 | 8205 | URL | |
| 3552 | OS-WINDOWS Microsoft Windows OLE32 MSHTA masquerade attempt (more info ...) | attempted-user | 2005-0063 | 13132 | URL | |
| 3639 | NETBIOS SMB Trans andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3640 | NETBIOS SMB Trans data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3641 | NETBIOS SMB Trans unicode data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3642 | NETBIOS SMB Trans unicode andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3643 | NETBIOS SMB-DS Trans andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3644 | NETBIOS SMB-DS Trans data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3645 | NETBIOS SMB-DS Trans unicode data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3646 | NETBIOS SMB-DS Trans unicode andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3647 | NETBIOS SMB Trans andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3648 | NETBIOS SMB Trans data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3649 | NETBIOS SMB Trans unicode data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3650 | NETBIOS SMB Trans unicode andx data displacement null pointer DOS attempt (more info ...) | protocol-command-decode | 2005-1470 | 13504 | URL | |
| 3673 | OS-WINDOWS Microsoft SMS remote control client DoS overly long length attempt (more info ...) | attempted-user | 2004-0728 | 10726 | ||
| 3820 | FILE-IDENTIFY Microsoft Windows CHM file magic detected (more info ...) | attempted-user | 2005-1208 | 13953 | 18482 | URL |
| 4145 | BROWSER-PLUGINS Microsoft Windows Trouble Shooter ActiveX object access (more info ...) | attempted-user | 2003-0662 | 8833 | URL | |
| 4146 | BROWSER-PLUGINS Share Point Portal Services Log Sink ActiveX object access (more info ...) | attempted-user | 14515 | URL | ||
| 4151 | BROWSER-PLUGINS System Monitor Source Properties ActiveX object access (more info ...) | attempted-user | 7384 | |||
| 4153 | BROWSER-PLUGINS Microsoft Windows Eyedog ActiveX object access (more info ...) | attempted-user | 1999-0669 | 619 | URL | |
| 4157 | BROWSER-PLUGINS MSN Setup BBS 4.71.0.10 ActiveX object access (more info ...) | attempted-user | 1999-1484 | 668 | ||
| 4159 | BROWSER-PLUGINS Multimedia File Property Sheet ActiveX object access (more info ...) | attempted-user | 2002-1984 | 5094 | ||
| 4160 | BROWSER-PLUGINS Microsoft Windows Reporting Tool ActiveX object access (more info ...) | attempted-user | 2003-0530 | 8454 | URL | |
| 4161 | BROWSER-PLUGINS DigWebX MSN ActiveX object access (more info ...) | attempted-user | 13946 | URL | ||
| 4162 | BROWSER-PLUGINS DigWebX MSN ActiveX object access (more info ...) | attempted-user | 13946 | URL | ||
| 4163 | BROWSER-PLUGINS DigWebX MSN ActiveX object access (more info ...) | attempted-user | 13946 | URL | ||
| 4164 | BROWSER-PLUGINS DigWebX MSN ActiveX object access (more info ...) | attempted-user | 13946 | URL | ||
| 4167 | BROWSER-PLUGINS MSN Heartbeat ActiveX clsid access (more info ...) | attempted-user | 2004-0978 | 11367 | URL | |
| 4168 | BROWSER-PLUGINS Shell Automation Service ActiveX object access (more info ...) | attempted-user | 2004-2291 | 9335 | ||
| 4172 | BROWSER-PLUGINS Microsoft Windows Agent v1.5 ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 4173 | BROWSER-PLUGINS Microsoft Windows MsnPUpld ActiveX object access (more info ...) | attempted-user | URL | |||
| 4174 | BROWSER-PLUGINS Symantec RuFSI registry Information Class ActiveX object access (more info ...) | attempted-user | 2003-0470 | 8008 | URL | |
| 4179 | BROWSER-PLUGINS Microsoft Windows DirectX Files Viewer ActiveX object access (more info ...) | attempted-user | 2002-0975 | 5489 | URL | |
| 4180 | BROWSER-PLUGINS Kodak Image Scan Control ActiveX object access (more info ...) | attempted-user | URL | |||
| 4181 | BROWSER-PLUGINS Microsoft Windows Smartcard Enrollment ActiveX object access (more info ...) | attempted-user | 2002-0699 | URL | ||
| 4182 | BROWSER-PLUGINS Microsoft MSN Chat v4.5, 4.6 ActiveX object access (more info ...) | attempted-user | 2002-0155 | 4707 | URL | |
| 4183 | BROWSER-PLUGINS Microsoft Windows HTML Help ActiveX object access (more info ...) | attempted-user | 2005-1208 | 13953 | URL | |
| 4184 | BROWSER-PLUGINS Microsoft Windows Certificate Enrollment ActiveX object access (more info ...) | attempted-user | 2002-0699 | 5593 | URL | |
| 4185 | BROWSER-PLUGINS Microsoft Windows Terminal Services Advanced Client ActiveX object access (more info ...) | attempted-user | 2002-0726 | 5554 | URL | |
| 4186 | BROWSER-PLUGINS Kodak Image Editing ActiveX object access (more info ...) | attempted-user | URL | |||
| 4187 | BROWSER-PLUGINS Microsoft Windows Terminal Services Advanced Client ActiveX object access (more info ...) | attempted-user | 2002-0726 | 5554 | URL | |
| 4190 | BROWSER-PLUGINS Kodak Thumbnail Image ActiveX object access (more info ...) | attempted-user | URL | |||
| 4191 | BROWSER-PLUGINS Microsoft Windows MsnPUpld ActiveX object access (more info ...) | attempted-user | URL | |||
| 4193 | BROWSER-PLUGINS Kodak Image Editing ActiveX object access (more info ...) | attempted-user | URL | |||
| 4197 | BROWSER-PLUGINS DigWebX MSN ActiveX object access (more info ...) | attempted-user | 13946 | URL | ||
| 4202 | BROWSER-PLUGINS Microsoft Windows DirectAnimation ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4219 | BROWSER-PLUGINS Microsoft Windows Network Connections Tray ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4220 | BROWSER-PLUGINS Microsoft Windows Network and Dial-Up Connections ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4228 | BROWSER-PLUGINS Microsoft Windows Start Menu ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4245 | OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW overflow attempt (more info ...) | attempted-admin | 2005-2119 | 15056 | URL | |
| 4246 | OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW overflow attempt (more info ...) | attempted-admin | 2005-2119 | 15056 | URL | |
| 4334 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 4358 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 4413 | OS-WINDOWS DCERPC NCACN-IP-TCP spoolss AddPrinterEx overflow attempt (more info ...) | attempted-admin | 2005-1984 | 14514 | URL | |
| 4608 | OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs function 43 overflow attempt (more info ...) | attempted-admin | 2005-1985 | 15066 | URL | |
| 4643 | OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (more info ...) | attempted-user | 2005-2122 | 15070 | URL | |
| 4644 | OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (more info ...) | attempted-user | 2005-2122 | 15070 | URL | |
| 4651 | NETBIOS SMB NT Trans NT SET SECURITY DESC SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4652 | NETBIOS SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4653 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4654 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4655 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4656 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4657 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4658 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4659 | NETBIOS SMB NT Trans NT SET SECURITY DESC SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4660 | NETBIOS SMB NT Trans NT SET SECURITY DESC andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4661 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4662 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode andx SACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4663 | NETBIOS SMB NT Trans NT SET SECURITY DESC DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4664 | NETBIOS SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4665 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4666 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4667 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4668 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4669 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4670 | NETBIOS SMB-DS NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4671 | NETBIOS SMB NT Trans NT SET SECURITY DESC DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4672 | NETBIOS SMB NT Trans NT SET SECURITY DESC andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4673 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4674 | NETBIOS SMB NT Trans NT SET SECURITY DESC unicode andx DACL overflow attempt (more info ...) | protocol-command-decode | 2004-1154 | |||
| 4754 | OS-WINDOWS DCERPC NCACN-IP-TCP locator nsi_binding_lookup_begin overflow attempt (more info ...) | attempted-admin | 2003-0003 | 6666 | URL | |
| 4755 | OS-WINDOWS DCERPC NCADG-IP-UDP locator nsi_binding_lookup_begin overflow attempt (more info ...) | attempted-admin | 2003-0003 | 6666 | URL | |
| 4826 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetRootDeviceInstance attempt (more info ...) | protocol-command-decode | 2005-3644 | 15460 | URL | |
| 5096 | OS-WINDOWS DCERPC NCADG-IP-UDP lsass DsRolerGetPrimaryDomainInformation attempt (more info ...) | protocol-command-decode | 2003-0533 | 10108 | 12205 | URL |
| 5319 | OS-WINDOWS Microsoft Windows picture and fax viewer wmf arbitrary code execution attempt (more info ...) | web-application-attack | 2005-4560 | 16074 | URL | |
| 5677 | NETBIOS SMB Session Setup username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5678 | NETBIOS SMB-DS Session Setup username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5679 | NETBIOS SMB-DS Session Setup unicode username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5680 | NETBIOS SMB Session Setup username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5681 | NETBIOS SMB Session Setup unicode username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5682 | NETBIOS SMB Session Setup unicode andx username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5683 | NETBIOS SMB Session Setup andx username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5684 | NETBIOS SMB Session Setup unicode andx username overflow attempt (more info ...) | protocol-command-decode | 2004-0193 | 9752 | URL | |
| 5713 | OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (more info ...) | attempted-admin | 2006-0020 | 16516 | URL | |
| 5717 | OS-WINDOWS Microsoft Windows SMB-DS Trans Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5719 | OS-WINDOWS Microsoft Windows SMB Trans Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5720 | OS-WINDOWS Microsoft Windows SMB Trans unicode Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5721 | OS-WINDOWS Microsoft Windows SMB Trans andx Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5722 | OS-WINDOWS Microsoft Windows SMB Trans unicode andx Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5723 | OS-WINDOWS Microsoft Windows SMB-DS Trans andx Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5724 | OS-WINDOWS Microsoft Windows SMB-DS Trans unicode andx Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5725 | OS-WINDOWS Microsoft Windows SMB Trans andx Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5726 | OS-WINDOWS Microsoft Windows SMB Trans unicode andx Max Param/Count OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2002-0724 | 5556 | 11110 | URL |
| 5727 | OS-WINDOWS Microsoft Windows SMB Trans unicode Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5728 | OS-WINDOWS Microsoft Windows SMB Trans Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5729 | OS-WINDOWS Microsoft Windows SMB Trans Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5730 | OS-WINDOWS Microsoft Windows SMB-DS Trans Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5731 | OS-WINDOWS Microsoft Windows SMB-DS Trans unicode Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5732 | OS-WINDOWS Microsoft Windows SMB Trans unicode Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5733 | OS-WINDOWS Microsoft Windows SMB Trans unicode andx Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5734 | OS-WINDOWS Microsoft Windows SMB Trans andx Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5735 | OS-WINDOWS Microsoft Windows SMB Trans andx Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5736 | OS-WINDOWS Microsoft Windows SMB-DS Trans andx Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5737 | OS-WINDOWS Microsoft Windows SMB-DS Trans unicode andx Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5738 | OS-WINDOWS Microsoft Windows SMB Trans unicode andx Max Param OS-WINDOWS attempt (more info ...) | protocol-command-decode | 2005-1206 | 13942 | 18483 | URL |
| 5740 | FILE-IDENTIFY Microsoft Windows HTML help workshop file download request (more info ...) | misc-activity | URL | |||
| 5741 | FILE-OTHER Microsoft HTML help workshop buffer overflow attempt (more info ...) | attempted-user | 2009-0133 | URL | ||
| 6008 | BROWSER-PLUGINS Microsoft DT DDS OrgChart GDD Route ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6009 | BROWSER-PLUGINS Microsoft Windows RDS.Dataspace ActiveX object access (more info ...) | attempted-user | 2006-0003 | 17462 | URL | |
| 6412 | SERVER-MAIL Microsoft Windows Address Book attachment detected (more info ...) | misc-activity | 2006-2386 | 17459 | URL | |
| 6413 | SERVER-MAIL Microsoft Windows Address Book Base64 encoded attachment detected (more info ...) | misc-activity | 2006-2386 | 17459 | URL | |
| 6419 | OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW invalid uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6420 | OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6431 | OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW heap overflow attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6432 | OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW invalid second uuid size attempt (more info ...) | attempted-admin | 2006-1184 | 17905 | URL | |
| 6443 | OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContextW heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6444 | OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContextW heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6455 | OS-WINDOWS DCERPC NCACN-IP-TCP msdtc BuildContext heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6456 | OS-WINDOWS DCERPC NCADG-IP-UDP msdtc BuildContext heap overflow attempt (more info ...) | attempted-admin | 2006-0034 | 17906 | URL | |
| 6584 | OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSubmitRequest overflow attempt (more info ...) | attempted-admin | 2006-2370 | 18325 | URL | |
| 6714 | OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences phonebook mode overflow attempt (more info ...) | attempted-admin | 2006-2371 | 18358 | URL | |
| 6810 | OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences area/country overflow attempt (more info ...) | attempted-admin | 2006-2371 | 18358 | URL | |
| 6906 | OS-WINDOWS DCERPC NCACN-IP-TCP rras RasRpcSetUserPreferences callback number overflow attempt (more info ...) | attempted-admin | 2006-2371 | 18358 | URL | |
| 7003 | BROWSER-PLUGINS ADODB.Recordset ActiveX function call access (more info ...) | attempted-user | 2006-5559 | 20704 | ||
| 7006 | BROWSER-PLUGINS ASControls.InstallEngineCtl ActiveX function call access (more info ...) | attempted-user | ||||
| 7008 | BROWSER-PLUGINS DirectAnimation.DAUserData ActiveX function call access (more info ...) | attempted-user | ||||
| 7009 | BROWSER-PLUGINS Microsoft Windows DirectAnimation.StructuredGraphicsControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 7010 | BROWSER-PLUGINS HtmlDlgSafeHelper.HtmlDlgSafeHelper.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 7011 | BROWSER-PLUGINS HtmlDlgSafeHelper.HtmlDlgSafeHelper ActiveX function call access (more info ...) | attempted-user | ||||
| 7012 | BROWSER-PLUGINS Internet.PopupMenu.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 7013 | BROWSER-PLUGINS Microsoft.ISCatAdm ActiveX function call access (more info ...) | attempted-user | 2006-4495 | URL | ||
| 7018 | BROWSER-PLUGINS Sysmon ActiveX function call access (more info ...) | attempted-user | ||||
| 7022 | OS-WINDOWS Microsoft Windows Explorer invalid url file overflow attempt (more info ...) | denial-of-service | 2006-3351 | 18838 | ||
| 7035 | OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7036 | OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7037 | OS-WINDOWS Microsoft Windows SMB Trans mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7038 | OS-WINDOWS Microsoft Windows SMB Trans unicode mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7039 | OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7041 | OS-WINDOWS Microsoft Windows SMB Trans andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7042 | OS-WINDOWS Microsoft Windows SMB Trans unicode andx mailslot heap overflow attempt (more info ...) | protocol-command-decode | 2006-3942 | 18864 | URL | |
| 7210 | OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrPathCanonicalize overflow attempt (more info ...) | attempted-admin | 2006-3439 | 19409 | URL | |
| 7422 | OS-WINDOWS Microsoft Windows MMC mmcndmgr.dll cross site scripting attempt (more info ...) | attempted-user | 2006-3643 | 19417 | URL | |
| 7423 | OS-WINDOWS Microsoft Windows MMC mmc.exe cross site scripting attempt (more info ...) | attempted-user | 2006-3643 | 19417 | URL | |
| 7424 | OS-WINDOWS Microsoft Windows MMC createcab.cmd cross site scripting attempt (more info ...) | attempted-user | 2006-3643 | 19417 | URL | |
| 7502 | BROWSER-PLUGINS tsuserex.ADsTSUserEx.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4219 | 19570 | URL | |
| 7856 | MALWARE-OTHER Trackware winsysba-a runtime detection - track surfing activity (more info ...) | successful-recon-limited | URL | |||
| 7862 | BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsAppExpired ActiveX function call access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7863 | BROWSER-PLUGINS Mcafee Security Center McSubMgr.IsOldAppInstalled ActiveX function call access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7864 | BROWSER-PLUGINS McSubMgr ActiveX CLSID access (more info ...) | attempted-user | 2006-3961 | 19265 | ||
| 7866 | BROWSER-PLUGINS ADODB.Connection ActiveX clsid access (more info ...) | attempted-user | 2006-5559 | URL | ||
| 7868 | BROWSER-PLUGINS ADODB.Recordset ActiveX clsid access (more info ...) | attempted-user | 2006-5559 | 20704 | ||
| 7878 | BROWSER-PLUGINS AxMetaStream.MetaStreamCtl ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7880 | BROWSER-PLUGINS AxMetaStream.MetaStreamCtlSecondary ActiveX clsid access (more info ...) | attempted-user | ||||
| 7882 | BROWSER-PLUGINS AccSync.AccSubNotHandler ActiveX clsid access (more info ...) | attempted-user | ||||
| 7884 | BROWSER-PLUGINS AolCalSvr.ACCalendarListCtrl ActiveX clsid access (more info ...) | attempted-user | ||||
| 7886 | BROWSER-PLUGINS AolCalSvr.ACDictionary ActiveX clsid access (more info ...) | attempted-user | ||||
| 7890 | BROWSER-PLUGINS AOL.MemExpWz ActiveX clsid access (more info ...) | attempted-user | ||||
| 7892 | BROWSER-PLUGINS AOL Phobos Class ActiveX clsid access (more info ...) | attempted-user | ||||
| 7894 | BROWSER-PLUGINS AOL.PicDownloadCtrl ActiveX clsid access (more info ...) | attempted-user | ||||
| 7896 | BROWSER-PLUGINS AOL.PicEditCtrl ActiveX clsid access (more info ...) | attempted-user | 2007-6699 | |||
| 7898 | BROWSER-PLUGINS AOL.PicSsvrCtrl ActiveX clsid access (more info ...) | attempted-user | ||||
| 7900 | BROWSER-PLUGINS AOL.UPFCtrl ActiveX clsid access (more info ...) | attempted-user | ||||
| 7902 | BROWSER-PLUGINS CDDBControlAOL.CDDBAOLControl ActiveX clsid access (more info ...) | attempted-user | 2006-3134 | 23567 | URL | |
| 7906 | BROWSER-PLUGINS CDO.KnowledgeSearchFolder ActiveX clsid access (more info ...) | attempted-user | ||||
| 7908 | BROWSER-PLUGINS DXImageTransform.Microsoft.Chroma ActiveX clsid access (more info ...) | attempted-user | 24188 | URL | ||
| 7910 | BROWSER-PLUGINS DXImageTransform.Microsoft.DropShadow ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7912 | BROWSER-PLUGINS DX3DTransform.Microsoft.Shapes ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7914 | BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | 19340 | URL | |
| 7916 | BROWSER-PLUGINS CLSID_IMimeInternational ActiveX clsid access (more info ...) | attempted-user | ||||
| 7918 | BROWSER-PLUGINS CoAxTrackVideo Class ActiveX clsid access (more info ...) | attempted-user | ||||
| 7920 | BROWSER-PLUGINS DsPropertyPages.OU ActiveX clsid access (more info ...) | attempted-user | ||||
| 7922 | BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7924 | BROWSER-PLUGINS DXImageTransform.Microsoft.Shadow ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7926 | BROWSER-PLUGINS DXTFilter ActiveX clsid access (more info ...) | attempted-user | ||||
| 7930 | BROWSER-PLUGINS FolderItem2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7932 | BROWSER-PLUGINS FolderItems3 ActiveX clsid access (more info ...) | attempted-user | ||||
| 7936 | BROWSER-PLUGINS DXImageTransform.Microsoft.Glow ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7940 | BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7946 | BROWSER-PLUGINS DXImageTransform.Microsoft.MaskFilter ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7948 | BROWSER-PLUGINS Microsoft Common Browser Architecture ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7950 | BROWSER-PLUGINS Microsoft DirectAnimation Control ActiveX clsid access (more info ...) | attempted-user | ||||
| 7952 | BROWSER-PLUGINS Microsoft DirectAnimation Windowed Control ActiveX clsid access (more info ...) | attempted-user | ||||
| 7954 | BROWSER-PLUGINS Microsoft Forms 2.0 ComboBox ActiveX clsid access (more info ...) | attempted-user | 1999-0384 | URL | ||
| 7956 | BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 7974 | BROWSER-PLUGINS Rendezvous Class ActiveX clsid access (more info ...) | attempted-user | ||||
| 7981 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 7983 | BROWSER-PLUGINS SuperBuddy Class ActiveX clsid access (more info ...) | attempted-user | ||||
| 7987 | BROWSER-PLUGINS WebViewFolderIcon.WebViewFolderIcon.2 ActiveX clsid access (more info ...) | attempted-user | ||||
| 8025 | BROWSER-PLUGINS Microsoft HTML Window Security Proxy ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8027 | BROWSER-PLUGINS Microsoft WBEM Event Subsystem ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8055 | BROWSER-PLUGINS DirectAnimation.PathControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | 19738 | ||
| 8066 | BROWSER-PLUGINS Microsoft Windows Scripting Host Shell ActiveX clsid access (more info ...) | attempted-user | 2003-0532 | 8456 | URL | |
| 8068 | BROWSER-PLUGINS Microsoft Windows Scripting Host Shell ActiveX function call access (more info ...) | attempted-user | 2017-11774 | 17462 | URL | |
| 8069 | BROWSER-PLUGINS Microsoft Virtual Machine ActiveX clsid access (more info ...) | attempted-user | 2000-1061 | 1754 | URL | |
| 8082 | OS-WINDOWS Microsoft Windows UPnP malformed advertisement (more info ...) | misc-attack | 2001-0877 | 3723 | 10829 | URL |
| 8083 | OS-WINDOWS Microsoft Windows UPnP Location overflow (more info ...) | misc-attack | 2001-0876 | 3723 | 10829 | URL |
| 8157 | OS-WINDOWS DCERPC NCACN-IP-TCP webdav DavrCreateConnection hostname overflow attempt (more info ...) | attempted-admin | 2006-0013 | 16636 | URL | |
| 8253 | OS-WINDOWS DCERPC NCACN-IP-TCP webdav DavrCreateConnection username overflow attempt (more info ...) | attempted-admin | 2006-0013 | 16636 | URL | |
| 8363 | BROWSER-PLUGINS Business Object Factory ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8365 | BROWSER-PLUGINS DExplore.AppObj.8.0 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8367 | BROWSER-PLUGINS Microsoft.DbgClr.DTE.8.0 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8373 | BROWSER-PLUGINS VsmIDE.DTE ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8379 | BROWSER-PLUGINS Xml2Dex ActiveX clsid access (more info ...) | attempted-user | ||||
| 8391 | BROWSER-PLUGINS RFXInstMgr Class ActiveX clsid access (more info ...) | attempted-user | ||||
| 8393 | BROWSER-PLUGINS WebDetectFrm ActiveX clsid access (more info ...) | attempted-user | ||||
| 8395 | BROWSER-PLUGINS DX3DTransform.Microsoft.CrShatter ActiveX clsid access (more info ...) | attempted-user | ||||
| 8399 | BROWSER-PLUGINS Microsoft.WebCapture ActiveX clsid access (more info ...) | attempted-user | ||||
| 8403 | BROWSER-PLUGINS XML Schema Cache 6.0 ActiveX clsid access (more info ...) | attempted-user | ||||
| 8407 | BROWSER-PLUGINS VisualExec Control ActiveX clsid access (more info ...) | attempted-user | ||||
| 8411 | BROWSER-PLUGINS DocFind Command ActiveX clsid access (more info ...) | attempted-user | ||||
| 8416 | OS-WINDOWS Microsoft Windows Vector Markup Language fill method overflow attempt (more info ...) | attempted-user | 2006-4868 | 20096 | URL | |
| 8417 | BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX function call access (more info ...) | attempted-user | 2006-3591 | 18946 | URL | |
| 8418 | BROWSER-PLUGINS DXImageTransform.Microsoft.RevealTrans ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8419 | BROWSER-PLUGINS Microsoft Windows Explorer WebViewFolderIcon.WebViewFolderIcon.1 ActiveX function call (more info ...) | attempted-user | 2006-3730 | 19030 | URL | |
| 8420 | BROWSER-PLUGINS DXImageTransform.Microsoft.Gradient ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8421 | BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8423 | BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX function call access (more info ...) | attempted-user | ||||
| 8424 | BROWSER-PLUGINS Microsoft Forms 2.0 ListBox ActiveX function call access (more info ...) | attempted-user | URL | |||
| 8425 | BROWSER-PLUGINS DXImageTransform.Microsoft.NDFXArtEffects ActiveX function call access (more info ...) | attempted-user | 2006-3638 | 19340 | URL | |
| 8449 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8450 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8451 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type unicode andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8452 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type unicode attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8453 | OS-WINDOWS Microsoft Windows SMB-DS Rename invalid buffer type andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8454 | OS-WINDOWS Microsoft Windows SMB-DS Rename invalid buffer type attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8455 | OS-WINDOWS Microsoft Windows SMB-DS Rename invalid buffer type unicode andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8456 | OS-WINDOWS Microsoft Windows SMB-DS Rename invalid buffer type unicode attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8457 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8458 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8459 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type unicode andx attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8460 | OS-WINDOWS Microsoft Windows SMB Rename invalid buffer type unicode attempt (more info ...) | attempted-dos | 2006-4696 | URL | ||
| 8709 | OS-WINDOWS Microsoft Windows NAT helper components tcp denial of service attempt (more info ...) | misc-attack | 2006-5614 | |||
| 8710 | OS-WINDOWS Microsoft Windows NAT helper components udp denial of service attempt (more info ...) | misc-attack | 2006-5614 | |||
| 8717 | BROWSER-PLUGINS VsaIDE.DTE ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8719 | BROWSER-PLUGINS VisualStudio.DTE.8.0 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8725 | BROWSER-PLUGINS Microsoft Windows System Monitor ActiveX clsid access (more info ...) | attempted-user | 2000-1034 | 1899 | URL | |
| 8735 | BROWSER-PLUGINS BOWebAgent.Webagent.1 ActiveX clsid access (more info ...) | attempted-user | ||||
| 8737 | BROWSER-PLUGINS BOWebAgent.Webagent.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 8846 | BROWSER-PLUGINS Microsoft Agent Character Custom Proxy Class ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8848 | BROWSER-PLUGINS Microsoft Agent Notify Sink Custom Proxy Class ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8850 | BROWSER-PLUGINS Microsoft Agent Custom Proxy Class ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8852 | BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX clsid access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8854 | BROWSER-PLUGINS Microsoft Agent v2.0 ActiveX function call access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8856 | BROWSER-PLUGINS Microsoft Agent v1.5 ActiveX function call access (more info ...) | attempted-user | 2007-1205 | URL | ||
| 8925 | OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrAddAlternateComputerName overflow attempt (more info ...) | attempted-admin | 2003-0812 | 9011 | 11921 | URL |
| 9129 | BROWSER-PLUGINS WinZip FileView 6.1 ActiveX clsid access (more info ...) | attempted-user | 2006-5198 | 21108 | URL | |
| 9131 | BROWSER-PLUGINS WinZip FileView 6.1 ActiveX function call access (more info ...) | attempted-user | 2006-5198 | 21108 | URL | |
| 9132 | OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwrOpenEnumNdsStubTrees_Any overflow attempt (more info ...) | attempted-admin | 2006-4689 | URL | ||
| 9228 | OS-WINDOWS DCERPC NCACN-IP-TCP netware_cs NwGetConnectionInformation overflow attempt (more info ...) | attempted-admin | 2006-4689 | URL | ||
| 9427 | BROWSER-PLUGINS Acer LunchApp.APlunch ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 9432 | OS-WINDOWS Microsoft Agent buffer overflow attempt (more info ...) | attempted-user | 2006-3445 | 21034 | URL | |
| 9433 | OS-WINDOWS Microsoft Agent buffer overflow attempt (more info ...) | attempted-user | 2006-3445 | 21034 | URL | |
| 9441 | NETBIOS DCERPC NCACN-IP-TCP brightstor QSIGetQueuePath overflow attempt (more info ...) | attempted-admin | 2006-5143 | 20365 | URL | |
| 9623 | PROTOCOL-RPC UNIX authentication machinename string overflow attempt TCP (more info ...) | attempted-user | 2006-5780 | 20941 | ||
| 9624 | PROTOCOL-RPC UNIX authentication machinename string overflow attempt UDP (more info ...) | attempted-user | 2006-5780 | 20941 | ||
| 9626 | BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access attempt (more info ...) | attempted-user | 2006-6236 | 21338 | URL | |
| 9629 | BROWSER-PLUGINS Citrix.ICAClient ActiveX clsid access (more info ...) | attempted-user | 2006-6334 | 23246 | URL | |
| 9631 | BROWSER-PLUGINS Citrix.ICAClient ActiveX function call access (more info ...) | attempted-user | 2006-6334 | 23246 | URL | |
| 9640 | BROWSER-PLUGINS Microsoft Windows ADODB.Connection ActiveX function call access (more info ...) | attempted-user | 2006-5559 | URL | ||
| 9772 | NETBIOS DCERPC NCACN-IP-TCP msqueue function 1 overflow attempt (more info ...) | attempted-admin | ||||
| 9773 | NETBIOS DCERPC NCADG-IP-UDP msqueue function 1 overflow attempt (more info ...) | attempted-admin | ||||
| 9793 | BROWSER-PLUGINS YMMAPI.YMailAttach ActiveX clsid access (more info ...) | attempted-user | 2006-6603 | 21607 | URL | |
| 9795 | BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX clsid access (more info ...) | attempted-user | 2006-5966 | 21132 | ||
| 9797 | BROWSER-PLUGINS Panda ActiveScan ActiveScan.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 9798 | BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX clsid access (more info ...) | attempted-user | 2006-5966 | 21132 | ||
| 9800 | BROWSER-PLUGINS Panda ActiveScan PAVPZ.SOS.1 ActiveX function call access (more info ...) | attempted-user | ||||
| 9812 | BROWSER-PLUGINS Yahoo Messenger YMMAPI.YMailAttach ActiveX function call access (more info ...) | attempted-user | 2006-6603 | 21607 | URL | |
| 9814 | BROWSER-PLUGINS ICQPhone.SipxPhoneManager ActiveX clsid access (more info ...) | attempted-user | 2006-5650 | 20930 | ||
| 9816 | BROWSER-PLUGINS ICQPhone.SipxPhoneManager ActiveX function call access (more info ...) | attempted-user | 2006-5650 | 20930 | ||
| 9817 | BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX clsid access (more info ...) | attempted-user | ||||
| 9820 | BROWSER-PLUGINS OWC11.DataSourceControl.11 ActiveX function call access (more info ...) | attempted-user | 2006-3729 | 19069 | URL | |
| 9821 | BROWSER-PLUGINS TriEditDocument.TriEditDocument ActiveX clsid access (more info ...) | attempted-user | 2006-3591 | 18946 | URL | |
| 9824 | BROWSER-PLUGINS Rediff Bol Downloader ActiveX clsid access (more info ...) | attempted-user | 2006-6838 | 21831 | ||
| 9826 | BROWSER-PLUGINS Rediff Bol Downloader ActiveX function call access (more info ...) | attempted-user | 2006-6838 | 21831 | ||
| 9848 | OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numfills parameter buffer overflow attempt (more info ...) | attempted-user | 2007-0024 | URL | ||
| 9849 | OS-WINDOWS Microsoft Windows Vector Markup Language recolorinfo tag numcolors parameter buffer overflow attempt (more info ...) | attempted-user | 2007-0024 | URL | ||
| 9914 | OS-WINDOWS DCERPC NCACN-IP-TCP tapisrv ClientRequest LSetAppPriority overflow attempt (more info ...) | attempted-admin | 2005-0058 | 14518 | URL | |
| 10013 | BROWSER-PLUGINS CCRP FolderTreeView ActiveX clsid access (more info ...) | attempted-user | 2007-0356 | 22092 | URL | |
| 10015 | BROWSER-PLUGINS Oracle ORADC ActiveX clsid access (more info ...) | attempted-user | 22026 | |||
| 10017 | BROWSER-PLUGINS Oracle ORADC ActiveX function call access (more info ...) | attempted-user | 22026 | |||
| 10024 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc ClientDBMiniAgentClose attempt (more info ...) | protocol-command-decode | 2007-0168 | 22010 | URL | |
| 10036 | NETBIOS DCERPC NCACN-IP-TCP brightstor ASRemotePFC overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | URL | |
| 10050 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc2 ASDBLoginToComputer overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | URL | |
| 10084 | BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access (more info ...) | attempted-user | 2007-0018 | 33469 | URL | |
| 10086 | BROWSER-PLUGINS NCTAudioFile2 ActiveX function call access (more info ...) | attempted-user | 2007-0018 | 33469 | URL | |
| 10115 | FILE-IMAGE Microsoft Windows WMF denial of service attempt (more info ...) | web-application-attack | 2006-4071 | 21992 | ||
| 10117 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc GetGCBHandleFromGroupName overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | ||
| 10128 | BROWSER-PLUGINS Aliplay ActiveX clsid access (more info ...) | attempted-user | 2007-0827 | 22446 | ||
| 10137 | BROWSER-PLUGINS Microsoft Input Method Editor ActiveX clsid access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10139 | BROWSER-PLUGINS Microsoft Input Method Editor ActiveX function call access (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10140 | BROWSER-PLUGINS Microsoft Input Method Editor 2 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4697 | URL | ||
| 10156 | BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX clsid access (more info ...) | attempted-user | 2007-0976 | 22558 | URL | |
| 10162 | BROWSER-PLUGINS BrowseDialog ActiveX clsid access (more info ...) | attempted-user | 2007-0371 | 22110 | ||
| 10170 | BROWSER-PLUGINS Verisign ConfigCHK ActiveX clsid access (more info ...) | attempted-user | 2007-1083 | 22676 | ||
| 10176 | BROWSER-PLUGINS Microsoft Windows Shell User Enumeration Object ActiveX clsid access (more info ...) | attempted-user | ||||
| 10178 | BROWSER-PLUGINS Microsoft Windows Shell User Enumeration Object ActiveX function call access (more info ...) | attempted-user | ||||
| 10189 | BROWSER-PLUGINS DivXBrowserPlugin ActiveX clsid access (more info ...) | attempted-user | ||||
| 10191 | BROWSER-PLUGINS DivXBrowserPlugin ActiveX function call access (more info ...) | attempted-user | ||||
| 10214 | BROWSER-PLUGINS Shockwave ActiveX Control clsid access (more info ...) | attempted-user | 2007-1403 | 22842 | ||
| 10216 | BROWSER-PLUGINS Shockwave ActiveX Control ActiveX function call access (more info ...) | attempted-user | 2006-6885 | 22842 | ||
| 10285 | NETBIOS DCERPC NCACN-IP-TCP svcctl ChangeServiceConfig2A attempt (more info ...) | protocol-command-decode | ||||
| 10387 | BROWSER-PLUGINS McAfee Site Manager ActiveX clsid access attempt (more info ...) | attempted-user | 2007-1498 | 22952 | ||
| 10389 | BROWSER-PLUGINS McAfee Site Manager ActiveX function call access attempt (more info ...) | attempted-user | 2007-1498 | 22952 | ||
| 10404 | BROWSER-PLUGINS SignKorea SKCommAX ActiveX clsid access (more info ...) | attempted-user | ||||
| 10406 | BROWSER-PLUGINS SignKorea SKCommAX ActiveX function call access (more info ...) | attempted-user | ||||
| 10408 | PROTOCOL-RPC portmap HP-UX Single Logical Screen SLSD tcp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10409 | PROTOCOL-RPC portmap HP-UX Single Logical Screen SLSD udp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10410 | PROTOCOL-RPC portmap HP-UX Single Logical Screen SLSD tcp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10411 | PROTOCOL-RPC portmap HP-UX Single Logical Screen SLSD udp request (more info ...) | rpc-portmap-decode | 2007-0915 | 22551 | ||
| 10412 | BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX clsid access attempt (more info ...) | attempted-user | 2007-1784 | 23201 | URL | |
| 10414 | BROWSER-PLUGINS IBM Lotus SameTime STJNILoader Alt CLSID ActiveX function call access (more info ...) | attempted-user | 2007-1784 | 23201 | URL | |
| 10415 | BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX clsid access attempt (more info ...) | attempted-user | 2007-1784 | 23201 | URL | |
| 10417 | BROWSER-PLUGINS IBM Lotus SameTime STJNILoader ActiveX function call access (more info ...) | attempted-user | 2007-1784 | 23201 | URL | |
| 10419 | BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ProgColor ActiveX clsid access (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 10421 | BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX function call access (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 10423 | BROWSER-PLUGINS Yahoo Audio Conferencing ActiveX clsid access (more info ...) | attempted-user | 2007-1680 | 23291 | URL | |
| 10425 | BROWSER-PLUGINS Yahoo Audio Conferencing ActiveX function call access (more info ...) | attempted-user | 2007-1680 | 23291 | URL | |
| 10427 | BROWSER-PLUGINS Kaspersky AntiVirus SysInfo ActiveX clsid access (more info ...) | attempted-user | 2007-1112 | 23325 | URL | |
| 10429 | BROWSER-PLUGINS Kaspersky AntiVirus SysInfo ActiveX function call access (more info ...) | attempted-user | 2007-1112 | 23325 | URL | |
| 10431 | BROWSER-PLUGINS Kaspersky AntiVirus KAV60Info ActiveX clsid access (more info ...) | attempted-user | 2007-1112 | 23345 | URL | |
| 10433 | BROWSER-PLUGINS Kaspersky AntiVirus KAV60Info ActiveX function call access (more info ...) | attempted-user | 2007-1112 | 23345 | URL | |
| 10466 | BROWSER-PLUGINS iPIX Image Well ActiveX clsid access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10468 | BROWSER-PLUGINS iPIX Image Well ActiveX function call access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10470 | BROWSER-PLUGINS iPIX Media Send Class ActiveX clsid access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10472 | BROWSER-PLUGINS iPIX Media Send Class ActiveX function call access (more info ...) | attempted-user | 2007-1687 | 23379 | URL | |
| 10475 | OS-WINDOWS Microsoft Windows UPnP notification type overflow attempt (more info ...) | attempted-admin | 2007-1204 | 23371 | URL | |
| 10476 | BROWSER-PLUGINS MarkAny MaPrintModule_WORK ActiveX clsid access (more info ...) | attempted-user | 23420 | |||
| 10478 | BROWSER-PLUGINS MarkAny MaPrintModule_WORK ActiveX function call access (more info ...) | attempted-user | 23420 | |||
| 10978 | BROWSER-PLUGINS Second Sight Software ActiveGS ActiveX clsid access (more info ...) | attempted-user | 2007-1690 | 23554 | URL | |
| 10980 | BROWSER-PLUGINS Second Sight Software ActiveGS ActiveX function call access (more info ...) | attempted-user | 2007-1690 | 23554 | URL | |
| 10982 | BROWSER-PLUGINS Second Sight Software ActiveMod ActiveX clsid access (more info ...) | attempted-user | 2007-1691 | 23554 | URL | |
| 10984 | BROWSER-PLUGINS Second Sight Software ActiveMod ActiveX function call access (more info ...) | attempted-user | 2007-1691 | 23554 | URL | |
| 10986 | BROWSER-PLUGINS GraceNote CDDB ActiveX clsid access (more info ...) | attempted-user | 2007-0443 | 23567 | URL | |
| 10988 | BROWSER-PLUGINS GraceNote CDDB ActiveX function call access (more info ...) | attempted-user | 2007-0443 | 23567 | URL | |
| 10991 | BROWSER-PLUGINS Microgaming Download Helper ActiveX clsid access (more info ...) | attempted-user | 2007-2177 | 23595 | URL | |
| 10993 | BROWSER-PLUGINS Microgaming Download Helper ActiveX function call access (more info ...) | attempted-user | 2007-2177 | 23595 | URL | |
| 11073 | OS-WINDOWS DCERPC NCACN-IP-TCP rpcss _RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 11074 | OS-WINDOWS DCERPC NCADG-IP-UDP rpcss _RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 11197 | BROWSER-PLUGINS ActiveX Soft DVD Tools ActiveX function call access (more info ...) | attempted-user | 2007-0976 | 22558 | URL | |
| 11206 | BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX clsid access (more info ...) | attempted-user | 2007-2576 | 23833 | URL | |
| 11208 | BROWSER-PLUGINS East Wind Software ADVDAUDIO ActiveX function call access (more info ...) | attempted-user | 2007-2576 | 23833 | URL | |
| 11210 | BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX clsid access (more info ...) | attempted-user | 2007-2564 | 23838 | URL | |
| 11212 | BROWSER-PLUGINS Sienzo Digital Music Mentor ActiveX function call access (more info ...) | attempted-user | 2007-2564 | 23838 | URL | |
| 11214 | BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX clsid access (more info ...) | attempted-user | 2007-2563 | 23853 | URL | |
| 11216 | BROWSER-PLUGINS VeralSoft HTTP File Uploader ActiveX function call access (more info ...) | attempted-user | 2007-2563 | 23853 | URL | |
| 11218 | BROWSER-PLUGINS SmartCode VNC Manager ActiveX clsid access (more info ...) | attempted-user | 2007-2526 | 23869 | URL | |
| 11220 | BROWSER-PLUGINS SmartCode VNC Manager ActiveX function call access (more info ...) | attempted-user | 2007-2526 | 23869 | URL | |
| 11228 | BROWSER-PLUGINS Microsoft Input Method Editor 3 ActiveX clsid access (more info ...) | attempted-user | 2007-0942 | URL | ||
| 11230 | BROWSER-PLUGINS Microsoft Cryptographic API COM 1 ActiveX clsid access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11232 | BROWSER-PLUGINS Microsoft CAPICOM CAPICOM.Certificates ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0940 | |||
| 11234 | BROWSER-PLUGINS Microsoft Cryptographic API COM 2 ActiveX clsid access (more info ...) | attempted-user | 2007-0940 | URL | ||
| 11239 | BROWSER-PLUGINS DXImageTransform.Microsoft.Redirect ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11241 | BROWSER-PLUGINS DXImageTransform.Microsoft.Redirect ActiveX function call access (more info ...) | attempted-user | URL | |||
| 11250 | BROWSER-PLUGINS Sony Rootkit Uninstaller ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11253 | BROWSER-PLUGINS Microsoft MciWndx ActiveX clsid access (more info ...) | attempted-user | ||||
| 11255 | BROWSER-PLUGINS Microsoft MciWndx ActiveX function call access (more info ...) | attempted-user | ||||
| 11259 | BROWSER-PLUGINS BarcodeWiz ActiveX clsid access (more info ...) | attempted-user | 2010-2932 | 23891 | URL | |
| 11261 | BROWSER-PLUGINS BarcodeWiz ActiveX function call access (more info ...) | attempted-user | 2010-2932 | 23891 | URL | |
| 11268 | BROWSER-PLUGINS Symantec Norton AntiVirus ActiveX clsid access (more info ...) | attempted-user | 2006-3456 | 23822 | URL | |
| 11270 | BROWSER-PLUGINS Symantec Norton AntiVirus ActiveX function call access (more info ...) | attempted-user | 2006-3456 | 23822 | URL | |
| 11274 | BROWSER-PLUGINS RControl ActiveX clsid access (more info ...) | attempted-user | 2007-2623 | 23914 | URL | |
| 11276 | BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX clsid access (more info ...) | attempted-user | 2007-2601 | 23907 | ||
| 11278 | BROWSER-PLUGINS GDivX Zenith Player AVI Fixer ActiveX function call access (more info ...) | attempted-user | 2007-2601 | 23907 | ||
| 11280 | BROWSER-PLUGINS FlexLabel ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11282 | BROWSER-PLUGINS FlexLabel ActiveX function call access (more info ...) | attempted-user | URL | |||
| 11284 | BROWSER-PLUGINS AudioCDRipper ActiveX clsid access (more info ...) | attempted-user | 2007-2603 | 23900 | ||
| 11286 | BROWSER-PLUGINS AudioCDRipper ActiveX function call access (more info ...) | attempted-user | 2007-2603 | 23900 | ||
| 11288 | PROTOCOL-RPC portmap mountd tcp request (more info ...) | rpc-portmap-decode | 2006-0900 | 16838 | ||
| 11289 | PROTOCOL-RPC portmap mountd tcp zero-length payload denial of service attempt (more info ...) | rpc-portmap-decode | 2006-0900 | 16838 | ||
| 11291 | BROWSER-PLUGINS Hewlett Packard HPQVWOCX.DL ActiveX clsid access (more info ...) | attempted-user | 2007-3649 | 24793 | ||
| 11293 | BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX clsid access (more info ...) | attempted-user | 2007-2658 | 23954 | URL | |
| 11295 | BROWSER-PLUGINS IDAutomation Linear Bar Code ActiveX function call access (more info ...) | attempted-user | 2007-2658 | 23954 | URL | |
| 11297 | BROWSER-PLUGINS Clever Database Comparer ActiveX clsid access (more info ...) | attempted-user | 2007-2648 | 23969 | URL | |
| 11299 | BROWSER-PLUGINS Clever Database Comparer ActiveX function call access (more info ...) | attempted-user | 2007-2648 | 23969 | URL | |
| 11620 | BROWSER-PLUGINS DXImageTransform.Microsoft.Chroma ActiveX function call access (more info ...) | attempted-user | 24188 | URL | ||
| 11624 | BROWSER-PLUGINS LeadTools ISIS ActiveX clsid access (more info ...) | attempted-user | 2007-2854 | 24094 | URL | |
| 11626 | BROWSER-PLUGINS LeadTools ISIS ActiveX function call access (more info ...) | attempted-user | 2007-2854 | 24094 | URL | |
| 11628 | BROWSER-PLUGINS LeadTools JPEG 2000 COM Object ActiveX function call access (more info ...) | attempted-user | 2007-2771 | 24040 | URL | |
| 11630 | BROWSER-PLUGINS LeadTools Raster Dialog File Object ActiveX clsid access (more info ...) | attempted-user | 2007-2895 | 24133 | URL | |
| 11632 | BROWSER-PLUGINS LeadTools Raster Dialog File Object ActiveX function call access (more info ...) | attempted-user | 2007-2895 | 24133 | URL | |
| 11634 | BROWSER-PLUGINS LeadTools Raster Dialog File_D Object ActiveX clsid access (more info ...) | attempted-user | 2007-2946 | 24153 | URL | |
| 11636 | BROWSER-PLUGINS LeadTools Raster Dialog File_D Object ActiveX function call access (more info ...) | attempted-user | 2007-2946 | 24153 | URL | |
| 11638 | BROWSER-PLUGINS LeadTools Raster Document Object Library ActiveX clsid access (more info ...) | attempted-user | 2007-2981 | 24179 | URL | |
| 11640 | BROWSER-PLUGINS LeadTools Raster Document Object Library ActiveX function call access (more info ...) | attempted-user | 2007-2981 | 24179 | URL | |
| 11642 | BROWSER-PLUGINS LeadTools Raster ISIS Object ActiveX clsid access (more info ...) | attempted-user | 2007-2980 | 24193 | URL | |
| 11644 | BROWSER-PLUGINS LeadTools Raster ISIS Object ActiveX function call access (more info ...) | attempted-user | 2007-2980 | 24193 | URL | |
| 11646 | BROWSER-PLUGINS LeadTools Raster Thumbnail Object Library ActiveX clsid access (more info ...) | attempted-user | 2007-2787 | 24057 | URL | |
| 11648 | BROWSER-PLUGINS LeadTools Raster Thumbnail Object Library ActiveX function call access (more info ...) | attempted-user | 2007-2787 | 24057 | URL | |
| 11650 | BROWSER-PLUGINS LeadTools Raster Variant Object Library ActiveX clsid access (more info ...) | attempted-user | 2007-2851 | 24075 | URL | |
| 11652 | BROWSER-PLUGINS LeadTools Raster Variant Object Library ActiveX function call access (more info ...) | attempted-user | 2007-2851 | 24075 | URL | |
| 11654 | BROWSER-PLUGINS LeadTools Thumbnail Browser Control ActiveX clsid access (more info ...) | attempted-user | 2007-2787 | 24053 | URL | |
| 11656 | BROWSER-PLUGINS LeadTools Thumbnail Browser Control ActiveX function call access (more info ...) | attempted-user | 2007-2787 | 24053 | URL | |
| 11658 | BROWSER-PLUGINS Dart ZipLite Compression ActiveX clsid access (more info ...) | attempted-user | 24099 | URL | ||
| 11673 | BROWSER-PLUGINS Zenturi ProgramChecker ActiveX clsid access (more info ...) | attempted-user | 2007-3703 | 24883 | ||
| 11675 | BROWSER-PLUGINS Zenturi ProgramChecker ActiveX function call access (more info ...) | attempted-user | 2007-3703 | 24883 | ||
| 11677 | BROWSER-PLUGINS Provideo Camimage Class ISSCamControl ActiveX clsid access (more info ...) | attempted-user | 2007-3111 | 24279 | ||
| 11816 | NETBIOS Session Service NetDDE attack (more info ...) | attempted-admin | 2004-0206 | 11372 | ||
| 11818 | BROWSER-PLUGINS Yahoo Webcam Viewer Wrapper ActiveX clsid access (more info ...) | attempted-user | 2007-3148 | 24341 | URL | |
| 11820 | BROWSER-PLUGINS Yahoo Webcam Viewer Wrapper ActiveX function call access (more info ...) | attempted-user | 2007-3148 | 24341 | URL | |
| 11823 | BROWSER-PLUGINS Yahoo Webcam Upload ActiveX clsid unicode access (more info ...) | attempted-user | 2007-3147 | 24341 | ||
| 11825 | BROWSER-PLUGINS Yahoo Webcam Upload ActiveX function call unicode access (more info ...) | attempted-user | 2007-3147 | 24341 | ||
| 11826 | BROWSER-PLUGINS Microsoft Voice Control Recognition ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11828 | BROWSER-PLUGINS Microsoft Voice Control ActiveX function call access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11830 | BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11832 | BROWSER-PLUGINS Microsoft Direct Speech Recognition ActiveX function call access (more info ...) | attempted-user | 2007-2222 | URL | ||
| 11838 | OS-WINDOWS Microsoft Windows API res buffer overflow attempt (more info ...) | attempted-user | 2007-2219 | URL | ||
| 11839 | BROWSER-PLUGINS TEC-IT TBarCode ActiveX clsid access (more info ...) | attempted-user | 2007-3233 | 24440 | ||
| 11841 | BROWSER-PLUGINS TEC-IT TBarCode ActiveX function call access (more info ...) | attempted-user | 2007-3233 | 24440 | ||
| 11843 | OS-WINDOWS DCERPC NCACN-IP-TCP spoolss AddPrinter overflow attempt (more info ...) | attempted-admin | 2005-1984 | 14514 | URL | |
| 11940 | BROWSER-PLUGINS Westbyte Internet Download Accelerator ActiveX function call access (more info ...) | attempted-user | 2007-3162 | 24400 | ||
| 11942 | BROWSER-PLUGINS Westbyte internet download accelerator ActiveX clsid access (more info ...) | attempted-user | 2007-3162 | 24400 | ||
| 11943 | BROWSER-PLUGINS HP ModemUtil ActiveX clsid access (more info ...) | attempted-user | ||||
| 11946 | NETBIOS Datagram Service NetDDE attack (more info ...) | attempted-admin | 2004-0206 | 11372 | ||
| 11947 | OS-WINDOWS Microsoft Windows schannel security package (more info ...) | attempted-user | 2007-2218 | URL | ||
| 11951 | MALWARE-BACKDOOR winshadow runtime detection - init connection request (more info ...) | trojan-activity | URL | |||
| 11952 | MALWARE-BACKDOOR winshadow runtime detection - udp response (more info ...) | trojan-activity | URL | |||
| 12010 | BROWSER-PLUGINS RKD Software BarCode ActiveX clsid access (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 12012 | BROWSER-PLUGINS RKD Software BarCode ActiveX function call access (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 12015 | BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX clsid access (more info ...) | attempted-user | 2007-3493 | 24656 | URL | |
| 12017 | BROWSER-PLUGINS NCTAudioStudio2 NCT WavChunksEditor ActiveX function call access (more info ...) | attempted-user | 2007-3493 | 24656 | URL | |
| 12019 | BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX clsid access (more info ...) | attempted-user | 2007-3400 | 24613 | URL | |
| 12021 | BROWSER-PLUGINS NCTsoft NCTAudioFile2 NCTWMAFile ActiveX function call access (more info ...) | attempted-user | 2007-3400 | 24613 | URL | |
| 12029 | BROWSER-PLUGINS HP Digital Imaging hpqxml.dll ActiveX clsid access (more info ...) | attempted-user | 2007-3487 | 24678 | URL | |
| 12058 | OS-WINDOWS Microsoft Windows SPNEGO ASN.1 library heap corruption overflow attempt (more info ...) | attempted-admin | 2005-1935 | 9633 | URL | |
| 12062 | BROWSER-PLUGINS HP Instant Support ActiveX clsid access (more info ...) | attempted-user | 2007-3554 | 24730 | URL | |
| 12083 | BROWSER-PLUGINS Data Dynamics ActiveBar Actbar3 ActiveX clsid access (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 12085 | BROWSER-PLUGINS Data Dynamics ActiveBar Actbar3 ActiveX function call access (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 12087 | BROWSER-PLUGINS McAfee NeoTrace ActiveX clsid access (more info ...) | attempted-user | 2006-6707 | 21697 | ||
| 12089 | BROWSER-PLUGINS McAfee NeoTrace ActiveX function call access (more info ...) | attempted-user | 2006-6707 | 21697 | ||
| 12091 | BROWSER-PLUGINS EldoS SecureBlackbox PGPBBox ActiveX clsid access (more info ...) | attempted-user | 2007-3785 | 24882 | ||
| 12093 | BROWSER-PLUGINS EldoS SecureBlackbox PGPBBox ActiveX function call access (more info ...) | attempted-user | 2007-3785 | 24882 | ||
| 12116 | BROWSER-PLUGINS Zenturi ProgramChecker SASATL ActiveX clsid access (more info ...) | attempted-user | 2007-3984 | 25025 | ||
| 12118 | BROWSER-PLUGINS Zenturi ProgramChecker SASATL ActiveX function call access (more info ...) | attempted-user | 2007-3984 | 25025 | ||
| 12144 | MALWARE-BACKDOOR access remote pc runtime detection - rpc setup (more info ...) | trojan-activity | ||||
| 12145 | MALWARE-BACKDOOR access remote pc runtime detection - rpc setup (more info ...) | trojan-activity | URL | |||
| 12168 | BROWSER-PLUGINS Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX clsid access (more info ...) | attempted-user | 2007-3302 | 25050 | URL | |
| 12185 | PROTOCOL-RPC portmap 2112 tcp request (more info ...) | rpc-portmap-decode | 2007-2798 | 24653 | URL | |
| 12186 | PROTOCOL-RPC portmap 2112 udp request (more info ...) | rpc-portmap-decode | 2007-2798 | 24653 | URL | |
| 12189 | BROWSER-PLUGINS Clever Internet Suite ActiveX clsid access (more info ...) | attempted-user | 2007-4067 | 25063 | ||
| 12191 | BROWSER-PLUGINS Clever Internet Suite ActiveX function call access (more info ...) | attempted-user | 2007-4067 | 25063 | ||
| 12193 | BROWSER-PLUGINS Yahoo Widgets Engine ActiveX clsid access (more info ...) | attempted-user | 2007-4034 | 25086 | URL | |
| 12195 | BROWSER-PLUGINS Yahoo Widgets Engine ActiveX function call access (more info ...) | attempted-user | 2007-4034 | 25086 | URL | |
| 12200 | BROWSER-PLUGINS VMWare IntraProcessLogging ActiveX clsid access (more info ...) | attempted-user | 2007-4059 | 25110 | ||
| 12203 | BROWSER-PLUGINS VMWare Vielib.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4058 | 25118 | ||
| 12205 | BROWSER-PLUGINS VMWare Vielib.dll ActiveX function call access (more info ...) | attempted-user | 2007-4058 | 25118 | ||
| 12207 | BROWSER-PLUGINS Computer Associates ETrust Intrusion Detection Caller.DLL ActiveX function call access (more info ...) | attempted-user | 2007-3302 | 25050 | URL | |
| 12246 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12248 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX function call access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12250 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12252 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX function call access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 12257 | BROWSER-PLUGINS Microsoft DirectX Media SDK ActiveX clsid access (more info ...) | attempted-user | 2007-4336 | 25279 | ||
| 12259 | BROWSER-PLUGINS Microsoft DirectX Media SDK ActiveX function call access (more info ...) | attempted-user | 2007-4336 | 25279 | ||
| 12279 | OS-WINDOWS Microsoft XML substringData integer overflow attempt (more info ...) | attempted-user | 2008-1442 | URL | ||
| 12301 | BROWSER-PLUGINS eCentrex VOIP Client Module ActiveX clsid access (more info ...) | attempted-user | 2007-4489 | 25383 | URL | |
| 12306 | POLICY-SOCIAL Microsoft Messenger web client connection (more info ...) | policy-violation | ||||
| 12380 | BROWSER-PLUGINS Oracle JInitiator ActiveX clsid access (more info ...) | attempted-user | 2007-4467 | 25473 | ||
| 12384 | BROWSER-PLUGINS Yahoo Messenger YVerInfo ActiveX clsid access (more info ...) | attempted-user | 2007-4515 | 25494 | URL | |
| 12386 | BROWSER-PLUGINS Yahoo Messenger YVerInfo ActiveX function call access (more info ...) | attempted-user | 2007-4515 | 25494 | URL | |
| 12388 | BROWSER-PLUGINS PPStream PowerPlayer ActiveX clsid access (more info ...) | attempted-user | 2007-4748 | 25502 | ||
| 12393 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 1 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12395 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 2 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12397 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 3 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12399 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 4 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12401 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 5 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12403 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 6 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12405 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 7 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12407 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 8 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12409 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 9 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12411 | BROWSER-PLUGINS Intuit QuickBooks Online Edition 10 ActiveX clsid access (more info ...) | attempted-user | 2007-4471 | 25544 | URL | |
| 12413 | BROWSER-PLUGINS Earth Resource Mapper NCSView ActiveX clsid access (more info ...) | attempted-user | 2007-4470 | 25584 | ||
| 12415 | BROWSER-PLUGINS Earth Resource Mapper NCSView ActiveX function call access (more info ...) | attempted-user | 2007-4470 | 25584 | ||
| 12417 | BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX clsid access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 12419 | BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX function call access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 12428 | BROWSER-PLUGINS GlobalLink glitemflat.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4802 | 25586 | ||
| 12434 | BROWSER-PLUGINS BaoFeng Storm MPS.dll ActiveX clsid access (more info ...) | attempted-user | 2009-1612 | 25601 | ||
| 12438 | BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4903 | 25609 | URL | |
| 12440 | BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll ActiveX function call access (more info ...) | attempted-user | 2007-4903 | 25609 | URL | |
| 12442 | BROWSER-PLUGINS Ultra Crypto Component CryptoX.dll 2 ActiveX clsid access (more info ...) | attempted-user | 2007-4902 | 25611 | URL | |
| 12450 | BROWSER-PLUGINS Microsoft Windows Agent Control ActiveX function call access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12452 | BROWSER-PLUGINS Microsoft Windows Agent File Provider ActiveX clsid access (more info ...) | attempted-user | 2007-3040 | 25566 | URL | |
| 12459 | BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 12461 | BROWSER-PLUGINS Microsoft Visual Studio 6 VBTOVSI.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4890 | 25635 | ||
| 12463 | OS-WINDOWS Microsoft Windows Visual Studio Crystal Reports RPT file handling buffer overflow attempt (more info ...) | attempted-user | 2006-6133 | 21261 | URL | |
| 12466 | BROWSER-PLUGINS MW6 Technologies QRCode ActiveX clsid access (more info ...) | attempted-user | 2007-4982 | 25702 | ||
| 12468 | BROWSER-PLUGINS COWON America JetAudio JetFlExt.dll ActiveX clsid access (more info ...) | attempted-user | 2007-4983 | 25723 | ||
| 12470 | BROWSER-PLUGINS COWON America JetAudio JetFlExt.dll ActiveX function call access (more info ...) | attempted-user | 2007-4983 | 25723 | ||
| 12476 | BROWSER-PLUGINS Yahoo Messenger CYFT ActiveX clsid access (more info ...) | attempted-user | 2007-5017 | 25727 | ||
| 12478 | BROWSER-PLUGINS Yahoo Messenger CYFT ActiveX function call access (more info ...) | attempted-user | 2007-5017 | 25727 | ||
| 12489 | NETBIOS DCERPC NCACN-IP-TCP wkssvc NetrWkstaGetInfo attempt (more info ...) | protocol-command-decode | 2006-6723 | |||
| 12598 | BROWSER-PLUGINS Xunlei Web Thunder ActiveX clsid access (more info ...) | attempted-user | 2007-5064 | 25751 | ||
| 12600 | BROWSER-PLUGINS ebCrypt IncrementalHash ActiveX clsid access (more info ...) | attempted-user | 2007-5111 | 25789 | ||
| 12602 | BROWSER-PLUGINS ebCrypt IncrementalHash ActiveX function call access (more info ...) | attempted-user | 2007-5111 | 25789 | ||
| 12604 | BROWSER-PLUGINS ebCrypt PRNGenerator ActiveX clsid access (more info ...) | attempted-user | 2007-5110 | 25787 | ||
| 12606 | BROWSER-PLUGINS ebCrypt PRNGenerator ActiveX function call access (more info ...) | attempted-user | 2007-5110 | 25787 | ||
| 12608 | PROTOCOL-RPC portmap walld udp request (more info ...) | rpc-portmap-decode | 2002-0573 | 4639 | ||
| 12609 | PROTOCOL-RPC portmap walld udp format string attack attempt (more info ...) | rpc-portmap-decode | 2002-0573 | 4639 | ||
| 12616 | BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 12631 | OS-WINDOWS Microsoft Windows 2000 Kodak Imaging small offset malformed jpeg tables (more info ...) | attempted-user | 2007-2217 | URL | ||
| 12632 | OS-WINDOWS Microsoft Windows 2000 Kodak Imaging large offset malformed jpeg tables (more info ...) | attempted-user | 2007-2217 | URL | ||
| 12635 | OS-WINDOWS RPC NTLMSSP malformed credentials attempt (more info ...) | denial-of-service | 2007-2228 | URL | ||
| 12637 | BROWSER-PLUGINS Kaspersky Online Scanner KAVWebScan.dll ActiveX clsid access (more info ...) | attempted-user | 2007-3675 | 26004 | ||
| 12639 | BROWSER-PLUGINS Kaspersky Online Scanner KAVWebScan.dll ActiveX function call access (more info ...) | attempted-user | 2007-3675 | 26004 | ||
| 12642 | OS-WINDOWS RPC NTLMSSP malformed credentials (more info ...) | denial-of-service | 2007-2228 | URL | ||
| 12643 | OS-WINDOWS Microsoft Windows URI External handler arbitrary command attempt (more info ...) | attempted-user | 2007-3896 | URL | ||
| 12644 | BROWSER-PLUGINS PBEmail7 ActiveX clsid access (more info ...) | attempted-user | 2007-5446 | 26058 | ||
| 12646 | BROWSER-PLUGINS PBEmail7 ActiveX function call access (more info ...) | attempted-user | 2007-5446 | 26058 | ||
| 12648 | BROWSER-PLUGINS DB Software Laboratory VImpX ActiveX clsid access (more info ...) | attempted-user | 2007-5445 | 26064 | ||
| 12650 | BROWSER-PLUGINS DB Software Laboratory VImpX ActiveX function call access (more info ...) | attempted-user | 2007-5445 | 26064 | ||
| 12687 | OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 12688 | OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 12689 | BROWSER-PLUGINS GlobalLink ConnectAndEnterRoom ActiveX clsid access (more info ...) | attempted-user | 2007-5722 | 26244 | ||
| 12714 | BROWSER-PLUGINS WebEx GPCContainer ActiveX clsid access (more info ...) | attempted-user | 2007-6005 | 26430 | ||
| 12716 | BROWSER-PLUGINS WebEx GPCContainer ActiveX function call access (more info ...) | attempted-user | 2007-6005 | 26430 | ||
| 12731 | BROWSER-PLUGINS AOL Radio AmpX ActiveX function call access (more info ...) | attempted-user | 2007-5755 | 35028 | ||
| 12733 | BROWSER-PLUGINS ComponentOne FlexGrid ActiveX clsid access (more info ...) | attempted-user | 2007-6028 | 26467 | ||
| 12735 | BROWSER-PLUGINS ComponentOne FlexGrid ActiveX function call access (more info ...) | attempted-user | 2007-6028 | 26467 | ||
| 12737 | BROWSER-PLUGINS Xunlei Thunder PPLAYER.DLL ActiveX clsid access (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12739 | BROWSER-PLUGINS Xunlei Thunder PPLAYER.DLL ActiveX function call access (more info ...) | attempted-user | 2007-6144 | 26536 | ||
| 12749 | BROWSER-PLUGINS BitDefender Online Scanner ActiveX function call access (more info ...) | attempted-user | 2007-5775 | 26210 | ||
| 12751 | BROWSER-PLUGINS RichFX Basic Player ActiveX clsid access (more info ...) | attempted-user | 26573 | |||
| 12753 | BROWSER-PLUGINS RichFX Basic Player ActiveX function call access (more info ...) | attempted-user | 26573 | |||
| 12755 | BROWSER-PLUGINS PPStream PowerList ActiveX clsid access (more info ...) | attempted-user | 26580 | |||
| 12762 | BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX clsid access (more info ...) | attempted-user | 2007-6228 | 26656 | ||
| 12764 | BROWSER-PLUGINS Yahoo Toolbar Helper Class ActiveX function call access (more info ...) | attempted-user | 2007-6228 | 26656 | ||
| 12770 | BROWSER-PLUGINS Microsoft Windows obfuscated RDS.Dataspace ActiveX exploit attempt (more info ...) | attempted-user | 2006-0003 | 17462 | URL | |
| 12771 | BROWSER-PLUGINS obfuscated BaoFeng Storm MPS.dll ActiveX exploit attempt (more info ...) | attempted-user | 2007-4816 | 25601 | URL | |
| 12772 | BROWSER-PLUGINS obfuscated PPStream PowerPlayer ActiveX exploit attempt (more info ...) | attempted-user | 2007-4748 | 25502 | URL | |
| 12773 | BROWSER-PLUGINS obfuscated Xunlei Thunder PPLAYER.DLL ActiveX exploit attempt (more info ...) | attempted-user | 2007-6144 | 26536 | URL | |
| 12774 | BROWSER-PLUGINS obfuscated GlobalLink ConnectAndEnterRoom ActiveX exploit attempt (more info ...) | attempted-user | 2007-5722 | 26244 | URL | |
| 12780 | BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX clsid access attempt (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 12782 | BROWSER-PLUGINS Aurigma Image Uploader 4 Vulnerable Methods ActiveX function call access attempt (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 12803 | BROWSER-PLUGINS VideoLAN VLC ActiveX clsid access (more info ...) | attempted-user | 2007-6262 | 26675 | URL | |
| 12805 | BROWSER-PLUGINS VideoLAN VLC ActiveX function call access (more info ...) | attempted-user | 2007-6262 | 26675 | URL | |
| 12808 | NETBIOS DCERPC NCACN-IP-TCP spoolss OpenPrinter overflow attempt (more info ...) | attempted-admin | 2006-5854 | 21220 | ||
| 12946 | OS-WINDOWS Microsoft Windows SMB-DS SMBv2 protocol negotiation attempt (more info ...) | attempted-admin | 2007-5351 | URL | ||
| 12947 | OS-WINDOWS Microsoft Windows SMB SMBv2 protocol negotiation attempt (more info ...) | attempted-admin | 2007-5351 | URL | ||
| 12948 | BROWSER-PLUGINS Vantage Linguistics 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12950 | BROWSER-PLUGINS Vantage Linguistics 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12952 | BROWSER-PLUGINS Vantage Linguistics 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12961 | BROWSER-PLUGINS Intuit QuickBooks Online Import 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12963 | BROWSER-PLUGINS Intuit QuickBooks Online Import 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12965 | BROWSER-PLUGINS Intuit QuickBooks Online Import 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12967 | BROWSER-PLUGINS Intuit QuickBooks Online Import 4 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12969 | BROWSER-PLUGINS Intuit QuickBooks Online Import 5 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12971 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 12977 | OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMCreateObjectInternal overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 12978 | OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMCreateObjectInternal overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 13158 | FILE-MULTIMEDIA Microsoft Media Player asf streaming format interchange data integer overflow attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 13159 | FILE-MULTIMEDIA Microsoft Media Player asf streaming format audio error masking integer overflow attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 13160 | FILE-MULTIMEDIA Microsoft Media Player asf streaming audio spread error correction data length integer overflow attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 13210 | OS-WINDOWS DCERPC NCACN-IP-TCP mqqm QMObjectPathToObjectFormat overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 13211 | OS-WINDOWS DCERPC NCADG-IP-UDP mqqm QMObjectPathToObjectFormat overflow attempt (more info ...) | attempted-admin | 2007-3039 | URL | ||
| 13219 | BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX clsid access (more info ...) | attempted-user | 2007-6506 | 26950 | ||
| 13226 | BROWSER-PLUGINS Yahoo Toolbar YShortcut ActiveX function call access (more info ...) | attempted-user | 2007-6535 | 26956 | ||
| 13228 | BROWSER-PLUGINS HP eSupportDiagnostics 1 ActiveX clsid access (more info ...) | attempted-user | 2007-6513 | 26967 | URL | |
| 13230 | BROWSER-PLUGINS HP eSupportDiagnostics 2 ActiveX clsid access (more info ...) | attempted-user | 2007-6513 | 26967 | URL | |
| 13232 | BROWSER-PLUGINS Persits Software XUpload ActiveX clsid access (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 13234 | BROWSER-PLUGINS Persits Software XUpload ActiveX function call access (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 13250 | PROTOCOL-RPC portmap 390113 tcp request (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13251 | PROTOCOL-RPC portmap 390113 udp request (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13252 | PROTOCOL-RPC portmap 390113 tcp procedure 4 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13253 | PROTOCOL-RPC portmap 390113 udp procedure 4 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13256 | PROTOCOL-RPC portmap 390113 tcp procedure 5 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13257 | PROTOCOL-RPC portmap 390113 udp procedure 5 attempt (more info ...) | rpc-portmap-decode | 2007-3618 | 25375 | ||
| 13266 | BROWSER-PLUGINS SkyFex Client ActiveX clsid access (more info ...) | attempted-user | 2007-6605 | 27059 | ||
| 13273 | BROWSER-PLUGINS DivX Web Player ActiveX clsid access (more info ...) | attempted-user | 2008-0090 | 27106 | ||
| 13275 | BROWSER-PLUGINS DivX Web Player ActiveX function call access (more info ...) | attempted-user | 2008-0090 | 27106 | ||
| 13289 | BROWSER-PLUGINS Gatway CWebLaunchCtl ActiveX clsid access (more info ...) | attempted-user | 2008-0220 | 27193 | URL | |
| 13294 | BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13296 | BROWSER-PLUGINS Microsoft Rich TextBox ActiveX clsid access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13298 | BROWSER-PLUGINS Microsoft Rich TextBox ActiveX function call access (more info ...) | attempted-user | 2008-0237 | 27201 | ||
| 13303 | BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX clsid access (more info ...) | attempted-user | 2008-0236 | 27205 | ||
| 13305 | BROWSER-PLUGINS Microsoft Visual FoxPro 2 ActiveX function call access (more info ...) | attempted-user | 2008-0236 | 27205 | ||
| 13312 | BROWSER-PLUGINS StreamAudio ProxyManager ActiveX clsid access (more info ...) | attempted-user | 2008-0248 | 27247 | ||
| 13314 | BROWSER-PLUGINS StreamAudio ProxyManager ActiveX function call access (more info ...) | attempted-user | 2008-0248 | 27247 | ||
| 13321 | BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX clsid access (more info ...) | attempted-user | 2007-3041 | 25295 | URL | |
| 13323 | BROWSER-PLUGINS Microsoft Package and Deployment Wizard ActiveX function call access (more info ...) | attempted-user | 2007-3041 | 25295 | URL | |
| 13329 | BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX clsid access (more info ...) | attempted-user | 2008-0399 | 27360 | ||
| 13331 | BROWSER-PLUGINS Toshiba Surveillance Surveillix DVR ActiveX function call access (more info ...) | attempted-user | 2008-0399 | 27360 | ||
| 13333 | BROWSER-PLUGINS HP Virtual Rooms ActiveX clsid access (more info ...) | attempted-user | 2008-0437 | 27384 | ||
| 13335 | BROWSER-PLUGINS Lycos File Upload Component ActiveX clsid access (more info ...) | attempted-user | 2008-0443 | 27411 | ||
| 13337 | BROWSER-PLUGINS Comodo AntiVirus ActiveX clsid access (more info ...) | attempted-user | 2008-0470 | 27424 | ||
| 13348 | BROWSER-PLUGINS Move Networks Media Player ActiveX clsid access (more info ...) | attempted-user | 2008-0477 | 27438 | ||
| 13350 | BROWSER-PLUGINS Move Networks Media Player ActiveX function call access (more info ...) | attempted-user | 2008-0477 | 27438 | ||
| 13352 | BROWSER-PLUGINS Lycos File Upload Component ActiveX function call access (more info ...) | attempted-user | 2008-0443 | 27411 | ||
| 13354 | BROWSER-PLUGINS HP Virtual Rooms ActiveX function call access (more info ...) | attempted-user | 2008-0437 | 27384 | ||
| 13367 | NETBIOS DCERPC NCACN-IP-TCP spoolss GetPrinterData attempt (more info ...) | protocol-command-decode | 2006-6296 | 21401 | ||
| 13421 | BROWSER-PLUGINS Facebook Photo Uploader ActiveX function call access (more info ...) | attempted-user | 2008-0660 | 27576 | URL | |
| 13423 | BROWSER-PLUGINS SwiftView ActiveX clsid access (more info ...) | attempted-user | 2007-5602 | 27527 | URL | |
| 13428 | BROWSER-PLUGINS Yahoo Music JukeBox DataGrid ActiveX function call access (more info ...) | attempted-user | 2008-0624 | 27579 | ||
| 13430 | BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX clsid access (more info ...) | attempted-user | 2008-0625 | 27578 | ||
| 13432 | BROWSER-PLUGINS Yahoo Music JukeBox MediaGrid ActiveX function call access (more info ...) | attempted-user | 2008-0625 | 27578 | ||
| 13434 | BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX clsid access (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 13436 | BROWSER-PLUGINS Aurigma Image Uploader 4 Property Overflows ActiveX function call access (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 13438 | BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX clsid access (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 13440 | BROWSER-PLUGINS Aurigma Image Uploader 5 Vulnerable Methods ActiveX function call access (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 13442 | BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX clsid access (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 13444 | BROWSER-PLUGINS Aurigma Image Uploader 5 Property Overflows ActiveX function call access (more info ...) | attempted-user | 2008-0660 | 27577 | URL | |
| 13446 | BROWSER-PLUGINS GlobalLink HanGamePlugin ActiveX clsid access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13448 | OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine begin buffer overflow attempt (more info ...) | attempted-user | 2008-0083 | URL | ||
| 13449 | OS-WINDOWS Microsoft Windows vbscript/jscript scripting engine end buffer overflow attempt (more info ...) | attempted-user | 2008-0083 | URL | ||
| 13451 | BROWSER-PLUGINS Microsoft Windows Visual FoxPro foxtlib ActiveX clsid access (more info ...) | attempted-user | 2007-5322 | 25977 | URL | |
| 13465 | FILE-IDENTIFY Microsoft Works file download request (more info ...) | misc-activity | URL | |||
| 13475 | OS-WINDOWS Microsoft Active Directory LDAP denial of service attempt (more info ...) | attempted-dos | 2008-0088 | URL | ||
| 13527 | BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX clsid access (more info ...) | attempted-user | 2008-4771 | 28010 | ||
| 13529 | BROWSER-PLUGINS D-Link MPEG4 SHM Audio Control ActiveX function call access (more info ...) | attempted-user | 2008-4771 | 28010 | ||
| 13531 | BROWSER-PLUGINS 4xem VatCtrl ActiveX clsid access (more info ...) | attempted-user | 2008-4771 | 28010 | ||
| 13533 | BROWSER-PLUGINS 4xem VatCtrl ActiveX function call access (more info ...) | attempted-user | 2008-4771 | 28010 | ||
| 13535 | BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX clsid access (more info ...) | attempted-user | 2008-4771 | 28010 | ||
| 13537 | BROWSER-PLUGINS Vivotek RTSP MPEG4 SP Control ActiveX function call access (more info ...) | attempted-user | 2008-4771 | 28010 | ||
| 13541 | BROWSER-PLUGINS Symantec Backup Exec ActiveX function call access (more info ...) | attempted-user | 2007-6016 | 26904 | URL | |
| 13543 | BROWSER-PLUGINS Learn2 STRunner ActiveX clsid access (more info ...) | attempted-user | 2007-6252 | 28058 | ||
| 13545 | BROWSER-PLUGINS Learn2 STRunner ActiveX function call access (more info ...) | attempted-user | 2007-6252 | 28058 | ||
| 13547 | BROWSER-PLUGINS Sony ImageStation ActiveX clsid access (more info ...) | attempted-user | 2008-0748 | 27715 | ||
| 13549 | BROWSER-PLUGINS Sony ImageStation ActiveX function call access (more info ...) | attempted-user | 2008-0748 | 27715 | ||
| 13583 | FILE-IDENTIFY Microsoft SYmbolic LinK file download request (more info ...) | misc-activity | 2008-0112 | URL | ||
| 13585 | FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (more info ...) | misc-activity | 2008-0112 | URL | ||
| 13594 | OS-WINDOWS Microsoft Windows print spooler little endian DoS attempt (more info ...) | protocol-command-decode | 2006-6296 | 21401 | ||
| 13595 | BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX clsid access (more info ...) | attempted-user | 2008-7136 | 28118 | ||
| 13597 | BROWSER-PLUGINS ICQ Toolbar toolbaru.dll ActiveX function call access (more info ...) | attempted-user | 2008-7136 | 28118 | ||
| 13599 | BROWSER-PLUGINS Kingsoft Antivirus Online Update Module ActiveX clsid access (more info ...) | attempted-user | 2008-1307 | 28172 | ||
| 13601 | BROWSER-PLUGINS Kingsoft Antivirus Online Update Module ActiveX function call access (more info ...) | attempted-user | 2008-1307 | 28172 | ||
| 13623 | BROWSER-PLUGINS CA BrightStor ListCtrl ActiveX function call access (more info ...) | attempted-user | 2008-1472 | 28268 | ||
| 13657 | BROWSER-PLUGINS BusinessObjects RptViewerAx ActiveX clsid access (more info ...) | attempted-user | 2007-6254 | 28292 | ||
| 13659 | BROWSER-PLUGINS BusinessObjects RptViewerAx ActiveX function call access (more info ...) | attempted-user | 2007-6254 | 28292 | ||
| 13661 | BROWSER-PLUGINS VeralSoft HTTP File Upload ActiveX clsid access (more info ...) | attempted-user | 2008-6638 | 28301 | ||
| 13666 | OS-WINDOWS Microsoft Windows GDI integer overflow attempt (more info ...) | attempted-user | 2008-1083 | URL | ||
| 13668 | BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX clsid access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13670 | BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control ActiveX function call access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13672 | BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX clsid access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13674 | BROWSER-PLUGINS Microsoft Windows Help 2.0 Contents Control 2 ActiveX function call access (more info ...) | attempted-user | 2008-1086 | URL | ||
| 13679 | BROWSER-PLUGINS IBiz EBanking Integrator ActiveX clsid access (more info ...) | attempted-user | 2008-1725 | 28700 | ||
| 13681 | BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX clsid access (more info ...) | attempted-user | 2008-1886 | 28666 | ||
| 13683 | BROWSER-PLUGINS CDNetworks Nefficient Download ActiveX function call access (more info ...) | attempted-user | 2008-1886 | 28666 | ||
| 13685 | BROWSER-PLUGINS Chilkat HTTP 1 ActiveX clsid access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13687 | BROWSER-PLUGINS Chilkat HTTP 1 ActiveX function call access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13689 | BROWSER-PLUGINS Chilkat HTTP 2 ActiveX clsid access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13691 | BROWSER-PLUGINS Chilkat HTTP 2 ActiveX function call access (more info ...) | attempted-user | 2008-1647 | 28546 | ||
| 13720 | BROWSER-PLUGINS HP eSupportDiagnostics 3 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13722 | BROWSER-PLUGINS HP eSupportDiagnostics 4 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13724 | BROWSER-PLUGINS HP eSupportDiagnostics 5 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13726 | BROWSER-PLUGINS HP eSupportDiagnostics 6 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13728 | BROWSER-PLUGINS HP eSupportDiagnostics 7 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13730 | BROWSER-PLUGINS HP eSupportDiagnostics 8 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13732 | BROWSER-PLUGINS HP eSupportDiagnostics 9 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13734 | BROWSER-PLUGINS HP eSupportDiagnostics 10 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13736 | BROWSER-PLUGINS HP eSupportDiagnostics 11 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13738 | BROWSER-PLUGINS HP eSupportDiagnostics 12 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13740 | BROWSER-PLUGINS HP eSupportDiagnostics 13 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13742 | BROWSER-PLUGINS HP eSupportDiagnostics 14 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13744 | BROWSER-PLUGINS HP eSupportDiagnostics 15 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13746 | BROWSER-PLUGINS HP eSupportDiagnostics 16 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13748 | BROWSER-PLUGINS HP eSupportDiagnostics 17 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13750 | BROWSER-PLUGINS HP eSupportDiagnostics 18 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13752 | BROWSER-PLUGINS HP eSupportDiagnostics 19 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13754 | BROWSER-PLUGINS HP eSupportDiagnostics 20 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13756 | BROWSER-PLUGINS HP eSupportDiagnostics 21 ActiveX clsid access (more info ...) | attempted-user | 2008-0712 | 28929 | URL | |
| 13758 | BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX clsid access (more info ...) | attempted-user | 2007-6255 | 28882 | ||
| 13760 | BROWSER-PLUGINS Microsoft HeartbeatCtl ActiveX function call access (more info ...) | attempted-user | 2007-6255 | 28882 | ||
| 13783 | BROWSER-PLUGINS Yahoo Assistant ActiveX clsid access (more info ...) | attempted-user | 2008-2111 | 29065 | ||
| 13785 | BROWSER-PLUGINS Ourgame GLWorld ActiveX clsid access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13787 | BROWSER-PLUGINS Ourgame GLWorld ActiveX function call access (more info ...) | attempted-user | 2008-0647 | 27626 | ||
| 13798 | OS-WINDOWS Microsoft malware protection engine denial of service attempt (more info ...) | attempted-dos | 2008-1437 | URL | ||
| 13807 | FILE-IMAGE Microsoft Windows metafile SetPaletteEntries heap overflow attempt (more info ...) | attempted-user | 2005-2124 | 15356 | URL | |
| 13824 | FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (more info ...) | attempted-user | 2008-0011 | URL | ||
| 13827 | OS-WINDOWS Microsoft Windows PGM denial of service attempt (more info ...) | attempted-dos | 2008-1440 | URL | ||
| 13835 | OS-WINDOWS Microsoft Active Directory LDAP cookie denial of service attempt (more info ...) | attempted-dos | 2008-1445 | URL | ||
| 13857 | BROWSER-PLUGINS HP Instant Support DataManager ActiveX clsid access (more info ...) | attempted-user | 2008-0953 | 29536 | URL | |
| 13859 | BROWSER-PLUGINS HP Instant Support DataManager ActiveX function call access (more info ...) | attempted-user | 2008-0953 | 29536 | URL | |
| 13883 | BROWSER-PLUGINS UUSee UUUpgrade ActiveX clsid access (more info ...) | attempted-user | 2008-7168 | 29963 | ||
| 13885 | BROWSER-PLUGINS UUSee UUUpgrade ActiveX function call access (more info ...) | attempted-user | 2008-7168 | 29963 | ||
| 13893 | FILE-OTHER Microsoft malformed saved search heap corruption attempt (more info ...) | attempted-admin | 2008-1435 | URL | ||
| 13903 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 13905 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 13907 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 13913 | BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access attempt (more info ...) | attempted-user | 2006-6236 | 21338 | URL | |
| 13975 | BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13976 | BROWSER-PLUGINS Microsoft Windows Event System ActiveX clsid unicode access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13977 | BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13978 | BROWSER-PLUGINS Microsoft Windows Event System ActiveX function call unicode access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 13979 | OS-WINDOWS Microsoft Windows Event System Subscription VBScript access (more info ...) | attempted-user | 2008-1457 | URL | ||
| 14015 | BROWSER-PLUGINS Cisco WebEx Meeting Manager atucfobj ActiveX function call access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 14023 | BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 14027 | BROWSER-PLUGINS CA DSM gui_cm_ctrls ActiveX function call access (more info ...) | attempted-user | 2008-1786 | 28809 | ||
| 14029 | BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX clsid access (more info ...) | attempted-user | 2008-1786 | |||
| 14031 | BROWSER-PLUGINS Computer Associates gui_cm_ctrls ActiveX function call access (more info ...) | attempted-user | 2008-1786 | |||
| 14066 | PUA-ADWARE Adware winsecuredisc runtime detection (more info ...) | misc-activity | URL | |||
| 14078 | PUA-ADWARE Adware winspywareprotect runtime detection - download malicous code (more info ...) | misc-activity | URL | |||
| 14079 | PUA-ADWARE Adware winspywareprotect runtime detection - connection to malicious sites (more info ...) | misc-activity | URL | |||
| 14080 | PUA-ADWARE Adware winspywareprotect runtime detection - connection to malicious server (more info ...) | misc-activity | URL | |||
| 14088 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14090 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14092 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14094 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 4 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14096 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 5 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14098 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 6 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14100 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 7 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14102 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 8 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14104 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 9 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14106 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 10 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14108 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 11 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14110 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 12 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14112 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 13 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14114 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 14 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14116 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 15 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14118 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 16 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14120 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 17 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14122 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 18 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14124 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 19 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14126 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 20 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14128 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 21 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14130 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 22 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14132 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 23 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14134 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 24 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14136 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 25 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14138 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 26 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14140 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 27 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14142 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 28 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14144 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 29 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14146 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 30 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14148 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 31 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14150 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 32 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14152 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 33 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14154 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 34 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14156 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 35 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14158 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 36 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14160 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 37 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14162 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 38 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14164 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 39 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14166 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 40 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14168 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 41 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14170 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 42 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14172 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 43 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14174 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 44 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14176 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 45 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14178 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 46 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14180 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 47 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14182 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 48 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14184 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 49 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14186 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 50 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14188 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 51 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14190 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 52 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14192 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 53 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14194 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 54 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14196 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 55 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14198 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 56 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14200 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 57 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14202 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 58 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14204 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 59 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14206 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 60 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14208 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 61 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14210 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 62 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14212 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 63 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14214 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 64 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14216 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 65 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14218 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 66 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14220 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 67 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14222 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 68 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14224 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 69 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14226 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 70 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14228 | BROWSER-PLUGINS Aurigma Image Uploader unspecified 71 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 14231 | BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX clsid access (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 14233 | BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX function call access (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 14239 | BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX clsid access (more info ...) | attempted-user | 2008-4049 | 30891 | ||
| 14241 | BROWSER-PLUGINS Friendly Technologies fwRemoteConfig ActiveX function call access (more info ...) | attempted-user | 2008-4049 | 30891 | ||
| 14243 | BROWSER-PLUGINS Najdi.si Toolbar ActiveX clsid access (more info ...) | attempted-user | 2008-7103 | 30922 | ||
| 14245 | BROWSER-PLUGINS Najdi.si Toolbar ActiveX function call access (more info ...) | attempted-user | 2008-7103 | 30922 | ||
| 14247 | BROWSER-PLUGINS Eyeball MessengerSDK ActiveX clsid access (more info ...) | attempted-user | 2008-3430 | 30424 | ||
| 14249 | BROWSER-PLUGINS Eyeball MessengerSDK ActiveX function call access (more info ...) | attempted-user | 2008-3430 | 30424 | ||
| 14251 | OS-WINDOWS Microsoft GDI malformed metarecord buffer overflow attempt (more info ...) | attempted-user | 2008-3014 | URL | ||
| 14261 | OS-WINDOWS Microsoft Windows GDI VML gradient size heap overflow attempt (more info ...) | attempted-user | 2007-5348 | URL | ||
| 14266 | BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX clsid access (more info ...) | attempted-user | 2008-3957 | 31069 | ||
| 14268 | BROWSER-PLUGINS Microsoft Windows Image Acquisition Logger ActiveX function call access (more info ...) | attempted-user | 2008-3957 | 31069 | ||
| 14270 | BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14272 | BROWSER-PLUGINS VieLib2.Vie2Locator ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14274 | BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14276 | BROWSER-PLUGINS Vie2Lib.Vie2LinuxVolume ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14278 | BROWSER-PLUGINS VieLib2.Vie2Process ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14280 | BROWSER-PLUGINS VieLib2.Vie2Process ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14282 | BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14284 | BROWSER-PLUGINS IntraProcessLogging.Logger ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14286 | BROWSER-PLUGINS VMClientHosts Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14288 | BROWSER-PLUGINS VMClientHosts Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14290 | BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14292 | BROWSER-PLUGINS VhdCvtCom.DiskLibCreateParamObj ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14294 | BROWSER-PLUGINS RemoteDirDlg Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14296 | BROWSER-PLUGINS RemoteDirDlg Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14298 | BROWSER-PLUGINS TeamListViewWnd Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14300 | BROWSER-PLUGINS TeamListViewWnd Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14302 | BROWSER-PLUGINS VMStatusbarCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14304 | BROWSER-PLUGINS VMStatusbarCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14306 | BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14308 | BROWSER-PLUGINS Vmc2vmx.CoVPCConfiguration ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14310 | BROWSER-PLUGINS VmdbUpdate Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14312 | BROWSER-PLUGINS VmdbUpdate Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14314 | BROWSER-PLUGINS VMWare unspecified 1 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14316 | BROWSER-PLUGINS VmdbExecuteError Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14318 | BROWSER-PLUGINS VmdbExecuteError Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14320 | BROWSER-PLUGINS VMWare unspecified 2 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14322 | BROWSER-PLUGINS reconfig.SysImageUti ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14324 | BROWSER-PLUGINS reconfig.SysImageUti ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14326 | BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14328 | BROWSER-PLUGINS Microsoft Visual Database Tools Query Designer V7.0 ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14330 | BROWSER-PLUGINS VmdbContext Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14332 | BROWSER-PLUGINS VmdbContext Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14334 | BROWSER-PLUGINS VMClientVMs Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14336 | BROWSER-PLUGINS VMClientVMs Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14338 | BROWSER-PLUGINS vmappPropObj Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14340 | BROWSER-PLUGINS vmappPropObj Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14342 | BROWSER-PLUGINS VMWare unspecified 3 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14344 | BROWSER-PLUGINS VMMsg Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14346 | BROWSER-PLUGINS VMMsg Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14348 | BROWSER-PLUGINS VMWare unspecified 4 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14350 | BROWSER-PLUGINS reconfig.PopulatedDi ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14352 | BROWSER-PLUGINS reconfig.PopulatedDi ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14354 | BROWSER-PLUGINS Elevated.ElevMgr ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14356 | BROWSER-PLUGINS Elevated.ElevMgr ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14358 | BROWSER-PLUGINS VMWare unspecified 5 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14360 | BROWSER-PLUGINS HardwareCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14362 | BROWSER-PLUGINS HardwareCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14364 | BROWSER-PLUGINS VMWare unspecified 6 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14366 | BROWSER-PLUGINS VmdbQuery Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14368 | BROWSER-PLUGINS VmdbQuery Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14370 | BROWSER-PLUGINS vmappPropObj2 Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14372 | BROWSER-PLUGINS vmappPropObj2 Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14374 | BROWSER-PLUGINS VmappPoll Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14376 | BROWSER-PLUGINS VmappPoll Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14378 | BROWSER-PLUGINS VMClient Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14380 | BROWSER-PLUGINS VMClient Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14382 | BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14384 | BROWSER-PLUGINS Pq2vcom.Pq2v ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14386 | BROWSER-PLUGINS VmdbSchema Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14388 | BROWSER-PLUGINS VmdbSchema Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14394 | BROWSER-PLUGINS VixCOM.VixLib ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14396 | BROWSER-PLUGINS VixCOM.VixLib ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14398 | BROWSER-PLUGINS vmappsdk.CuiObj ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14400 | BROWSER-PLUGINS vmappsdk.CuiObj ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14402 | BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14404 | BROWSER-PLUGINS RemoteBrowseDlg Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14406 | BROWSER-PLUGINS RegVmsCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14408 | BROWSER-PLUGINS RegVmsCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14410 | BROWSER-PLUGINS VmdbEnumTags Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14412 | BROWSER-PLUGINS VmdbEnumTags Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14414 | BROWSER-PLUGINS VMWare unspecified 7 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14420 | BROWSER-PLUGINS VmdbDatabase Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14422 | BROWSER-PLUGINS VmdbDatabase Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14424 | BROWSER-PLUGINS VMAppSdkUtil Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14426 | BROWSER-PLUGINS VMAppSdkUtil Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14428 | BROWSER-PLUGINS VMWare unspecified 8 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14430 | BROWSER-PLUGINS VMEnumStrings Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14432 | BROWSER-PLUGINS VMEnumStrings Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14434 | BROWSER-PLUGINS VMWare unspecified 9 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14436 | BROWSER-PLUGINS VMClientHost Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14438 | BROWSER-PLUGINS VMClientHost Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14440 | BROWSER-PLUGINS VMWare unspecified 10 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14442 | BROWSER-PLUGINS VMWare unspecified 11 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14444 | BROWSER-PLUGINS VMWare unspecified 12 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14446 | BROWSER-PLUGINS VMWare unspecified 13 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14448 | BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14450 | BROWSER-PLUGINS reconfig.SystemReconfigur ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14452 | BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14454 | BROWSER-PLUGINS vmhwcfg.NwzCompleted ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14456 | BROWSER-PLUGINS MksCompatCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14458 | BROWSER-PLUGINS MksCompatCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14460 | BROWSER-PLUGINS VMWare unspecified 14 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14466 | BROWSER-PLUGINS VMWare unspecified 15 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14468 | BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14470 | BROWSER-PLUGINS Elevated.HostDeviceInfos ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14472 | BROWSER-PLUGINS VMWare unspecified 16 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14474 | BROWSER-PLUGINS VMWare unspecified 17 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14476 | BROWSER-PLUGINS reconfig.GuestInfo ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14478 | BROWSER-PLUGINS reconfig.GuestInfo ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14480 | BROWSER-PLUGINS VmappPropFrame Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14482 | BROWSER-PLUGINS VmappPropFrame Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14484 | BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14486 | BROWSER-PLUGINS VhdCvtCom.VhdConverter ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14488 | BROWSER-PLUGINS VMSwitchCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14490 | BROWSER-PLUGINS VMSwitchCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14492 | BROWSER-PLUGINS VMWare unspecified 18 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14494 | BROWSER-PLUGINS VmdbUtil Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14496 | BROWSER-PLUGINS VmdbUtil Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14498 | BROWSER-PLUGINS VMWare unspecified 19 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14500 | BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14502 | BROWSER-PLUGINS VMwareVpcCvt.VpcC ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14504 | BROWSER-PLUGINS VmdbCnxUtil Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14506 | BROWSER-PLUGINS VmdbCnxUtil Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14508 | BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14510 | BROWSER-PLUGINS Vmc2vmx.CoVPCDrive ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14512 | BROWSER-PLUGINS VMWare unspecified 20 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14514 | BROWSER-PLUGINS VMClientVM Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14516 | BROWSER-PLUGINS VMClientVM Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14518 | BROWSER-PLUGINS VMWare unspecified 21 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14520 | BROWSER-PLUGINS Elevated.VMXCreator ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14522 | BROWSER-PLUGINS Elevated.VMXCreator ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14524 | BROWSER-PLUGINS VMWare unspecified 22 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14526 | BROWSER-PLUGINS HotfixWz Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14528 | BROWSER-PLUGINS HotfixWz Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14530 | BROWSER-PLUGINS VmdbUpdates Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14532 | BROWSER-PLUGINS VmdbUpdates Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14534 | BROWSER-PLUGINS VMListCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14536 | BROWSER-PLUGINS VMListCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14538 | BROWSER-PLUGINS CheckedListViewWnd Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14540 | BROWSER-PLUGINS CheckedListViewWnd Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14542 | BROWSER-PLUGINS VMWare unspecified 23 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14544 | BROWSER-PLUGINS VmdbTreeCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14546 | BROWSER-PLUGINS VmdbTreeCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14548 | BROWSER-PLUGINS Nwz Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14550 | BROWSER-PLUGINS Nwz Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14552 | BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14554 | BROWSER-PLUGINS Vmc2vmx.CoVPCDrives ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14556 | BROWSER-PLUGINS MksCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14558 | BROWSER-PLUGINS MksCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14560 | BROWSER-PLUGINS VmappPropPath Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14562 | BROWSER-PLUGINS VmappPropPath Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14564 | BROWSER-PLUGINS VMWare unspecified 24 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14566 | BROWSER-PLUGINS PolicyCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14568 | BROWSER-PLUGINS PolicyCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14570 | BROWSER-PLUGINS VmdbParseError Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14572 | BROWSER-PLUGINS VmdbParseError Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14574 | BROWSER-PLUGINS NavigationCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14576 | BROWSER-PLUGINS NavigationCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14578 | BROWSER-PLUGINS VMList Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14580 | BROWSER-PLUGINS VMList Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14582 | BROWSER-PLUGINS VMWare unspecified 25 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14584 | BROWSER-PLUGINS VMWare unspecified 26 ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14586 | BROWSER-PLUGINS CurrentVMCtl Class ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14588 | BROWSER-PLUGINS CurrentVMCtl Class ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14590 | BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX clsid access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14592 | BROWSER-PLUGINS VhdCvtCom.DiskLibHelper ActiveX function call access (more info ...) | attempted-user | 2008-3696 | 30934 | URL | |
| 14594 | BROWSER-PLUGINS Peachtree Accounting 2004 ActiveX clsid access (more info ...) | attempted-user | 2008-4699 | 31096 | ||
| 14596 | BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4132 | 31200 | ||
| 14598 | BROWSER-PLUGINS ComponentOne VSFlexGrid ActiveX function call access (more info ...) | attempted-user | 2008-4132 | 31200 | ||
| 14603 | BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX clsid access (more info ...) | attempted-user | 2008-5089 | 31227 | ||
| 14605 | BROWSER-PLUGINS Data Dynamics ActiveReport ARViewer2 ActiveX function call access (more info ...) | attempted-user | 2008-5089 | 31227 | ||
| 14607 | SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (more info ...) | attempted-admin | 2007-2139 | 23635 | ||
| 14631 | BROWSER-PLUGINS Husdawg System Requirements Lab Control ActiveX clsid access (more info ...) | attempted-user | 2008-4385 | 31752 | URL | |
| 14633 | BROWSER-PLUGINS PhotoStockPlus ActiveX clsid access (more info ...) | attempted-user | 2008-0957 | 29279 | URL | |
| 14635 | BROWSER-PLUGINS Microsoft RSClientPrint ActiveX clsid access (more info ...) | attempted-user | 2008-3015 | URL | ||
| 14637 | BROWSER-PLUGINS Microsoft PicturePusher ActiveX clsid access (more info ...) | attempted-user | 2008-4493 | 31632 | ||
| 14639 | BROWSER-PLUGINS Microsoft PicturePusher ActiveX function call access (more info ...) | attempted-user | 2008-4493 | 31632 | ||
| 14744 | BROWSER-PLUGINS Hummingbird HostExplorer ActiveX clsid access (more info ...) | attempted-user | 2008-4729 | 31783 | ||
| 14746 | BROWSER-PLUGINS Autodesk DWF Viewer ActiveX clsid access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14748 | BROWSER-PLUGINS Autodesk LiveUpdate ActiveX clsid access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14750 | BROWSER-PLUGINS Autodesk LiveUpdate ActiveX function call access (more info ...) | attempted-user | 2008-4472 | 31490 | ||
| 14754 | BROWSER-PLUGINS Novell ZENworks Desktop Management ActiveX function call access (more info ...) | attempted-user | 2008-5073 | 31435 | ||
| 14762 | BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 14783 | OS-WINDOWS DCERPC NCADG-IP-UDP srvsvc NetrpPathCanonicalize path canonicalization stack overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 14896 | OS-WINDOWS Microsoft Windows SMB v4 srvsvc NetrpPathCononicalize unicode path cononicalization stack overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 14897 | BROWSER-PLUGINS HP Software Update RulesEngine.dll ActiveX function call access (more info ...) | attempted-user | 2007-6506 | 26950 | ||
| 14993 | BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX clsid access (more info ...) | attempted-user | 2008-4919 | 31984 | ||
| 14995 | BROWSER-PLUGINS Visagesoft eXPert PDF Viewer ActiveX function call access (more info ...) | attempted-user | 2008-4919 | 31984 | ||
| 14999 | BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX clsid access (more info ...) | attempted-user | 2008-4800 | 31996 | ||
| 15001 | BROWSER-PLUGINS Microsoft Debug Diagnostic Tool ActiveX function call access (more info ...) | attempted-user | 2008-4800 | 31996 | ||
| 15003 | BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access (more info ...) | attempted-user | 2008-5002 | 32073 | ||
| 15005 | BROWSER-PLUGINS Chilkat Crypt 2 ActiveX function call access (more info ...) | attempted-user | 2008-5002 | 32073 | ||
| 15015 | OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrUseAdd/NetrUseGetInfo/NetrUseDel overflow attempt (more info ...) | attempted-admin | 2008-4250 | URL | ||
| 15069 | BROWSER-PLUGINS SAP AG SAPgui mdrmsap ActiveX clsid access (more info ...) | attempted-user | 2008-4387 | 32186 | ||
| 15084 | BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX clsid access (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15086 | BROWSER-PLUGINS Microsoft Windows Common Controls Animation Object ActiveX function call access (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15116 | OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (more info ...) | attempted-user | 2008-4269 | URL | ||
| 15127 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15128 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15129 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15130 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15131 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15132 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15133 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15134 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15135 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15136 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15137 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15138 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function WriteAndX unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15139 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15140 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15141 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode andx attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15142 | OS-WINDOWS Microsoft Windows SMB sp_replwritetovarbin vulnerable function unicode attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15173 | BROWSER-PLUGINS Phoenician Casino ActiveX clsid access (more info ...) | attempted-user | 2008-5691 | 32901 | ||
| 15175 | BROWSER-PLUGINS Phoenician Casino ActiveX function call access (more info ...) | attempted-user | 2008-5691 | 32901 | ||
| 15177 | BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (more info ...) | attempted-user | 2008-2435 | 32965 | ||
| 15179 | BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (more info ...) | attempted-user | 2008-2435 | 32965 | ||
| 15181 | BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX clsid access (more info ...) | attempted-user | 2008-6898 | 33053 | ||
| 15192 | BROWSER-PLUGINS SizerOne ActiveX clsid access attempt (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 15194 | BROWSER-PLUGINS SizerOne ActiveX function call access (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 15228 | BROWSER-PLUGINS Ciansoft PDFBuilderX ActiveX clsid access (more info ...) | attempted-user | 33233 | |||
| 15232 | BROWSER-PLUGINS Easy Grid ActiveX clsid access (more info ...) | attempted-user | 2009-0134 | 33272 | ||
| 15234 | BROWSER-PLUGINS Easy Grid ActiveX function call access (more info ...) | attempted-user | 2009-0134 | 33272 | ||
| 15243 | BROWSER-PLUGINS AXIS Camera ActiveX clsid access (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 15245 | BROWSER-PLUGINS AXIS Camera ActiveX function call access (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 15247 | BROWSER-PLUGINS JamDTA ActiveX clsid access (more info ...) | attempted-user | 33345 | |||
| 15249 | BROWSER-PLUGINS SmartVMD ActiveX clsid access (more info ...) | attempted-user | 33349 | |||
| 15251 | BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX clsid access (more info ...) | attempted-user | 33318 | |||
| 15253 | BROWSER-PLUGINS MetaProducts MetaTreeX ActiveX function call access (more info ...) | attempted-user | 33318 | |||
| 15268 | BROWSER-PLUGINS MW6 Technologies Barcode ActiveX function call access (more info ...) | attempted-user | 2009-0298 | 33451 | ||
| 15270 | BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX clsid access (more info ...) | attempted-user | 2008-4926 | |||
| 15272 | BROWSER-PLUGINS MW6 Technologies PDF417 ActiveX function call access (more info ...) | attempted-user | 2008-4926 | |||
| 15274 | BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX clsid access (more info ...) | attempted-user | 2008-4925 | |||
| 15276 | BROWSER-PLUGINS MW6 Technologies DataMatrix ActiveX function call access (more info ...) | attempted-user | 2008-4925 | |||
| 15278 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX clsid access (more info ...) | attempted-user | 2008-4923 | |||
| 15280 | BROWSER-PLUGINS MW6 Technologies Aztec ActiveX function call access (more info ...) | attempted-user | 2008-4923 | |||
| 15284 | BROWSER-PLUGINS NCTAudioGrabber2 ActiveX clsid access (more info ...) | attempted-user | 2008-0958 | URL | ||
| 15286 | BROWSER-PLUGINS NCTAudioGrabber2 ActiveX function call access (more info ...) | attempted-user | 2008-0958 | URL | ||
| 15288 | BROWSER-PLUGINS NCTAudioInformation2 ActiveX clsid access (more info ...) | attempted-user | 2008-0959 | URL | ||
| 15290 | BROWSER-PLUGINS NCTAudioInformation2 ActiveX function call access (more info ...) | attempted-user | 2008-0959 | URL | ||
| 15307 | BROWSER-PLUGINS Microsoft Animation Control ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15309 | BROWSER-PLUGINS Microsoft Animation Control ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15311 | BROWSER-PLUGINS Research In Motion AxLoader ActiveX clsid access (more info ...) | attempted-user | 2009-0305 | 33663 | URL | |
| 15313 | BROWSER-PLUGINS Research In Motion AxLoader ActiveX function call access (more info ...) | attempted-user | 2009-0305 | 33663 | URL | |
| 15315 | BROWSER-PLUGINS Akamai DownloadManager ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15317 | BROWSER-PLUGINS Akamai DownloadManager ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15330 | BROWSER-PLUGINS Nokia Phoenix Service 1 ActiveX clsid access (more info ...) | attempted-user | 33726 | |||
| 15332 | BROWSER-PLUGINS Nokia Phoenix Service 2 ActiveX clsid access (more info ...) | attempted-user | 33726 | |||
| 15346 | BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX clsid access (more info ...) | attempted-user | 2009-0465 | 33535 | ||
| 15348 | BROWSER-PLUGINS Synactis ALL In-The-Box ActiveX function call access (more info ...) | attempted-user | 2009-0465 | 33535 | ||
| 15350 | BROWSER-PLUGINS Web on Windows ActiveX clsid access (more info ...) | attempted-user | 2009-0389 | 33515 | ||
| 15352 | BROWSER-PLUGINS Web on Windows ActiveX function call access (more info ...) | attempted-user | 2009-0389 | 33515 | ||
| 15372 | BROWSER-PLUGINS iDefense COMRaider ActiveX clsid access (more info ...) | attempted-user | 33867 | |||
| 15374 | BROWSER-PLUGINS iDefense COMRaider ActiveX function call access (more info ...) | attempted-user | 33867 | |||
| 15376 | BROWSER-PLUGINS Sopcast SopCore ActiveX clsid access (more info ...) | attempted-user | 2009-0811 | 33920 | ||
| 15378 | BROWSER-PLUGINS Sopcast SopCore ActiveX function call access (more info ...) | attempted-user | 2009-0811 | 33920 | ||
| 15380 | BROWSER-PLUGINS HP Virtual Rooms v7 ActiveX clsid access (more info ...) | attempted-user | 2009-0208 | 33918 | ||
| 15386 | OS-WINDOWS Microsoft Windows wpad dynamic update request (more info ...) | attempted-admin | 2009-0093 | URL | ||
| 15387 | OS-WINDOWS udp WINS WPAD registration attempt (more info ...) | misc-attack | 2009-0094 | URL | ||
| 15430 | FILE-OTHER Microsoft EMF+ GpFont.SetData buffer overflow attempt (more info ...) | attempted-user | 2009-1217 | 34250 | ||
| 15448 | NETBIOS DCERPC NCADG-IP-UDP srvsvc NetrShareEnum null policy handle attempt (more info ...) | protocol-command-decode | ||||
| 15457 | OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (more info ...) | attempted-user | 2009-0084 | URL | ||
| 15475 | OS-WINDOWS Microsoft Windows ISA Server cross-site scripting attempt (more info ...) | attempted-user | 2009-0237 | URL | ||
| 15513 | OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 15523 | OS-WINDOWS Microsoft Windows srvsvc NetrShareEnum netname overflow attempt (more info ...) | protocol-command-decode | 2009-0228 | URL | ||
| 15543 | BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15545 | BROWSER-PLUGINS Microsoft Communications Control v6 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15547 | BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15549 | BROWSER-PLUGINS eBay Picture Uploads control 1 ActiveX function call access (more info ...) | attempted-user | URL | |||
| 15551 | BROWSER-PLUGINS eBay Picture Uploads control 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 15557 | BROWSER-PLUGINS SAP AG SAPgui EnjoySAP ActiveX clsid access (more info ...) | attempted-user | 35256 | |||
| 15588 | BROWSER-PLUGINS Microsoft Video 1 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15590 | BROWSER-PLUGINS Microsoft Video 10 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15592 | BROWSER-PLUGINS Microsoft Video 11 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15594 | BROWSER-PLUGINS Microsoft Video 12 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15596 | BROWSER-PLUGINS Microsoft Video 13 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15598 | BROWSER-PLUGINS Microsoft Video 14 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15600 | BROWSER-PLUGINS Microsoft Video 15 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15602 | BROWSER-PLUGINS Microsoft Video 16 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15604 | BROWSER-PLUGINS Microsoft Video 17 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15606 | BROWSER-PLUGINS Microsoft Video 18 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15608 | BROWSER-PLUGINS Microsoft Video 19 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15610 | BROWSER-PLUGINS Microsoft Video 2 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15612 | BROWSER-PLUGINS Microsoft Video 20 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15614 | BROWSER-PLUGINS Microsoft Video 21 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15616 | BROWSER-PLUGINS Microsoft Video 22 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15618 | BROWSER-PLUGINS Microsoft Video 23 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15620 | BROWSER-PLUGINS Microsoft Video 24 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15622 | BROWSER-PLUGINS Microsoft Video 25 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15624 | BROWSER-PLUGINS Microsoft Video 26 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15626 | BROWSER-PLUGINS Microsoft Video 27 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15628 | BROWSER-PLUGINS Microsoft Video 28 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15630 | BROWSER-PLUGINS Microsoft Video 29 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15634 | BROWSER-PLUGINS Microsoft Video 30 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15636 | BROWSER-PLUGINS Microsoft Video 31 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15640 | BROWSER-PLUGINS Microsoft Video 33 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15642 | BROWSER-PLUGINS Microsoft Video 34 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15644 | BROWSER-PLUGINS Microsoft Video 35 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15646 | BROWSER-PLUGINS Microsoft Video 36 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15648 | BROWSER-PLUGINS Microsoft Video 37 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15650 | BROWSER-PLUGINS Microsoft Video 38 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15652 | BROWSER-PLUGINS Microsoft Video 39 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15654 | BROWSER-PLUGINS Microsoft Video 4 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15656 | BROWSER-PLUGINS Microsoft Video 40 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15658 | BROWSER-PLUGINS Microsoft Video 41 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15660 | BROWSER-PLUGINS Microsoft Video 42 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15662 | BROWSER-PLUGINS Microsoft Video 43 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15664 | BROWSER-PLUGINS Microsoft Video 44 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15666 | BROWSER-PLUGINS Microsoft Video 45 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15668 | BROWSER-PLUGINS Microsoft Video 5 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15670 | BROWSER-PLUGINS Microsoft Video 6 ActiveX clsid access (more info ...) | attempted-user | 2009-0901 | 35558 | URL | |
| 15671 | BROWSER-PLUGINS Microsoft Video 6 ActiveX function call (more info ...) | attempted-user | 2009-0901 | 35558 | URL | |
| 15672 | BROWSER-PLUGINS Microsoft Video 7 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15674 | BROWSER-PLUGINS Microsoft Video 8 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15676 | BROWSER-PLUGINS Microsoft Video 9 ActiveX clsid access (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15693 | FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table overflow attempt (more info ...) | attempted-user | 2009-0231 | URL | ||
| 15694 | FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (more info ...) | attempted-user | 2009-0232 | URL | ||
| 15695 | FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (more info ...) | attempted-user | 2009-0232 | URL | ||
| 15702 | NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x13 overflow attempt (more info ...) | attempted-dos | 2009-1761 | 35396 | ||
| 15710 | NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x3B null strings attempt (more info ...) | attempted-dos | 2009-1761 | 35396 | ||
| 15848 | OS-WINDOWS WINS replication request memory corruption attempt (more info ...) | attempted-admin | 2009-1923 | URL | ||
| 15849 | OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (more info ...) | attempted-admin | 2009-1924 | URL | ||
| 15854 | FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (more info ...) | attempted-user | 2009-1546 | 35970 | URL | |
| 15857 | FILE-MULTIMEDIA Microsoft Windows AVIFile media file invalid header length (more info ...) | attempted-user | 2009-1546 | URL | ||
| 15860 | OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrGetJoinInformation attempt (more info ...) | protocol-command-decode | 2009-1544 | URL | ||
| 15863 | BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX function call access (more info ...) | attempted-user | 2009-1929 | URL | ||
| 15878 | BROWSER-PLUGINS AcerCtrls.APlunch ActiveX clsid access (more info ...) | attempted-user | 2009-2627 | URL | ||
| 15894 | OS-WINDOWS Microsoft Color Management Module remote code execution attempt (more info ...) | attempted-admin | 2005-1219 | URL | ||
| 15920 | FILE-MULTIMEDIA Microsoft mp3 malformed APIC header RCE attempt (more info ...) | attempted-user | 2009-2499 | URL | ||
| 15921 | FILE-IDENTIFY Microsoft multimedia format file download request (more info ...) | misc-activity | URL | |||
| 15926 | BROWSER-PLUGINS PPStream PPSMediaList ActiveX clsid access (more info ...) | attempted-user | 36234 | |||
| 15928 | BROWSER-PLUGINS PPStream PPSMediaList ActiveX function call access (more info ...) | attempted-user | 36234 | |||
| 15944 | OS-WINDOWS Microsoft Windows Active Directory crafted LDAP request denial of service attempt (more info ...) | attempted-dos | 2007-3028 | 24796 | ||
| 15946 | FILE-OTHER Microsoft Windows Vista Feed Headlines Gagdet code execution attempt (more info ...) | attempted-user | 2007-3033 | 25287 | ||
| 15985 | OS-WINDOWS Microsoft ASP.NET canonicalization exploit attempt (more info ...) | attempted-user | 2004-0847 | 11342 | ||
| 15995 | FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (more info ...) | attempted-user | 2008-0011 | URL | ||
| 15996 | OS-WINDOWS Microsoft Negotiate SSP buffer overflow attempt (more info ...) | attempted-admin | 2004-0119 | 10113 | ||
| 16016 | OS-WINDOWS Microsoft client for netware overflow attempt (more info ...) | attempted-admin | 2006-4688 | URL | ||
| 16048 | SERVER-OTHER Microsoft ASP.NET application folder info disclosure attempt (more info ...) | attempted-recon | 2006-1300 | 18920 | ||
| 16058 | SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (more info ...) | attempted-user | 2007-5398 | 26455 | ||
| 16066 | OS-WINDOWS Microsoft Windows Server driver crafted SMB data denial of service (more info ...) | attempted-dos | 2006-3942 | URL | ||
| 16068 | BROWSER-PLUGINS Yahoo Music Jukebox ActiveX exploit (more info ...) | attempted-user | 2008-0625 | 27579 | ||
| 16081 | PROTOCOL-RPC portmap 395650 tcp XDR SString buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | 29283 | URL | |
| 16082 | PROTOCOL-RPC portmap 395650 udp XDR SString buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | 29283 | URL | |
| 16084 | PROTOCOL-RPC portmap 395650 udp request (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16085 | PROTOCOL-RPC portmap 395650 tcp xml buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16086 | PROTOCOL-RPC portmap 395650 udp xml buffer overflow attempt (more info ...) | rpc-portmap-decode | 2008-2242 | URL | ||
| 16089 | OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (more info ...) | attempted-user | 2006-0010 | 16194 | ||
| 16090 | BROWSER-PLUGINS Microsoft Core XML core services XMLHTTP control open method code execution attempt (more info ...) | attempted-user | 2006-5745 | 20915 | ||
| 16153 | FILE-IMAGE Microsoft Windows malformed WMF meta escape record memory corruption attempt (more info ...) | attempted-user | 2009-2500 | URL | ||
| 16157 | OS-WINDOWS Microsoft Windows malformed ASF voice codec memory corruption attempt (more info ...) | attempted-user | 2009-0555 | URL | ||
| 16168 | OS-WINDOWS Microsoft Windows SMBv2 integer overflow denial of service attempt (more info ...) | attempted-admin | 2009-2526 | URL | ||
| 16181 | OS-WINDOWS Microsoft Windows CryptoAPI ASN.1 integer overflow attempt (more info ...) | attempted-user | 2009-2511 | URL | ||
| 16184 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 16185 | OS-WINDOWS Microsoft Windows GDI+ compressed TIFF file parsing remote code execution attempt (more info ...) | attempted-user | 2009-2503 | URL | ||
| 16186 | FILE-IMAGE Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt (more info ...) | attempted-user | 2009-3126 | URL | ||
| 16187 | OS-WINDOWS Microsoft Windows DirectShow MJPEG arbitrary code execution attempt (more info ...) | attempted-user | 2009-0084 | URL | ||
| 16221 | OS-WINDOWS Microsoft ISA and Forefront Threat Management Web Proxy TCP Listener denial of service attempt (more info ...) | attempted-dos | 2009-0077 | 34414 | URL | |
| 16231 | FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | 42203 | URL | |
| 16237 | SERVER-OTHER Microsoft Active Directory NTDSA stack space exhaustion attempt (more info ...) | attempted-dos | 2009-1928 | URL | ||
| 16285 | PROTOCOL-RPC AIX ttdbserv function 15 buffer overflow attempt (more info ...) | attempted-admin | 2009-2727 | 35419 | URL | |
| 16287 | OS-WINDOWS Microsoft Windows SMB Negotiate Protocol response DoS attempt (more info ...) | attempted-dos | 2009-3676 | URL | ||
| 16294 | OS-WINDOWS Microsoft Windows TCP stack zero window size exploit attempt (more info ...) | attempted-dos | 2008-4609 | 31545 | URL | |
| 16305 | BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16307 | BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16327 | OS-WINDOWS Microsoft Windows GDI+ TIFF RLE compressed data buffer overflow attempt (more info ...) | attempted-user | 2009-2503 | URL | ||
| 16342 | FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (more info ...) | attempted-user | 2009-1546 | 35970 | URL | |
| 16366 | OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (more info ...) | attempted-admin | 2010-0018 | 37671 | URL | |
| 16379 | BROWSER-PLUGINS SAP AG SAPgui sapirrfc ActiveX clsid access (more info ...) | attempted-user | 35256 | URL | ||
| 16386 | BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access (more info ...) | attempted-user | 2009-2987 | |||
| 16388 | BROWSER-PLUGINS AcroPDF.PDF ActiveX function call access (more info ...) | attempted-user | 2009-2987 | |||
| 16396 | NETBIOS SMB server srvnet.sys driver race condition attempt (more info ...) | attempted-dos | 2010-0021 | URL | ||
| 16397 | OS-WINDOWS Microsoft Windows SMB andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16398 | OS-WINDOWS Microsoft Windows SMB invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16399 | OS-WINDOWS Microsoft Windows SMB unicode andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16400 | OS-WINDOWS Microsoft Windows SMB unicode invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16401 | OS-WINDOWS Microsoft Windows SMB andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16402 | OS-WINDOWS Microsoft Windows SMB invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16403 | OS-WINDOWS Microsoft Windows SMB unicode andx invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16404 | OS-WINDOWS Microsoft Windows SMB unicode invalid server name share access (more info ...) | protocol-command-decode | 2010-0022 | URL | ||
| 16414 | OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (more info ...) | attempted-user | 2010-0027 | URL | ||
| 16422 | FILE-IMAGE Microsoft Windows Paint JPEG with malformed SOFx field integer overflow attempt (more info ...) | attempted-user | 2010-0028 | URL | ||
| 16424 | BROWSER-PLUGINS Microsoft Windows Script Host Shell Object ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 16432 | BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (more info ...) | attempted-user | 2008-3364 | 30407 | ||
| 16446 | PROTOCOL-RPC portmap Solaris sadmin tcp request (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16447 | PROTOCOL-RPC Solaris UDP portmap sadmin request attempt (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16448 | PROTOCOL-RPC portmap Solaris sadmin tcp adm_build_path overflow attempt (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16449 | PROTOCOL-RPC portmap Solaris sadmin udp adm_build_path overflow attempt (more info ...) | rpc-portmap-decode | 2008-4556 | 31751 | ||
| 16454 | OS-WINDOWS Microsoft Windows SMB Negotiate Protocol response DoS attempt - empty SMB 2 (more info ...) | attempted-dos | 2009-3676 | URL | ||
| 16473 | FILE-IDENTIFY Microsoft Windows Movie Maker project file download request (more info ...) | misc-activity | URL | |||
| 16532 | NETBIOS SMB client TRANS response ring0 remote code execution attempt (more info ...) | attempted-admin | 2010-0476 | URL | ||
| 16533 | OS-WINDOWS Microsoft Windows ISATAP-addressed IPv6 traffic spoofing attempt (more info ...) | misc-attack | 2010-0812 | URL | ||
| 16566 | BROWSER-PLUGINS Tumbleweed SecureTransport ActiveX clsid access (more info ...) | attempted-user | 2008-1724 | 28662 | ||
| 16568 | BROWSER-PLUGINS Altnet Download Manager ADM4 ActiveX clsid access (more info ...) | attempted-user | 2007-5217 | 25903 | ||
| 16569 | BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX clsid access (more info ...) | attempted-user | 2008-4830 | 34524 | ||
| 16571 | BROWSER-PLUGINS EnjoySAP kweditcontrol ActiveX function call access (more info ...) | attempted-user | 2008-4830 | 34524 | ||
| 16573 | BROWSER-PLUGINS obfuscated ActiveX object instantiation via unescape (more info ...) | attempted-user | URL | |||
| 16574 | BROWSER-PLUGINS obfuscated ActiveX object instantiation via fromCharCode (more info ...) | attempted-user | URL | |||
| 16575 | BROWSER-PLUGINS RKD Software BarCode ActiveX buffer overflow attempt (more info ...) | attempted-user | 2007-3435 | 24596 | ||
| 16577 | OS-WINDOWS Microsoft Windows SMBv2 compound request DoS attempt (more info ...) | attempted-dos | 2010-2552 | URL | ||
| 16580 | BROWSER-PLUGINS NCTAudioFile2 ActiveX clsid access via object tag (more info ...) | attempted-user | 2007-0018 | 33469 | ||
| 16581 | BROWSER-PLUGINS Persits Software XUpload ActiveX clsid unsafe function access attempt (more info ...) | attempted-user | 2009-3693 | 36550 | ||
| 16587 | BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16588 | BROWSER-PLUGINS iseemedia LPViewer ActiveX clsid access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 16589 | BROWSER-PLUGINS iseemedia LPViewer ActiveX function call access (more info ...) | attempted-user | 2008-4384 | 31604 | ||
| 16590 | BROWSER-PLUGINS Oracle EasyMail Objects ActiveX exploit attempt (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16595 | SERVER-MAIL Microsoft Windows Mail remote code execution attempt (more info ...) | attempted-user | 2010-0816 | URL | ||
| 16599 | BROWSER-PLUGINS AtHocGov IWSAlerts ActiveX control buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 16608 | BROWSER-PLUGINS HP Mercury Quality Center SPIDERLib ActiveX control access attempt (more info ...) | attempted-user | 2007-1819 | 23239 | URL | |
| 16610 | BROWSER-PLUGINS IBM Access Support ActiveX GetXMLValue method buffer overflow attempt (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16636 | OS-WINDOWS Microsoft Windows .NET framework XMLDsig data tampering attempt (more info ...) | misc-attack | 2009-0217 | URL | ||
| 16661 | FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (more info ...) | attempted-user | 2010-1879 | URL | ||
| 16665 | OS-WINDOWS Microsoft Windows Help Centre escape sequence XSS attempt (more info ...) | attempted-user | 2010-1885 | 40725 | URL | |
| 16672 | BROWSER-PLUGINS Symantec Backup Exec ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2007-6016 | 26904 | ||
| 16679 | OS-WINDOWS Microsoft Windows GDIplus integer overflow attempt (more info ...) | misc-activity | 2009-1217 | 34250 | ||
| 16687 | BROWSER-PLUGINS Juniper Networks SSL-VPN Client JuniperSetup ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2006-2086 | 17712 | ||
| 16699 | PROTOCOL-RPC Linux Kernel nfsd v2 udp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16700 | PROTOCOL-RPC Linux Kernel nfsd v2 tcp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16701 | PROTOCOL-RPC Linux Kernel nfsd v3 udp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16702 | PROTOCOL-RPC Linux Kernel nfsd v3 tcp CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 16704 | BROWSER-PLUGINS CA eTrust PestPatrol ActiveX Initialize method overflow attempt (more info ...) | attempted-user | 2009-4225 | 37133 | ||
| 16711 | BROWSER-PLUGINS E-Book Systems FlipViewer FlipViewerX.dll activex clsid access ActiveX clsid access (more info ...) | attempted-user | 2007-2919 | 24328 | ||
| 16714 | BROWSER-PLUGINS SoftArtisans XFile FileManager ActiveX Control access attempt (more info ...) | attempted-user | 2007-1682 | 30826 | URL | |
| 16715 | BROWSER-PLUGINS SaschArt SasCam Webcam Server ActiveX control exploit attempt (more info ...) | attempted-user | 2008-6898 | 33053 | ||
| 16729 | BROWSER-PLUGINS McAfee Remediation client ActiveX control access attempt (more info ...) | attempted-user | URL | |||
| 16740 | BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control code execution attempt (more info ...) | attempted-user | 2008-1898 | 28820 | ||
| 16741 | BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 16745 | BROWSER-PLUGINS DjVu ActiveX control access attempt (more info ...) | attempted-user | 2008-4922 | 31987 | ||
| 16748 | BROWSER-PLUGINS IBM Access Support ActiveX function call access (more info ...) | attempted-user | 2009-0215 | 34228 | ||
| 16754 | NETBIOS SMB /PlughNTCommand andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16755 | NETBIOS SMB /PlughNTCommand create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16756 | NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16757 | NETBIOS SMB /PlughNTCommand unicode create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16758 | NETBIOS SMB /PlughNTCommand andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16759 | NETBIOS SMB /PlughNTCommand create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16760 | NETBIOS SMB /PlughNTCommand unicode andx create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16761 | NETBIOS SMB /PlughNTCommand unicode create tree attempt (more info ...) | protocol-command-decode | 2009-1394 | |||
| 16762 | NETBIOS SMB Timbuktu Pro overflow WriteAndX andx attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16763 | NETBIOS SMB Timbuktu Pro overflow WriteAndX attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16764 | NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode andx attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16765 | NETBIOS SMB Timbuktu Pro overflow WriteAndX unicode attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16766 | NETBIOS SMB Timbuktu Pro overflow andx attempt (more info ...) | attempted-admin | 2009-1394 | |||
| 16767 | BROWSER-PLUGINS AwingSoft Web3D Player SceneURL ActiveX clsid access (more info ...) | attempted-user | 2009-4850 | |||
| 16769 | BROWSER-PLUGINS AwingSoft Web3D Player ActiveX function call access (more info ...) | attempted-user | 2009-4850 | |||
| 16771 | BROWSER-PLUGINS AwingSoft Web3D Player WindsPlayerIE.View.1 ActiveX SceneURL method overflow attempt (more info ...) | attempted-user | 2009-4588 | |||
| 16772 | BROWSER-PLUGINS EMC Captiva QuickScan Pro ActiveX clsid access (more info ...) | attempted-user | 2012-2515 | 36546 | ||
| 16783 | BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 16784 | BROWSER-PLUGINS Autodesk iDrop ActiveX function call access (more info ...) | attempted-user | URL | |||
| 16789 | BROWSER-PLUGINS Chilkat Crypt 2 ActiveX object access attempt (more info ...) | attempted-user | 2008-5002 | 32073 | ||
| 16790 | BROWSER-PLUGINS Chilkat Crypt 2 ActiveX clsid access attempt (more info ...) | attempted-user | 2008-5002 | 32073 | ||
| 16793 | BROWSER-PLUGINS SAP AG SAPgui EAI WebViewer3D ActiveX function call access (more info ...) | attempted-user | 2007-4475 | 34310 | ||
| 16802 | BROWSER-PLUGINS WinDVD IASystemInfo.dll ActiveX clsid access (more info ...) | attempted-user | 2007-0348 | 23071 | ||
| 16926 | MALWARE-CNC URI request for known malicious URI - strMode=setup&strID=pcvaccine&strPC= (more info ...) | trojan-activity | URL | |||
| 17052 | BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17053 | BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17054 | BROWSER-PLUGINS Symantec AppStream Client LaunchObj ActiveX clsid access attempt (more info ...) | attempted-user | 2008-4388 | 33247 | ||
| 17060 | BROWSER-PLUGINS Roxio CinePlayer SonicDVDDashVRNav.dll ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2007-1559 | 23412 | ||
| 17061 | BROWSER-PLUGINS Symantec Norton Personal Firewall 2004 ActiveX clsid access (more info ...) | attempted-user | 2007-1689 | 23936 | ||
| 17063 | BROWSER-PLUGINS Logitech Video Call 1 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17065 | BROWSER-PLUGINS Logitech Video Call 2 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17067 | BROWSER-PLUGINS Logitech Video Call 3 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17069 | BROWSER-PLUGINS Logitech Video Call 4 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17071 | BROWSER-PLUGINS Logitech Video Call 5 ActiveX clsid access (more info ...) | attempted-user | 2007-2918 | 24254 | ||
| 17073 | BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX clsid access (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17075 | BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin ActiveX function call access (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17077 | BROWSER-PLUGINS Ask Toolbar AskJeevesToolBar.SettingsPlugin.1 ActiveX control buffer overflow attempt (more info ...) | attempted-user | 2007-5107 | 25785 | ||
| 17078 | BROWSER-PLUGINS GOM Player GomWeb ActiveX clsid access (more info ...) | attempted-user | 2007-5779 | 26236 | ||
| 17080 | BROWSER-PLUGINS GOM Player GomWeb ActiveX function call access (more info ...) | attempted-user | 2007-5779 | 26236 | ||
| 17082 | BROWSER-PLUGINS SonicWALL SSL-VPN NeLaunchCtrl ActiveX clsid access (more info ...) | attempted-user | 2007-5603 | 26288 | ||
| 17084 | BROWSER-PLUGINS Creative Software AutoUpdate Engine ActiveX clsid access (more info ...) | attempted-user | 2008-0955 | 29391 | ||
| 17086 | BROWSER-PLUGINS Creative Software AutoUpdate Engine CTSUEng.ocx ActiveX control access attempt (more info ...) | attempted-user | 2008-0955 | 29391 | ||
| 17087 | BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX clsid access (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17089 | BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX function call access (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17091 | BROWSER-PLUGINS VeryDOC PDF Viewer ActiveX control OpenPDF buffer overflow attempt (more info ...) | attempted-user | 2008-5492 | 32313 | ||
| 17092 | BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX clsid access (more info ...) | attempted-user | 2009-3028 | 36346 | ||
| 17094 | BROWSER-PLUGINS Symantec Altirix Deployment Solution AeXNSPkgDLLib.dll ActiveX function call access (more info ...) | attempted-user | 2009-3028 | 36346 | ||
| 17112 | OS-WINDOWS DCERPC rpcss2 _RemoteGetClassObject attempt (more info ...) | attempted-user | 2003-0715 | 8205 | URL | |
| 17117 | FILE-MULTIMEDIA Microsoft Windows MPEG Layer-3 audio heap corruption attempt (more info ...) | attempted-user | 2010-1882 | URL | ||
| 17118 | FILE-EXECUTABLE Microsoft .NET CreateDelegate method arbitrary code execution attempt (more info ...) | attempted-user | 2010-1898 | URL | ||
| 17126 | OS-WINDOWS Microsoft Windows SMB large session length with small packet (more info ...) | attempted-dos | 2010-2551 | URL | ||
| 17128 | FILE-MULTIMEDIA Microsoft Windows AVI cinepak codec decompression remote code execution attempt (more info ...) | attempted-user | 2010-2553 | 42256 | URL | |
| 17133 | OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (more info ...) | attempted-dos | 2010-2561 | URL | ||
| 17135 | FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (more info ...) | attempted-user | 2010-2564 | URL | ||
| 17151 | NETBIOS SMB negotiate protocol request - ascii strings (more info ...) | protocol-command-decode | ||||
| 17163 | BROWSER-PLUGINS Liquid XML Studio ActiveX function call access (more info ...) | attempted-user | URL | |||
| 17167 | BROWSER-PLUGINS Oracle Siebel Option Pack 1 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17169 | BROWSER-PLUGINS Oracle Siebel Option Pack 2 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17171 | BROWSER-PLUGINS Oracle Siebel Option Pack 3 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17173 | BROWSER-PLUGINS Oracle Siebel Option Pack 4 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17175 | BROWSER-PLUGINS Oracle Siebel Option Pack 5 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17177 | BROWSER-PLUGINS Oracle Siebel Option Pack 6 ActiveX clsid access (more info ...) | attempted-user | 2009-3737 | URL | ||
| 17210 | FILE-EXECUTABLE Microsoft Windows executable file load from SMB share attempt (more info ...) | policy-violation | ||||
| 17226 | BROWSER-PLUGINS AXIS Camera ActiveX initialization via script (more info ...) | attempted-user | 2008-5260 | 33408 | ||
| 17231 | FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (more info ...) | attempted-user | 2007-2217 | URL | ||
| 17232 | FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (more info ...) | attempted-user | 2010-3950 | URL | ||
| 17252 | OS-WINDOWS Microsoft Windows Print Spooler arbitrary file write attempt (more info ...) | attempted-user | 2010-2729 | URL | ||
| 17256 | OS-WINDOWS Microsoft Windows uniscribe fonts parsing memory corruption attempt (more info ...) | attempted-user | 2010-2738 | 43068 | URL | |
| 17306 | OS-WINDOWS Microsoft Malware Protection Engine file processing denial of service attempt (more info ...) | denial-of-service | 2008-1437 | URL | ||
| 17316 | OS-WINDOWS Microsoft Windows Folder GUID Code Execution attempt (more info ...) | attempted-user | 2006-3281 | 19389 | ||
| 17321 | NETBIOS DCERPC NCACN-IP-TCP spoolss EnumPrinters name overflow attempt (more info ...) | attempted-admin | 2007-6701 | 25092 | URL | |
| 17330 | FILE-IMAGE Microsoft Windows GRE WMF Handling Memory Read Exception attempt (more info ...) | attempted-user | 2006-0143 | 16167 | ||
| 17337 | INDICATOR-SHELLCODE x86 Microsoft Win32 export table enumeration variant (more info ...) | shellcode-detect | ||||
| 17347 | OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (more info ...) | attempted-user | 2005-1219 | 14214 | ||
| 17364 | FILE-IDENTIFY Microsoft Windows Help Workshop CNT Help file download request (more info ...) | misc-activity | URL | |||
| 17365 | FILE-OTHER Microsoft Windows Help Workshop CNT Help contents buffer overflow attempt (more info ...) | web-application-attack | 2007-0352 | 22100 | ||
| 17366 | FILE-OTHER Microsoft Help Workshop HPJ OPTIONS section buffer overflow attempt (more info ...) | attempted-user | 2007-0427 | 22135 | ||
| 17374 | FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (more info ...) | attempted-user | 2007-1912 | 23382 | ||
| 17382 | FILE-OTHER Microsoft Project Invalid Memory Pointer Code Execution attempt (more info ...) | attempted-user | 2008-1088 | 28607 | ||
| 17408 | OS-WINDOWS Microsoft Windows DirectX Targa image file heap overflow attempt (more info ...) | attempted-user | 2006-4183 | 24963 | ||
| 17413 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 17435 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17436 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17437 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceList attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17438 | OS-WINDOWS DCERPC NCACN-IP-TCP umpnpmgr PNP_GetDeviceListSize attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 17439 | OS-WINDOWS Microsoft Distributed Transaction Controller TIP DoS attempt (more info ...) | attempted-dos | 2005-1979 | 15058 | ||
| 17442 | FILE-OTHER Microsoft Windows download of .lnk file that executes cmd.exe detected (more info ...) | attempted-user | 2005-2122 | 15069 | URL | |
| 17443 | FILE-MULTIMEDIA Microsoft DirectShow AVI decoder buffer overflow attempt (more info ...) | attempted-user | 2005-2128 | 15063 | ||
| 17464 | BROWSER-PLUGINS AOL Radio AmpX ActiveX clsid access (more info ...) | attempted-user | 2007-5755 | 26396 | ||
| 17467 | OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 17489 | FILE-OTHER Microsoft Windows Help File Heap Buffer Overflow attempt (more info ...) | attempted-user | 2006-1591 | 17325 | ||
| 17490 | FILE-OTHER Microsoft Windows itss.dll CHM File Handling Heap Corruption attempt (more info ...) | attempted-admin | 2006-2297 | 17926 | ||
| 17509 | FILE-IDENTIFY Microsoft Windows .NET Manifest file download request (more info ...) | misc-activity | 2006-6696 | 21688 | URL | |
| 17510 | FILE-IDENTIFY Microsoft Windows .NET Deploy file download request (more info ...) | misc-activity | 2006-6696 | 21688 | URL | |
| 17546 | FILE-IDENTIFY Microsoft Media Player compressed skin download request (more info ...) | policy-violation | 2007-3037 | 25305 | URL | |
| 17571 | BROWSER-PLUGINS obfuscated instantiation of ActiveX object - likely malicious (more info ...) | attempted-user | 2008-3558 | URL | ||
| 17572 | OS-WINDOWS Microsoft XML Core Services cross-site information disclosure attempt (more info ...) | attempted-recon | 2013-7331 | 32155 | URL | |
| 17592 | BROWSER-PLUGINS Microsoft MyInfo.dll ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17593 | BROWSER-PLUGINS Microsoft msdxm.ocx ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17594 | BROWSER-PLUGINS Microsoft creator.dll 1 ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17595 | BROWSER-PLUGINS Microsoft creator.dll 2 ActiveX clsid access (more info ...) | attempted-user | 2006-4495 | 19636 | URL | |
| 17614 | BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 17616 | BROWSER-PLUGINS SAP GUI SAPBExCommonResources ActiveX function call access (more info ...) | attempted-user | URL | |||
| 17618 | OS-WINDOWS Microsoft Windows Graphics engine EMF rendering vulnerability (more info ...) | attempted-user | 2005-2123 | 15352 | ||
| 17626 | OS-WINDOWS Microsoft Windows embedded web font handling buffer overflow attempt (more info ...) | attempted-user | 2006-0010 | 16194 | ||
| 17634 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian object call overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17635 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 little endian overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17636 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 object call overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17637 | NETBIOS DCERPC NCACN-IP-TCP brightstor-arc function 0 overflow attempt (more info ...) | attempted-admin | 2008-4398 | URL | ||
| 17640 | NETBIOS DCERPC NCACN-IP-TCP brightstor opnum 43 overflow attempt (more info ...) | attempted-admin | 2007-0169 | 22005 | URL | |
| 17654 | BROWSER-PLUGINS Facebook Photo Uploader ActiveX exploit attempt (more info ...) | attempted-user | 2008-5711 | 27756 | URL | |
| 17702 | OS-WINDOWS DCERPC NCACN-IP-TCP srvsvc NetrDfsCreateExitPoint dos attempt (more info ...) | attempted-dos | 2005-3644 | 15460 | URL | |
| 17711 | OS-WINDOWS Microsoft Windows ASF parsing memory corruption attempt (more info ...) | attempted-user | 2007-0064 | URL | ||
| 17721 | OS-WINDOWS Microsoft Windows WINS replication inform2 request memory corruption attempt (more info ...) | attempted-admin | 2009-1924 | URL | ||
| 17730 | OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (more info ...) | attempted-user | 2007-0099 | URL | ||
| 17731 | OS-WINDOWS Microsoft Windows wpad dynamic update request (more info ...) | attempted-admin | 2009-0093 | URL | ||
| 17737 | SERVER-MAIL Microsoft collaboration data objects buffer overflow attempt (more info ...) | attempted-user | 2005-1987 | 15067 | ||
| 17745 | NETBIOS SMB TRANS2 Find_First2 request attempt (more info ...) | protocol-command-decode | ||||
| 17746 | OS-WINDOWS Microsoft Windows SMB client TRANS response Find_First2 filename overflow attempt (more info ...) | attempted-admin | 2005-0045 | 12484 | URL | |
| 17749 | PROTOCOL-RPC Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt (more info ...) | misc-attack | 2009-1072 | 34205 | ||
| 18072 | OS-WINDOWS Microsoft Forefront UAG external redirect attempt (more info ...) | policy-violation | 2010-2732 | URL | ||
| 18073 | OS-WINDOWS Microsoft Forefront UAG arbitrary embedded scripting attempt (more info ...) | attempted-user | 2010-2733 | URL | ||
| 18074 | OS-WINDOWS Microsoft Windows Forefront UAG URL XSS attempt (more info ...) | attempted-admin | 2010-2734 | URL | ||
| 18076 | OS-WINDOWS Microsoft Forefront UAG URL XSS alternate attempt (more info ...) | attempted-admin | 2010-3936 | URL | ||
| 18195 | OS-WINDOWS Microsoft Windows SMB Negotiate Protocol response DoS attempt (more info ...) | attempted-dos | 2009-3676 | URL | ||
| 18215 | OS-WINDOWS NETAPI RPC interface reboot attempt (more info ...) | attempted-user | 2010-2742 | URL | ||
| 18219 | FILE-OTHER Microsoft Windows ATMFD font driver remote code execution attempt (more info ...) | attempted-user | 2010-3957 | URL | ||
| 18220 | OS-WINDOWS Microsoft Windows ATMFD font driver malformed character glyph remote code execution attempt (more info ...) | attempted-user | 2010-3959 | URL | ||
| 18242 | BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (more info ...) | attempted-user | 2010-4588 | URL | ||
| 18246 | OS-WINDOWS Microsoft Windows Fax Services Cover Page Editor overflow attempt (more info ...) | attempted-user | URL | |||
| 18266 | OS-WINDOWS DCERPC NCADG-IP-UDP rpcss2_RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 18267 | OS-WINDOWS DCERPC NCACN-IP-TCP rpcss2_RemoteGetClassObject attempt (more info ...) | protocol-command-decode | 2003-0605 | URL | ||
| 18274 | FILE-IDENTIFY Microsoft Windows Mail file download request (more info ...) | misc-activity | 10767 | |||
| 18276 | FILE-OTHER Microsoft Data Access Components library attempt (more info ...) | attempted-user | 2011-0026 | URL | ||
| 18277 | OS-WINDOWS Microsoft Windows Vista Backup Tool fveapi.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3145 | URL | ||
| 18278 | OS-WINDOWS Microsoft Windows Vista Backup Tool request for fveapi.dll over SMB attempt (more info ...) | attempted-user | 2010-3145 | URL | ||
| 18297 | OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (more info ...) | attempted-user | 2010-2746 | URL | ||
| 18309 | OS-WINDOWS Microsoft Vector Markup Language fill method overflow attempt (more info ...) | attempted-user | 2006-4868 | 20096 | URL | |
| 18315 | OS-WINDOWS DCERPC NCACN-IP-TCP wkssvc NetrValidateName2 overflow attempt (more info ...) | attempted-admin | 2003-0812 | 9011 | 11921 | URL |
| 18321 | BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX clsid access (more info ...) | attempted-user | ||||
| 18322 | BROWSER-PLUGINS SonicWall Aventail EPInterrogator ActiveX function call access (more info ...) | attempted-user | ||||
| 18323 | BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX clsid access (more info ...) | attempted-user | 2010-2583 | 44535 | ||
| 18324 | BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (more info ...) | attempted-user | 2010-2583 | 44535 | ||
| 18325 | BROWSER-PLUGINS Image Viewer CP Gold 6 ActiveX clsid access (more info ...) | attempted-user | 45155 | |||
| 18329 | BROWSER-PLUGINS Microsoft Windows WMI Administrator Tools Object Viewer ActiveX function call access (more info ...) | attempted-user | 2010-4588 | URL | ||
| 18335 | OS-WINDOWS Microsoft Windows MHTML XSS attempt (more info ...) | attempted-user | 2011-0096 | URL | ||
| 18385 | MALWARE-CNC User-Agent known malicious user-agent string HTTPCSDCENTER (more info ...) | trojan-activity | URL | |||
| 18396 | OS-WINDOWS Microsoft Windows Hypervisor OS-WINDOWS vfd download attempt (more info ...) | attempted-admin | 2010-0026 | URL | ||
| 18406 | FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos executable attempt (more info ...) | attempted-admin | 2011-0040 | URL | ||
| 18407 | FILE-OTHER Microsoft Windows Server 2003 update service principal name spn dos attempt (more info ...) | attempted-admin | 2011-0040 | URL | ||
| 18408 | OS-WINDOWS Microsoft Windows WMI tracing api integer truncation attempt (more info ...) | attempted-admin | 2011-0045 | URL | ||
| 18463 | FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (more info ...) | attempted-user | 2010-1882 | URL | ||
| 18490 | BROWSER-PLUGINS Whale Client Components ActiveX clsid access (more info ...) | attempted-user | 2007-2238 | 34532 | ||
| 18494 | OS-WINDOWS Microsoft product .dll dll-load exploit attempt (more info ...) | attempted-user | 2015-1758 | URL | ||
| 18498 | FILE-OTHER Microsoft Media Player dvr-ms file parsing remote code execution attempt (more info ...) | attempted-user | 2011-0042 | URL | ||
| 18499 | OS-WINDOWS Microsoft Groove mso.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0108 | URL | ||
| 18583 | FILE-IMAGE Microsoft Windows wmf integer overflow attempt (more info ...) | web-application-attack | 2007-3034 | 25302 | URL | |
| 18594 | BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (more info ...) | attempted-user | 2008-3364 | 30407 | ||
| 18595 | BROWSER-PLUGINS Trend Micro Web Deployment ActiveX clsid access (more info ...) | attempted-user | 2008-3364 | 30407 | ||
| 18619 | OS-WINDOWS Microsoft Visual Studio MFC applications mfc40.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18620 | OS-WINDOWS Microsoft Visual Studio MFC applications mfc42.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18621 | OS-WINDOWS Microsoft Visual Studio MFC applications mfc80.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18622 | OS-WINDOWS Microsoft Visual Studio MFC applications mfc90.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18623 | OS-WINDOWS Microsoft Visual Studio MFC applications mfc100.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18624 | OS-WINDOWS Microsoft Windows .NET framework optimizer escalation attempt (more info ...) | attempted-user | 2010-3958 | URL | ||
| 18625 | OS-WINDOWS Microsoft Foundation Class applications mfc40.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18626 | OS-WINDOWS Microsoft Foundation Class applications mfc42.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18627 | OS-WINDOWS Microsoft Foundation Class applications mfc80.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18628 | OS-WINDOWS Microsoft Foundation Class applications mfc90.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18629 | OS-WINDOWS Microsoft Foundation Class applications mfc100.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3190 | URL | ||
| 18644 | FILE-OTHER Microsoft Windows OpenType Fonts CompactFontFormat FontMatrix tranform memory corruption attempt (more info ...) | attempted-admin | 2011-0034 | URL | ||
| 18645 | FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (more info ...) | attempted-user | 2011-0041 | URL | ||
| 18655 | OS-WINDOWS Microsoft Windows LLMNR invalid reverse name lookup stack corruption attempt (more info ...) | attempted-admin | 2011-0657 | URL | ||
| 18660 | OS-WINDOWS Microsoft Windows SMB2 write packet buffer overflow attempt (more info ...) | attempted-admin | 2011-0661 | URL | ||
| 18668 | BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (more info ...) | attempted-user | 2011-1243 | URL | ||
| 18673 | OS-WINDOWS Microsoft Fax Cover Page Editor heap corruption attempt (more info ...) | attempted-user | 2010-3974 | URL | ||
| 18675 | FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (more info ...) | misc-activity | ||||
| 18691 | OS-WINDOWS Microsoft Windows AFD.SYS null write attempt (more info ...) | attempted-admin | 2011-1249 | URL | ||
| 18741 | BROWSER-PLUGINS CrystalReports EnterpriseControls ActiveX clsid access (more info ...) | attempted-user | 2008-0379 | 27333 | ||
| 18756 | INDICATOR-COMPROMISE Microsoft cmd.exe banner Windows 7/Server 2008R2 (more info ...) | successful-admin | 11633 | |||
| 18757 | INDICATOR-COMPROMISE Microsoft cmd.exe banner Windows Vista (more info ...) | successful-admin | 11633 | |||
| 18950 | OS-WINDOWS Microsoft WINS service oversize payload exploit attempt (more info ...) | attempted-admin | 2011-1248 | URL | ||
| 18952 | FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (more info ...) | attempted-user | 2010-2738 | 43068 | URL | |
| 18961 | OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (more info ...) | attempted-dos | 2010-2561 | URL | ||
| 18962 | OS-WINDOWS Microsoft Windows MSXML2 ActiveX malformed HTTP response (more info ...) | attempted-dos | 2010-2561 | URL | ||
| 18974 | BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call attempt (more info ...) | attempted-user | 2010-2590 | 45387 | ||
| 18975 | BROWSER-PLUGINS SAP Crystal Reports PrintControl.dll ActiveX function call access (more info ...) | attempted-user | 2010-2590 | 45387 | ||
| 18980 | MALWARE-CNC WinSpywareProtect variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18981 | MALWARE-CNC WinSpywareProtect variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18982 | MALWARE-CNC WinSpywareProtect variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19063 | FILE-MULTIMEDIA Microsoft Windows Movie Maker string size overflow attempt (more info ...) | attempted-user | 2010-2564 | URL | ||
| 19064 | FILE-OTHER Microsoft OpenType font index remote code execution attempt (more info ...) | attempted-user | 2010-3956 | 45311 | URL | |
| 19086 | BROWSER-PLUGINS LEADTOOLS Raster Twain LtocxTwainu.dll ActiveX function call (more info ...) | attempted-user | 42823 | |||
| 19109 | BROWSER-PLUGINS SonicWall Aventail EPInstaller ActiveX function call access (more info ...) | attempted-user | ||||
| 19119 | OS-WINDOWS Microsoft Windows ATMFD font driver remote code execution attempt (more info ...) | attempted-user | 2010-3957 | URL | ||
| 19130 | FILE-IMAGE Microsoft Windows Paint jpeg with malformed SOFx field integer overflow attempt (more info ...) | attempted-user | 2010-0028 | URL | ||
| 19144 | FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (more info ...) | attempted-user | 2010-1882 | 42298 | URL | |
| 19146 | FILE-MULTIMEDIA Microsoft Windows DirectX quartz.dll MJPEG content processing memory corruption attempt (more info ...) | attempted-user | 2010-1879 | 40432 | URL | |
| 19151 | BROWSER-PLUGINS Trend Micro HouseCall ActiveX clsid access (more info ...) | attempted-user | 2010-3189 | |||
| 19152 | BROWSER-PLUGINS Trend Micro HouseCall ActiveX function call access (more info ...) | attempted-user | 2010-3189 | |||
| 19170 | FILE-OTHER Microsoft Windows .NET Framework XAML browser applications stack corruption (more info ...) | attempted-user | 2010-3958 | 47223 | ||
| 19184 | OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (more info ...) | attempted-user | 2011-0658 | URL | ||
| 19185 | OS-WINDOWS Microsoft Windows .NET ArraySegment escape exploit attempt (more info ...) | attempted-user | 2011-0664 | URL | ||
| 19186 | OS-WINDOWS Microsoft Certification service XSS attempt (more info ...) | attempted-user | 2011-1264 | URL | ||
| 19188 | OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 19189 | OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (more info ...) | attempted-admin | 2011-1869 | URL | ||
| 19190 | NETBIOS SMB-DS Trans2 Distributed File System GET_DFS_REFERRAL request (more info ...) | protocol-command-decode | ||||
| 19191 | OS-WINDOWS Microsoft Windows SMB2 zero length write attempt (more info ...) | attempted-admin | 2011-1267 | URL | ||
| 19193 | BROWSER-PLUGINS Oracle Document Capture ActiveX clsid access (more info ...) | attempted-user | 2010-3599 | 45856 | ||
| 19194 | BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (more info ...) | attempted-user | 2010-3599 | 45856 | ||
| 19195 | BROWSER-PLUGINS Oracle Document Capture ActiveX function call access (more info ...) | attempted-user | 2010-3599 | 45856 | ||
| 19197 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX clsid access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 19198 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 19218 | FILE-IDENTIFY Microsoft Windows Fax Cover page document file download request (more info ...) | misc-activity | ||||
| 19219 | FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (more info ...) | attempted-admin | 2010-2701 | 45942 | ||
| 19220 | FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption (more info ...) | attempted-admin | 2010-2701 | 45942 | ||
| 19221 | OS-WINDOWS Microsoft Windows SMB-DS Trans2 Distributed File System response PathConsumed integer overflow attempt (more info ...) | attempted-admin | 2011-1869 | URL | ||
| 19233 | FILE-IDENTIFY Microsoft Windows Visual Studio DISCO file download request (more info ...) | misc-activity | URL | |||
| 19234 | OS-WINDOWS Microsoft Visual Studio information disclosure attempt (more info ...) | misc-attack | 2011-1280 | URL | ||
| 19241 | BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (more info ...) | attempted-admin | 2011-1264 | 48173 | URL | |
| 19242 | BROWSER-IE Microsoft Windows Vector Markup Language imagedata page deconstruction attempt (more info ...) | attempted-admin | 2011-1264 | 48173 | URL | |
| 19304 | BROWSER-PLUGINS Oracle EasyMail ActiveX clsid access (more info ...) | attempted-user | 2010-3595 | 45849 | ||
| 19305 | BROWSER-PLUGINS Oracle EasyMail ActiveX function call access (more info ...) | attempted-user | 2010-3595 | 45849 | ||
| 19308 | FILE-OTHER Microsoft Windows embedded OpenType EOT font integer overflow attempt (more info ...) | attempted-user | 2010-1883 | 43775 | URL | |
| 19315 | OS-WINDOWS Microsoft Groove GroovePerfmon.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3146 | URL | ||
| 19320 | FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (more info ...) | attempted-user | 2009-1545 | 35967 | URL | |
| 19403 | FILE-MULTIMEDIA Microsoft Windows AVI cinepak codec decompression remote code execution attempt (more info ...) | attempted-user | 2010-2553 | 42256 | URL | |
| 19460 | OS-WINDOWS Microsoft Windows CSRSS multiple consoles on a single process attempt (more info ...) | attempted-user | 2011-1281 | URL | ||
| 19461 | OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (more info ...) | attempted-user | 2011-1282 | URL | ||
| 19462 | OS-WINDOWS Microsoft Windows CSRSS negative array index code execution attempt (more info ...) | attempted-user | 2011-1283 | URL | ||
| 19463 | OS-WINDOWS Microsoft Windows CSRSS double free attempt (more info ...) | attempted-user | 2011-1284 | URL | ||
| 19464 | OS-WINDOWS Microsoft CSRSS integer overflow attempt (more info ...) | attempted-user | 2011-1870 | URL | ||
| 19467 | OS-WINDOWS Microsoft CSRSS NULL Fontface pointer attempt (more info ...) | attempted-user | 2011-1874 | URL | ||
| 19468 | OS-WINDOWS Microsoft stale data code execution attempt (more info ...) | attempted-user | 2011-1875 | URL | ||
| 19469 | OS-WINDOWS Microsoft invalid message kernel-mode memory disclosure attempt (more info ...) | attempted-user | 2011-1886 | URL | ||
| 19562 | BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (more info ...) | attempted-user | ||||
| 19563 | BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (more info ...) | attempted-user | ||||
| 19564 | BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX clsid access (more info ...) | attempted-user | ||||
| 19565 | BROWSER-PLUGINS RealNetworks RealGames InstallerDlg.dll ActiveX function call access (more info ...) | attempted-user | ||||
| 19650 | BROWSER-PLUGINS Cisco AnyConnect ActiveX clsid access (more info ...) | attempted-user | 2011-2039 | URL | ||
| 19651 | BROWSER-PLUGINS Cisco AnyConnect ActiveX function call access (more info ...) | attempted-user | 2011-2039 | URL | ||
| 19665 | OS-WINDOWS Microsoft Windows Remote Desktop web access cross site scripting attempt - GET request (more info ...) | web-application-attack | 2011-1263 | URL | ||
| 19673 | OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-1975 | URL | ||
| 19674 | OS-WINDOWS Microsoft Data Access Components bidlab.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-1975 | URL | ||
| 19681 | OS-WINDOWS Microsoft Report Viewer reflect XSS attempt (more info ...) | attempted-user | 2011-1976 | URL | ||
| 19694 | SERVER-WEBAPP Microsoft Windows .NET Chart Control directory traversal attempt (more info ...) | attempted-recon | 2011-1977 | URL | ||
| 19816 | NETBIOS Juniper NeoterisSetupService named pipe access attempt (more info ...) | protocol-command-decode | 2009-4643 | |||
| 19817 | NETBIOS Juniper Odyssey Access Client DSSETUPSERVICE_CMD_UNINSTALL overflow attempt (more info ...) | attempted-admin | 2009-4643 | URL | ||
| 19818 | OS-WINDOWS Microsoft XML core services cross-domain information disclosure attempt (more info ...) | attempted-recon | 2008-4033 | URL | ||
| 19893 | BROWSER-PLUGINS Microsoft Windows Tabular Control ActiveX overflow by CLSID / param tag (more info ...) | attempted-user | 2010-0805 | URL | ||
| 19909 | BROWSER-PLUGINS Cisco AnyConnect ActiveX clsid access (more info ...) | attempted-user | 2011-2039 | URL | ||
| 19911 | FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (more info ...) | attempted-user | 2011-1276 | 48161 | URL | |
| 19925 | BROWSER-PLUGINS Novell iPrint ActiveX client browser plugin call-back-url buffer overflow attempt (more info ...) | attempted-user | 2010-1527 | URL | ||
| 19956 | FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (more info ...) | attempted-user | 2010-0265 | URL | ||
| 20061 | NETBIOS DCERPC NCACN-IP-TCP ca-alert function 16,23,40, and 41 overflow attempt (more info ...) | attempted-admin | 2007-4620 | 28605 | URL | |
| 20071 | BROWSER-PLUGINS Microsoft Windows Visual Studio WMIScriptUtils.WMIObjectBroker2.1 ActiveX CLSID access (more info ...) | attempted-user | 2006-4704 | URL | ||
| 20073 | OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-user | 2011-1873 | URL | ||
| 20114 | SERVER-WEBAPP Microsoft SharePoint hiddenSpanData cross site scripting attempt (more info ...) | web-application-attack | 2011-1891 | URL | ||
| 20117 | SERVER-WEBAPP Microsoft SharePoint XSS (more info ...) | web-application-attack | 2011-1252 | URL | ||
| 20118 | OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-1991 | URL | ||
| 20119 | OS-WINDOWS Microsoft Windows shell extensions deskpan.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-1991 | URL | ||
| 20120 | OS-WINDOWS Microsoft Windows WINS internal communications on network exploit attempt (more info ...) | attempted-user | 2011-1984 | URL | ||
| 20132 | OS-WINDOWS Microsoft Windows Vista SMB2 zero length write attempt (more info ...) | attempted-admin | 2011-1267 | URL | ||
| 20168 | BROWSER-PLUGINS ChemView SaveAsMolFile vulnerability ActiveX clsid access (more info ...) | attempted-user | 2010-0679 | 38225 | ||
| 20175 | BROWSER-PLUGINS Microsoft Windows Remote Desktop Client ActiveX clsid access (more info ...) | attempted-user | 2009-1929 | URL | ||
| 20248 | PROTOCOL-RPC IBM AIX and Oracle Solaris nfsd v4 nfs_portmon security bypass attempt (more info ...) | misc-attack | 2009-3517 | 36544 | ||
| 20253 | OS-WINDOWS Microsoft products oleacc.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-1247 | URL | ||
| 20255 | BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (more info ...) | attempted-user | 2011-1253 | URL | ||
| 20256 | OS-WINDOWS Microsoft Forefront UAG http response splitting attempt (more info ...) | attempted-user | 2011-1895 | URL | ||
| 20259 | FILE-OTHER Microsoft Agent Helper Malicious JAR download attempt (more info ...) | attempted-user | 2011-1969 | URL | ||
| 20260 | FILE-IDENTIFY Microsoft Client Agent Helper JAR file download request (more info ...) | misc-activity | 2011-1969 | URL | ||
| 20271 | OS-WINDOWS Microsoft Windows Host Integration Server SNA length dos attempt (more info ...) | attempted-dos | 2011-2008 | URL | ||
| 20272 | OS-WINDOWS Microsoft Windows Forefront UAG NLSessionS cookie overflow attempt (more info ...) | attempted-dos | 2011-2012 | URL | ||
| 20274 | NETBIOS DCERPC NCACN-IP-TCP NetShareEnumAll request (more info ...) | protocol-command-decode | URL | |||
| 20275 | NETBIOS DCERPC NCACN-IP-TCP spoolss NetShareEnumAll response overflow attempt (more info ...) | attempted-admin | 2009-0228 | 35206 | URL | |
| 20285 | BROWSER-PLUGINS Black Ice Barcode SDK ActiveX clsid access (more info ...) | attempted-user | 2008-2684 | 29579 | ||
| 20286 | BROWSER-PLUGINS Black Ice Barcode SDK ActiveX function call access (more info ...) | attempted-user | 2008-2684 | 29579 | ||
| 20536 | BROWSER-PLUGINS Moxa MediaDBPlayback.DLL ActiveX clsid access (more info ...) | attempted-user | ||||
| 20537 | BROWSER-PLUGINS Phobos.Playlist ActiveX clsid access (more info ...) | attempted-user | ||||
| 20538 | BROWSER-PLUGINS Phobos.Playlist ActiveX function call access (more info ...) | attempted-user | ||||
| 20572 | FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (more info ...) | attempted-user | 2011-2003 | URL | ||
| 20573 | BROWSER-PLUGINS Oracle AutoVueX Control ExportEdaBom ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 20574 | BROWSER-PLUGINS Oracle AutoVueX Control ExportEdaBom ActiveX function call access (more info ...) | attempted-user | URL | |||
| 20591 | BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX clsid access (more info ...) | attempted-user | 2011-3174 | |||
| 20592 | BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX function call access (more info ...) | attempted-user | 2011-3174 | |||
| 20603 | OS-WINDOWS Microsoft Windows RSH daemon buffer overflow attempt (more info ...) | attempted-admin | 2007-4006 | |||
| 20707 | BROWSER-PLUGINS Dell IT Assistant ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20708 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20710 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20711 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20712 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20713 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20714 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20715 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20716 | BROWSER-PLUGINS Yahoo! CD Player ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20735 | FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (more info ...) | attempted-user | 2011-3402 | URL | ||
| 20768 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20769 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-user | 2011-1873 | URL | ||
| 20770 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20771 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20772 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20773 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20774 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20775 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20776 | FILE-OTHER Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 20834 | BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2657 | URL | ||
| 20835 | BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2657 | URL | ||
| 20846 | BROWSER-PLUGINS Oracle Hyperion Strategic Finance Client SetDevNames ActiveX clsid access attempt (more info ...) | attempted-user | 2011-5167 | |||
| 20847 | BROWSER-PLUGINS Oracle Hyperion Strategic Finance Client SetDevNames ActiveX clsid access attempt (more info ...) | attempted-user | 2011-5167 | |||
| 20879 | OS-WINDOWS Microsoft Windows Embedded Package Object packager.exe file load exploit attempt (more info ...) | attempted-user | 2012-0009 | URL | ||
| 20884 | OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (more info ...) | attempted-user | 2012-0007 | URL | ||
| 20901 | BROWSER-PLUGINS Microsoft Works WkImgSrv.dll ActiveX control exploit attempt (more info ...) | attempted-user | 2008-1898 | 28820 | ||
| 20902 | FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (more info ...) | attempted-admin | 2011-0034 | URL | ||
| 20903 | FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (more info ...) | attempted-admin | 2011-0034 | URL | ||
| 20904 | FILE-OTHER Microsoft Windows OpenType font parsing stack overflow attempt (more info ...) | attempted-admin | 2011-0034 | URL | ||
| 20949 | BROWSER-PLUGINS Autodesk iDrop ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 21000 | PROTOCOL-SCADA Microsys PROMOTIC ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 21001 | PROTOCOL-SCADA Microsys PROMOTIC ActiveX function call access (more info ...) | attempted-user | URL | |||
| 21007 | FILE-IDENTIFY Microsoft Money file magic detected (more info ...) | misc-activity | ||||
| 21008 | FILE-IDENTIFY Microsoft Money file download request (more info ...) | misc-activity | ||||
| 21009 | FILE-IDENTIFY Microsoft Money file attachment detected (more info ...) | misc-activity | ||||
| 21010 | FILE-IDENTIFY Microsoft Money file attachment detected (more info ...) | misc-activity | ||||
| 21022 | BROWSER-PLUGINS Viscom Software Image Viewer ActiveX clsid access (more info ...) | attempted-user | 2010-5193 | URL | ||
| 21023 | BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (more info ...) | attempted-user | 2010-5193 | URL | ||
| 21024 | BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (more info ...) | attempted-user | 51397 | URL | ||
| 21025 | BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (more info ...) | attempted-user | 51397 | URL | ||
| 21026 | BROWSER-PLUGINS McAfee Security as a Service ActiveX clsid access attempt (more info ...) | attempted-user | 51397 | URL | ||
| 21027 | BROWSER-PLUGINS McAfee Security as a Service ActiveX function call attempt (more info ...) | attempted-user | 51397 | URL | ||
| 21029 | BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 21030 | BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 21031 | BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 21032 | BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 21033 | BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 21034 | BROWSER-PLUGINS Bennet-Tec TList saveData arbitrary file creation ActiveX function call access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 21063 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 21064 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 21076 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access (more info ...) | attempted-user | 2011-4787 | 51400 | ||
| 21077 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call (more info ...) | attempted-user | 2011-4787 | 51400 | ||
| 21080 | BROWSER-PLUGINS Microsoft Windows Scripting Host Shell ActiveX function call access (more info ...) | attempted-user | 2006-0003 | 17462 | URL | |
| 21088 | OS-WINDOWS Microsoft Windows remote desktop denial of service attempt (more info ...) | attempted-dos | 2005-1218 | 14259 | URL | |
| 21089 | OS-WINDOWS Microsoft Windows remote desktop oversized cookie attempt (more info ...) | attempted-dos | 2005-1218 | 14259 | URL | |
| 21094 | BROWSER-PLUGINS McAfee Remediation Agent ActiveX function call access (more info ...) | attempted-user | URL | |||
| 21100 | PROTOCOL-RPC Novell Netware xdr decode string length buffer overflow attempt (more info ...) | attempted-user | 2011-4191 | URL | ||
| 21160 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 21165 | FILE-OTHER multiple products GeckoActiveX COM object recon attempt (more info ...) | attempted-recon | 2009-3987 | 37360 | ||
| 21262 | OS-WINDOWS DCERPC ISystemActivate flood attempt (more info ...) | protocol-command-decode | 2003-0813 | 8811 | 12206 | URL |
| 21264 | BROWSER-PLUGINS Symantec Norton Internet Security 2004 ActiveX function call (more info ...) | attempted-user | 2004-0363 | 9916 | ||
| 21281 | OS-WINDOWS Microsoft Windows ATMFD font driver malicious font file remote code execution attempt (more info ...) | attempted-admin | 2011-1873 | URL | ||
| 21289 | OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-5082 | URL | ||
| 21290 | OS-WINDOWS Microsoft Color Control Panel STI.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-5082 | URL | ||
| 21298 | SERVER-WEBAPP Microsoft SharePoint chart webpart XSS attempt (more info ...) | web-application-attack | 2012-0145 | URL | ||
| 21309 | OS-WINDOWS Microsoft product request for fputlsat.dll over SMB attempt (more info ...) | attempted-user | 2011-1980 | URL | ||
| 21310 | OS-WINDOWS Microsoft product fputlsat.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-1980 | URL | ||
| 21352 | OS-WINDOWS Microsoft Fax Cover Page Editor heap corruption attempt (more info ...) | attempted-user | 2010-3974 | URL | ||
| 21357 | OS-WINDOWS Microsoft Windows OLEAUT32.DLL malicious WMF file remote code execution attempt (more info ...) | attempted-user | 2011-0658 | URL | ||
| 21405 | OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (more info ...) | attempted-user | 2012-0007 | URL | ||
| 21439 | FILE-IMAGE Microsoft Windows GDI+ arbitrary code execution attempt (more info ...) | attempted-user | 2011-0041 | URL | ||
| 21489 | FILE-OTHER Microsoft Windows chm file malware related exploit (more info ...) | trojan-activity | URL | |||
| 21493 | BROWSER-PLUGINS Microsoft Windows DRM technology msnetobj.dll ActiveX clsid access (more info ...) | attempted-user | 43345 | URL | ||
| 21558 | BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (more info ...) | attempted-user | 2005-2127 | 10392 | URL | |
| 21559 | BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (more info ...) | attempted-user | 2005-2127 | 10392 | URL | |
| 21560 | BROWSER-PLUGINS Symantec Norton Antivirus ActiveX clsid access (more info ...) | attempted-user | 2005-2127 | |||
| 21561 | BROWSER-PLUGINS Symantec Norton Antivirus ActiveX function call access (more info ...) | attempted-user | 2005-2127 | |||
| 21566 | OS-WINDOWS Microsoft Expression Design request for wintab32.dll over SMB attempt (more info ...) | attempted-user | 2012-0016 | URL | ||
| 21567 | OS-WINDOWS Microsoft Expression Design wintab32.dll dll-load exploit attempt (more info ...) | attempted-user | 2012-0016 | URL | ||
| 21568 | OS-WINDOWS Microsoft Windows RDP RST denial of service attempt (more info ...) | attempted-dos | 2012-0152 | URL | ||
| 21573 | FILE-IDENTIFY Microsoft Visual Studio addin file download request (more info ...) | misc-activity | ||||
| 21574 | FILE-IDENTIFY Microsoft Visual Studio addin file attachment detected (more info ...) | misc-activity | ||||
| 21575 | FILE-IDENTIFY Microsoft Visual Studio addin file attachment detected (more info ...) | misc-activity | ||||
| 21576 | FILE-OTHER Microsoft Windows Visual Studio .addin file access (more info ...) | attempted-user | 2012-0008 | URL | ||
| 21770 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 21771 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 21772 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 21773 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 21774 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 21775 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2007-3895 | URL | ||
| 21865 | FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (more info ...) | misc-activity | ||||
| 21866 | FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (more info ...) | misc-activity | ||||
| 21867 | FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (more info ...) | misc-activity | ||||
| 21868 | FILE-IDENTIFY Microsoft Windows Fax Cover page document file attachment detected (more info ...) | misc-activity | ||||
| 21879 | FILE-IDENTIFY Microsoft search file attachment detected (more info ...) | misc-activity | 2008-4268 | URL | ||
| 21880 | FILE-IDENTIFY Microsoft search file attachment detected (more info ...) | misc-activity | 2008-4268 | URL | ||
| 21882 | BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2089 | URL | ||
| 21883 | BROWSER-PLUGINS ICONICS WebHMI ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2089 | URL | ||
| 21888 | FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (more info ...) | misc-activity | ||||
| 21889 | FILE-IDENTIFY Microsoft Windows Movie Maker file attachment detected (more info ...) | misc-activity | ||||
| 21950 | BROWSER-PLUGINS Microsoft Windows MSWebDVD ActiveX clsid access attempt (more info ...) | attempted-user | 10056 | |||
| 21951 | BROWSER-PLUGINS Microsoft Windows MSWebDVD ActiveX function call attempt (more info ...) | attempted-user | 10056 | |||
| 21955 | FILE-IDENTIFY Microsoft Windows hlp file magic detected (more info ...) | misc-activity | ||||
| 21956 | FILE-IDENTIFY Microsoft Windows hlp file attachment detected (more info ...) | misc-activity | ||||
| 21957 | FILE-IDENTIFY Microsoft Windows hlp file attachment detected (more info ...) | misc-activity | ||||
| 22013 | FILE-IDENTIFY Microsoft Visual Studio DBP file download request (more info ...) | misc-activity | ||||
| 22014 | FILE-IDENTIFY Microsoft Visual Studio DBP file attachment detected (more info ...) | misc-activity | ||||
| 22015 | FILE-IDENTIFY Microsoft Visual Studio DBP file attachment detected (more info ...) | misc-activity | ||||
| 22016 | FILE-IDENTIFY Microsoft Visual Studio DBP file magic detected (more info ...) | misc-activity | ||||
| 22017 | FILE-IDENTIFY Microsoft Visual Studio PKP file download request (more info ...) | misc-activity | ||||
| 22018 | FILE-IDENTIFY Microsoft Visual Studio PKP file attachment detected (more info ...) | misc-activity | ||||
| 22019 | FILE-IDENTIFY Microsoft Visual Studio PKP file attachment detected (more info ...) | misc-activity | ||||
| 22020 | FILE-IDENTIFY Microsoft Visual Studio PKP file magic detected (more info ...) | misc-activity | ||||
| 22021 | FILE-IDENTIFY Microsoft Visual Studio SLN file download request (more info ...) | misc-activity | ||||
| 22022 | FILE-IDENTIFY Microsoft Visual Studio SLN file attachment detected (more info ...) | misc-activity | ||||
| 22023 | FILE-IDENTIFY Microsoft Visual Studio SLN file attachment detected (more info ...) | misc-activity | ||||
| 22024 | FILE-IDENTIFY Microsoft Visual Studio SLN file magic detected (more info ...) | misc-activity | ||||
| 22025 | FILE-IDENTIFY Microsoft Visual Studio VAP file download request (more info ...) | misc-activity | ||||
| 22026 | FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (more info ...) | misc-activity | ||||
| 22027 | FILE-IDENTIFY Microsoft Visual Studio VAP file attachment detected (more info ...) | misc-activity | ||||
| 22028 | FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (more info ...) | misc-activity | ||||
| 22049 | BROWSER-PLUGINS Symantec Norton Internet Security ActiveX clsid access (more info ...) | attempted-user | 2004-0364 | URL | ||
| 22050 | BROWSER-PLUGINS Symantec Norton Internet Security ActiveX function call (more info ...) | attempted-user | 2004-0364 | URL | ||
| 22999 | FILE-IDENTIFY Microsoft Windows WMF file magic detected (more info ...) | misc-activity | URL | |||
| 23048 | BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4598 | 53304 | ||
| 23049 | BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4598 | 53304 | ||
| 23050 | BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4598 | 53304 | ||
| 23090 | SERVER-OTHER known malicious SSL certificate derived from Microsoft CA detected (more info ...) | misc-attack | URL | |||
| 23110 | FILE-IMAGE Microsoft Windows graphics rendering engine buffer overflow attempt (more info ...) | attempted-user | 2004-0209 | 11375 | ||
| 23136 | BROWSER-IE Microsoft multiple product toStaticHTML XSS attempt (more info ...) | attempted-user | 2012-2520 | URL | ||
| 23137 | BROWSER-IE Microsoft multiple product toStaticHTML XSS attempt (more info ...) | attempted-user | 2012-2520 | URL | ||
| 23162 | OS-WINDOWS Microsoft Lync Online request for ncrypt.dll over SMB attempt (more info ...) | attempted-user | 2012-1849 | URL | ||
| 23163 | OS-WINDOWS Microsoft Lync Online request for wlanapi.dll over SMB attempt (more info ...) | attempted-user | 2012-1849 | URL | ||
| 23165 | SERVER-OTHER Microsoft Lync Online wlanapi.dll dll-load exploit attempt (more info ...) | attempted-user | 2012-1849 | URL | ||
| 23172 | SERVER-WEBAPP Microsoft ASP.NET improper comment handling XSS attempt (more info ...) | web-application-attack | 2008-3843 | 20753 | ||
| 23174 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (more info ...) | attempted-user | 2012-2176 | 53678 | ||
| 23175 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (more info ...) | attempted-user | 2012-2176 | 53678 | ||
| 23186 | BROWSER-PLUGINS Dell CrazyTalk.DLL ActiveX clsid access (more info ...) | attempted-user | ||||
| 23228 | BROWSER-PLUGINS Oracle Webcenter ActiveX clsid access (more info ...) | attempted-user | 2012-1710 | |||
| 23230 | OS-WINDOWS Microsoft Windows NT DHCP REQUEST client identifier overflow attempt (more info ...) | denial-of-service | 2004-0899 | 11920 | URL | |
| 23231 | OS-WINDOWS Microsoft Windows NT DHCP REQUEST hostname overflow attempt (more info ...) | denial-of-service | 2004-0899 | 11920 | URL | |
| 23238 | NETBIOS Wireshark console.lua file load exploit attempt (more info ...) | attempted-user | 2011-3360 | 49528 | URL | |
| 23253 | BROWSER-PLUGINS HP Easy Printer Care XMLSimpleAccessor ActiveX function call access attempt (more info ...) | attempted-user | 2011-2404 | 49100 | ||
| 23284 | BROWSER-PLUGINS Oracle WebCenter Forms Recognition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1709 | |||
| 23372 | BROWSER-PLUGINS Teechart Professional ActiveX clsid access (more info ...) | attempted-user | ||||
| 23374 | BROWSER-PLUGINS Teechart Professional ActiveX clsid access (more info ...) | attempted-user | ||||
| 23375 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 23376 | BROWSER-PLUGINS Teechart Professional ActiveX clsid access (more info ...) | attempted-user | ||||
| 23408 | OS-WINDOWS Microsoft Windows large image resize denial of service attempt (more info ...) | attempted-dos | URL | |||
| 23436 | OS-WINDOWS Microsoft Windows DirectX IDirectPlay4 denial of service attempt (more info ...) | attempted-dos | 2004-0202 | |||
| 23437 | OS-WINDOWS Microsoft Windows DirectX IDirectPlay4 denial of service attempt (more info ...) | attempted-dos | 2004-0202 | |||
| 23470 | BROWSER-PLUGINS StoneTrip S3DPlayer ActiveX clsid access attempt (more info ...) | attempted-user | 2009-1792 | 35105 | ||
| 23499 | FILE-OTHER Microsoft Windows CUR file parsing overflow attempt (more info ...) | attempted-user | 2004-1049 | 12095 | ||
| 23508 | FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | URL | ||
| 23561 | FILE-IMAGE Microsoft Kodak Imaging large offset malformed tiff - big-endian (more info ...) | attempted-user | 2010-3950 | URL | ||
| 23562 | FILE-OTHER Microsoft MHTML XSS attempt (more info ...) | attempted-user | 2011-0096 | URL | ||
| 23563 | FILE-OTHER Microsoft Windows MHTML XSS attempt (more info ...) | attempted-user | 2011-0096 | URL | ||
| 23566 | FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table overflow attempt (more info ...) | attempted-user | 2009-0231 | URL | ||
| 23567 | FILE-MULTIMEDIA Microsoft Windows AVI Header insufficient data corruption attempt (more info ...) | attempted-user | 2009-1545 | 35967 | URL | |
| 23568 | FILE-MULTIMEDIA Microsoft Windows AVIFile media file processing memory corruption attempt (more info ...) | attempted-user | 2009-1546 | 35970 | URL | |
| 23569 | FILE-MULTIMEDIA Microsoft Windows AVIFile truncated media file processing memory corruption attempt (more info ...) | attempted-user | 2009-1546 | 35970 | URL | |
| 23578 | FILE-OTHER Microsoft Windows malformed ASF voice codec memory corruption attempt (more info ...) | attempted-user | 2009-0555 | URL | ||
| 23589 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 23590 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 23701 | FILE-IDENTIFY Microsoft SYmbolic LinK file magic detected (more info ...) | misc-activity | 2008-0112 | URL | ||
| 23722 | FILE-IDENTIFY Microsoft Windows Address Book file magic detected (more info ...) | misc-activity | 2006-2386 | URL | ||
| 23750 | FILE-IDENTIFY Microsoft Money file magic detected (more info ...) | misc-activity | ||||
| 23757 | FILE-IDENTIFY Microsoft Windows CHM file magic detected (more info ...) | attempted-user | 2005-1208 | 13953 | 18482 | URL |
| 23767 | FILE-IDENTIFY Microsoft Windows hlp file magic detected (more info ...) | misc-activity | ||||
| 23769 | FILE-IDENTIFY Microsoft Visual Studio DBP file magic detected (more info ...) | misc-activity | ||||
| 23770 | FILE-IDENTIFY Microsoft Visual Studio PKP file magic detected (more info ...) | misc-activity | ||||
| 23771 | FILE-IDENTIFY Microsoft Visual Studio SLN file magic detected (more info ...) | misc-activity | ||||
| 23772 | FILE-IDENTIFY Microsoft Visual Studio VAP file magic detected (more info ...) | misc-activity | ||||
| 23847 | NETBIOS MS-RAP NetServerEnum2 read access violation attempt (more info ...) | attempted-admin | 2012-1850 | URL | ||
| 23878 | BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 24039 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX function call access (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 24040 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 24041 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 24042 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 24043 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 24044 | BROWSER-PLUGINS HP Easy Printer Care Software ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4786 | 51396 | ||
| 24080 | FILE-IDENTIFY Microsoft Works file attachment detected (more info ...) | misc-activity | ||||
| 24081 | FILE-IDENTIFY Microsoft Works file attachment detected (more info ...) | misc-activity | ||||
| 24128 | OS-WINDOWS Microsoft SCCM ReportChart xss attempt (more info ...) | web-application-attack | 2012-2536 | URL | ||
| 24246 | BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 24247 | BROWSER-PLUGINS AdminStudio and InstallShield ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 24248 | BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (more info ...) | attempted-user | URL | |||
| 24249 | BROWSER-PLUGINS AdminStudio and InstallShield ActiveX function call access attempt (more info ...) | attempted-user | URL | |||
| 24281 | BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX clsid access (more info ...) | attempted-user | 2011-0926 | 46536 | ||
| 24282 | BROWSER-PLUGINS Cisco Secure Desktop CSDWebInstaller ActiveX function call access (more info ...) | attempted-user | 2011-0926 | 46536 | ||
| 24293 | SERVER-OTHER EMC NetWorker SunRPC buffer overflow attempt (more info ...) | attempted-admin | 2012-2228 | URL | ||
| 24322 | BROWSER-PLUGINS EMC ApplicationXtender Desktop ActiveX function call attempt (more info ...) | attempted-user | 2012-2289 | |||
| 24323 | BROWSER-PLUGINS EMC ApplicationXtender Desktop ActiveX function call attempt (more info ...) | attempted-user | 2012-2289 | |||
| 24359 | OS-WINDOWS Microsoft Windows SMB NTLM NULL session attempt (more info ...) | attempted-recon | 2000-0347 | 1163 | ||
| 24465 | FILE-IDENTIFY Microsoft Windows WMF file magic detected (more info ...) | misc-activity | URL | |||
| 24485 | FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | URL | ||
| 24486 | FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | URL | ||
| 24487 | FILE-PDF Microsoft Windows kernel-mode drivers core font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | 42203 | URL | |
| 24488 | OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (more info ...) | misc-attack | 2009-2510 | URL | ||
| 24489 | OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (more info ...) | misc-attack | 2009-2510 | URL | ||
| 24490 | OS-WINDOWS Microsoft Windows CryptoAPI common name spoofing attempt (more info ...) | misc-attack | 2009-2510 | URL | ||
| 24522 | SERVER-OTHER VxWorks RPC request to MGCP service attempt (more info ...) | denial-of-service | ||||
| 24535 | FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table integer overflow attempt (more info ...) | attempted-user | 2009-0232 | URL | ||
| 24559 | BROWSER-PLUGINS CYME Power Engineering ShowPropertiesDialog ActiveX clsid access (more info ...) | attempted-user | ||||
| 24560 | BROWSER-PLUGINS CYME Power Engineering ShowPropertiesDialog ActiveX function call access (more info ...) | attempted-user | ||||
| 24578 | BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX clsid access (more info ...) | attempted-user | 2010-0356 | 40719 | ||
| 24579 | BROWSER-PLUGINS Viscom Movie Player Pro DrawText ActiveX function call access (more info ...) | attempted-user | 2010-0356 | 40719 | ||
| 24643 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX function call access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24644 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24645 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24646 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24652 | FILE-OTHER Microsoft proxy autoconfig script system library import attempt (more info ...) | policy-violation | 2012-4776 | 56463 | URL | |
| 24655 | OS-WINDOWS Microsoft .NET fully qualified System.Data.dll assembly name exploit attempt (more info ...) | attempted-user | 2012-2519 | URL | ||
| 24656 | OS-WINDOWS Microsoft .NET fully qualified System.Data.dll assembly name exploit attempt (more info ...) | attempted-user | 2012-2519 | URL | ||
| 24689 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX function call access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24690 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24691 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24692 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 24773 | BROWSER-PLUGINS IBM Lotus iNotes Attachement_Times ActiveX clsid access (more info ...) | attempted-user | 2012-2175 | 53879 | URL | |
| 24774 | BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4924 | |||
| 24775 | BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4924 | |||
| 24776 | BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4924 | |||
| 24777 | BROWSER-PLUGINS ASUS Net4Switch ipswcom.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4924 | |||
| 25004 | BROWSER-PLUGINS ClearQuest session ActiveX control access (more info ...) | attempted-user | 2012-0708 | |||
| 25005 | BROWSER-PLUGINS ClearQuest session ActiveX control access (more info ...) | attempted-user | 2012-0708 | |||
| 25035 | BROWSER-PLUGINS Microsoft Silverlight inheritance restriction bypass (more info ...) | attempted-user | 2011-1253 | URL | ||
| 25060 | INDICATOR-OBFUSCATION ActiveX multiple adjacent object tags (more info ...) | misc-attack | URL | |||
| 25111 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25112 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25113 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25114 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25115 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25116 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25117 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25118 | BROWSER-PLUGINS Oracle SetMarkupMode buffer overflow ActiveX function call access attempt (more info ...) | attempted-user | 2012-0549 | |||
| 25252 | FILE-EXECUTABLE Microsoft Windows .NET Framework System.Uri.ReCreateParts System.Uri.PathAndQuery overflow attempt (more info ...) | attempted-user | 2012-0015 | URL | ||
| 25273 | SERVER-WEBAPP Microsoft SCOM Web Console cross-site scripting attempt (more info ...) | attempted-user | 2013-0010 | URL | ||
| 25343 | BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (more info ...) | attempted-user | 2011-2882 | 48676 | URL | |
| 25344 | BROWSER-PLUGINS Citrix Access Gateway plug-in ActiveX code execution attempt (more info ...) | attempted-user | 2011-2882 | 48676 | URL | |
| 25502 | FILE-MULTIMEDIA Microsoft GDI EMF malformed file buffer overflow attempt (more info ...) | attempted-user | 2008-3012 | URL | ||
| 25567 | OS-WINDOWS Microsoft Windows Remote Desktop web access cross site scripting attempt - POST request (more info ...) | web-application-attack | 2011-1263 | URL | ||
| 26165 | SERVER-WEBAPP Microsoft SharePoint Server directory traversal attempt (more info ...) | attempted-admin | 2013-0084 | URL | ||
| 26166 | SERVER-WEBAPP Microsoft SharePoint Server directory traversal attempt (more info ...) | attempted-admin | 2013-0084 | URL | ||
| 26167 | SERVER-WEBAPP Microsoft SharePoint Server directory traversal attempt (more info ...) | attempted-admin | 2013-0084 | URL | ||
| 26181 | BROWSER-PLUGINS Samsung NET-i viewer BackupToAvi ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4333 | 53193 | ||
| 26187 | BROWSER-PLUGINS McAfee Virtual Technician Security Bypass ActiveX clsid access attempt (more info ...) | attempted-user | 2012-4598 | 53304 | ||
| 26241 | BROWSER-PLUGINS ActivePDF WebGrabber APWebGrb.ocx ActiveX function call access attempt (more info ...) | attempted-user | ||||
| 26321 | NETBIOS SMB named pipe bruteforce attempt (more info ...) | attempted-recon | URL | |||
| 26364 | BROWSER-PLUGINS Microsoft Windows RDP ActiveX component mstscax use after free attempt (more info ...) | attempted-user | 2013-1302 | 58874 | URL | |
| 26378 | BROWSER-PLUGINS Viscom Software Image Viewer ActiveX function call access (more info ...) | attempted-user | 2010-5193 | URL | ||
| 26385 | FILE-EXECUTABLE Microsoft Windows executable file save onto SMB share attempt (more info ...) | policy-violation | ||||
| 26393 | BROWSER-PLUGINS Microsoft Windows Messenger ActiveX function call access (more info ...) | attempted-user | 2011-1243 | URL | ||
| 26497 | BROWSER-PLUGINS Siemens SIMATIC WinCC RegReader ActiveX vulnerable function access attempt (more info ...) | attempted-user | 2013-0674 | |||
| 26498 | BROWSER-PLUGINS Siemens SIMATIC WinCC RegReader ActiveX vulnerable function access attempt (more info ...) | attempted-user | 2013-0674 | |||
| 26543 | BROWSER-PLUGINS SafeNet ActiveX clsid access (more info ...) | attempted-user | 2007-0348 | 23071 | URL | |
| 26544 | BROWSER-PLUGINS SafeNet ActiveX clsid access (more info ...) | attempted-user | 2007-0348 | 23071 | URL | |
| 26545 | BROWSER-PLUGINS SafeNet ActiveX clsid access (more info ...) | attempted-user | 2007-0348 | 23071 | URL | |
| 26546 | BROWSER-PLUGINS SafeNet ActiveX clsid access (more info ...) | attempted-user | 2007-0348 | 23071 | URL | |
| 26573 | BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (more info ...) | attempted-user | 2013-0108 | 58134 | ||
| 26574 | BROWSER-PLUGINS Honeywell HscRemoteDeploy ActiveX control arbitrary HTA execution attempt (more info ...) | attempted-user | 2013-0108 | 58134 | ||
| 26590 | FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (more info ...) | attempted-user | 2010-0151 | URL | ||
| 26601 | FILE-EXECUTABLE Microsoft Windows Authenticode signature verification bypass attempt (more info ...) | attempted-user | 2010-0151 | URL | ||
| 26622 | BROWSER-IE Microsoft Windows Live Writer wlw protocol handler information disclosure attempt (more info ...) | attempted-recon | 2013-0096 | URL | ||
| 26623 | BROWSER-IE Microsoft Windows Live Writer wlw protocol handler information disclosure attempt (more info ...) | attempted-recon | 2013-0096 | URL | ||
| 26632 | SERVER-WEBAPP Microsoft Windows 2012 Server additional empty Accept-Encoding field denial of service attempt (more info ...) | attempted-dos | 2013-1305 | URL | ||
| 26648 | FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (more info ...) | attempted-user | 2010-2738 | 43068 | URL | |
| 26649 | FILE-OTHER Microsoft Windows uniscribe fonts parsing memory corruption attempt (more info ...) | attempted-user | 2010-2738 | 43068 | URL | |
| 26682 | BROWSER-PLUGINS Oracle JRE Deployment Toolkit ActiveX clsid access attempt (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 26877 | OS-WINDOWS Microsoft Windows TCPRecomputeMss denial of service attempt (more info ...) | attempted-dos | 2013-3138 | URL | ||
| 26909 | FILE-IMAGE Microsoft Windows WMF denial of service attempt (more info ...) | web-application-attack | 2006-4071 | 21992 | ||
| 26922 | OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (more info ...) | attempted-admin | 2013-3660 | URL | ||
| 26975 | BROWSER-PLUGINS Aurigma Image uploader ActiveX function call access attempt (more info ...) | attempted-user | 26537 | URL | ||
| 27111 | BROWSER-PLUGINS PcVue SVUIGrd.ocx ActiveX clsid access (more info ...) | attempted-user | 2008-4915 | 49795 | ||
| 27112 | BROWSER-PLUGINS PcVue SVUIGrd.ocx ActiveX function call access (more info ...) | attempted-user | 2008-4915 | 49795 | ||
| 27166 | FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (more info ...) | attempted-user | 2007-1912 | 23382 | ||
| 27167 | FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (more info ...) | attempted-user | 2007-1912 | 23382 | ||
| 27168 | FILE-OTHER Microsoft Windows HLP File Handling heap overflow attempt (more info ...) | attempted-user | 2007-1912 | 23382 | ||
| 27174 | BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (more info ...) | misc-attack | 2008-6959 | 32333 | ||
| 27175 | BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (more info ...) | misc-attack | 2008-6959 | 32333 | ||
| 27176 | BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (more info ...) | misc-attack | 2008-6959 | 32333 | ||
| 27177 | BROWSER-PLUGINS Chilkat Socket ActiveX clsid access (more info ...) | misc-attack | 2008-6959 | 32333 | ||
| 27206 | BROWSER-PLUGINS SigPlus Pro ActiveX clsid access (more info ...) | misc-attack | ||||
| 27207 | BROWSER-PLUGINS SigPlus Pro ActiveX clsid access (more info ...) | misc-attack | ||||
| 27208 | BROWSER-PLUGINS Symantec WinFax Pro ActiveX heap buffer overflow attempt (more info ...) | attempted-user | 2009-2570 | 34766 | URL | |
| 27219 | BROWSER-PLUGINS DB Software Laboratory VImpX activex control ActiveX clsid access attempt (more info ...) | attempted-user | 2008-4750 | 31907 | ||
| 27223 | BROWSER-PLUGINS Oracle document capture Actbar2.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2010-3591 | |||
| 27231 | OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (more info ...) | attempted-admin | 2013-3660 | URL | ||
| 27234 | SERVER-OTHER Microsoft Active Directory LDAP search denial of service attempt (more info ...) | denial-of-service | 2013-1282 | URL | ||
| 27251 | FILE-OTHER Microsoft Windows Embedded Open Type Font malformed name table platform type 3 integer overflow attempt (more info ...) | attempted-user | 2009-0232 | URL | ||
| 27282 | BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (more info ...) | attempted-user | 2008-3242 | 30246 | URL | |
| 27283 | BROWSER-PLUGINS PPMate PPMPlayer.dll ActiveX clsid access (more info ...) | attempted-user | 2008-3242 | 30246 | URL | |
| 27570 | BROWSER-PLUGINS CEnroll.CEnroll.2 ActiveX function stringtoBinary access attempt (more info ...) | attempted-user | 2006-3899 | 19102 | ||
| 27597 | BROWSER-PLUGINS Morovia Barcode ActiveX Professional arbitrary file overwrite attempt (more info ...) | attempted-user | 2007-2644 | 23934 | ||
| 27609 | POLICY-OTHER Microsoft ADFS endpoint information disclosure attempt (more info ...) | misc-activity | 2013-3185 | URL | ||
| 27718 | OS-WINDOWS Microsoft Windows malformed shortcut file buffer overflow attempt (more info ...) | attempted-user | 2005-2122 | 15070 | URL | |
| 27719 | OS-WINDOWS Microsoft Windows malformed shortcut file with comment buffer overflow attempt (more info ...) | attempted-user | 2005-2122 | 15070 | URL | |
| 27742 | BROWSER-PLUGINS EasyMail Objects Activex remote buffer overflow attempt (more info ...) | attempted-user | 2008-6447 | 32722 | ||
| 27743 | BROWSER-PLUGINS EasyMail Objects Activex remote buffer overflow attempt (more info ...) | attempted-user | 2008-6447 | 32722 | ||
| 27744 | BROWSER-PLUGINS BaoFeng Storm ActiveX control OnBeforeVideoDownload method buffer overflow attempt (more info ...) | web-application-attack | 2009-1612 | 34789 | ||
| 27745 | BROWSER-PLUGINS BaoFeng Storm ActiveX control SetAttributeValue method buffer overflow attempt (more info ...) | web-application-attack | 2009-1807 | 34869 | ||
| 27757 | BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX clsid access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 27758 | BROWSER-PLUGINS Microsoft Visual Studio Msmask32 ActiveX function call access (more info ...) | attempted-user | 2008-3704 | 30674 | URL | |
| 27763 | BROWSER-PLUGINS Husdawg System Requirements Lab Control ActiveX clsid access (more info ...) | attempted-user | 2008-4385 | 31752 | URL | |
| 27767 | BROWSER-PLUGINS Icona SpA C6 Messenger Downloader ActiveX clsid access (more info ...) | attempted-user | 2008-2551 | 29519 | ||
| 27768 | BROWSER-PLUGINS Icona SpA C6 Messenger Downloader ActiveX clsid access (more info ...) | attempted-user | 2008-2551 | 29519 | ||
| 27781 | BROWSER-PLUGINS Cisco WebEx Meeting Manager atucfobj ActiveX clsid access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 27782 | BROWSER-PLUGINS Cisco WebEx Meeting Manager atucfobj ActiveX function call access (more info ...) | attempted-user | 2008-3558 | 30578 | URL | |
| 27788 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 27789 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 27790 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 27791 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX clsid access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 27792 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 27793 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 27794 | BROWSER-PLUGINS Black Ice Barcode SDK ActiveX clsid access (more info ...) | attempted-user | 2008-2684 | 29579 | ||
| 27795 | BROWSER-PLUGINS Black Ice Barcode SDK ActiveX function call access (more info ...) | attempted-user | 2008-2684 | 29579 | ||
| 27818 | SERVER-OTHER Microsoft SharePoint denial of service attempt (more info ...) | web-application-attack | 2013-0081 | URL | ||
| 27819 | SERVER-OTHER Microsoft SharePoint denial of service attempt (more info ...) | web-application-attack | 2013-0081 | URL | ||
| 27826 | SERVER-WEBAPP Microsoft SharePoint self cross site scripting attempt (more info ...) | web-application-attack | 2013-3180 | URL | ||
| 27827 | SERVER-WEBAPP Microsoft SharePoint self cross site scripting attempt (more info ...) | web-application-attack | 2013-3180 | URL | ||
| 27828 | SERVER-WEBAPP Microsoft SharePoint self cross site scripting attempt (more info ...) | web-application-attack | 2013-3180 | URL | ||
| 27860 | OS-WINDOWS Microsoft Windows Active Directory LDAP denial of service attempt (more info ...) | attempted-dos | 2013-3868 | URL | ||
| 28126 | BROWSER-PLUGINS WibuKey Runtime ActiveX clsid access (more info ...) | attempted-user | ||||
| 28127 | BROWSER-PLUGINS WibuKey Runtime ActiveX function call access (more info ...) | attempted-user | ||||
| 28161 | FILE-OTHER Microsoft .NET XML digital signature denial of service attempt (more info ...) | attempted-user | 2013-3860 | URL | ||
| 28162 | FILE-OTHER Microsoft .NET XML digital signature denial of service attempt (more info ...) | attempted-user | 2013-3860 | URL | ||
| 28201 | SERVER-OTHER Microsoft SharePoint XSS attempt (more info ...) | attempted-admin | 2013-3895 | URL | ||
| 28228 | SERVER-WEBAPP Microsoft Interactive Training buffer overflow attempt (more info ...) | attempted-user | 2006-3448 | 13944 | 18492 | URL |
| 28349 | BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (more info ...) | attempted-user | 2010-4588 | 45546 | URL | |
| 28350 | BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (more info ...) | attempted-user | 2010-4588 | 45546 | URL | |
| 28351 | BROWSER-PLUGINS Microsoft Windows WMI administrator tools object viewer ActiveX clsid access (more info ...) | attempted-user | 2010-4588 | 45546 | URL | |
| 28386 | OS-WINDOWS Microsoft Windows HTML Help security zone bypass attempt (more info ...) | attempted-user | 2004-1043 | 11467 | URL | |
| 28387 | OS-WINDOWS Microsoft Windows HTML Help security zone bypass attempt (more info ...) | attempted-user | 2004-1043 | 11467 | URL | |
| 28435 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0895 | 66116 | ||
| 28437 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX function call access attempt (more info ...) | attempted-user | 2012-5947 | 59556 | ||
| 28438 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX function call access attempt (more info ...) | attempted-user | 2012-5947 | 59556 | ||
| 28749 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28750 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28751 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28752 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28753 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28754 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28755 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28756 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28757 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28758 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28759 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28760 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28761 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28762 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28763 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28764 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28765 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28766 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28767 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28768 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28769 | BROWSER-PLUGINS Novell GroupWise ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28770 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28771 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28772 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28773 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28774 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28775 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28776 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28777 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28778 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28779 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28780 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28781 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28782 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28783 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28784 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28785 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28786 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28787 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28788 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28789 | BROWSER-PLUGINS Novell GroupWise ActiveX function call access attempt (more info ...) | attempted-user | 2012-0439 | |||
| 28867 | OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (more info ...) | attempted-admin | 2013-5065 | 63971 | URL | |
| 28868 | OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (more info ...) | attempted-admin | 2013-5065 | 63971 | URL | |
| 28869 | OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (more info ...) | attempted-admin | 2013-5065 | 63971 | URL | |
| 28870 | OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (more info ...) | attempted-admin | 2013-5065 | 63971 | URL | |
| 28871 | OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (more info ...) | attempted-admin | 2013-5065 | 63971 | URL | |
| 28872 | OS-WINDOWS Microsoft Windows NDProxy.sys privilege escalation attempt (more info ...) | attempted-admin | 2013-5065 | 63971 | URL | |
| 28920 | BROWSER-IE Microsoft Windows showHelp CHM malicious file execution attempt (more info ...) | attempted-admin | 2003-1041 | 9320 | URL | |
| 28921 | BROWSER-IE Microsoft Windows showHelp CHM malicious file execution attempt (more info ...) | attempted-admin | 2003-1041 | 9320 | URL | |
| 28922 | BROWSER-IE Microsoft Windows showHelp CHM malicious file execution attempt (more info ...) | attempted-admin | 2003-1041 | 9320 | URL | |
| 28923 | BROWSER-IE Microsoft Windows showHelp CHM malicious file execution attempt (more info ...) | attempted-admin | 2003-1041 | 9320 | URL | |
| 28924 | BROWSER-IE Microsoft Windows showHelp CHM malicious file execution attempt (more info ...) | attempted-admin | 2003-1041 | 9320 | URL | |
| 28925 | BROWSER-IE Microsoft Windows showHelp CHM malicious file execution attempt (more info ...) | attempted-admin | 2003-1041 | 9320 | URL | |
| 28946 | SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (more info ...) | attempted-user | 2013-0080 | 58371 | ||
| 29014 | OS-WINDOWS Microsoft Windows embedded OpenType font engine LZX decompression buffer overflow attempt (more info ...) | attempted-admin | 2010-0018 | 37671 | URL | |
| 29092 | BROWSER-PLUGINS ABB Test Signal Viewer CWGraph3D ActiveX clsid access attempt (more info ...) | attempted-user | 2013-5022 | 61828 | ||
| 29098 | BROWSER-PLUGINS HP Application Lifecycle Management XGO.XGoCtrl ActiveX access attempt (more info ...) | attempted-user | 55272 | |||
| 29100 | BROWSER-PLUGINS HP Application Lifecycle Management XGO.XGoCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 55272 | |||
| 29102 | BROWSER-PLUGINS HP Application Lifecycle Management XGO.XGoCtrl ActiveX access attempt (more info ...) | attempted-user | 55272 | |||
| 29224 | BROWSER-PLUGINS Microsoft Common Browser Architecture ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29225 | BROWSER-PLUGINS Microsoft HTML Window Security Proxy ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29258 | BROWSER-PLUGINS Microsoft WBEM Event Subsystem ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29405 | FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (more info ...) | misc-activity | ||||
| 29406 | FILE-IDENTIFY Microsoft Internet Shortcut file attachment detected (more info ...) | misc-activity | ||||
| 29407 | FILE-IDENTIFY Microsoft Internet Shortcut file download request (more info ...) | misc-activity | ||||
| 29581 | SERVER-OTHER CA Brightstor SUN RPC malformed string buffer overflow attempt (more info ...) | attempted-admin | 2007-2139 | 23635 | ||
| 29680 | BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (more info ...) | attempted-recon | 2014-0266 | URL | ||
| 29681 | BROWSER-PLUGINS Microsoft XML Core Services same origin policy bypass attempt (more info ...) | attempted-recon | 2014-0266 | URL | ||
| 29749 | BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (more info ...) | attempted-user | 2012-5946 | 33148 | ||
| 29823 | OS-WINDOWS Microsoft Windows secure channel malformed certificate request memory corruption attempt (more info ...) | attempted-dos | 2010-2566 | 42246 | URL | |
| 29914 | MALWARE-CNC Win.Trojan.Zmcwinsvc outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 30209 | SERVER-WEBAPP Microsoft Forefront Unified Access Gateway null session cookie denial of service (more info ...) | attempted-user | 2011-2012 | URL | ||
| 30232 | OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (more info ...) | attempted-user | 2012-0007 | URL | ||
| 30233 | OS-WINDOWS Microsoft Anti-Cross Site Scripting library bypass attempt (more info ...) | attempted-user | 2012-0007 | URL | ||
| 30898 | FILE-OTHER Microsoft Windows Briefcase integer underflow (more info ...) | attempted-user | 2012-1527 | URL | ||
| 30939 | FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (more info ...) | attempted-user | 2013-1300 | URL | ||
| 30940 | FILE-EXECUTABLE Microsoft Windows NtUserMessageCall implementation exploitation attempt (more info ...) | attempted-user | 2013-1300 | URL | ||
| 30951 | SERVER-WEBAPP Microsoft Sharepoint cross site scripting attempt (more info ...) | attempted-user | 2014-1754 | URL | ||
| 31081 | MALWARE-CNC Win.Trojan.WinSpy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31217 | OS-WINDOWS Microsoft Lync Server meeting URL XSS attempt (more info ...) | web-application-attack | 2014-1823 | URL | ||
| 31333 | BROWSER-PLUGINS IBM iNotes version 8.5 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 31334 | BROWSER-PLUGINS IBM iNotes version 8.5 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 31335 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 31336 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 31429 | SERVER-WEBAPP Microsoft Sharepoint server callback function cross-site scripting attempt (more info ...) | attempted-user | 2013-0080 | 58371 | ||
| 31538 | BROWSER-PLUGINS UltraCrypto ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4903 | |||
| 31539 | BROWSER-PLUGINS UltraCrypto ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4903 | |||
| 31650 | SERVER-MAIL Microsoft Windows Mail file execution attempt (more info ...) | attempted-user | 2007-1658 | URL | ||
| 31707 | BROWSER-PLUGINS IBiz EBanking Integrator ActiveX clsid access (more info ...) | attempted-user | 2008-1725 | 28700 | ||
| 31719 | FILE-IMAGE Microsoft Multiple Products JPEG parser heap overflow attempt (more info ...) | attempted-user | 2004-0200 | 11173 | URL | |
| 31914 | SERVER-WEBAPP Microsoft ASP.NET null byte injection attempt (more info ...) | web-application-attack | 2007-0042 | 24791 | URL | |
| 32102 | BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (more info ...) | attempted-user | 2013-1559 | 59122 | URL | |
| 32103 | BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX clsid access (more info ...) | attempted-user | 2013-1559 | 59122 | URL | |
| 32104 | BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (more info ...) | attempted-user | 2013-1559 | 59122 | URL | |
| 32105 | BROWSER-PLUGINS Oracle WebCenter Content CheckOutAndOpen.dll ActiveX control code execution ActiveX function call access (more info ...) | attempted-user | 2013-1559 | 59122 | URL | |
| 32114 | SERVER-OTHER Cisco ASA SunRPC inspection engine denial of service attempt (more info ...) | attempted-dos | 2014-3387 | |||
| 32141 | OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (more info ...) | attempted-admin | 2014-4113 | URL | ||
| 32142 | OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (more info ...) | attempted-admin | 2014-4113 | URL | ||
| 32143 | OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (more info ...) | attempted-admin | 2014-4113 | URL | ||
| 32144 | OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (more info ...) | attempted-admin | 2014-4113 | URL | ||
| 32145 | OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (more info ...) | attempted-admin | 2014-4113 | URL | ||
| 32146 | OS-WINDOWS Microsoft Windows 7 TrackPopupMenu code execution attempt (more info ...) | attempted-admin | 2014-4113 | URL | ||
| 32264 | BROWSER-IE ActiveX installer broker object sandbox escape attempt (more info ...) | attempted-user | 2014-4123 | URL | ||
| 32265 | BROWSER-IE ActiveX installer broker object sandbox escape attempt (more info ...) | attempted-user | 2014-4123 | URL | ||
| 32489 | OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (more info ...) | attempted-admin | 2014-4076 | URL | ||
| 32490 | OS-WINDOWS Microsoft Windows tcpip.sys null pointer dereference attempt (more info ...) | attempted-admin | 2014-4076 | URL | ||
| 32615 | OS-WINDOWS Microsoft Windows search protocol remote command injection attempt (more info ...) | attempted-user | 2008-4269 | URL | ||
| 32616 | FILE-IDENTIFY Microsoft Windows Registry file attachment detected (more info ...) | misc-activity | URL | |||
| 32617 | FILE-IDENTIFY Microsoft Windows Registry file attachment detected (more info ...) | misc-activity | URL | |||
| 32618 | FILE-IDENTIFY Microsoft Windows Registry file download request (more info ...) | misc-activity | URL | |||
| 32631 | NETBIOS SMB server response heap overflow attempt (more info ...) | attempted-user | 2008-1105 | 29404 | ||
| 32633 | BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (more info ...) | attempted-user | 2014-2418 | URL | ||
| 32634 | BROWSER-PLUGINS Oracle Data Quality ActiveX clsid access (more info ...) | attempted-user | 2014-2418 | URL | ||
| 32635 | BROWSER-PLUGINS Oracle Data Quality ActiveX function call access (more info ...) | attempted-user | 2014-2418 | URL | ||
| 32828 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 32829 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 32830 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 32831 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 32832 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 32833 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | URL | ||
| 32841 | BROWSER-PLUGINS Microsoft Windows Messenger ActiveX clsid access (more info ...) | attempted-user | 2011-1243 | URL | ||
| 32864 | APP-DETECT I2P NetBIOS name resolution request attempt (more info ...) | misc-activity | URL | |||
| 32869 | OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 32870 | OS-WINDOWS Microsoft Windows ShellExecute and IE7 snews url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 32889 | FILE-IMAGE Microsoft and libpng multiple products PNG large image width overflow attempt (more info ...) | attempted-user | 2007-5503 | 11523 | URL | |
| 32895 | BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (more info ...) | attempted-user | 2014-2637 | |||
| 32896 | BROWSER-PLUGINS HP Sprinter Tidestone ActiveX clsid access attempt (more info ...) | attempted-user | 2014-2637 | |||
| 32897 | BROWSER-PLUGINS HP Sprinter Tidestone ActiveX function call access attempt (more info ...) | attempted-user | 2014-2637 | |||
| 32943 | FILE-OTHER Microsoft SYmbolic LinK stack overflow attempt (more info ...) | attempted-user | 2011-1276 | 48161 | URL | |
| 32965 | OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (more info ...) | attempted-admin | 2015-0002 | URL | ||
| 32966 | OS-WINDOWS Microsoft Windows identity token authorization bypass attempt (more info ...) | attempted-admin | 2015-0002 | URL | ||
| 33013 | BROWSER-PLUGINS HP LoadRunner ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2370 | |||
| 33014 | BROWSER-PLUGINS HP LoadRunner ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2370 | |||
| 33044 | BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 33045 | BROWSER-PLUGINS Microsoft Windows Visual Studio 6 PDWizard.ocx ActiveX function call access attempt (more info ...) | attempted-user | 2007-4891 | 25638 | ||
| 33048 | OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (more info ...) | attempted-user | 2015-0011 | URL | ||
| 33049 | OS-WINDOWS Microsoft Windows WebdavRedirector privilege escalation attempt (more info ...) | attempted-user | 2015-0011 | URL | ||
| 33100 | BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (more info ...) | attempted-user | 2014-9267 | 71491 | ||
| 33101 | BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (more info ...) | attempted-user | 2014-9267 | 71491 | ||
| 33102 | BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (more info ...) | attempted-user | 2014-9267 | 71491 | ||
| 33103 | BROWSER-PLUGINS PTC IsoView ActiveX clsid access attempt (more info ...) | attempted-user | 2014-9267 | 71491 | ||
| 33105 | BROWSER-PLUGINS Honeywell OPOS Suite Scanner.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33106 | BROWSER-PLUGINS Honeywell OPOS Suite Scanner.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33107 | BROWSER-PLUGINS Honeywell OPOS Suite Scanner.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33108 | BROWSER-PLUGINS Honeywell OPOS Suite Scanner.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33109 | BROWSER-PLUGINS Honeywell OPOS Suite Scale.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33110 | BROWSER-PLUGINS Honeywell OPOS Suite Scale.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33111 | BROWSER-PLUGINS Honeywell OPOS Suite Scale.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33112 | BROWSER-PLUGINS Honeywell OPOS Suite Scale.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8269 | 71642 | ||
| 33343 | OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (more info ...) | attempted-user | 2015-0058 | URL | ||
| 33344 | OS-WINDOWS Microsoft Windows 8 x64 linked cursor double free attempt (more info ...) | attempted-user | 2015-0058 | URL | ||
| 33355 | OS-WINDOWS Microsoft Windows win32k.sys use-after-free attempt (more info ...) | attempted-admin | 2015-0057 | URL | ||
| 33363 | OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (more info ...) | attempted-admin | 2015-0003 | URL | ||
| 33364 | OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (more info ...) | attempted-admin | 2015-0003 | URL | ||
| 33429 | POLICY-OTHER Microsoft Windows SMB potential group policy fallback exploit attempt (more info ...) | policy-violation | 2015-0009 | URL | ||
| 33436 | FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (more info ...) | attempted-user | 2015-0059 | URL | ||
| 33437 | FILE-OTHER Microsoft Windows True Type Font integer overflow attempt (more info ...) | attempted-user | 2015-0059 | URL | ||
| 33479 | OS-WINDOWS Microsoft Windows Comctl32.dll third-party SVG viewer heap overflow attempt (more info ...) | attempted-user | 2010-2746 | URL | ||
| 33515 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 33516 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 33517 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 33518 | FILE-IMAGE Microsoft Windows GDI+ TIFF file parsing heap overflow attempt (more info ...) | attempted-user | 2009-2502 | 36646 | URL | |
| 33582 | SERVER-SAMBA Samba WINS Server Name Registration handling stack buffer overflow attempt (more info ...) | attempted-user | 2007-5398 | 26455 | ||
| 33603 | FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption attempt (more info ...) | web-application-attack | 2010-4701 | 45942 | ||
| 33604 | FILE-OTHER Microsoft Windows Fax Services Cover Page Editor Double Free Memory Corruption attempt (more info ...) | attempted-user | 2010-4701 | 45942 | ||
| 33636 | SERVER-OTHER SAP Sybase ESP xmlrpc unsafe pointer dereference attempt (more info ...) | web-application-attack | 2014-3457 | |||
| 33713 | OS-WINDOWS Microsoft Windows atlmfd.dll out-of-bounds memory write attempt (more info ...) | attempted-admin | 2015-0091 | URL | ||
| 33714 | OS-WINDOWS Microsoft Windows atlmfd.dll out-of-bounds memory write attempt (more info ...) | attempted-admin | 2015-0091 | URL | ||
| 33717 | OS-WINDOWS Microsoft Windows Task Scheduler access control bypass attempt (more info ...) | attempted-admin | 2015-0084 | URL | ||
| 33732 | FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (more info ...) | attempted-admin | 2015-0089 | URL | ||
| 33733 | FILE-OTHER Microsoft OpenType font atlmfd.dll uninitialized memory read attempt (more info ...) | attempted-admin | 2015-0089 | URL | ||
| 33740 | FILE-IMAGE Microsoft emf file download request (more info ...) | misc-activity | 2007-5746 | 9707 | URL | |
| 33765 | OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (more info ...) | attempted-admin | 2015-2527 | URL | ||
| 33766 | OS-WINDOWS Microsoft Windows NtUserGetClipboardAccessToken privilege escalation attempt (more info ...) | attempted-admin | 2015-2527 | URL | ||
| 33767 | OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (more info ...) | attempted-user | 2015-0094 | URL | ||
| 33768 | OS-WINDOWS Microsoft Windows NtUserFnINOUTNCCALCSIZE kernel memory leak attempt (more info ...) | attempted-user | 2015-0094 | URL | ||
| 33769 | OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (more info ...) | attempted-recon | 2015-0077 | URL | ||
| 33770 | OS-WINDOWS Microsoft Windows NtUserfnINSTRINGNULL memory leak kernel ASLR bypass attempt (more info ...) | attempted-recon | 2015-0077 | URL | ||
| 33771 | FILE-OTHER Microsoft Windows jxr information disclosure attempt (more info ...) | attempted-user | 2015-0076 | URL | ||
| 33772 | FILE-OTHER Microsoft Windows jxr information disclosure attempt (more info ...) | attempted-user | 2015-0076 | URL | ||
| 33773 | OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (more info ...) | attempted-user | 2015-0073 | URL | ||
| 33774 | OS-WINDOWS Microsoft Windows CmpGetVirtualizationID race condition user impersonation attempt (more info ...) | attempted-user | 2015-0073 | URL | ||
| 33808 | SERVER-OTHER Microsoft Sharepoint Server Newsfeed XSS attempt (more info ...) | web-application-attack | 2015-1636 | URL | ||
| 33809 | SERVER-OTHER Microsoft Sharepoint user display name XSS attempt (more info ...) | attempted-user | 2015-1633 | URL | ||
| 33825 | OS-WINDOWS Microsoft Windows SMB NTLM NULL session attempt (more info ...) | attempted-recon | 2000-0347 | 1163 | ||
| 33827 | OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (more info ...) | attempted-user | 2007-0099 | URL | ||
| 33828 | OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (more info ...) | attempted-user | 2007-0099 | URL | ||
| 33829 | OS-WINDOWS Microsoft XML Core Services MIME Viewer memory corruption attempt (more info ...) | attempted-user | 2007-0099 | URL | ||
| 34015 | BROWSER-PLUGINS Advantech WebAccess webeye.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8388 | 71193 | ||
| 34016 | BROWSER-PLUGINS Advantech WebAccess webeye.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8388 | 71193 | ||
| 34017 | BROWSER-PLUGINS Advantech WebAccess webeye.ocx ActiveX clsid access attempt (more info ...) | attempted-user | 2014-8388 | 71193 | ||
| 34078 | FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (more info ...) | attempted-user | 2015-1644 | URL | ||
| 34079 | FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (more info ...) | attempted-user | 2015-1644 | URL | ||
| 34080 | FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (more info ...) | attempted-user | 2015-1644 | URL | ||
| 34081 | FILE-EXECUTABLE Microsoft Windows DosDevices mapping privilege escalation attempt (more info ...) | attempted-user | 2015-1644 | URL | ||
| 34083 | FILE-OTHER Microsoft emf small header overwrite attempt (more info ...) | attempted-user | 2017-3052 | URL | ||
| 34091 | OS-WINDOWS Microsoft Windows Defender misconfiguration MpCmdRun.exe system execution attempt (more info ...) | attempted-admin | 2015-0098 | URL | ||
| 34092 | OS-WINDOWS Microsoft Windows Defender misconfiguration MpCmdRun.exe system execution attempt (more info ...) | attempted-admin | 2015-0098 | URL | ||
| 34095 | OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (more info ...) | attempted-admin | 2015-1643 | URL | ||
| 34096 | OS-WINDOWS Microsoft Windows NtCreateTransactionManager type confusion attempt (more info ...) | attempted-admin | 2015-1643 | URL | ||
| 34099 | SERVER-OTHER Microsoft SharePoint projectdetails.aspx ret parameter XSS attempt (more info ...) | attempted-user | 2015-1640 | URL | ||
| 34135 | FILE-IMAGE Microsoft Kodak Imaging small offset malformed tiff - little-endian (more info ...) | attempted-user | 2007-2217 | URL | ||
| 34293 | FILE-IMAGE Microsoft Windows wmf integer overflow attempt (more info ...) | web-application-attack | 2007-3034 | 25302 | URL | |
| 34294 | FILE-IMAGE Microsoft Windows wmf integer overflow attempt (more info ...) | web-application-attack | 2007-3034 | 25302 | URL | |
| 34298 | BROWSER-PLUGINS Microsoft Windows Trouble Shooter ActiveX object access (more info ...) | attempted-user | 2003-0662 | 8833 | URL | |
| 34377 | OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (more info ...) | attempted-recon | 2015-1678 | URL | ||
| 34378 | OS-WINDOWS Microsoft Windows NtUserGetComboBoxInfo information disclosure attempt (more info ...) | attempted-recon | 2015-1678 | URL | ||
| 34413 | OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (more info ...) | attempted-admin | 2015-1677 | URL | ||
| 34414 | OS-WINDOWS Microsoft Windows NtUserGetScrollBarInfo information disclosure attempt (more info ...) | attempted-admin | 2015-1677 | URL | ||
| 34426 | OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (more info ...) | attempted-recon | 2015-1674 | 74488 | URL | |
| 34427 | OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (more info ...) | attempted-recon | 2015-1674 | 74488 | URL | |
| 34434 | OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (more info ...) | attempted-dos | 2015-1672 | URL | ||
| 34435 | OS-WINDOWS Microsoft Windows .NET XML recursive call denial of service attempt (more info ...) | attempted-dos | 2015-1672 | URL | ||
| 34438 | OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (more info ...) | attempted-user | 2015-1681 | URL | ||
| 34439 | OS-WINDOWS Microsoft Windows Explorer .msc file stack overflow attempt (more info ...) | attempted-user | 2015-1681 | URL | ||
| 34442 | OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (more info ...) | attempted-recon | 2015-1676 | URL | ||
| 34443 | OS-WINDOWS Microsoft Windows NTUserGetTitleBarInfo information disclosure attempt (more info ...) | attempted-recon | 2015-1676 | URL | ||
| 34448 | BROWSER-PLUGINS WebGate WESPMonitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2097 | |||
| 34449 | BROWSER-PLUGINS WebGate WESPMonitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2097 | |||
| 34450 | BROWSER-PLUGINS WebGate WESPMonitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2097 | |||
| 34451 | BROWSER-PLUGINS WebGate WESPMonitor ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2097 | |||
| 34454 | BROWSER-PLUGINS WebGate WESPPlaybackCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2094 | |||
| 34456 | BROWSER-PLUGINS WebGate WESPPlaybackCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2094 | |||
| 34457 | BROWSER-PLUGINS WebGate WESPPlaybackCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2094 | |||
| 34498 | OS-WINDOWS Microsoft Windows Win32k.sys kernel-mode driver privilege escalation attempt (more info ...) | attempted-admin | 2015-1701 | URL | ||
| 34499 | OS-WINDOWS Microsoft Windows Win32k.sys kernel-mode driver privilege escalation attempt (more info ...) | attempted-admin | 2015-1701 | URL | ||
| 34530 | FILE-OTHER Microsoft CAB incorrect version multiple antivirus evasion attempt (more info ...) | misc-attack | 2012-1455 | |||
| 34531 | FILE-OTHER Microsoft CAB incorrect version multiple antivirus evasion attempt (more info ...) | misc-attack | 2012-1455 | |||
| 34565 | OS-WINDOWS Microsoft Windows Graphics engine EMF rendering vulnerability (more info ...) | attempted-user | 2005-2123 | 15352 | ||
| 34566 | FILE-OTHER Microsoft Windows Font Library file buffer overflow attempt (more info ...) | attempted-user | 2011-2003 | URL | ||
| 34642 | BROWSER-PLUGINS McAfee Virtual Technician ActiveX clsid access attempt (more info ...) | attempted-user | 2012-5879 | |||
| 34643 | BROWSER-PLUGINS Schneider Electric Pelco Rvctl.RVControl.1 ActiveX clsid access attempt ActiveX clsid access (more info ...) | attempted-user | 2015-0982 | |||
| 34714 | OS-WINDOWS Microsoft Windows atlmfd.dll out-of-bounds memory write attempt (more info ...) | attempted-admin | 2015-0091 | URL | ||
| 34715 | OS-WINDOWS Microsoft Windows atlmfd.dll out-of-bounds memory write attempt (more info ...) | attempted-admin | 2015-0091 | URL | ||
| 34761 | OS-WINDOWS Microsoft Windows clipboard null pointer dereference privilege escalation attempt (more info ...) | attempted-admin | 2015-1721 | URL | ||
| 34762 | OS-WINDOWS Microsoft Windows clipboard null pointer dereference privilege escalation attempt (more info ...) | attempted-admin | 2015-1721 | URL | ||
| 34770 | OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (more info ...) | attempted-admin | 2015-1722 | URL | ||
| 34771 | OS-WINDOWS Microsoft Windows bitmap menu item use after free attempt (more info ...) | attempted-admin | 2015-1722 | URL | ||
| 34774 | OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (more info ...) | attempted-admin | 2015-1768 | URL | ||
| 34775 | OS-WINDOWS Microsoft Windows multiple linked fonts memory corruption attempt (more info ...) | attempted-admin | 2015-1768 | URL | ||
| 34776 | OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (more info ...) | attempted-recon | 2015-1719 | URL | ||
| 34777 | OS-WINDOWS Microsoft Windows NtUserMessageCall information disclosure attempt (more info ...) | attempted-recon | 2015-1719 | URL | ||
| 34780 | FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (more info ...) | attempted-admin | 2015-1725 | URL | ||
| 34781 | FILE-OTHER Microsoft Windows device context visible region memory corruption attempt (more info ...) | attempted-admin | 2015-1725 | URL | ||
| 34782 | OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (more info ...) | attempted-admin | 2015-1726 | URL | ||
| 34783 | OS-WINDOWS Microsoft Windows BrushAttributes use-after-free attempt (more info ...) | attempted-admin | 2015-1726 | URL | ||
| 34784 | OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (more info ...) | attempted-admin | 2015-1727 | URL | ||
| 34785 | OS-WINDOWS Microsoft Windows window placement invalid memory write attempt (more info ...) | attempted-admin | 2015-1727 | URL | ||
| 34786 | FILE-OTHER Microsoft Windows device context memory corruption attempt (more info ...) | attempted-admin | 2015-1724 | URL | ||
| 34787 | FILE-OTHER Microsoft Windows device context memory corruption attempt (more info ...) | attempted-admin | 2015-1724 | URL | ||
| 34788 | OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (more info ...) | attempted-admin | 2015-2360 | URL | ||
| 34789 | OS-WINDOWS Microsoft Windows 8 CreateWindowEx privilege escalation attempt (more info ...) | attempted-admin | 2015-2360 | URL | ||
| 34792 | OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (more info ...) | attempted-user | 2015-0003 | URL | ||
| 34793 | OS-WINDOWS Microsoft Windows WM_SYSTIMER null pWnd attempt (more info ...) | attempted-user | 2015-0003 | URL | ||
| 34915 | NETBIOS SMB Corel PaintShop Pro quserex.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34916 | NETBIOS SMB Corel PaintShop Pro u32zlib.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34918 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX clsid access (more info ...) | attempted-user | 2014-9188 | |||
| 34919 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access (more info ...) | attempted-user | 2014-9188 | |||
| 34920 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX clsid access (more info ...) | attempted-user | 2014-9188 | |||
| 34921 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access (more info ...) | attempted-user | 2014-9188 | |||
| 34922 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access (more info ...) | attempted-user | 2014-9188 | |||
| 34923 | BROWSER-PLUGINS Schneider Electric ProClima ActiveX function call access (more info ...) | attempted-user | 2014-9188 | |||
| 34933 | OS-WINDOWS Microsoft Windows HSC DVD driver upgrade code execution attempt (more info ...) | attempted-user | 2004-0199 | 10321 | URL | |
| 35094 | FILE-OTHER Microsoft proxy autoconfig script system library import attempt (more info ...) | policy-violation | 2012-4776 | 56463 | URL | |
| 35105 | OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (more info ...) | attempted-admin | 2015-2387 | URL | ||
| 35106 | OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (more info ...) | attempted-admin | 2015-2387 | URL | ||
| 35107 | OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (more info ...) | attempted-admin | 2015-2387 | URL | ||
| 35108 | OS-WINDOWS Microsoft Windows ATMFD.dll open font type privilege escalation attempt (more info ...) | attempted-admin | 2015-2387 | URL | ||
| 35112 | OS-WINDOWS Microsoft Windows clipboard null pointer dereference attempt (more info ...) | attempted-admin | 2015-1723 | 75009 | URL | |
| 35113 | OS-WINDOWS Microsoft Windows clipboard null pointer dereference attempt (more info ...) | attempted-admin | 2015-1723 | 75009 | URL | |
| 35131 | OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (more info ...) | attempted-recon | 2015-2367 | URL | ||
| 35132 | OS-WINDOWS Microsoft Windows NtUserDisableProcessWindowFiltering information disclosure attempt (more info ...) | attempted-recon | 2015-2367 | URL | ||
| 35135 | OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (more info ...) | attempted-user | 2015-2365 | URL | ||
| 35136 | OS-WINDOWS Microsoft Windows DeferWindowPos access after release code injection attempt (more info ...) | attempted-user | 2015-2365 | URL | ||
| 35149 | OS-WINDOWS Microsoft Windows desktop reference use after free attempt (more info ...) | attempted-admin | 2015-6171 | URL | ||
| 35150 | OS-WINDOWS Microsoft Windows desktop reference use after free attempt (more info ...) | attempted-admin | 2015-6171 | URL | ||
| 35174 | OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (more info ...) | attempted-admin | 2015-2370 | URL | ||
| 35175 | OS-WINDOWS DCOM DCE/RPC NTLM reflection elevation of privilege attempt (more info ...) | attempted-admin | 2015-2370 | URL | ||
| 35327 | BROWSER-PLUGINS Agilent Technologies Feature Extraction ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2092 | 72840 | ||
| 35328 | BROWSER-PLUGINS Agilent Technologies Feature Extraction ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2092 | 72840 | ||
| 35329 | BROWSER-PLUGINS Agilent Technologies Feature Extraction ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2092 | 72840 | ||
| 35330 | BROWSER-PLUGINS Agilent Technologies Feature Extraction ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2092 | 72840 | ||
| 35350 | BROWSER-PLUGINS Oracle DcsXB onloadstatechange ActiveX clsid access attempt (more info ...) | attempted-user | 2014-2417 | |||
| 35351 | BROWSER-PLUGINS Oracle DcsXB onloadstatechange ActiveX clsid access attempt (more info ...) | attempted-user | 2014-2417 | |||
| 35352 | BROWSER-PLUGINS Oracle DcsXB onloadstatechange ActiveX clsid access attempt (more info ...) | attempted-user | 2014-2417 | |||
| 35487 | OS-WINDOWS Microsoft Windows Notepad remote printer file access attempt (more info ...) | attempted-recon | 2015-2423 | URL | ||
| 35488 | OS-WINDOWS Microsoft Windows Notepad remote printer file access attempt (more info ...) | attempted-recon | 2015-2423 | URL | ||
| 35513 | OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (more info ...) | policy-violation | 2015-2433 | URL | ||
| 35514 | OS-WINDOWS Microsoft Windows NtGdiGetTextMetricsW TEXTMETRICW kernel mode ASLR bypass attempt (more info ...) | policy-violation | 2015-2433 | URL | ||
| 35529 | FILE-OTHER Microsoft Windows malformed TTF table hmtx remote code execution attempt (more info ...) | attempted-user | 2015-2456 | URL | ||
| 35530 | FILE-OTHER Microsoft Windows malformed TTF table hmtx remote code execution attempt (more info ...) | attempted-user | 2015-2456 | URL | ||
| 35556 | BROWSER-PLUGINS Panasonic Security API SDK MulticastAddr ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4648 | 75405 | ||
| 35558 | BROWSER-PLUGINS Panasonic Security API SDK MulticastAddr ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4648 | 75405 | ||
| 35559 | BROWSER-PLUGINS Panasonic Security API SDK MulticastAddr ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4648 | 75405 | ||
| 35614 | BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0795 | |||
| 35615 | BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0795 | |||
| 35616 | BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0795 | |||
| 35617 | BROWSER-PLUGINS NetIQ SafeShellExecute ActiveX clsid access attempt (more info ...) | attempted-user | 2015-0795 | |||
| 35621 | BROWSER-PLUGINS Panasonic Security API SDK Ipropsapi ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4647 | 75409 | ||
| 35623 | BROWSER-PLUGINS Panasonic Security API SDK Ipropsapi ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4647 | 75409 | ||
| 35698 | BROWSER-PLUGINS Oracle Data Quality Trillium TSS12.LoaderWizard.lwctrl ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4759 | 75806 | ||
| 35699 | BROWSER-PLUGINS Oracle Data Quality Trillium TSS12.LoaderWizard.lwctrl ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4759 | 75806 | ||
| 35700 | BROWSER-PLUGINS Oracle Data Quality Trillium TSS12.LoaderWizard.lwctrl ActiveX clsid access attempt (more info ...) | attempted-user | 2015-4759 | 75806 | ||
| 35858 | FILE-OTHER Microsoft System.Uri heap corruption attempt (more info ...) | attempted-user | 2015-4021 | 70351 | URL | |
| 35883 | NETBIOS DCERPC NCACN-IP-TCP brightstor opcode 0x13 overflow attempt (more info ...) | attempted-dos | 2009-1761 | 35396 | ||
| 35959 | BROWSER-IE Microsoft Edge DOMNode manipulation use after free attempt (more info ...) | attempted-user | 2015-2488 | URL | ||
| 35967 | BROWSER-IE Microsoft Edge sandbox CreateFileW arbitrary file delete attempt (more info ...) | attempted-user | 2015-2484 | URL | ||
| 35968 | BROWSER-IE Microsoft Edge sandbox CreateFileW arbitrary file delete attempt (more info ...) | attempted-user | 2015-2484 | URL | ||
| 35973 | OS-WINDOWS Microsoft Windows SURFACE objects kernel privilege escalation attempt (more info ...) | attempted-admin | 2015-2518 | URL | ||
| 35974 | OS-WINDOWS Microsoft Windows SURFACE objects kernel privilege escalation attempt (more info ...) | attempted-admin | 2015-2518 | URL | ||
| 35977 | OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (more info ...) | policy-violation | 2015-2528 | URL | ||
| 35978 | OS-WINDOWS Microsoft Windows CreateObjectTask privilege escalation attempt (more info ...) | policy-violation | 2015-2528 | URL | ||
| 35986 | OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (more info ...) | attempted-recon | 2015-2529 | URL | ||
| 35987 | OS-WINDOWS Microsoft Windows NtUserSetWindowsHook memory disclosure attempt (more info ...) | attempted-recon | 2015-2529 | URL | ||
| 35994 | OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (more info ...) | attempted-admin | 2015-2511 | URL | ||
| 35995 | OS-WINDOWS Microsoft Windows desktop window privilege escalation attempt (more info ...) | attempted-admin | 2015-2511 | URL | ||
| 36010 | OS-WINDOWS Microsoft Windows task scheduler race condition attempt (more info ...) | attempted-admin | 2015-2525 | URL | ||
| 36011 | OS-WINDOWS Microsoft Windows task scheduler race condition attempt (more info ...) | attempted-admin | 2015-2525 | URL | ||
| 36012 | OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (more info ...) | attempted-admin | 2015-2524 | URL | ||
| 36013 | OS-WINDOWS Microsoft Windows Kernel SettingsSyncDiagnostics privilege escalation attempt (more info ...) | attempted-admin | 2015-2524 | URL | ||
| 36016 | OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (more info ...) | attempted-admin | 2015-2507 | URL | ||
| 36017 | OS-WINDOWS Microsoft Windows use after free kernel privilege escalation attempt (more info ...) | attempted-admin | 2015-2507 | URL | ||
| 36028 | OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (more info ...) | attempted-admin | 2015-2546 | URL | ||
| 36029 | OS-WINDOWS Microsoft Windows Win32k.sys use after free attempt (more info ...) | attempted-admin | 2015-2546 | URL | ||
| 36110 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven InterfaceFilter ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | URL | ||
| 36117 | BROWSER-PLUGINS HP LoadRunner ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2368 | |||
| 36118 | BROWSER-PLUGINS HP LoadRunner ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2368 | |||
| 36119 | BROWSER-PLUGINS HP LoadRunner ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2368 | |||
| 36320 | BROWSER-PLUGINS Microsoft Input Method Editor 2 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4697 | URL | ||
| 36349 | BROWSER-PLUGINS Touch22 Software Image22 DrawIcon ActiveX clsid access attempt (more info ...) | attempted-user | 41547 | |||
| 36350 | BROWSER-PLUGINS Touch22 Software Image22 DrawIcon ActiveX clsid access attempt (more info ...) | attempted-user | 41547 | |||
| 36383 | OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (more info ...) | attempted-admin | 2013-3660 | 60051 | URL | |
| 36384 | OS-WINDOWS Microsoft Windows FlattenPath paged memory consumption privilege escalation attempt (more info ...) | attempted-admin | 2013-3660 | 60051 | URL | |
| 36403 | OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (more info ...) | attempted-admin | 2015-2554 | URL | ||
| 36404 | OS-WINDOWS Microsoft Windows SepReferenceLowBoxObjects privilege escalation attempt (more info ...) | attempted-admin | 2015-2554 | URL | ||
| 36405 | OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (more info ...) | attempted-user | 2015-2550 | URL | ||
| 36406 | OS-WINDOWS Microsoft Windows sandbox policy bypass attempt (more info ...) | attempted-user | 2015-2550 | URL | ||
| 36415 | OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (more info ...) | attempted-admin | 2015-2549 | URL | ||
| 36416 | OS-WINDOWS Microsoft Windows kernel ALPC synchronous requests memory corruption attempt (more info ...) | attempted-admin | 2015-2549 | URL | ||
| 36445 | OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (more info ...) | attempted-admin | 2015-2553 | URL | ||
| 36446 | OS-WINDOWS Microsoft Windows 10 low integrity level NTFS mount reparse point bypass attempt (more info ...) | attempted-admin | 2015-2553 | URL | ||
| 36452 | BROWSER-IE Microsoft Edge cross site scripting filter bypass attempt (more info ...) | attempted-user | 2016-7280 | URL | ||
| 36474 | BROWSER-PLUGINS Advantech WebAccess AspVCObj.AspDataDriven ConvToSafeArray ActiveX clsid access (more info ...) | attempted-user | 2014-9208 | 76672 | ||
| 36481 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36482 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36483 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36484 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36485 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36486 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36487 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36488 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36489 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36490 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36491 | BROWSER-PLUGINS Schneider Electric TeeChart ActiveX clsid access attempt (more info ...) | attempted-user | 2011-4034 | 50837 | URL | |
| 36514 | BROWSER-PLUGINS X360 VideoPlayer ConvertFile ActiveX clsid access (more info ...) | attempted-user | ||||
| 36515 | BROWSER-PLUGINS X360 VideoPlayer SetText ActiveX clsid access (more info ...) | attempted-user | ||||
| 36516 | BROWSER-PLUGINS X360 VideoPlayer ConvertFile ActiveX clsid access (more info ...) | attempted-user | ||||
| 36517 | BROWSER-PLUGINS X360 VideoPlayer SetText ActiveX clsid access (more info ...) | attempted-user | ||||
| 36562 | OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (more info ...) | attempted-recon | 2015-1674 | 74488 | URL | |
| 36563 | OS-WINDOWS Microsoft Windows cng.sys memory leak kernel ASLR bypass attempt (more info ...) | attempted-recon | 2015-1674 | 74488 | URL | |
| 36640 | BROWSER-PLUGINS Advantech WebAccess SCADA webdact.ocx AccessCode ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0767 | 66728 | ||
| 36647 | BROWSER-PLUGINS Oracle Hyperion Strategic Finance Client SetDevNames ActiveX clsid access attempt (more info ...) | attempted-user | 2011-5167 | |||
| 36648 | BROWSER-PLUGINS Oracle Hyperion Strategic Finance Client SetDevNames ActiveX clsid access attempt (more info ...) | attempted-user | 2011-5167 | |||
| 36663 | BROWSER-PLUGINS Advantech WebAccess SCADA ActiveX clsid access (more info ...) | attempted-user | 2014-0765 | 66722 | ||
| 36664 | BROWSER-PLUGINS Advantech WebAccess SCADA ActiveX clsid access (more info ...) | attempted-user | 2014-0765 | 66722 | ||
| 36665 | BROWSER-PLUGINS Advantech WebAccess SCADA ActiveX clsid access (more info ...) | attempted-user | 2014-0765 | 66722 | ||
| 36718 | OS-WINDOWS Microsoft Windows win32k kernel memory information disclosure attempt (more info ...) | attempted-recon | 2015-6102 | URL | ||
| 36719 | OS-WINDOWS Microsoft Windows win32k kernel memory information disclosure attempt (more info ...) | attempted-recon | 2015-6102 | URL | ||
| 36744 | OS-WINDOWS Microsoft Windows NDIS.SYS driver buffer overflow attempt (more info ...) | attempted-admin | 2015-6098 | URL | ||
| 36745 | OS-WINDOWS Microsoft Windows NDIS.SYS driver buffer overflow attempt (more info ...) | attempted-admin | 2015-6098 | URL | ||
| 36792 | BROWSER-PLUGINS Microsoft Visual FoxPro ActiveX clsid access (more info ...) | attempted-user | 2007-5322 | 25977 | ||
| 36804 | OS-WINDOWS Microsoft Windows wininet peerdistsvc.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3966 | URL | ||
| 36805 | OS-WINDOWS Microsoft Windows wininet request for peerdistsvc.dll over SMB attempt (more info ...) | attempted-user | 2010-3966 | |||
| 36856 | FILE-IMAGE Microsoft Windows malformed WMF meta escape record memory corruption attempt (more info ...) | attempted-user | 2009-2500 | URL | ||
| 36891 | BROWSER-PLUGINS ClearQuest session ActiveX control access (more info ...) | attempted-user | 2012-0708 | |||
| 36892 | BROWSER-PLUGINS ClearQuest session ActiveX control access (more info ...) | attempted-user | 2012-0708 | |||
| 37040 | BROWSER-PLUGINS Microsoft CAPICOM CAPICOM.Certificates ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0940 | |||
| 37041 | BROWSER-PLUGINS Microsoft CAPICOM CAPICOM.Certificates ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0940 | |||
| 37042 | BROWSER-PLUGINS Microsoft CAPICOM CAPICOM.Certificates ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0940 | |||
| 37043 | BROWSER-PLUGINS Microsoft CAPICOM CAPICOM.Certificates ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0940 | |||
| 37044 | BROWSER-PLUGINS Microsoft CAPICOM CAPICOM.Certificates ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0940 | |||
| 37087 | OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow (more info ...) | attempted-admin | 2006-0020 | 16516 | URL | |
| 37151 | FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (more info ...) | attempted-user | 2008-0011 | URL | ||
| 37152 | FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (more info ...) | attempted-user | 2008-0011 | URL | ||
| 37153 | FILE-MULTIMEDIA Microsoft Windows DirectX malformed mjpeg arbitrary code execution attempt (more info ...) | attempted-user | 2008-0011 | URL | ||
| 37364 | OS-WINDOWS Microsoft Windows NT DHCP REQUEST client identifier overflow attempt (more info ...) | attempted-dos | 2004-0899 | 11920 | URL | |
| 37365 | OS-WINDOWS Microsoft Windows NT DHCP REQUEST client identifier overflow attempt (more info ...) | attempted-dos | 2004-0899 | 11920 | URL | |
| 37366 | OS-WINDOWS Microsoft Windows NT DHCP REQUEST hostname overflow attempt (more info ...) | attempted-dos | 2004-0899 | 11920 | URL | |
| 37367 | OS-WINDOWS Microsoft Windows NT DHCP REQUEST hostname overflow attempt (more info ...) | attempted-dos | 2004-0899 | 11920 | URL | |
| 37445 | OS-WINDOWS Microsoft Windows Color Management Module buffer overflow attempt (more info ...) | attempted-user | 2005-1219 | 14214 | ||
| 37514 | BROWSER-PLUGINS Schneider Electric ProClima F1BookView ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8561 | |||
| 37625 | BROWSER-PLUGINS SizerOne ActiveX clsid access attempt (more info ...) | attempted-user | 2008-4827 | 33148 | ||
| 37635 | OS-WINDOWS Microsoft Windows SPNEGO ASN.1 library heap corruption overflow attempt (more info ...) | attempted-admin | 2005-1935 | 9633 | URL | |
| 37713 | BROWSER-PLUGINS Unitronics VisiLogic TeeChart Pro ActiveX clsid access attempt (more info ...) | attempted-user | 2015-6478 | URL | ||
| 37714 | BROWSER-PLUGINS Unitronics VisiLogic TeeChart Pro ActiveX clsid access attempt (more info ...) | attempted-user | 2015-6478 | URL | ||
| 37826 | BROWSER-PLUGINS HP LoadRunner ActiveX function call access attempt (more info ...) | attempted-user | 2013-2370 | |||
| 37827 | BROWSER-PLUGINS HP LoadRunner ActiveX function call access attempt (more info ...) | attempted-user | 2013-2370 | |||
| 37874 | BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2657 | URL | ||
| 37875 | BROWSER-PLUGINS Novell ZENworks LaunchHelp.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2011-2657 | URL | ||
| 37876 | FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (more info ...) | attempted-user | 2007-3034 | 25302 | URL | |
| 37877 | FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (more info ...) | attempted-user | 2007-3034 | 25302 | URL | |
| 37878 | FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (more info ...) | attempted-user | 2007-3034 | 25302 | URL | |
| 37879 | FILE-IMAGE Microsoft Windows GDI metafile integer overflow attempt (more info ...) | attempted-user | 2007-3034 | 25302 | URL | |
| 37882 | BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (more info ...) | attempted-user | 2012-5946 | 59559 | ||
| 37883 | BROWSER-PLUGINS IBM SizerOne ActiveX clsid access attempt (more info ...) | attempted-user | 2012-5946 | 59559 | ||
| 37886 | OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 37887 | OS-WINDOWS DCERPC Plug and Play registry key access buffer overflow attempt (more info ...) | protocol-command-decode | 2005-2120 | 15065 | URL | |
| 37899 | BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (more info ...) | attempted-user | URL | |||
| 37900 | BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow clsid attempt (more info ...) | attempted-user | URL | |||
| 37901 | BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (more info ...) | attempted-user | URL | |||
| 37902 | BROWSER-PLUGINS Attachmate Reflection ActiveX buffer overflow function call attempt (more info ...) | attempted-user | URL | |||
| 37996 | BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (more info ...) | attempted-user | 2013-1302 | |||
| 37997 | BROWSER-PLUGINS IE MsRdpClient ActiveX attempt (more info ...) | attempted-user | 2013-1302 | |||
| 38046 | POLICY-OTHER PDF ActiveX CLSID access detected (more info ...) | attempted-user | 2014-0527 | URL | ||
| 38125 | FILE-MULTIMEDIA Microsoft Windows Transport Stream Program Map Table Heap overflow attempt (more info ...) | attempted-user | 2016-0101 | URL | ||
| 38151 | BROWSER-PLUGINS Symantec Altiris Deployment Solution ActiveX clsid access attempt (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 38153 | BROWSER-PLUGINS WebGate WESPDiscovery ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2100 | 72843 | ||
| 38230 | BROWSER-PLUGINS WebGate Control Center WESPPlayback ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2099 | 72834 | ||
| 38231 | BROWSER-PLUGINS WebGate Control Center WESPPlayback ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2099 | 72834 | ||
| 38232 | BROWSER-PLUGINS WebGate Control Center WESPPlayback ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2099 | 72834 | ||
| 38233 | BROWSER-PLUGINS WebGate Control Center WESPPlayback ActiveX clsid access attempt (more info ...) | attempted-user | 2015-2099 | 72834 | ||
| 38250 | INDICATOR-OBFUSCATION HTML entity encoded ActiveX object instantiation detected (more info ...) | misc-activity | URL | |||
| 38264 | OS-WINDOWS DCERPC Direct detection of malicious DCE RPC request in suspicious pcap (more info ...) | protocol-command-decode | 2009-1544 | URL | ||
| 38319 | NETBIOS SMB winreg named pipe creation attempt (more info ...) | misc-activity | ||||
| 38320 | NETBIOS SMB srvsvc named pipe creation attempt (more info ...) | misc-activity | ||||
| 38321 | NETBIOS SMB svcctl named pipe creation attempt (more info ...) | misc-activity | ||||
| 38322 | NETBIOS SMB samr named pipe creation attempt (more info ...) | misc-activity | ||||
| 38383 | BROWSER-PLUGINS Advantech WebAccess ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 38477 | BROWSER-IE Microsoft Edge webnote exit event css arbitrary file read attempt (more info ...) | attempted-user | 2016-0161 | URL | ||
| 38478 | BROWSER-IE Microsoft Edge webnote exit event css arbitrary file read attempt (more info ...) | attempted-user | 2016-0161 | URL | ||
| 38537 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 38538 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32 ActiveX function call access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 38539 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 38540 | BROWSER-PLUGINS Symantec NavComUI AxSysListView32OAA ActiveX function call access attempt (more info ...) | attempted-user | 2007-2955 | 24983 | URL | |
| 38816 | FILE-OTHER Microsoft Windows gdi32 malformed EMF file ExtEscape buffer overflow attempt (more info ...) | attempted-user | 2016-0170 | URL | ||
| 39228 | BROWSER-IE Microsoft Edge PDF Color Space out-of-bounds memory access attempt (more info ...) | attempted-recon | 2016-3201 | URL | ||
| 39229 | BROWSER-IE Microsoft Edge PDF Color Space out-of-bounds memory access attempt (more info ...) | attempted-recon | 2016-3201 | URL | ||
| 39266 | OS-WINDOWS Microsoft Windows GdiPlus malformed EMF file out of bounds read attempt (more info ...) | attempted-user | 2016-3216 | URL | ||
| 39373 | BROWSER-PLUGINS Oracle AutoVueXCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 50332 | |||
| 39374 | BROWSER-PLUGINS Oracle AutoVueXCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 50332 | |||
| 39375 | BROWSER-PLUGINS Oracle AutoVueXCtrl ActiveX clsid access attempt (more info ...) | attempted-user | 50332 | |||
| 39376 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX function call access attempt (more info ...) | attempted-user | 2012-5947 | 59556 | ||
| 39377 | BROWSER-PLUGINS IBM SPSS SamplePower ActiveX function call access attempt (more info ...) | attempted-user | 2012-5947 | 59556 | ||
| 39382 | BROWSER-PLUGINS Oracle Hyperion Financial Management TList6 ActiveX clsid access attempt (more info ...) | attempted-user | 50476 | |||
| 39383 | BROWSER-PLUGINS Oracle Hyperion Financial Management TList6 ActiveX clsid access attempt (more info ...) | attempted-user | 50476 | |||
| 39384 | BROWSER-PLUGINS Oracle Hyperion Financial Management TList6 ActiveX clsid access attempt (more info ...) | attempted-user | 50476 | |||
| 39485 | BROWSER-IE Microsoft Edge DWrite.dll out of bounds read attempt (more info ...) | attempted-recon | 2016-3277 | URL | ||
| 39863 | OS-WINDOWS Microsoft Windows win32k.sys escalation of privilege attempt (more info ...) | attempted-user | 2011-1231 | URL | ||
| 39874 | FILE-OTHER Microsoft Windows PDF parsing invalid JPEG2000 SIZ marker attempt (more info ...) | attempted-user | 2016-3319 | URL | ||
| 39879 | BROWSER-PLUGINS Mitsubishi MC-WorkX ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2817 | |||
| 39880 | BROWSER-PLUGINS Mitsubishi MC-WorkX ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2817 | |||
| 39891 | BROWSER-PLUGINS Schneider Electric SCADA Expert ClearSCADA ActiveX clsid access attempt (more info ...) | attempted-user | 2014-1848 | |||
| 39892 | BROWSER-PLUGINS Schneider Electric SCADA Expert ClearSCADA ActiveX clsid access attempt (more info ...) | attempted-user | 2014-1848 | |||
| 39895 | BROWSER-PLUGINS Tom Sawyer GET exetension ActiveX clsid access (more info ...) | attempted-user | 2011-2217 | |||
| 39896 | BROWSER-PLUGINS Tom Sawyer GET Extension ActiveX function call access (more info ...) | attempted-user | 2011-2217 | |||
| 40022 | BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access attempt (more info ...) | attempted-user | 2006-6236 | 21338 | URL | |
| 40023 | BROWSER-PLUGINS AcroPDF.PDF ActiveX clsid access attempt (more info ...) | attempted-user | 2006-6236 | 21338 | URL | |
| 40130 | OS-WINDOWS Microsoft Windows GDI emf filename buffer overflow attempt (more info ...) | attempted-user | 2008-1087 | URL | ||
| 40144 | BROWSER-IE Microsoft Edge PDF out-of-bounds Crypt Filter length attempt (more info ...) | attempted-user | 2016-3370 | URL | ||
| 40145 | BROWSER-IE Microsoft Edge PDF out-of-bounds Crypt Filter length attempt (more info ...) | attempted-user | 2016-3370 | URL | ||
| 40146 | BROWSER-IE Microsoft Edge malformed response information disclosure attempt (more info ...) | attempted-recon | 2016-3325 | URL | ||
| 40347 | BROWSER-PLUGINS Samsung SmartViewer ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8040 | |||
| 40348 | BROWSER-PLUGINS Samsung SmartViewer ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8040 | |||
| 40376 | OS-WINDOWS Microsoft GDI local privilege escalation attempt (more info ...) | attempted-admin | 2016-3266 | URL | ||
| 40377 | OS-WINDOWS Microsoft GDI local privilege escalation attempt (more info ...) | attempted-admin | 2016-3266 | URL | ||
| 40651 | BROWSER-IE Microsoft Edge webkit directory file disclosure attempt (more info ...) | attempted-user | 2016-7204 | URL | ||
| 40652 | BROWSER-IE Microsoft Edge webkit directory file disclosure attempt (more info ...) | attempted-user | 2016-7204 | URL | ||
| 40713 | BROWSER-IE Microsoft Edge JSON.parse information disclosure attempt (more info ...) | attempted-recon | 2016-7241 | 94055 | URL | |
| 40714 | BROWSER-IE Microsoft Edge JSON.parse information disclosure attempt (more info ...) | attempted-recon | 2016-7241 | 94055 | URL | |
| 40715 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-7240 | URL | ||
| 40716 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-7240 | URL | ||
| 40946 | BROWSER-IE Microsoft Edge CSS browser history disclosure attempt (more info ...) | attempted-recon | URL | |||
| 40949 | BROWSER-IE Microsoft Edge SIMD memory corruption attempt (more info ...) | attempted-user | 2016-7286 | URL | ||
| 40950 | BROWSER-IE Microsoft Edge SIMD memory corruption attempt (more info ...) | attempted-user | 2016-7286 | URL | ||
| 40969 | BROWSER-IE Microsoft Edge Object.defineProperty type confusion attempt (more info ...) | attempted-user | 2016-7287 | URL | ||
| 40970 | BROWSER-IE Microsoft Edge Object.defineProperty type confusion attempt (more info ...) | attempted-user | 2016-7287 | URL | ||
| 41365 | OS-WINDOWS Microsoft Windows RtlQueryRegistryValues buffer overflow attempt (more info ...) | attempted-admin | 2010-4398 | URL | ||
| 41462 | FILE-EXECUTABLE Microsoft Windows Win32 Divide Error Exception Denial of Service attempt (more info ...) | attempted-dos | 2013-1334 | URL | ||
| 41463 | FILE-EXECUTABLE Microsoft Windows Win32 Divide Error Exception Denial of Service attempt (more info ...) | attempted-dos | 2013-1334 | URL | ||
| 41464 | FILE-EXECUTABLE Microsoft Windows Win32 Divide Error Exception Denial of Service attempt (more info ...) | attempted-dos | 2013-1334 | URL | ||
| 41465 | FILE-EXECUTABLE Microsoft Windows Win32 Divide Error Exception Denial of Service attempt (more info ...) | attempted-dos | 2013-1334 | URL | ||
| 41502 | BROWSER-PLUGINS NTR ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0267 | 51374 | ||
| 41503 | BROWSER-PLUGINS NTR ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0267 | 51374 | ||
| 41593 | BROWSER-IE Microsoft Edge Data URI same origin policy bypass attempt (more info ...) | attempted-user | 2017-0017 | URL | ||
| 41594 | BROWSER-IE Microsoft Edge Data URI same origin policy bypass attempt (more info ...) | attempted-user | 2017-0017 | URL | ||
| 41701 | POLICY-OTHER Microsoft Active Directory DSGetNCChanges attempt (more info ...) | policy-violation | URL | |||
| 41715 | BROWSER-IE Microsoft Health and Support Center iframe injection attempt (more info ...) | attempted-user | ||||
| 41946 | FILE-IMAGE Microsoft GDI+ malformed EMF description out of bounds read attempt (more info ...) | attempted-admin | 2018-12849 | URL | ||
| 41948 | BROWSER-IE Microsoft Edge fetch API same origin policy bypass attempt (more info ...) | attempted-recon | 2017-0140 | URL | ||
| 41949 | BROWSER-IE Microsoft Edge fetch API same origin policy bypass attempt (more info ...) | attempted-recon | 2017-0140 | URL | ||
| 41987 | BROWSER-IE Microsoft Edge web address spoofing attempt (more info ...) | attempted-admin | 2017-0069 | URL | ||
| 41988 | BROWSER-IE Microsoft Edge web address spoofing attempt (more info ...) | attempted-admin | 2017-0069 | URL | ||
| 41989 | FILE-EXECUTABLE Microsoft Windows Com Session Moniker pivilege escalation attempt (more info ...) | attempted-user | 2017-0100 | URL | ||
| 41990 | FILE-EXECUTABLE Microsoft Windows Com Session Moniker pivilege escalation attempt (more info ...) | attempted-user | 2017-0100 | URL | ||
| 41993 | OS-WINDOWS Microsoft Windows GDI WMF out of bounds read attempt (more info ...) | attempted-user | 2017-0073 | URL | ||
| 41997 | OS-WINDOWS Microsoft GDI+ privilege escalation attempt (more info ...) | attempted-admin | 2017-0188 | URL | ||
| 42040 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2018-4438 | URL | ||
| 42256 | OS-WINDOWS Microsoft Windows SMB anonymous user session setup request detected (more info ...) | policy-violation | URL | |||
| 42340 | OS-WINDOWS Microsoft Windows SMB anonymous session IPC share access attempt (more info ...) | attempted-recon | URL | |||
| 42440 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42441 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42442 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42444 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42445 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42446 | OS-WINDOWS Microsoft Jet DB Engine Buffer Overflow attempt (more info ...) | attempted-user | 2005-0944 | 12960 | ||
| 42773 | OS-WINDOWS Microsoft Windows COM privilege escalation attempt (more info ...) | attempted-admin | 2017-0213 | |||
| 42774 | OS-WINDOWS Microsoft Windows COM privilege escalation attempt (more info ...) | attempted-admin | 2017-0213 | |||
| 42865 | OS-WINDOWS Microsoft Windows RRAS MIBEntryGet buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 42921 | BROWSER-PLUGINS Schneider Electric SoMachine HVAC ActiveX information disclosure clsid access attempt (more info ...) | attempted-user | URL | |||
| 42922 | BROWSER-PLUGINS Schneider Electric SoMachine HVAC ActiveX information disclosure clsid access attempt (more info ...) | attempted-user | URL | |||
| 43009 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43010 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43011 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43012 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43013 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43014 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43015 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43016 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43017 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43018 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43019 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43020 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43021 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43022 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43023 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43024 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43025 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43026 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43027 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43028 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43029 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43030 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43031 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43032 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43033 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43034 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43035 | BROWSER-PLUGINS Micro Focus Rumba+ ActiveX clsid access attempt (more info ...) | attempted-user | 2016-1606 | |||
| 43046 | BROWSER-PLUGINS ICONICS SCADA WebHMI ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43047 | BROWSER-PLUGINS ICONICS SCADA WebHMI ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43110 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-7240 | URL | ||
| 43111 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-7240 | URL | ||
| 43122 | PROTOCOL-SCADA Advantech WebAccess webvrpcs denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43161 | POLICY-OTHER Microsoft Browser iframe local file load attempt (more info ...) | attempted-recon | 2017-8529 | |||
| 43162 | POLICY-OTHER Microsoft Browser iframe local file load attempt (more info ...) | attempted-recon | 2017-8529 | |||
| 43185 | BROWSER-PLUGINS Advantech WebAccess ActiveX clsid access attempt (more info ...) | attempted-user | 2014-2364 | |||
| 43186 | BROWSER-PLUGINS Advantech WebAccess ActiveX clsid access attempt (more info ...) | attempted-user | 2014-2364 | |||
| 43225 | OS-WINDOWS Microsoft .NET framework CLI loader denial of service attempt (more info ...) | attempted-dos | 2007-0041 | 24778 | URL | |
| 43226 | OS-WINDOWS Microsoft .NET framework CLI loader denial of service attempt (more info ...) | attempted-dos | 2007-0041 | 24778 | URL | |
| 43240 | BROWSER-PLUGINS Rising Online Virus Scanner ActiveX clsid access attempt (more info ...) | attempted-user | 38282 | |||
| 43241 | BROWSER-PLUGINS Rising Online Virus Scanner ActiveX clsid access attempt (more info ...) | attempted-user | 38282 | |||
| 43242 | BROWSER-PLUGINS Rising Online Virus Scanner ActiveX clsid access attempt (more info ...) | attempted-user | 38282 | |||
| 43243 | BROWSER-PLUGINS Rising Online Virus Scanner ActiveX clsid access attempt (more info ...) | attempted-user | 38282 | |||
| 43269 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2009-1546 | URL | ||
| 43270 | FILE-MULTIMEDIA Microsoft Windows DirectX directshow wav file overflow attempt (more info ...) | attempted-user | 2009-1546 | URL | ||
| 43275 | OS-WINDOWS Microsoft Windows MFT denial of service attempt (more info ...) | denial-of-service | 98729 | URL | ||
| 43276 | OS-WINDOWS Microsoft Windows MFT denial of service attempt (more info ...) | denial-of-service | 98729 | URL | ||
| 43277 | OS-WINDOWS Microsoft Windows MFT denial of service attempt (more info ...) | denial-of-service | 98729 | URL | ||
| 43278 | OS-WINDOWS Microsoft Windows MFT denial of service attempt (more info ...) | denial-of-service | 98729 | URL | ||
| 43342 | BROWSER-PLUGINS Data Dynamics ActiveBar remote file write attempt ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 43343 | BROWSER-PLUGINS Data Dynamics ActiveBar remote file write attempt ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 43344 | BROWSER-PLUGINS Data Dynamics ActiveBar remote file write attempt ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 43345 | BROWSER-PLUGINS Data Dynamics ActiveBar remote file write attempt ActiveX clsid access attempt (more info ...) | attempted-user | 2007-3883 | 24959 | ||
| 43359 | FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (more info ...) | attempted-admin | 2008-2249 | URL | ||
| 43360 | FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (more info ...) | attempted-admin | 2008-2249 | URL | ||
| 43361 | FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (more info ...) | attempted-admin | 2008-2249 | URL | ||
| 43362 | FILE-IMAGE Microsoft GDI WMF file parsing integer overflow attempt (more info ...) | attempted-admin | 2008-2249 | URL | ||
| 43363 | FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (more info ...) | misc-activity | URL | |||
| 43364 | FILE-IDENTIFY Microsoft Windows Audio wmf file magic detected (more info ...) | misc-activity | URL | |||
| 43370 | NETBIOS DCERPC possible wmi remote process launch (more info ...) | policy-violation | URL | |||
| 43371 | BROWSER-PLUGINS DivX Player DivXBrowserPlugin ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0429 | |||
| 43372 | BROWSER-PLUGINS DivX Player DivXBrowserPlugin ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0429 | |||
| 43373 | BROWSER-PLUGINS DivX Player DivXBrowserPlugin ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0429 | |||
| 43374 | BROWSER-PLUGINS DivX Player DivXBrowserPlugin ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0429 | |||
| 43375 | BROWSER-PLUGINS EB Design Pty Ltd ActiveX clsid access attempt (more info ...) | attempted-user | 2007-5110 | |||
| 43376 | BROWSER-PLUGINS EB Design Pty Ltd ActiveX clsid access attempt (more info ...) | attempted-user | 2007-5110 | |||
| 43377 | BROWSER-PLUGINS EB Design Pty Ltd ActiveX clsid access attempt (more info ...) | attempted-user | 2007-5111 | |||
| 43378 | BROWSER-PLUGINS EB Design Pty Ltd ActiveX clsid access attempt (more info ...) | attempted-user | 2007-5111 | |||
| 43386 | OS-WINDOWS Microsoft Windows MFT denial of service attempt (more info ...) | denial-of-service | 98729 | URL | ||
| 43387 | OS-WINDOWS Microsoft Windows MFT denial of service attempt (more info ...) | denial-of-service | 98729 | URL | ||
| 43400 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow ActiveX clsid access attempt (more info ...) | attempted-user | 2012-2176 | 53678 | ||
| 43401 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow ActiveX clsid access attempt (more info ...) | attempted-user | 2012-2176 | 53678 | ||
| 43519 | BROWSER-PLUGINS Pegasus ImagXpress ActiveX clsid access attempt (more info ...) | attempted-user | 2007-5320 | |||
| 43520 | BROWSER-PLUGINS Pegasus ImagXpress ActiveX clsid access attempt (more info ...) | attempted-user | 2007-5320 | |||
| 43537 | BROWSER-PLUGINS IBM SPSS Statistics ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8530 | 90524 | URL | |
| 43538 | BROWSER-PLUGINS IBM SPSS Statistics ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8530 | 90524 | URL | |
| 43605 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 43606 | BROWSER-PLUGINS Microsoft Access Snapshot Viewer ActiveX function call access attempt (more info ...) | attempted-user | 2008-2463 | 30114 | URL | |
| 43607 | BROWSER-PLUGINS HP Photo Creative ActiveX clsid access attempt (more info ...) | attempted-user | 2011-3397 | 45631 | ||
| 43649 | BROWSER-PLUGINS Ultra Crypto Component ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4902 | |||
| 43650 | BROWSER-PLUGINS Ultra Crypto Component ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4902 | |||
| 43701 | BROWSER-PLUGINS McAfee FreeScan information disclosure ActiveX clsid access attempt (more info ...) | attempted-user | 2004-1908 | 10077 | ||
| 43702 | BROWSER-PLUGINS McAfee FreeScan information disclosure ActiveX clsid access attempt (more info ...) | attempted-user | 2004-1908 | 10077 | ||
| 43703 | BROWSER-PLUGINS McAfee FreeScan information disclosure ActiveX clsid access attempt (more info ...) | attempted-user | 2004-1908 | 10077 | ||
| 43704 | BROWSER-PLUGINS McAfee FreeScan information disclosure ActiveX clsid access attempt (more info ...) | attempted-user | 2004-1908 | 10077 | ||
| 43731 | OS-WINDOWS Microsoft Windows Vista contacts gadget code execution attempt (more info ...) | attempted-user | 2007-3032 | URL | ||
| 43732 | OS-WINDOWS Microsoft Windows Vista contacts gadget code execution attempt (more info ...) | attempted-user | 2007-3032 | URL | ||
| 43791 | OS-WINDOWS Microsoft .NET framework mscormmc.dll ASLR bypass attempt (more info ...) | attempted-user | 2015-6115 | 77482 | URL | |
| 43792 | OS-WINDOWS Microsoft .NET framework mscormmc.dll ASLR bypass attempt (more info ...) | attempted-user | 2015-6115 | 77482 | URL | |
| 43815 | OS-WINDOWS Microsoft VBScript engine RegExp information disclosure attempt (more info ...) | policy-violation | 2015-1684 | 74522 | ||
| 43816 | OS-WINDOWS Microsoft VBScript engine RegExp information disclosure attempt (more info ...) | policy-violation | 2015-1684 | 74522 | ||
| 43817 | OS-WINDOWS Microsoft VBScript engine RegExp information disclosure attempt (more info ...) | policy-violation | 2015-1684 | 74522 | ||
| 43818 | OS-WINDOWS Microsoft VBScript engine RegExp information disclosure attempt (more info ...) | policy-violation | 2015-1684 | 74522 | ||
| 43928 | PROTOCOL-OTHER NETBIOS Session Service header length field denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43951 | BROWSER-PLUGINS Shockwave ActiveX Control clsid access (more info ...) | attempted-user | 2007-1403 | 22842 | ||
| 43965 | OS-WINDOWS Microsoft Windows Explorer .doc file denial of service attempt (more info ...) | attempted-user | 2007-1347 | |||
| 43966 | OS-WINDOWS Microsoft Windows Explorer .doc file denial of service attempt (more info ...) | attempted-user | 2007-1347 | |||
| 44128 | FILE-IMAGE Microsoft Windows metafile SetPaletteEntries heap overflow attempt (more info ...) | attempted-user | 2005-2124 | 15356 | URL | |
| 44129 | OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (more info ...) | attempted-user | 2005-2124 | 15356 | URL | |
| 44130 | OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (more info ...) | attempted-user | 2005-2124 | 15356 | URL | |
| 44131 | OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (more info ...) | attempted-user | 2005-2124 | 15356 | URL | |
| 44132 | OS-WINDOWS Microsoft Windows Metafile invalid header size integer overflow attempt (more info ...) | attempted-user | 2005-2124 | 15356 | URL | |
| 44199 | BROWSER-IE Microsoft Internet print table of links cross site scripting attempt (more info ...) | attempted-admin | URL | |||
| 44200 | BROWSER-IE Microsoft Internet print table of links cross site scripting attempt (more info ...) | attempted-admin | URL | |||
| 44216 | OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (more info ...) | attempted-user | 2010-0027 | URL | ||
| 44217 | OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (more info ...) | attempted-user | 2010-0027 | URL | ||
| 44218 | OS-WINDOWS Microsoft Windows Shell Handler remote code execution attempt (more info ...) | attempted-user | 2010-0027 | URL | ||
| 44305 | OS-WINDOWS Microsoft DirectShow memory corruption attempt (more info ...) | attempted-user | 2010-0250 | URL | ||
| 44306 | OS-WINDOWS Microsoft DirectShow memory corruption attempt (more info ...) | attempted-user | 2010-0250 | URL | ||
| 44548 | BROWSER-IE Microsoft Edge webnote exit event css arbitrary file read attempt (more info ...) | attempted-user | 2016-0161 | URL | ||
| 44549 | BROWSER-IE Microsoft Edge webnote exit event css arbitrary file read attempt (more info ...) | attempted-user | 2016-0161 | URL | ||
| 44635 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-admin | URL | |||
| 44636 | BROWSER-IE Microsoft Edge sandbox escape attempt (more info ...) | attempted-admin | URL | |||
| 44651 | NETBIOS SMB NTLMSSP authentication brute force attempt (more info ...) | attempted-user | URL | |||
| 44664 | BROWSER-PLUGINS Microsoft Windows shell.application object ShellExecute attempt (more info ...) | attempted-user | URL | |||
| 44732 | BROWSER-PLUGINS Mitsubishi MC-WorkX ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2817 | |||
| 44733 | BROWSER-PLUGINS Mitsubishi MC-WorkX ActiveX clsid access attempt (more info ...) | attempted-user | 2013-2817 | |||
| 44825 | OS-WINDOWS Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2017-11861 | URL | ||
| 44826 | OS-WINDOWS Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2017-11861 | URL | ||
| 44843 | BROWSER-IE Microsoft Edge Uint8Array memory corruption attempt (more info ...) | attempted-admin | 2017-11873 | URL | ||
| 44844 | BROWSER-IE Microsoft Edge Uint8Array memory corruption attempt (more info ...) | attempted-admin | 2017-11873 | URL | ||
| 45058 | FILE-OTHER Microsoft Windows UAC bypass attempt (more info ...) | attempted-admin | ||||
| 45059 | FILE-OTHER Microsoft Windows UAC bypass attempt (more info ...) | attempted-admin | ||||
| 45101 | PROTOCOL-SCADA vxworks rpc credential flavor integer overflow device crash attempt (more info ...) | denial-of-service | 2015-7599 | |||
| 45108 | PROTOCOL-RPC XDR string allocation denial of service attempt (more info ...) | denial-of-service | 2017-8779 | 98325 | ||
| 45152 | INDICATOR-COMPROMISE Microsoft MsMpEng shrink compressed zip code execution attempt (more info ...) | attempted-admin | 2017-11937 | URL | ||
| 45153 | INDICATOR-COMPROMISE Microsoft MsMpEng shrink compressed zip code execution attempt (more info ...) | attempted-admin | 2017-11937 | URL | ||
| 45164 | POLICY-OTHER RPC Portmapper version 3 dump request attempt (more info ...) | denial-of-service | URL | |||
| 45165 | POLICY-OTHER RPC Portmapper version 2 dump request attempt (more info ...) | denial-of-service | URL | |||
| 45166 | POLICY-OTHER RPC Portmapper getstat request attempt (more info ...) | denial-of-service | URL | |||
| 45175 | OS-WINDOWS Microsoft Windows ShellExecute and IE7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 45315 | FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (more info ...) | attempted-user | 2010-1882 | URL | ||
| 45316 | FILE-OTHER Microsoft Windows MPEG Layer-3 audio heap corruption attempt (more info ...) | attempted-user | 2010-1882 | URL | ||
| 45462 | BROWSER-IE Microsoft ChakraCore scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11799 | URL | ||
| 45463 | BROWSER-IE Microsoft ChakraCore scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11799 | URL | ||
| 45474 | BROWSER-IE Microsoft Edge scripting engine uninitialized pointers memory corruption attempt (more info ...) | attempted-user | 2017-11809 | URL | ||
| 45475 | BROWSER-IE Microsoft Edge scripting engine uninitialized pointers memory corruption attempt (more info ...) | attempted-user | 2017-11809 | URL | ||
| 45515 | NETBIOS SMB SESSION_SETUP subcommand detected (more info ...) | protocol-command-decode | URL | |||
| 45553 | FILE-MULTIMEDIA Microsoft Windows Movie Maker project file heap buffer overflow attempt (more info ...) | attempted-user | 2010-0265 | URL | ||
| 45630 | FILE-OTHER Microsoft Windows CLFS privilege escalation attempt (more info ...) | attempted-user | 2018-0844 | URL | ||
| 45631 | FILE-OTHER Microsoft Windows CLFS privilege escalation attempt (more info ...) | attempted-user | 2018-0844 | URL | ||
| 45971 | SERVER-OTHER Advantech WebAccess webvrpcs service arbitrary command execution attempt (more info ...) | attempted-admin | 2017-16720 | 102424 | URL | |
| 46074 | FILE-OTHER Microsoft Windows Remote Assistance external entity remote file download attempt (more info ...) | attempted-recon | 2018-0878 | URL | ||
| 46075 | FILE-OTHER Microsoft Windows Remote Assistance external entity remote file download attempt (more info ...) | attempted-recon | 2018-0878 | URL | ||
| 46351 | BROWSER-PLUGINS Mitsubishi EZPcAut220 ActiveX clsid access attempt (more info ...) | attempted-user | 2014-1847 | |||
| 46352 | BROWSER-PLUGINS Mitsubishi EZPcAut220 ActiveX clsid access attempt (more info ...) | attempted-user | 2014-1847 | |||
| 46403 | NETBIOS SMB NTLM Authentication with unknown authentication message type attempt (more info ...) | misc-activity | ||||
| 46419 | OS-WINDOWS Microsoft Windows XXE information disclosure attempt (more info ...) | attempted-admin | 2017-8710 | |||
| 46420 | OS-WINDOWS Microsoft Windows XXE information disclosure attempt (more info ...) | attempted-admin | 2017-8710 | |||
| 46441 | BROWSER-IE Microsoft Edge AsmJsInterpreter method use after free attempt (more info ...) | attempted-user | 2017-8603 | |||
| 46442 | BROWSER-IE Microsoft Edge AsmJsInterpreter method use after free attempt (more info ...) | attempted-user | 2017-8603 | |||
| 46503 | OS-WINDOWS Microsoft Windows TTF cmap integer overflow attempt (more info ...) | attempted-admin | 2016-3393 | 93377 | URL | |
| 46504 | OS-WINDOWS Microsoft Windows TTF cmap integer overflow attempt (more info ...) | attempted-admin | 2016-3393 | 93377 | URL | |
| 46505 | BROWSER-IE Microsoft Edge eval heap overflow attempt (more info ...) | attempted-user | 2017-8641 | URL | ||
| 46506 | BROWSER-IE Microsoft Edge eval heap overflow attempt (more info ...) | attempted-user | 2017-8641 | URL | ||
| 46507 | BROWSER-IE Microsoft Edge eval heap overflow attempt (more info ...) | attempted-user | 2017-8641 | URL | ||
| 46508 | BROWSER-IE Microsoft Edge eval heap overflow attempt (more info ...) | attempted-user | 2017-8641 | URL | ||
| 46592 | BROWSER-IE Microsoft Edge JSON.parse information disclosure attempt (more info ...) | attempted-recon | 2016-7241 | 94055 | URL | |
| 46593 | BROWSER-IE Microsoft Edge JSON.parse information disclosure attempt (more info ...) | attempted-recon | 2016-7241 | 94055 | URL | |
| 46713 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2018-8179 | URL | ||
| 46714 | BROWSER-IE Microsoft Edge out of bounds write attempt (more info ...) | attempted-admin | 2018-8179 | URL | ||
| 46763 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-7240 | URL | ||
| 46764 | BROWSER-IE Microsoft Edge proxy object type confusion attempt (more info ...) | attempted-user | 2016-7240 | URL | ||
| 46903 | INDICATOR-COMPROMISE Microsoft Windows SYSTEM token stealing attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46904 | INDICATOR-COMPROMISE Microsoft Windows SYSTEM token stealing attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46905 | INDICATOR-COMPROMISE Microsoft Windows malicious CONTEXT structure creation attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46906 | INDICATOR-COMPROMISE Microsoft Windows malicious CONTEXT structure creation attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46907 | INDICATOR-COMPROMISE Microsoft Windows processor modification return to user-mode attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46908 | INDICATOR-COMPROMISE Microsoft Windows processor modification return to user-mode attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46909 | INDICATOR-COMPROMISE Microsoft Windows Interrupt Service Routine stack rollback attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46910 | INDICATOR-COMPROMISE Microsoft Windows Interrupt Service Routine stack rollback attempt (more info ...) | attempted-user | 2018-8897 | |||
| 46942 | FILE-OTHER Microsoft Windows .lnk shortcut file executing system32 executable attempt (more info ...) | attempted-user | 2018-0978 | URL | ||
| 46947 | BROWSER-IE Microsoft Edge Media Foundation use-after-free attempt (more info ...) | attempted-user | 2018-8251 | URL | ||
| 46948 | BROWSER-IE Microsoft Edge Media Foundation use-after-free attempt (more info ...) | attempted-user | 2018-8251 | URL | ||
| 46957 | OS-WINDOWS Microsoft Windows hidparse.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-8169 | URL | ||
| 46958 | OS-WINDOWS Microsoft Windows hidparse.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-8169 | URL | ||
| 46983 | INDICATOR-COMPROMISE Microsoft cmd.exe banner (more info ...) | successful-admin | 11633 | |||
| 47066 | BROWSER-IE Microsoft Edge array.join information disclosure attempt (more info ...) | attempted-user | 2016-7189 | URL | ||
| 47071 | BROWSER-IE Microsoft Edge Cross Origin Request Sharing information leak attempt (more info ...) | attempted-recon | 2018-8235 | URL | ||
| 47072 | BROWSER-IE Microsoft Edge Cross Origin Request Sharing information leak attempt (more info ...) | attempted-recon | 2018-8235 | URL | ||
| 47102 | BROWSER-IE Microsoft Edge Intl.js memory corruption attempt (more info ...) | attempted-user | 2018-8298 | URL | ||
| 47160 | BROWSER-IE Microsoft Edge mutation event memory corruption attempt (more info ...) | attempted-user | 2016-0124 | URL | ||
| 47171 | BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (more info ...) | attempted-user | 2016-0034 | URL | ||
| 47172 | BROWSER-PLUGINS Microsoft Silverlight GetChar out of bounds read attempt (more info ...) | attempted-user | 2016-0034 | URL | ||
| 47398 | INDICATOR-COMPROMISE Microsoft cmd.exe outbound shell attempt (more info ...) | attempted-user | URL | |||
| 47399 | INDICATOR-COMPROMISE Microsoft cmd.exe outbound shell attempt (more info ...) | attempted-user | URL | |||
| 47400 | INDICATOR-COMPROMISE Microsoft powershell.exe outbound shell attempt (more info ...) | attempted-user | URL | |||
| 48205 | OS-WINDOWS Microsoft Windows Filter Manager Elevation Of Privilege attempt (more info ...) | denial-of-service | 2018-8333 | URL | ||
| 48487 | BROWSER-PLUGINS Accelrys BIOVIA DSVisualizerControlR22.SaveToFile ActiveX access attempt (more info ...) | attempted-user | URL | |||
| 48488 | BROWSER-PLUGINS Accelrys BIOVIA DSVisualizerControlR22.SaveToFile ActiveX access attempt (more info ...) | attempted-user | URL | |||
| 48489 | BROWSER-PLUGINS Accelrys BIOVIA DSVisualizerControlR22.SaveToFile ActiveX access attempt (more info ...) | attempted-user | URL | |||
| 48490 | BROWSER-PLUGINS Accelrys BIOVIA DSVisualizerControlR22.SaveToFile ActiveX access attempt (more info ...) | attempted-user | URL | |||
| 48901 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 48902 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 48903 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 48969 | FILE-OTHER Microsoft Windows Contact file remote code execution attempt (more info ...) | attempted-user | URL | |||
| 48970 | FILE-OTHER Microsoft Windows VCF file remote code execution attempt (more info ...) | attempted-user | URL | |||
| 48971 | FILE-OTHER Microsoft Windows Contact file remote code execution attempt (more info ...) | attempted-user | URL | |||
| 48972 | FILE-OTHER Microsoft Windows VCF file remote code execution attempt (more info ...) | attempted-user | URL | |||
| 49040 | INDICATOR-COMPROMISE Microsoft Windows Terminal server RDP over non-standard port attempt (more info ...) | attempted-user | URL | |||
| 49163 | INDICATOR-COMPROMISE Microsoft Windows NtTraceControl function use (more info ...) | misc-activity | ||||
| 49164 | INDICATOR-COMPROMISE Microsoft Windows NtTraceControl function use (more info ...) | misc-activity | ||||
| 49325 | FILE-OTHER Microsoft Windows Avast Anti-Virus local credentials disclosure attempt (more info ...) | attempted-user | 2018-12572 | |||
| 49423 | FILE-OTHER Microsoft Windows TrueType font parsing engine sfac_GetSbitBitmap elevation of privileges attempt (more info ...) | attempted-user | 2011-3402 | URL | ||
| 49444 | BROWSER-PLUGINS Phoenix Contact Think & Do ISSymbol ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49445 | BROWSER-PLUGINS Phoenix Contact Think & Do ISSymbol ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49446 | BROWSER-PLUGINS Phoenix Contact Think & Do ISSymbol ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49447 | BROWSER-PLUGINS Phoenix Contact Think & Do ISSymbol ActiveX clsid access attempt (more info ...) | attempted-user | ||||
| 49758 | BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (more info ...) | attempted-user | 2012-2516 | URL | ||
| 49759 | BROWSER-PLUGINS GE Intelligent Platforms Proficy HTML help ActiveX function call attempt (more info ...) | attempted-user | 2012-2516 | URL | ||
| 49807 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (more info ...) | attempted-user | 2012-2176 | 53678 | ||
| 49808 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (more info ...) | attempted-user | 2012-2176 | |||
| 49809 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (more info ...) | attempted-user | 2012-2176 | |||
| 49810 | BROWSER-PLUGINS IBM Lotus Quickr ActiveX stack buffer overflow attempt (more info ...) | attempted-user | 2012-2176 | 53678 | ||
| 49868 | BROWSER-IE Microsoft Edge SIMD memory corruption attempt (more info ...) | attempted-user | 2016-7286 | URL | ||
| 49869 | BROWSER-IE Microsoft Edge SIMD memory corruption attempt (more info ...) | attempted-user | 2016-7286 | URL | ||
| 49873 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 49874 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 49875 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 49876 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 49877 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 49878 | BROWSER-PLUGINS IBM iNotes version 9 ActiveX clsid access (more info ...) | attempted-user | 2013-3027 | |||
| 49886 | BROWSER-IE Microsoft Windows IOleCvt interface use attempt (more info ...) | policy-violation | 2019-0845 | URL | ||
| 49887 | BROWSER-IE Microsoft Windows IOleCvt interface use attempt (more info ...) | policy-violation | 2019-0845 | URL | ||
| 49904 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX function call access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 49905 | BROWSER-PLUGINS Tom Sawyer GET extension ActiveX function call access attempt (more info ...) | attempted-user | 2011-2217 | |||
| 49969 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49970 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49971 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49972 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49973 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49974 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49975 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49976 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 49977 | OS-WINDOWS Microsoft Windows SChannel CertificateVerify buffer overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 50129 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 50130 | BROWSER-PLUGINS CA Internet Security Suite XMLSecDB ActiveX function call access (more info ...) | attempted-user | 2011-1036 | 46539 | ||
| 50633 | OS-WINDOWS Microsoft Windows SMBv1 NTLM tampering attempt (more info ...) | attempted-user | 2019-1040 | |||
| 50721 | OS-WINDOWS Microsoft Windows malformed NTLMv2 authentication message attempt (more info ...) | attempted-user | 2019-1019 | URL | ||
| 51028 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 51029 | OS-WINDOWS Microsoft Windows Object Packager ClickOnce object remote code execution attempt (more info ...) | attempted-user | 2012-0013 | URL | ||
| 51039 | OS-WINDOWS Microsoft Windows OLE32 MSHTA masquerade attempt (more info ...) | attempted-user | 2005-0063 | 13132 | URL | |
| 51070 | SERVER-OTHER Microsoft WINS Server remote memory corruption attempt (more info ...) | attempted-user | ||||
| 51160 | FILE-IMAGE Microsoft GDI crafted EMF file information disclosure attempt (more info ...) | attempted-admin | 2019-0961 | URL | ||
| 51161 | FILE-IMAGE Microsoft GDI crafted EMF file information disclosure attempt (more info ...) | attempted-admin | 2019-0961 | URL | ||
| 51335 | BROWSER-IE Microsoft Edge scripting engine uninitialized pointers memory corruption attempt (more info ...) | attempted-user | 2017-11809 | URL | ||
| 51867 | OS-WINDOWS Microsoft Windows malformed PE DLL out of bounds read attempt (more info ...) | denial-of-service | 2019-1346 | URL | ||
| 51868 | OS-WINDOWS Microsoft Windows malformed PE DLL out of bounds read attempt (more info ...) | denial-of-service | 2019-1346 | URL | ||
| 51869 | OS-WINDOWS Microsoft Windows malformed PE DLL out of bounds read attempt (more info ...) | denial-of-service | 2019-1346 | URL | ||
| 51870 | OS-WINDOWS Microsoft Windows malformed PE DLL out of bounds read attempt (more info ...) | denial-of-service | 2019-1346 | URL | ||
| 51880 | FILE-OTHER Microsoft Windows WER arbitrary file move escalation of privilege attempt (more info ...) | attempted-admin | 2019-1315 | URL | ||
| 51881 | FILE-OTHER Microsoft Windows WER arbitrary file move escalation of privilege attempt (more info ...) | attempted-admin | 2019-1315 | URL | ||
| 51897 | BROWSER-IE Microsoft ChakraCore scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11799 | URL | ||
| 52030 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overwrite attempt (more info ...) | attempted-user | 2008-2245 | URL | ||
| 52031 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overwrite attempt (more info ...) | attempted-user | 2008-2245 | URL | ||
| 52032 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overwrite attempt (more info ...) | attempted-user | 2008-2245 | URL | ||
| 52033 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overwrite attempt (more info ...) | attempted-user | 2008-2245 | URL | ||
| 52034 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overwrite attempt (more info ...) | attempted-user | 2008-2245 | URL | ||
| 52035 | OS-WINDOWS Microsoft Windows GDI+ EMF buffer overwrite attempt (more info ...) | attempted-user | 2008-2245 | URL | ||
| 52322 | BROWSER-PLUGINS Samsung SmartViewer ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8040 | |||
| 52335 | OS-WINDOWS Microsoft Windows MHTML XSS attempt (more info ...) | attempted-user | 2011-0096 | URL | ||
| 52347 | BROWSER-PLUGINS Flexera InstallShield ISGrid2.dll DoFindReplace heap buffer overlow ActiveX clsid access (more info ...) | attempted-user | 2011-3174 | |||
| 52369 | OS-WINDOWS Microsoft Windows and Server malformed header denial of service attempt (more info ...) | attempted-dos | 2009-3676 | URL | ||
| 52468 | BROWSER-PLUGINS Oracle EasyMail Objects ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 52469 | BROWSER-PLUGINS Oracle EasyMail Objects ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 52470 | BROWSER-PLUGINS Oracle EasyMail Objects ActiveX clsid access attempt (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 52479 | BROWSER-IE Microsoft Edge Chakra JIT out of bounds information disclosure attempt (more info ...) | attempted-dos | 2018-8145 | URL | ||
| 52522 | BROWSER-IE Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt (more info ...) | attempted-user | 2017-8645 | URL | ||
| 52523 | BROWSER-IE Microsoft Edge Chakra ProcessLinkFailedAsmJsModule type confusion attempt (more info ...) | attempted-user | 2017-8645 | URL | ||
| 52663 | OS-WINDOWS Microsoft Windows Imaging API use after free attempt (more info ...) | attempted-user | 2019-1311 | URL | ||
| 52664 | OS-WINDOWS Microsoft Windows Imaging API use after free attempt (more info ...) | attempted-user | 2019-1311 | URL | ||
| 52864 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52865 | OS-WINDOWS Microsoft Windows CryptoAPI signed binary with explicitly-defined ECC curve parameters attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 52866 | OS-WINDOWS Microsoft Windows CryptoAPI TLS server certificate public key with explicitly-defined ECC curve parameters attempt (more info ...) | misc-attack | 2020-0601 | URL | ||
| 53055 | OS-WINDOWS Microsoft Windows Graphics component privilege escalation attempt (more info ...) | attempted-admin | 2020-0715 | URL | ||
| 53091 | BROWSER-PLUGINS IBM SPSS Statistics ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8530 | 90524 | URL | |
| 53092 | BROWSER-PLUGINS IBM SPSS Statistics ActiveX clsid access attempt (more info ...) | attempted-user | 2015-8530 | 90524 | URL | |
| 53110 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0980 | URL | ||
| 53111 | BROWSER-IE Microsoft Edge scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-0980 | URL | ||
| 53116 | BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt (more info ...) | attempted-user | 2010-0252 | URL | ||
| 53117 | BROWSER-PLUGINS Microsoft Windows Data Analyzer 3.5 ActiveX use-after-free attempt (more info ...) | attempted-user | 2010-0252 | URL | ||
| 53374 | POLICY-OTHER Microsoft Active Directory DrsAddEntry attempt (more info ...) | policy-violation | URL | |||
| 53375 | POLICY-OTHER Microsoft Active Directory DRSUAPI_REPLICA_ADD attempt (more info ...) | policy-violation | URL | |||
| 53464 | SERVER-OTHER FreeSWITCH mod_xml_rpc arbitrary command execution attempt (more info ...) | attempted-user | 2018-19911 | URL | ||
| 53465 | SERVER-OTHER FreeSWITCH mod_xml_rpc arbitrary command execution attempt (more info ...) | attempted-user | 2018-19911 | URL | ||
| 53466 | SERVER-OTHER FreeSWITCH mod_xml_rpc arbitrary command execution attempt (more info ...) | attempted-user | 2018-19911 | URL | ||
| 53467 | SERVER-OTHER FreeSWITCH mod_xml_rpc arbitrary command execution attempt (more info ...) | attempted-user | 2018-19911 | URL | ||
| 53468 | SERVER-OTHER FreeSWITCH mod_xml_rpc arbitrary command execution attempt (more info ...) | attempted-user | 2018-19911 | URL | ||
| 54526 | FILE-OTHER Microsoft Windows CAB file szName directory traversal attempt (more info ...) | attempted-user | 2020-1300 | URL | ||
| 54527 | FILE-OTHER Microsoft Windows CAB file szName directory traversal attempt (more info ...) | attempted-user | 2020-1300 | URL | ||
| 54754 | OS-WINDOWS Microsoft Windows kernel information disclosure attempt (more info ...) | attempted-admin | 2020-1578 | URL | ||
| 55943 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2020-16907 | URL | ||
| 56069 | INDICATOR-COMPROMISE Microsoft Sharepoint DataFormWebPart fingerprinting attempt (more info ...) | attempted-user | 2020-16952 | URL | ||
| 56070 | INDICATOR-COMPROMISE Microsoft Sharepoint DataFormWebPart remote code execution attempt (more info ...) | attempted-user | 2020-16952 | URL | ||
| 56263 | FILE-EXECUTABLE Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-user | 2020-17010 | URL | ||
| 56264 | FILE-EXECUTABLE Microsoft Windows Win32k privilege escalation attempt (more info ...) | attempted-user | 2020-17010 | URL | ||
| 56303 | SERVER-WEBAPP Microsoft Sharepoint machineKey information disclosure attempt (more info ...) | attempted-user | 2020-17061 | URL | ||
| 56560 | POLICY-OTHER Microsoft SharePoint external ImportWeb attempt (more info ...) | policy-violation | 2020-17121 | URL | ||
| 56971 | MALWARE-OTHER Win.Malware.Winsecsrv-9823442-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56972 | MALWARE-OTHER Win.Malware.Winsecsrv-9823442-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56973 | MALWARE-OTHER Win.Malware.Winsecsrv-9823448-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56974 | MALWARE-OTHER Win.Malware.Winsecsrv-9823448-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56977 | MALWARE-OTHER Win.Malware.Winsecsrv-9823545-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56978 | MALWARE-OTHER Win.Malware.Winsecsrv-9823545-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56979 | MALWARE-OTHER Win.Malware.Winsecsrv-9823554-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56980 | MALWARE-OTHER Win.Malware.Winsecsrv-9823554-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57103 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-user | 2021-1732 | URL | ||
| 57282 | NETBIOS TRUFFLEHUNTER TALOS-2021-1260 attack attempt (more info ...) | attempted-admin | URL | |||
| 57340 | NETBIOS TRUFFLEHUNTER TALOS-2021-1269 attack attempt (more info ...) | attempted-recon | URL | |||
| 57539 | OS-WINDOWS Microsoft Windows Graphics component privilege escalation attempt (more info ...) | attempted-admin | 2021-31170 | URL | ||
| 57540 | OS-WINDOWS Microsoft Windows Graphics component privilege escalation attempt (more info ...) | attempted-admin | 2021-31170 | URL | ||
| 57544 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | attempted-admin | 2021-31188 | URL | ||
| 57545 | OS-WINDOWS Microsoft Windows Win32k kernel driver privilege escalation attempt (more info ...) | attempted-admin | 2021-31188 | URL | ||
| 57548 | SERVER-WEBAPP Microsoft SharePoint authenticated remote code execution attempt (more info ...) | attempted-user | 2021-31181 | URL | ||
| 57718 | SERVER-OTHER Microsoft Systems Management Server out of bounds write attempt (more info ...) | attempted-dos | 2004-0728 | 10726 | ||
| 57719 | SERVER-OTHER Microsoft Systems Management Server out of bounds write attempt (more info ...) | attempted-dos | 2004-0728 | 10726 | ||
| 57770 | OS-WINDOWS Microsoft Windows UPnP notification type overflow attempt (more info ...) | attempted-admin | 2007-1204 | 23371 | URL | |
| 57771 | OS-WINDOWS Microsoft Windows UPnP notification type overflow attempt (more info ...) | attempted-admin | 2007-1204 | 23371 | URL | |
| 57772 | OS-WINDOWS Microsoft Windows UPnP notification type overflow attempt (more info ...) | attempted-admin | 2007-1204 | 23371 | URL | |
| 57910 | SERVER-WEBAPP Microsoft SharePoint Server authenticated remote code execution attempt (more info ...) | attempted-user | 2021-34467 | URL | ||
| 57952 | OS-WINDOWS Microsoft Windows SAM database improper ACLs elevation of privilege attempt (more info ...) | attempted-admin | 2021-36934 | URL | ||
| 57997 | OS-WINDOWS Microsoft Windows Remote Desktop client integer overflow attempt (more info ...) | attempted-user | 2021-34535 | URL | ||
| 58003 | OS-WINDOWS Microsoft Windows NFS remote code execution attempt (more info ...) | attempted-user | 2021-26432 | URL | ||
| 58289 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege exploit download attempt (more info ...) | attempted-admin | 2021-40449 | URL | ||
| 58303 | OS-WINDOWS Microsoft Windows CLFS privilege escalation attempt (more info ...) | attempted-admin | 2021-40443 | URL | ||
| 58304 | OS-WINDOWS Microsoft Windows CLFS privilege escalation attempt (more info ...) | attempted-admin | 2021-40443 | URL | ||
| 58587 | OS-WINDOWS Microsoft Windows Installer elevation of privilege attempt (more info ...) | attempted-admin | 2020-0683 | URL | ||
| 58654 | OS-WINDOWS Microsoft Windows file signature spoofing attempt (more info ...) | attempted-user | 2020-1464 | URL | ||
| 58655 | OS-WINDOWS Microsoft Windows file signature spoofing attempt (more info ...) | attempted-user | 2020-1464 | URL | ||
| 58752 | OS-WINDOWS Microsoft Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2021-41333 | URL | ||
| 59053 | POLICY-OTHER Microsoft Windows S4U2self request for administrator account attempt (more info ...) | policy-violation | 2021-42287 | URL | ||
| 59210 | OS-WINDOWS Microsoft Windows PDEV escalation of privilege attempt (more info ...) | attempted-admin | 2022-23299 | URL | ||
| 59211 | OS-WINDOWS Microsoft Windows PDEV escalation of privilege attempt (more info ...) | attempted-admin | 2022-23299 | URL | ||
| 59437 | SERVER-WEBAPP Microsoft Sharepoint cross site scripting attempt (more info ...) | attempted-user | 2014-1754 | |||
| 59438 | SERVER-WEBAPP Microsoft Sharepoint cross site scripting attempt (more info ...) | attempted-user | 2014-1754 | |||
| 59439 | SERVER-WEBAPP Microsoft Sharepoint cross site scripting attempt (more info ...) | attempted-user | 2014-1754 | |||
| 59503 | FILE-IMAGE Microsoft Windows asycfilt.dll malformed jpeg buffer overread attempt (more info ...) | attempted-user | 2016-7212 | URL | ||
| 59504 | FILE-IMAGE Microsoft Windows asycfilt.dll malformed jpeg buffer overread attempt (more info ...) | attempted-user | 2016-7212 | URL | ||
| 59529 | OS-WINDOWS Microsoft Windows DWM Core privilege escalation attempt (more info ...) | attempted-admin | 2022-24546 | URL | ||
| 59530 | OS-WINDOWS Microsoft Windows DWM Core privilege escalation attempt (more info ...) | attempted-admin | 2022-24546 | URL | ||
| 59563 | SERVER-OTHER Advantech WebAccess DCERPC stack buffer overflow attempt (more info ...) | attempted-user | 2019-3951 | URL | ||
| 59655 | OS-WINDOWS Microsoft Windows SMBv1 out of bounds read attempt (more info ...) | attempted-user | 2017-0267 | |||
| 59666 | OS-WINDOWS Microsoft Windows SMBv1 information disclosure attempt (more info ...) | misc-attack | 2017-0271 | URL | ||
| 59730 | OS-WINDOWS Microsoft Windows Print Spooler escalation of privilege attempt (more info ...) | attempted-admin | 2022-29104 | URL | ||
| 59731 | OS-WINDOWS Microsoft Windows Print Spooler escalation of privilege attempt (more info ...) | attempted-admin | 2022-29104 | URL | ||
| 59821 | OS-WINDOWS Microsoft Windows malicious LNK file download attempt (more info ...) | attempted-user | 2020-0729 | |||
| 59822 | OS-WINDOWS Microsoft Windows malicious LNK file download attempt (more info ...) | attempted-user | 2020-0729 | |||
| 59828 | FILE-IMAGE Microsoft Windows DirectShow JPEG double free attempt (more info ...) | attempted-user | 2014-0301 | |||
| 59829 | FILE-IMAGE Microsoft Windows DirectShow JPEG double free attempt (more info ...) | attempted-user | 2014-0301 | |||
| 59830 | FILE-IMAGE Microsoft Windows DirectShow JPEG double free attempt (more info ...) | attempted-user | 2014-0301 | |||
| 59853 | OS-WINDOWS Microsoft Windows LNK file remote code execution attempt (more info ...) | attempted-user | 2020-1421 | URL | ||
| 59854 | OS-WINDOWS Microsoft Windows LNK file remote code execution attempt (more info ...) | attempted-user | 2020-1421 | URL | ||
| 60416 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2022-21882 | URL | ||
| 60417 | OS-WINDOWS Microsoft Windows Win32k driver privilege escalation attempt (more info ...) | attempted-admin | 2022-21882 | URL | ||
| 60627 | PROTOCOL-RPC Microsoft Windows Network File System remote code execution attempt (more info ...) | attempted-admin | 2022-34715 | URL | ||
| 60698 | OS-WINDOWS Microsoft Windows DWM Core Library privilege escalation attempt (more info ...) | attempted-admin | 2022-37970 | URL | ||
| 60699 | OS-WINDOWS Microsoft Windows DWM Core Library privilege escalation attempt (more info ...) | attempted-admin | 2022-37970 | URL | ||
| 60977 | OS-WINDOWS Microsoft Windows Bluetooth Driver privilege escalation attempt (more info ...) | attempted-admin | 2022-44675 | URL | ||
| 60978 | OS-WINDOWS Microsoft Windows Bluetooth Driver privilege escalation attempt (more info ...) | attempted-admin | 2022-44675 | URL | ||
| 61303 | OS-WINDOWS Microsoft Windows PPTP denial-of-service attempt (more info ...) | denial-of-service | 2022-23253 | URL | ||
| 61357 | OS-WINDOWS Microsoft Windows Secure Channel denial of service attempt (more info ...) | attempted-dos | 2023-21819 | URL | ||
| 61430 | OS-WINDOWS Microsoft Windows Scripting Language remote code execution attempt (more info ...) | attempted-user | 2022-41128 | URL | ||
| 61431 | OS-WINDOWS Microsoft Windows Scripting Language remote code execution attempt (more info ...) | attempted-user | 2022-41128 | URL | ||
| 61445 | OS-WINDOWS Microsoft Windows Kernel Point-to-Point Tunneling Protocol remote code execution attempt (more info ...) | attempted-admin | 2022-23270 | URL | ||
| 61446 | OS-WINDOWS Microsoft Windows Kernel Point-to-Point Tunneling Protocol remote code execution attempt (more info ...) | attempted-admin | 2022-23270 | URL | ||
| 61447 | OS-WINDOWS Microsoft Windows Kernel Point-to-Point Tunneling Protocol remote code execution attempt (more info ...) | attempted-admin | 2022-23270 | URL | ||
| 61448 | OS-WINDOWS Microsoft Windows Kernel Point-to-Point Tunneling Protocol remote code execution attempt (more info ...) | attempted-admin | 2022-23270 | URL | ||
| 61466 | OS-WINDOWS Microsoft Windows cryptographic services code execution attempt (more info ...) | attempted-user | 2023-23416 | URL | ||
| 61467 | OS-WINDOWS Microsoft Windows cryptographic services code execution attempt (more info ...) | attempted-user | 2023-23416 | URL | ||
| 61606 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2023-28274 | URL | ||
| 61607 | OS-WINDOWS Microsoft Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2023-28274 | URL | ||
| 61610 | OS-WINDOWS Microsoft Windows CD-ROM file system driver remote code execution attempt (more info ...) | attempted-user | 2022-38044 | |||
| 61611 | OS-WINDOWS Microsoft Windows CD-ROM file system driver remote code execution attempt (more info ...) | attempted-user | 2022-38044 | |||
| 61620 | OS-WINDOWS Microsoft Windows DHCP service remove code execution attempt (more info ...) | attempted-user | 2023-28231 | URL | ||
| 61714 | OS-WINDOWS Microsoft Windows kernel denial of service attempt (more info ...) | attempted-dos | 2023-24949 | URL | ||
| 61715 | OS-WINDOWS Microsoft Windows kernel denial of service attempt (more info ...) | attempted-dos | 2023-24949 | URL | ||
| 61836 | OS-WINDOWS Microsoft Windows DHCP service remove code execution attempt (more info ...) | attempted-user | 2023-28231 | URL | ||
| 61905 | FILE-OTHER Microsoft Visual Studio Python Interpreter Services remote code execution attempt (more info ...) | attempted-user | 2021-27068 | |||
| 61906 | FILE-OTHER Microsoft Visual Studio Python Interpreter Services remote code execution attempt (more info ...) | attempted-user | 2021-27068 | |||
| 62010 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2023-33157 | URL | ||
| 62011 | SERVER-WEBAPP Microsoft SharePoint remote code execution attempt (more info ...) | attempted-user | 2023-33157 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 15490 | OS-LINUX Linux SCTP malformed forward-tsn chunk arbitrary code execution attempt (more info ...) | attempted-admin | 2009-0065 | 33113 | ||
| 24642 | SERVER-WEBAPP RedHat JBoss Enterprise Application Platform JMX code execution attempt (more info ...) | attempted-admin | 2014-7883 | 39710 | ||
| 32080 | MALWARE-BACKDOOR Linux.Backdoor.Starysu variant inbound connection (more info ...) | trojan-activity | URL | |||
| 32081 | MALWARE-BACKDOOR Linux.Backdoor.Starysu variant inbound connection (more info ...) | trojan-activity | URL | |||
| 37435 | OS-LINUX Linux Kernel keyring object exploit download attempt (more info ...) | attempted-admin | 2016-0728 | |||
| 37436 | OS-LINUX Linux Kernel keyring object exploit download attempt (more info ...) | attempted-admin | 2016-0728 | |||
| 37437 | OS-LINUX Linux Kernel keyring object exploit download attempt (more info ...) | attempted-admin | 2016-0728 | |||
| 37438 | OS-LINUX Linux Kernel keyring object exploit download attempt (more info ...) | attempted-admin | 2016-0728 | |||
| 39893 | OS-LINUX Linux Kernel USBIP out of bounds write attempt (more info ...) | attempted-dos | 2016-3955 | URL | ||
| 39894 | OS-LINUX Linux Kernel USBIP out of bounds write attempt (more info ...) | attempted-dos | 2016-3955 | URL | ||
| 40542 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40543 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40560 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40561 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40563 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40565 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40566 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 41040 | OS-LINUX Ubuntu Apport CrashDB crash report code injection attempt (more info ...) | attempted-admin | 2016-9949 | URL | ||
| 41041 | OS-LINUX Ubuntu Apport CrashDB crash report code injection attempt (more info ...) | attempted-admin | 2016-9949 | URL | ||
| 41516 | SERVER-WEBAPP McAfee Virus Scan Linux file existence test attempt (more info ...) | web-application-attack | 2016-8016 | |||
| 41521 | SERVER-WEBAPP McAfee Virus Scan Linux cross site scripting attempt (more info ...) | web-application-attack | 2016-8019 | |||
| 41681 | SERVER-WEBAPP McAfee Virus Scan Linux remote code execution attempt (more info ...) | web-application-attack | 2016-8020 | |||
| 41707 | SERVER-WEBAPP McAfee Virus Scan Linux http response splitting attempt (more info ...) | web-application-attack | 2016-8024 | |||
| 43692 | OS-LINUX Linux kernel SCTP invalid chunk length denial of service attempt (more info ...) | attempted-dos | 2016-9555 | |||
| 43809 | SERVER-WEBAPP Kaspersky Linux File Server WMC cross site request forgery attempt (more info ...) | web-application-attack | 2017-9810 | 99330 | URL | |
| 43810 | SERVER-WEBAPP Kaspersky Linux File Server WMC directory traversal attempt (more info ...) | web-application-attack | 2017-9812 | 99330 | URL | |
| 43811 | SERVER-WEBAPP Kaspersky Linux File Server WMC directory traversal attempt (more info ...) | web-application-attack | 2017-9812 | 99330 | URL | |
| 43812 | SERVER-WEBAPP Kaspersky Linux File Server WMC directory traversal attempt (more info ...) | web-application-attack | 2017-9812 | 99330 | URL | |
| 52661 | MALWARE-OTHER Linux.Downloader.CoinMiner variant bash script dropper (more info ...) | trojan-activity | ||||
| 54794 | SERVER-WEBAPP Zeroshell Linux Router command injection attempt (more info ...) | web-application-attack | 2019-12725 | URL | ||
| 54795 | SERVER-WEBAPP Zeroshell Linux Router command injection attempt (more info ...) | web-application-attack | 2019-12725 | URL | ||
| 54796 | SERVER-WEBAPP Zeroshell Linux Router command injection attempt (more info ...) | web-application-attack | 2019-12725 | URL | ||
| 54797 | SERVER-WEBAPP Zeroshell Linux Router command injection attempt (more info ...) | web-application-attack | 2019-12725 | URL | ||
| 56051 | OS-LINUX Linux kernel af_packet tpacket_rcv integer overflow attempt (more info ...) | attempted-admin | 2020-14386 | URL | ||
| 56052 | OS-LINUX Linux kernel af_packet tpacket_rcv integer overflow attempt (more info ...) | attempted-admin | 2020-14386 | URL | ||
| 57156 | OS-LINUX Linux Kernel 4.17 out of bound access attempt (more info ...) | attempted-user | 2017-18344 | URL | ||
| 57157 | OS-LINUX Linux Kernel 4.17 out of bound access attempt (more info ...) | attempted-user | 2017-18344 | URL | ||
| 57985 | OS-LINUX Linux Kernel seq_file integer underflow privilege escalation attempt (more info ...) | attempted-admin | 2021-33909 | URL | ||
| 57986 | OS-LINUX Linux Kernel seq_file integer underflow privilege escalation attempt (more info ...) | attempted-admin | 2021-33909 | URL | ||
| 58955 | OS-LINUX Polkit pkexec privilege escalation attempt (more info ...) | attempted-admin | 2021-4034 | URL | ||
| 58956 | OS-LINUX Polkit pkexec privilege escalation attempt (more info ...) | attempted-admin | 2021-4034 | URL | ||
| 58973 | INDICATOR-SHELLCODE ARM Linux reverse connect shell (more info ...) | shellcode-detect | 2022-20699 | URL | ||
| 59256 | OS-LINUX Linux Kernel Dirty Pipe privilege escalation attempt (more info ...) | attempted-admin | 2022-0847 | URL | ||
| 59257 | OS-LINUX Linux Kernel Dirty Pipe privilege escalation attempt (more info ...) | attempted-admin | 2022-0847 | URL | ||
| 60431 | OS-LINUX Linux kernel PTRACE_TRACEME pkexec escalation of privileges attempt (more info ...) | attempted-admin | 2019-13272 | URL | ||
| 60432 | OS-LINUX Linux kernel PTRACE_TRACEME pkexec escalation of privileges attempt (more info ...) | attempted-admin | 2019-13272 | URL | ||
| 60504 | OS-LINUX Sudo heap-based buffer overflow attempt (more info ...) | attempted-admin | 2021-3156 | |||
| 60505 | OS-LINUX Sudo heap-based buffer overflow attempt (more info ...) | attempted-admin | 2021-3156 | |||
| 60596 | OS-LINUX Linux Kernel futex user access credential overwrite privilege escalation attempt (more info ...) | attempted-admin | 2014-3153 | URL | ||
| 60597 | OS-LINUX Linux Kernel futex user access credential overwrite privilege escalation attempt (more info ...) | attempted-admin | 2014-3153 | URL | ||
| 60643 | OS-LINUX Linux kernel route4_change use after free attempt (more info ...) | attempted-admin | 2022-2588 | |||
| 60644 | OS-LINUX Linux kernel route4_change use after free attempt (more info ...) | attempted-admin | 2022-2588 | |||
| 60753 | OS-LINUX Linux Kernel OverlayFS capabilities escalation of privileges attempt (more info ...) | attempted-admin | 2021-3493 | |||
| 60754 | OS-LINUX Linux Kernel OverlayFS capabilities escalation of privileges attempt (more info ...) | attempted-admin | 2021-3493 | |||
| 61041 | OS-LINUX Linux Kernel SMB2_TREE_DISCONNECT compound request use-after-free attempt (more info ...) | attempted-user | 2022-47939 | URL | ||
| 61153 | OS-LINUX Linux Kernel ksmbd smb2write out of bounds read attempt (more info ...) | attempted-admin | 2022-47940 | URL | ||
| 61292 | OS-LINUX KSMBD unauthenticated remote heap overflow attempt (more info ...) | denial-of-service | 2023-0210 | URL | ||
| 61642 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61643 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61644 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61645 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61646 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61647 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61648 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61649 | MALWARE-OTHER Linux.Trojan.SysUpdate variant download attempt (more info ...) | trojan-activity | URL | |||
| 61792 | OS-LINUX Red Hat polkit privilege escalation attempt (more info ...) | attempted-admin | 2021-3560 | URL | ||
| 61793 | OS-LINUX Red Hat polkit privilege escalation attempt (more info ...) | attempted-admin | 2021-3560 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 213 | MALWARE-BACKDOOR MISC Linux rootkit attempt (more info ...) | attempted-admin | URL | |||
| 214 | MALWARE-BACKDOOR MISC Linux rootkit attempt lrkr0x (more info ...) | attempted-admin | URL | |||
| 215 | MALWARE-BACKDOOR MISC Linux rootkit attempt (more info ...) | attempted-admin | URL | |||
| 216 | MALWARE-BACKDOOR MISC Linux rootkit satori attempt (more info ...) | attempted-admin | URL | |||
| 262 | OS-LINUX x86 Linux overflow attempt (more info ...) | attempted-admin | ||||
| 264 | OS-LINUX x86 Linux overflow attempt (more info ...) | attempted-admin | ||||
| 265 | OS-LINUX x86 Linux overflow attempt ADMv2 (more info ...) | attempted-admin | ||||
| 288 | PROTOCOL-POP EXPLOIT x86 Linux overflow (more info ...) | attempted-admin | ||||
| 292 | OS-LINUX x86 Linux samba overflow (more info ...) | attempted-admin | 1999-0811 | 536 | ||
| 302 | OS-LINUX Redhat 7.0 lprd overflow (more info ...) | attempted-admin | 2000-0917 | 1712 | ||
| 517 | X11 xdmcp query (more info ...) | attempted-recon | ||||
| 652 | INDICATOR-SHELLCODE Linux shellcode (more info ...) | shellcode-detect | ||||
| 1867 | X11 xdmcp info query (more info ...) | attempted-recon | 10891 | |||
| 7021 | OS-LINUX kernel SCTP chunkless packet denial of service attempt (more info ...) | attempted-dos | 2006-2934 | 18755 | ||
| 15906 | OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (more info ...) | denial-of-service | 2008-3276 | 30704 | ||
| 15907 | OS-LINUX Linux Kernel DCCP Protocol Handler dccp_setsockopt_change integer overflow attempt (more info ...) | denial-of-service | 2008-3276 | 30704 | ||
| 16352 | OS-LINUX Linux Kernel NFSD Subsystem overflow attempt (more info ...) | attempted-dos | 2008-3915 | 31133 | ||
| 16724 | OS-LINUX Linux kernel sctp_process_unk_param SCTPChunkInit buffer overflow attempt (more info ...) | attempted-admin | 2010-1173 | 39794 | ||
| 17324 | INDICATOR-SHELLCODE x86 Linux reverse connect shellcode (more info ...) | shellcode-detect | ||||
| 17738 | SERVER-OTHER Linux Kernel SNMP Netfilter Memory Corruption attempt (more info ...) | attempted-dos | 2006-2444 | 18081 | ||
| 18997 | OS-LINUX Linux kernel sctp_rcv_ootb invalid chunk length DoS attempt (more info ...) | attempted-dos | 2010-0008 | 38857 | ||
| 24370 | OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (more info ...) | attempted-admin | 2010-3301 | |||
| 24371 | OS-LINUX Linux kernel IA32 out-of-bounds system call attempt (more info ...) | attempted-admin | 2010-3301 | |||
| 26107 | SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (more info ...) | attempted-admin | 2007-5208 | 26054 | ||
| 26108 | SERVER-OTHER HP Linux Imaging and Printing Project hpssd daemon command injection attempt (more info ...) | attempted-admin | 2007-5208 | 26054 | ||
| 27756 | SERVER-WEBAPP RedHat Piranha Virtual Server Package default passwd and arbitrary command execution attempt (more info ...) | attempted-admin | 2000-0322 | 1149 | URL | |
| 28399 | MALWARE-CNC Linux.Backdoor.Tsunami outbound connection (more info ...) | trojan-activity | URL | |||
| 28852 | MALWARE-CNC User-Agent known malicious user-agent string - Linux.Trojan.Zollard (more info ...) | trojan-activity | URL | |||
| 28998 | OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (more info ...) | attempted-admin | 2013-6282 | 63734 | ||
| 28999 | OS-LINUX Linux kernel ARM put_user write outside process address space privilege escalation attempt (more info ...) | attempted-admin | 2013-6282 | 63734 | ||
| 29493 | MALWARE-CNC Linux.Backdoor.Tsunami outbound connection (more info ...) | trojan-activity | ||||
| 29494 | MALWARE-CNC Linux.Backdoor.Tsunami outbound connection (more info ...) | trojan-activity | ||||
| 29569 | MALWARE-CNC Linux.Backdoor.Shellbot outbound connection (more info ...) | trojan-activity | URL | |||
| 30221 | INDICATOR-SHELLCODE Metasploit linux/x86 reverse_tcp stager transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30222 | INDICATOR-SHELLCODE Metasploit shellcode linux/x86/meterpreter stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30223 | INDICATOR-SHELLCODE Metasploit shellcode linux/x86/shell stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30224 | INDICATOR-SHELLCODE Metasploit shellcode linux/x86/shell_reverse_tcp single stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30326 | OS-LINUX Linux kernel SCTP duplicate cookie denial of service attempt (more info ...) | attempted-dos | 2013-2206 | 60715 | ||
| 30335 | MALWARE-CNC Linux.Trojan.Calfbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30336 | MALWARE-CNC Linux.Trojan.Calfbot outbound connection (more info ...) | trojan-activity | URL | |||
| 30398 | INDICATOR-SHELLCODE Metasploit payload linux_armle_adduser (more info ...) | shellcode-detect | ||||
| 30399 | INDICATOR-SHELLCODE Metasploit payload linux_armle_exec (more info ...) | shellcode-detect | ||||
| 30400 | INDICATOR-SHELLCODE Metasploit payload linux_armle_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30401 | INDICATOR-SHELLCODE Metasploit payload linux_armle_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30402 | INDICATOR-SHELLCODE Metasploit payload linux_mipsbe_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30403 | INDICATOR-SHELLCODE Metasploit payload linux_mipsbe_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30404 | INDICATOR-SHELLCODE Metasploit payload linux_mipsle_reboot (more info ...) | shellcode-detect | ||||
| 30405 | INDICATOR-SHELLCODE Metasploit payload linux_mipsle_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30406 | INDICATOR-SHELLCODE Metasploit payload linux_mipsle_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30407 | INDICATOR-SHELLCODE Metasploit payload linux_ppc64_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30408 | INDICATOR-SHELLCODE Metasploit payload linux_ppc64_shell_find_port (more info ...) | shellcode-detect | ||||
| 30409 | INDICATOR-SHELLCODE Metasploit payload linux_ppc_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30410 | INDICATOR-SHELLCODE Metasploit payload linux_ppc_shell_find_port (more info ...) | shellcode-detect | ||||
| 30411 | INDICATOR-SHELLCODE Metasploit payload linux_x64_exec (more info ...) | shellcode-detect | ||||
| 30412 | INDICATOR-SHELLCODE Metasploit payload linux_x64_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30413 | INDICATOR-SHELLCODE Metasploit payload linux_x64_shell_bind_tcp_random_port (more info ...) | shellcode-detect | ||||
| 30414 | INDICATOR-SHELLCODE Metasploit payload linux_x64_shell_find_port (more info ...) | shellcode-detect | ||||
| 30415 | INDICATOR-SHELLCODE Metasploit payload linux_x64_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30416 | INDICATOR-SHELLCODE Metasploit payload linux_x86_adduser (more info ...) | shellcode-detect | ||||
| 30417 | INDICATOR-SHELLCODE Metasploit payload linux_x86_chmod (more info ...) | shellcode-detect | ||||
| 30418 | INDICATOR-SHELLCODE Metasploit payload linux_x86_exec (more info ...) | shellcode-detect | ||||
| 30419 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_bind_ipv6_tcp (more info ...) | shellcode-detect | ||||
| 30420 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_bind_nonx_tcp (more info ...) | shellcode-detect | ||||
| 30421 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_bind_tcp (more info ...) | shellcode-detect | ||||
| 30422 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_find_tag (more info ...) | shellcode-detect | ||||
| 30423 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_reverse_ipv6_tcp (more info ...) | shellcode-detect | ||||
| 30424 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_reverse_nonx_tcp (more info ...) | shellcode-detect | ||||
| 30425 | INDICATOR-SHELLCODE Metasploit payload linux_x86_meterpreter_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30426 | INDICATOR-SHELLCODE Metasploit payload linux_x86_shell_bind_ipv6_tcp (more info ...) | shellcode-detect | ||||
| 30427 | INDICATOR-SHELLCODE Metasploit payload linux_x86_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30428 | INDICATOR-SHELLCODE Metasploit payload linux_x86_shell_bind_tcp_random_port (more info ...) | shellcode-detect | ||||
| 30429 | INDICATOR-SHELLCODE Metasploit payload linux_x86_shell_find_port (more info ...) | shellcode-detect | ||||
| 30430 | INDICATOR-SHELLCODE Metasploit payload linux_x86_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30431 | INDICATOR-SHELLCODE Metasploit payload linux_x86_shell_reverse_tcp2 (more info ...) | shellcode-detect | ||||
| 30566 | MALWARE-CNC Linux.Trojan.Elknot outbound connection (more info ...) | trojan-activity | URL | |||
| 30938 | MALWARE-CNC Linux.Trojan.Roopre outbound connection (more info ...) | trojan-activity | URL | |||
| 31589 | PROTOCOL-SERVICES Linux iscsi_add_notunderstood_response request buffer overflow attempt (more info ...) | attempted-user | 2013-2850 | URL | ||
| 31590 | PROTOCOL-SERVICES Linux iscsi_add_notunderstood_response request buffer overflow attempt (more info ...) | attempted-user | 2013-2850 | URL | ||
| 31808 | MALWARE-CNC Linux.Trojan.IptabLex outbound connection (more info ...) | trojan-activity | URL | |||
| 31925 | MALWARE-CNC Linux.Trojan.Jynxkit outbound connection (more info ...) | trojan-activity | URL | |||
| 32009 | MALWARE-CNC Linux.Backdoor.Flooder inbound connection attempt - command (more info ...) | trojan-activity | URL | |||
| 32010 | MALWARE-CNC Linux.Backdoor.Flooder outbound telnet connection attempt (more info ...) | trojan-activity | URL | |||
| 32011 | MALWARE-CNC Linux.Backdoor.Flooder outbound connection (more info ...) | trojan-activity | URL | |||
| 32013 | MALWARE-CNC Linux.Worm.Darlloz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32040 | MALWARE-CNC Linux.Backdoor.Ganiw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32493 | MALWARE-CNC Linux.Trojan.SpikeA variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32494 | MALWARE-CNC Linux.Trojan.SpikeA variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32504 | MALWARE-CNC Linux.Backdoor.Kiler attempted outbound connection (more info ...) | trojan-activity | URL | |||
| 32505 | MALWARE-CNC Linux.Backdoor.Kiler attempted outbound connection (more info ...) | trojan-activity | URL | |||
| 32510 | MALWARE-CNC Linux.Trojan.PiltabeA outbound connection (more info ...) | trojan-activity | URL | |||
| 33481 | MALWARE-CNC Linux.Backdoor.Xnote outbound connection (more info ...) | trojan-activity | URL | |||
| 33646 | MALWARE-CNC Linux.Trojan.XORDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 33647 | MALWARE-CNC Linux.Trojan.XORDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 33648 | MALWARE-CNC Linux.Trojan.XORDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 33985 | MALWARE-CNC Linux.Trojan.ChinaZ outbound connection (more info ...) | trojan-activity | URL | |||
| 34261 | MALWARE-CNC Linux.Trojan.XORDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 34262 | MALWARE-CNC Linux.Trojan.XORDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 34263 | MALWARE-CNC Linux.Trojan.XORDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 34461 | MALWARE-CNC Linux.Trojan.Mumblehard variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34462 | MALWARE-CNC Linux.Downloader.Mumblehard variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34802 | OS-LINUX Linux kernel SCTP Unknown Chunk Types denial of service attempt (more info ...) | attempted-dos | 2014-3673 | |||
| 34847 | MALWARE-CNC Linux.Trojan.ChinaZ outbound connection (more info ...) | trojan-activity | 2014-6271 | URL | ||
| 34993 | MALWARE-CNC Linux.Trojan.Benloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35039 | MALWARE-CNC Trojan.Linux.Linuxor outbound variant connection (more info ...) | trojan-activity | URL | |||
| 35062 | MALWARE-CNC Linux.Backdoor.Powbot inbound variant connection (more info ...) | trojan-activity | URL | |||
| 35063 | MALWARE-CNC Linux.Backdoor.Powbot inbound variant connection (more info ...) | trojan-activity | URL | |||
| 35064 | MALWARE-CNC Linux.Backdoor.Powbot inbound variant connection (more info ...) | trojan-activity | URL | |||
| 35065 | MALWARE-CNC Linux.Backdoor.Powbot inbound variant connection (more info ...) | trojan-activity | URL | |||
| 35066 | MALWARE-CNC Linux.Backdoor.Powbot outbound variant connection (more info ...) | trojan-activity | URL | |||
| 35067 | MALWARE-CNC Linux.Backdoor.Powbot outbound variant connection (more info ...) | trojan-activity | URL | |||
| 35082 | MALWARE-CNC Backdoor.Linux.Qenerek outbound connection (more info ...) | trojan-activity | URL | |||
| 35710 | MALWARE-CNC User-Agent known malicious user-agent string - Linux.Trojan.Zollard (more info ...) | trojan-activity | URL | |||
| 37654 | OS-LINUX Linux kernel SCTP handshake COOKIE ECHO Chunks denial of service attempt (more info ...) | attempted-dos | 2014-0101 | 65943 | ||
| 37817 | MALWARE-CNC Linux.Trojan.Torte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38255 | MALWARE-CNC Win-Linux.Trojan.Derusbi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38256 | MALWARE-CNC Win-Linux.Trojan.Derusbi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38257 | MALWARE-CNC Win-Linux.Trojan.Derusbi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38258 | MALWARE-CNC Win/Linux.Trojan.Derusbi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38333 | MALWARE-CNC Linux.Trojan.Bifrose outbound connection (more info ...) | trojan-activity | URL | |||
| 38346 | OS-LINUX Linux kernel SCTP INIT null pointer dereference attempt (more info ...) | attempted-dos | 2014-7841 | |||
| 40063 | OS-LINUX Linux Kernel Challenge ACK provocation attempt (more info ...) | attempted-admin | 2017-7285 | 91704 | ||
| 40562 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40564 | OS-LINUX Linux kernel madvise race condition attempt (more info ...) | attempted-admin | 2016-5195 | URL | ||
| 40991 | MALWARE-CNC Linux.DDoS.D93 outbound connection (more info ...) | trojan-activity | URL | |||
| 41027 | OS-LINUX Linux net af_packet.c tpacket version race condition use after free attempt (more info ...) | attempted-user | 2016-8655 | |||
| 41028 | OS-LINUX Linux net af_packet.c tpacket version race condition use after free attempt (more info ...) | attempted-user | 2016-8655 | |||
| 41252 | INDICATOR-SHELLCODE Linux MIPS shell (more info ...) | shellcode-detect | ||||
| 41253 | INDICATOR-SHELLCODE Linux PPC read execute (more info ...) | shellcode-detect | ||||
| 41254 | INDICATOR-SHELLCODE Linux PPC reverse connect shell (more info ...) | shellcode-detect | ||||
| 41255 | INDICATOR-SHELLCODE Linux PPC shell (more info ...) | shellcode-detect | ||||
| 41256 | INDICATOR-SHELLCODE Linux PPC shell (more info ...) | shellcode-detect | ||||
| 41257 | INDICATOR-SHELLCODE Linux SPARC bind shell (more info ...) | shellcode-detect | ||||
| 41258 | INDICATOR-SHELLCODE Linux SPARC bind shell (more info ...) | shellcode-detect | ||||
| 41259 | INDICATOR-SHELLCODE Linux SPARC FindSock shell (more info ...) | shellcode-detect | ||||
| 41260 | INDICATOR-SHELLCODE Linux SPARC reverse connect shell (more info ...) | shellcode-detect | ||||
| 41261 | INDICATOR-SHELLCODE Linux SPARC reverse connect shell (more info ...) | shellcode-detect | ||||
| 41262 | INDICATOR-SHELLCODE Linux x86 execute (more info ...) | shellcode-detect | ||||
| 41263 | INDICATOR-SHELLCODE Linux x86 FindSock shell (more info ...) | shellcode-detect | ||||
| 41264 | INDICATOR-SHELLCODE Linux x86 reverse connect UDP shell (more info ...) | shellcode-detect | ||||
| 41275 | INDICATOR-SHELLCODE Multi-OS shell - linux x86/ppc (more info ...) | shellcode-detect | ||||
| 41277 | INDICATOR-SHELLCODE Multi-OS shell - solaris/linux (more info ...) | shellcode-detect | ||||
| 41278 | INDICATOR-SHELLCODE Multi-OS shell - solaris/linux/irix (more info ...) | shellcode-detect | ||||
| 41517 | SERVER-WEBAPP McAfee Virus Scan Linux replace tag file poisoning attempt (more info ...) | web-application-attack | 2016-8017 | |||
| 41518 | SERVER-WEBAPP McAfee Virus Scan Linux bracket tag file poisoning attempt (more info ...) | web-application-attack | 2016-8017 | |||
| 41519 | SERVER-WEBAPP McAfee Virus Scan Linux url encoded bracket tag file poisoning attempt (more info ...) | web-application-attack | 2016-8017 | |||
| 41692 | SERVER-WEBAPP McAfee Virus Scan Linux unauthorized authentication token usage attempt (more info ...) | web-application-attack | 2016-8022 | |||
| 41853 | OS-LINUX cURL and libcurl set-cookie remote code execution attempt (more info ...) | attempted-user | 2015-3145 | 74303 | ||
| 41920 | SERVER-WEBAPP McAfee Virus Scan Linux authentication token brute force attempt (more info ...) | web-application-attack | 2016-8023 | URL | ||
| 42510 | FILE-EXECUTABLE XOR 0x11 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42892 | MALWARE-CNC Linux.Trojan.SpikeA outbound connection (more info ...) | trojan-activity | URL | |||
| 43813 | SERVER-WEBAPP Kaspersky Linux File Server WMC cross site scripting attempt (more info ...) | attempted-user | 2017-9813 | 99330 | URL | |
| 44308 | OS-LINUX Linux kernel sctp_rcv_ootb invalid chunk length DoS attempt (more info ...) | attempted-dos | 2010-0008 | 38857 | ||
| 44309 | OS-LINUX Linux kernel sctp_rcv_ootb invalid chunk length DoS attempt (more info ...) | attempted-dos | 2010-0008 | 38857 | ||
| 44681 | MALWARE-CNC Linux.Trojan.IoTReaper_Botnet telnet connection attempt (more info ...) | trojan-activity | ||||
| 46847 | OS-LINUX Red Hat NetworkManager DHCP client command injection attempt (more info ...) | attempted-user | 2018-1111 | URL | ||
| 48191 | MALWARE-CNC Linux.Malware.Torii variant malicious file download (more info ...) | trojan-activity | URL | |||
| 48470 | MALWARE-CNC Linux.Trojan.Coinminer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48471 | MALWARE-CNC Linux.Trojan.Coinminer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48472 | MALWARE-CNC Linux.Trojan.Coinminer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48473 | MALWARE-CNC Linux.Trojan.Coinminer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49188 | MALWARE-CNC User-Agent known malicious user-agent string - Linux.Trojan.SpeakUp (more info ...) | trojan-activity | URL | |||
| 50146 | MALWARE-CNC Linux.Trojan.ChachaDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 50147 | MALWARE-CNC Linux.Trojan.ChachaDDoS outbound connection (more info ...) | trojan-activity | URL | |||
| 50190 | OS-LINUX Debian apt remote code execution attempt (more info ...) | attempted-user | 2019-3462 | 106690 | URL | |
| 51238 | SERVER-OTHER Rockwell Automation RSLinux heap buffer overflow attempt (more info ...) | attempted-user | 2018-14821 | URL | ||
| 52022 | OS-LINUX Red Hat NetworkManager DHCP client command injection attempt (more info ...) | attempted-user | 2018-1111 | URL | ||
| 57987 | OS-LINUX Linux Kernel netfilter xt_compat_target_from_user out of bounds write attempt (more info ...) | attempted-admin | 2021-22555 | |||
| 57988 | OS-LINUX Linux Kernel netfilter xt_compat_target_from_user out of bounds write attempt (more info ...) | attempted-admin | 2021-22555 | |||
| 59849 | OS-LINUX Linux Kernel ipv4_pktinfo_prepare denial of service attempt (more info ...) | attempted-dos | 2017-5970 | URL | ||
| 61796 | OS-LINUX Linux kernel n_tty_write privilege escalation attempt (more info ...) | attempted-admin | 2014-0196 | URL | ||
| 61797 | OS-LINUX Linux kernel n_tty_write privilege escalation attempt (more info ...) | attempted-admin | 2014-0196 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 604 | PROTOCOL-SERVICES Unix rlogin froot parameter root access attempt (more info ...) | attempted-admin | 1999-0113 | 458 | ||
| 3527 | OS-SOLARIS Oracle Solaris LPD overflow attempt (more info ...) | attempted-admin | 2001-1583 | 3274 | ||
| 6507 | SERVER-WEBAPP novell edirectory imonitor overflow attempt (more info ...) | attempted-admin | 2006-2496 | 18026 | ||
| 10136 | OS-SOLARIS Oracle Solaris login environment variable authentication bypass attempt (more info ...) | attempted-admin | 2007-0882 | 22512 | ||
| 10998 | SERVER-OTHER Novell GroupWise WebAccess authentication overflow (more info ...) | attempted-admin | 2007-2171 | 23556 | ||
| 11670 | SERVER-OTHER Symantec Discovery logging buffer overflow (more info ...) | attempted-admin | 2007-1173 | 24002 | ||
| 13363 | SERVER-OTHER Cisco Unified Communications Manager heap overflow attempt (more info ...) | attempted-admin | 2008-0027 | 27313 | ||
| 13613 | OS-SOLARIS Oracle Solaris username overflow authentication bypass attempt (more info ...) | attempted-admin | 2001-0797 | |||
| 14989 | SERVER-WEBAPP Novell eDirectory SOAP Accept Language header overflow attempt (more info ...) | attempted-user | 2008-4479 | |||
| 16515 | SERVER-MAIL Novell Groupwise Internet Agent RCPT command overflow attempt (more info ...) | attempted-user | 2009-0410 | 33560 | ||
| 17057 | SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (more info ...) | attempted-admin | 2009-1350 | 34400 | ||
| 18311 | SERVER-WEBAPP Novell iManager getMultiPartParameters arbitrary file upload attempt (more info ...) | attempted-admin | 43635 | URL | ||
| 18589 | SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (more info ...) | attempted-admin | 2009-1350 | 34400 | ||
| 18768 | SERVER-MAIL Novell GroupWise Internet Agent RRULE parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2663 | 49781 | ||
| 18769 | SERVER-OTHER LDAP Novell eDirectory evtFilteredMonitorEventsRequest function heap overflow attempt (more info ...) | attempted-admin | 2006-4509 | URL | ||
| 18791 | SERVER-OTHER Novell ZENworks Configuration Management Preboot service code overflow attempt (more info ...) | attempted-admin | 39111 | |||
| 18792 | SERVER-WEBAPP Novell ZENworks Configuration Management UploadServlet code execution attempt (more info ...) | attempted-admin | 39914 | URL | ||
| 18793 | SERVER-WEBAPP Novell ZENworks Configuration Management fileupload code execution attempt (more info ...) | attempted-admin | 2010-5324 | 39914 | URL | |
| 18902 | SERVER-WEBAPP Novell Teaming ajaxUploadImageFile remote code execution attempt (more info ...) | attempted-admin | 2010-2773 | 41795 | ||
| 19224 | FILE-IDENTIFY Cisco Webex wrf file download request (more info ...) | misc-activity | URL | |||
| 19323 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (more info ...) | attempted-admin | 2011-0742 | 46024 | ||
| 20607 | SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (more info ...) | attempted-user | 2011-0334 | |||
| 20608 | SERVER-OTHER Novell Groupwise internet agent http uri buffer overflow attempt (more info ...) | attempted-user | 2011-0334 | |||
| 20691 | POLICY-OTHER Cisco Network Registrar default credentials authentication attempt (more info ...) | default-login-attempt | 2011-2024 | URL | ||
| 20692 | POLICY-OTHER Cisco network registrar default credentials authentication attempt (more info ...) | default-login-attempt | 2011-2024 | URL | ||
| 20725 | OS-SOLARIS Oracle Solaris in.rwhod hostname denial of service attempt (more info ...) | attempted-dos | 2004-1351 | 13401 | ||
| 21113 | FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (more info ...) | misc-activity | ||||
| 21752 | SERVER-OTHER Novell ZENWorks configuration management preboot request buffer overflow attempt (more info ...) | attempted-user | 2011-3176 | 52659 | ||
| 21914 | SERVER-OTHER Novell ZENWorks configuration management preboot opcode 6C request buffer overflow attempt (more info ...) | attempted-user | 2011-3176 | 52659 | URL | |
| 21917 | SERVER-OTHER Novell Groupwise HTTP response message parsing overflow (more info ...) | attempted-user | 2008-2703 | |||
| 21952 | SERVER-OTHER ISC dhcpd discover hostname overflow attempt (more info ...) | attempted-dos | 2004-0460 | 10590 | ||
| 23269 | FILE-OTHER Cisco WebEx recording integer overflow attempt (more info ...) | attempted-user | 2012-1336 | 52882 | URL | |
| 23385 | SERVER-WEBAPP Novell GroupWise Messenger nmma.exe login memory corruption attempt (more info ...) | attempted-admin | 52056 | URL | ||
| 23755 | FILE-IDENTIFY Cisco Webex Player .wrf file magic detected (more info ...) | misc-activity | ||||
| 24239 | SERVER-WEBAPP Novell GroupWise Internet Agent content-length integer overflow attempt (more info ...) | attempted-admin | 2012-0271 | 55551 | ||
| 24291 | SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (more info ...) | web-application-activity | 2012-3259 | 55269 | ||
| 24292 | SERVER-WEBAPP HP SiteScope APISiteScopeImpl information disclosure attempt (more info ...) | web-application-activity | 2012-3259 | 55269 | ||
| 24667 | EXPLOIT-KIT KaiXin exploit kit attack vector attempt (more info ...) | attempted-user | 2012-1889 | |||
| 24668 | EXPLOIT-KIT KaiXin exploit kit attack vector attempt (more info ...) | attempted-user | 2012-1889 | |||
| 24669 | EXPLOIT-KIT KaiXin exploit kit attack vector attempt (more info ...) | attempted-user | 2012-1889 | |||
| 24670 | EXPLOIT-KIT KaiXin exploit kit attack vector attempt (more info ...) | attempted-user | 2012-1889 | |||
| 24678 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24679 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24680 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24681 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24682 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24683 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24684 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24685 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1335 | |||
| 24765 | SERVER-WEBAPP Novell File Reporter SRS request heap overflow attempt (more info ...) | attempted-admin | 2012-4956 | 56579 | ||
| 24767 | SERVER-WEBAPP Novell File Reporter FSFUI request directory traversal attempt (more info ...) | attempted-admin | 2012-4959 | 56579 | ||
| 24997 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1337 | |||
| 24998 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1337 | |||
| 24999 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1337 | |||
| 25000 | FILE-OTHER Cisco WebEx recording format buffer overflow attempt (more info ...) | attempted-user | 2012-1337 | |||
| 25303 | FILE-OTHER Cisco WebEx WRF memory corruption attempt (more info ...) | attempted-user | 2012-3939 | |||
| 25304 | FILE-OTHER Cisco WebEx WRF memory corruption attempt (more info ...) | attempted-user | 2012-3939 | |||
| 25334 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25335 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25336 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25337 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25338 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25339 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25340 | SERVER-OTHER Novell File Reporter record tag parsing buffer overflow attempt (more info ...) | attempted-admin | 2011-2220 | |||
| 25535 | PROTOCOL-SERVICES Cisco Prime Lan Management rsh command execution attempt (more info ...) | attempted-admin | 2012-6392 | 57221 | URL | |
| 25549 | SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0432 | URL | ||
| 25550 | SERVER-OTHER Novell eDirectory NCP stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0432 | URL | ||
| 26489 | BROWSER-OTHER Novell Messenger Client nim URI handler buffer overflow attempt (more info ...) | attempted-user | 2013-1085 | URL | ||
| 26490 | BROWSER-OTHER Novell Messenger Client nim URI handler buffer overflow attempt (more info ...) | attempted-user | 2013-1085 | URL | ||
| 26531 | MALWARE-OTHER Unix.Backdoor.Cdorked download attempt (more info ...) | trojan-activity | URL | |||
| 26532 | MALWARE-OTHER Unix.Backdoor.Cdorked download attempt (more info ...) | trojan-activity | URL | |||
| 27025 | MALWARE-OTHER UNIX.Trojan.Netweird.A file download attempt (more info ...) | trojan-activity | URL | |||
| 28263 | FILE-OTHER Cisco WebEx recording integer overflow attempt (more info ...) | attempted-user | 2012-1336 | 52882 | URL | |
| 29041 | SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (more info ...) | attempted-admin | 2013-5486 | 62484 | URL | |
| 29042 | SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (more info ...) | attempted-admin | 2013-5486 | 62484 | URL | |
| 29141 | SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (more info ...) | attempted-admin | 2013-5486 | 62484 | URL | |
| 29142 | SERVER-WEBAPP Cisco Prime Data Center Network Manager FileUploadServlet arbitrary file upload attempt (more info ...) | attempted-admin | 2013-5486 | 62484 | URL | |
| 29441 | PROTOCOL-VOIP CISCO Telepresence VCS SIP denial of service attempt (more info ...) | attempted-dos | 2014-0662 | |||
| 29536 | SERVER-OTHER Novell Client NetIdentity Agent remote arbitrary pointer dereference code execution attempt (more info ...) | attempted-admin | 2009-1350 | 34400 | ||
| 29537 | SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (more info ...) | web-application-activity | 2012-3259 | 55269 | ||
| 29596 | SERVER-WEBAPP HP SiteScope soap request code execution attempt (more info ...) | attempted-user | 2013-2367 | 61506 | ||
| 29597 | SERVER-WEBAPP HP SiteScope soap request code execution attempt (more info ...) | attempted-user | 2013-2367 | 61506 | ||
| 29598 | SERVER-WEBAPP HP SiteScope soap call apipreferenceimpl security bypass attempt (more info ...) | web-application-attack | 2012-3261 | 55269 | ||
| 29599 | SERVER-WEBAPP HP SiteScope soap call apipreferenceimpl security bypass attempt (more info ...) | web-application-attack | 2012-3261 | 55269 | ||
| 29600 | SERVER-WEBAPP HP SiteScope soap call apipreferenceimpl security bypass attempt (more info ...) | web-application-attack | 2012-3261 | 55269 | ||
| 29601 | SERVER-WEBAPP HP SiteScope soap call apipreferenceimpl security bypass attempt (more info ...) | web-application-attack | 2012-3261 | 55269 | ||
| 29607 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (more info ...) | attempted-admin | 2011-0742 | 46024 | ||
| 29626 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (more info ...) | attempted-admin | 2011-0742 | 46024 | ||
| 29627 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (more info ...) | attempted-admin | 2011-0742 | 46024 | ||
| 29628 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (more info ...) | attempted-admin | 2011-0742 | 46024 | ||
| 29629 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe buffer overflow attempt (more info ...) | attempted-admin | 2011-0742 | 46024 | ||
| 29753 | SERVER-WEBAPP Novell Groupwise Messenger parameter memory corruption attempt (more info ...) | attempted-admin | URL | |||
| 30282 | PROTOCOL-VOIP Cisco IOS SIP header denial of service attempt (more info ...) | attempted-dos | 2014-2106 | |||
| 30283 | PROTOCOL-VOIP Cisco IOS SIP header denial of service attempt (more info ...) | attempted-dos | 2014-2106 | |||
| 30887 | SERVER-OTHER Cisco Tshell command injection attempt (more info ...) | attempted-admin | 2014-2170 | URL | ||
| 30888 | SERVER-OTHER Cisco Tshell command injection attempt (more info ...) | attempted-admin | 2014-2170 | URL | ||
| 30902 | FILE-OTHER Cisco Webex WRF heap corruption attempt (more info ...) | attempted-user | 2014-2135 | URL | ||
| 30903 | FILE-OTHER Cisco Webex WRF heap corruption attempt (more info ...) | attempted-user | 2014-2135 | URL | ||
| 30912 | FILE-OTHER Cisco Webex WRF heap corruption attempt (more info ...) | attempted-user | 2014-2135 | URL | ||
| 30913 | FILE-OTHER Cisco Webex WRF heap corruption attempt (more info ...) | attempted-user | 2014-2135 | URL | ||
| 30921 | FILE-OTHER Cisco WebEx Player atas32.dll memory overread attempt (more info ...) | attempted-user | 2014-2132 | URL | ||
| 30922 | FILE-OTHER Cisco WebEx Player atas32.dll memory overread attempt (more info ...) | attempted-user | 2014-2132 | URL | ||
| 30929 | SERVER-OTHER Cisco RV180 VPN CSRF attempt (more info ...) | attempted-admin | ||||
| 30931 | SERVER-OTHER Cisco RV180W remote file inclusion attempt (more info ...) | attempted-admin | 2014-2179 | |||
| 30932 | FILE-OTHER Cisco WebEx WRF heap corruption attempt (more info ...) | attempted-user | 2014-2134 | URL | ||
| 30933 | SERVER-OTHER Cisco RV180 VPN remote code execution attempt (more info ...) | attempted-admin | 2014-2177 | |||
| 30942 | FILE-OTHER Cisco Webex ARF Player LZW decompress memory corruption denial of service attempt (more info ...) | attempted-dos | 2014-2133 | URL | ||
| 30943 | FILE-OTHER Cisco Webex ARF Player LZW decompress memory corruption denial of service attempt (more info ...) | attempted-dos | 2014-2133 | URL | ||
| 31398 | PROTOCOL-VOIP Cisco Unified IP phone BVSMWeb portal attack attempt (more info ...) | attempted-admin | ||||
| 31451 | PROTOCOL-VOIP Cisco Unified IP phone BVSMWeb portal attack attempt (more info ...) | attempted-admin | 2014-3300 | URL | ||
| 31615 | OS-OTHER Cisco IOS EnergyWise malformed packet denial of service attempt (more info ...) | denial-of-service | 2014-3327 | URL | ||
| 31616 | OS-OTHER Cisco IOS EnergyWise malformed packet denial of service attempt (more info ...) | denial-of-service | 2014-3327 | URL | ||
| 31891 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 32101 | SERVER-WEBAPP Cisco ASA WebVPN login.html memory corruption attempt (more info ...) | web-application-attack | 2014-3392 | URL | ||
| 32107 | SERVER-WEBAPP Cisco ASA WebVPN directory traversal attempt (more info ...) | web-application-attack | 2014-3393 | URL | ||
| 32108 | SERVER-WEBAPP Cisco ASA WebVPN directory traversal attempt (more info ...) | web-application-attack | 2014-3393 | URL | ||
| 33074 | SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (more info ...) | web-application-attack | 2014-5302 | |||
| 33075 | SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (more info ...) | web-application-attack | 2014-5302 | |||
| 33076 | SERVER-WEBAPP ManageEngine Multiple Products WsDiscoveryServlet directory traversal attempt (more info ...) | web-application-attack | 2014-5302 | |||
| 33229 | SERVER-WEBAPP Cisco Prime Services Catalog XML external entity injection attempt (more info ...) | web-application-attack | 2015-0581 | URL | ||
| 33871 | SERVER-WEBAPP Cisco TelePresence Video Communication Server authentication bypass attempt (more info ...) | attempted-admin | 2015-0653 | URL | ||
| 34104 | SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (more info ...) | web-application-attack | 2015-0779 | |||
| 34105 | SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (more info ...) | web-application-attack | 2015-0779 | |||
| 34106 | SERVER-WEBAPP Novell ZENworks Configuration Management directory traversal attempt (more info ...) | web-application-attack | 2015-0779 | |||
| 34139 | SERVER-OTHER Novell ZenWorks configuration management file upload directory traversal attempt (more info ...) | attempted-admin | 2013-1080 | URL | ||
| 34180 | OS-OTHER Cisco Secure Desktop Applet command execution attempt (more info ...) | attempted-user | 2015-0691 | |||
| 34364 | SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (more info ...) | web-application-attack | 2015-0783 | 74292 | ||
| 34369 | SERVER-WEBAPP Cisco UCS Central command injection attempt (more info ...) | attempted-admin | 2015-0701 | 74491 | URL | |
| 34602 | SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (more info ...) | web-application-attack | 2015-0783 | 74292 | ||
| 34619 | SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (more info ...) | web-application-attack | 2015-0785 | 74288 | ||
| 34620 | SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (more info ...) | web-application-attack | 2015-0785 | 74288 | ||
| 34621 | SERVER-WEBAPP Novell ZENworks Configuration Management rtrlet.class directory traversal attempt (more info ...) | web-application-attack | 2015-0785 | 74288 | ||
| 34823 | POLICY-OTHER HP SiteScope unspecified privilege escalation attempt (more info ...) | policy-violation | 2015-2120 | URL | ||
| 34937 | SERVER-OTHER Novell ZENworks Configuration Management preboot policy service stack buffer overflow attempt (more info ...) | attempted-admin | 2015-0786 | 74290 | URL | |
| 35941 | SERVER-WEBAPP Cisco Integrated Management Controller and UCS Director directory traversal attempt (more info ...) | web-application-attack | 2015-6259 | URL | ||
| 36282 | POLICY-OTHER Cisco router Security Device Manager default banner (more info ...) | policy-violation | URL | |||
| 36903 | SERVER-OTHER Cisco ASA IKEv2 invalid fragment length heap buffer overflow attempt (more info ...) | attempted-admin | 2016-1287 | URL | ||
| 36913 | SERVER-WEBAPP Cisco WebEx Meetings Server command injection attempt (more info ...) | web-application-attack | 2015-0589 | 72493 | URL | |
| 37414 | SERVER-OTHER Cisco NX-OS zero length DHCP VPN suboption denial of service attempt (more info ...) | attempted-dos | 2015-6393 | URL | ||
| 37426 | SERVER-OTHER Cisco NX-OS DHCP option parsing denial of service attempt (more info ...) | attempted-dos | 2015-6392 | URL | ||
| 37674 | SERVER-OTHER Cisco ASA IKEv1 invalid fragment length heap buffer overflow attempt (more info ...) | attempted-admin | 2016-1287 | URL | ||
| 37675 | SERVER-OTHER Cisco IOS invalid IKE fragment length memory corruption or exhaustion attempt (more info ...) | attempted-admin | 2016-6381 | URL | ||
| 37853 | SERVER-WEBAPP Cisco ACE A5 trace.vm command injection attempt (more info ...) | web-application-attack | 2016-1297 | URL | ||
| 38137 | SERVER-OTHER Cisco DPC2203 arbitrary code execution attempt (more info ...) | attempted-admin | ||||
| 38138 | SERVER-OTHER Cisco DPQ3925 denial of service attempt (more info ...) | web-application-attack | URL | |||
| 38139 | SERVER-OTHER Cisco DPQ3939 denial of service attempt (more info ...) | web-application-attack | URL | |||
| 38511 | SERVER-WEBAPP Novell Service Desk directory traversal attempt (more info ...) | web-application-attack | 2016-1593 | URL | ||
| 38543 | SERVER-WEBAPP Cisco UCS Central Web Framework remote file include attempt (more info ...) | web-application-attack | 2015-4286 | URL | ||
| 39118 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39119 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39120 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39121 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39122 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39123 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39124 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39125 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39126 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39127 | SERVER-WEBAPP Cisco Prime Network Analysis Module command injection attempt (more info ...) | web-application-attack | 2016-1388 | URL | ||
| 39303 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2016-1395 | URL | ||
| 39370 | SERVER-WEBAPP Cisco Prime Infrastructure API authentication bypass attempt (more info ...) | attempted-user | URL | |||
| 39678 | SERVER-WEBAPP Cisco UCS Performance Manager command injection attempt (more info ...) | web-application-attack | URL | |||
| 39679 | SERVER-WEBAPP Cisco UCS Performance Manager command injection attempt (more info ...) | web-application-attack | URL | |||
| 39706 | BROWSER-OTHER Novell Messenger Client folder name buffer overflow attempt (more info ...) | attempted-user | 52062 | |||
| 39878 | SERVER-OTHER Cisco IOS truncated NTP packet processing denial of service attempt (more info ...) | attempted-dos | 2016-1478 | URL | ||
| 39885 | PROTOCOL-SNMP Cisco ASA SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2016-6366 | URL | ||
| 39936 | OS-SOLARIS XMDCP double-free attempt (more info ...) | attempted-admin | 2004-0368 | |||
| 39994 | PROTOCOL-SNMP Cisco SG200 Series SNMP request via undocumented community string attempt (more info ...) | attempted-admin | 2016-1473 | URL | ||
| 40006 | SERVER-OTHER Cisco Small Business SPA3x/5x series denial of service attempt (more info ...) | attempted-admin | URL | |||
| 40049 | SERVER-OTHER Cisco IOS PPTP control message response information disclosure detected (more info ...) | attempted-recon | 2016-6398 | URL | ||
| 40220 | SERVER-OTHER Cisco IOS Group-Prime memory disclosure exfiltration attempt (more info ...) | attempted-recon | 2016-6415 | URL | ||
| 40221 | SERVER-OTHER Cisco IOS Group-Prime MD5 memory disclosure attempt (more info ...) | attempted-recon | 2016-6415 | URL | ||
| 40222 | SERVER-OTHER Cisco IOS Group-Prime SHA memory disclosure attempt (more info ...) | attempted-recon | 2016-6415 | URL | ||
| 40224 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40225 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40226 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40227 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40228 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40229 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40230 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40231 | SERVER-WEBAPP Cisco ASA WebVPN auth_handle cross site scripting attempt (more info ...) | web-application-attack | 2014-2120 | 66290 | URL | |
| 40240 | SERVER-WEBAPP Cisco WebEx Meetings Server config_dmz remote code execution attempt (more info ...) | attempted-admin | 2016-1482 | URL | ||
| 40275 | SERVER-WEBAPP Cisco ESA internal testing interface access attempt (more info ...) | attempted-admin | 2016-6406 | URL | ||
| 40298 | PROTOCOL-VOIP Cisco IOS malformed H.450 PER data out of bounds read attempt (more info ...) | attempted-dos | 2016-6384 | URL | ||
| 40303 | PROTOCOL-SCADA Cisco IOS CIP request parser out of bounds array access attempt (more info ...) | attempted-dos | 2016-6391 | URL | ||
| 40304 | PROTOCOL-SCADA Cisco IOS CIP request parser out of bounds array access attempt (more info ...) | attempted-dos | 2016-6391 | URL | ||
| 40343 | SERVER-OTHER Cisco NX-OS malformed BGP UPDATE denial of service attempt (more info ...) | attempted-dos | 2016-1454 | URL | ||
| 40498 | SERVER-WEBAPP Cisco ASA Crypto CA Server out of bounds read attempt (more info ...) | web-application-attack | URL | |||
| 40499 | SERVER-OTHER Cisco ASA NBSTAT response stack buffer overflow attempt (more info ...) | attempted-admin | 2016-6432 | URL | ||
| 40552 | SERVER-OTHER Cisco ESA lzw attachment parsing denial of service attempt (more info ...) | attempted-dos | 2016-6356 | URL | ||
| 40553 | SERVER-OTHER Cisco ESA uuencode attachment processing exception denial of service attempt (more info ...) | attempted-dos | 2016-1486 | URL | ||
| 40554 | SERVER-OTHER Cisco ESA uuencode attachment processing exception denial of service attempt (more info ...) | attempted-dos | 2016-1486 | URL | ||
| 40608 | SERVER-WEBAPP Joomla UsersController non-standard insecure account registration method access attempt (more info ...) | attempted-admin | 2016-8870 | URL | ||
| 40609 | SERVER-WEBAPP Joomla UsersController non-standard insecure account registration method access attempt (more info ...) | attempted-admin | 2016-8870 | URL | ||
| 40638 | PROTOCOL-VOIP Cisco Meeting Server SIP SDP media description buffer overflow attempt (more info ...) | attempted-admin | 2016-6448 | URL | ||
| 40767 | FILE-OTHER Cisco IOS-XE update directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 40768 | FILE-OTHER Cisco IOS-XE update directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 40769 | FILE-OTHER Cisco IOS-XE update directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 40770 | FILE-OTHER Cisco IOS-XE update directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 40877 | SERVER-OTHER Cisco Application Control Engine SSL handshake parsing denial of service attempt (more info ...) | attempted-dos | 2016-6399 | URL | ||
| 41195 | PROTOCOL-SNMP Cisco IP routing configuration manipulation via SNMP attempt (more info ...) | policy-violation | URL | |||
| 41356 | SERVER-WEBAPP Cisco Firepower Management Console 6.0 local file include attempt (more info ...) | web-application-attack | 2016-6435 | URL | ||
| 41407 | BROWSER-OTHER Cisco WebEx extension command execution attempt (more info ...) | attempted-admin | 2017-6753 | URL | ||
| 41408 | BROWSER-OTHER Cisco WebEx extension command execution attempt (more info ...) | attempted-admin | 2017-6753 | URL | ||
| 41446 | SERVER-WEBAPP Cisco Meraki default admin credentials attempt (more info ...) | attempted-admin | 2014-7999 | URL | ||
| 41538 | SERVER-WEBAPP Cisco ASA WebVPN memory corruption attempt (more info ...) | attempted-admin | 2017-3807 | URL | ||
| 41722 | SERVER-OTHER Cisco IOS Smart Install protocol backup config command attempt (more info ...) | attempted-admin | URL | |||
| 41723 | SERVER-OTHER Cisco IOS Smart Install protocol download config command attempt (more info ...) | attempted-admin | URL | |||
| 41724 | SERVER-OTHER Cisco IOS Smart Install protocol download image command attempt (more info ...) | attempted-admin | URL | |||
| 41725 | SERVER-OTHER Cisco IOS Smart Install protocol version command attempt (more info ...) | attempted-admin | 2018-0156 | URL | ||
| 41786 | SERVER-OTHER Cisco NetFlow Generation Appliance SCTP denial of service attempt (more info ...) | attempted-dos | 2017-3826 | URL | ||
| 41909 | SERVER-OTHER Cisco Software Cluster Management Protocol remote code execution attempt (more info ...) | attempted-admin | 2017-3881 | URL | ||
| 41910 | SERVER-OTHER Cisco Software Cluster Management Protocol remote code execution attempt (more info ...) | attempted-admin | 2017-3881 | URL | ||
| 42001 | SERVER-WEBAPP Cisco CWA and TES Client Manager Server directory traversal attempt (more info ...) | web-application-attack | 2017-3846 | URL | ||
| 42002 | SERVER-WEBAPP Cisco CWA and TES Client Manager Server directory traversal attempt (more info ...) | web-application-attack | 2017-3846 | URL | ||
| 42051 | SERVER-OTHER Cisco IOS autonomic networking discovery denial of service attempt (more info ...) | attempted-dos | 2017-3850 | URL | ||
| 42060 | SERVER-OTHER Cisco IOS DHCP client dummy XID denial of service attempt (more info ...) | attempted-dos | 2017-3864 | URL | ||
| 42061 | SERVER-WEBAPP Cisco IOS XE webui software upgrade command injection attempt (more info ...) | web-application-attack | 2017-3858 | URL | ||
| 42139 | SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (more info ...) | attempted-dos | 2017-3832 | URL | ||
| 42253 | OS-SOLARIS Solaris dtappgather local privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 42254 | OS-SOLARIS Solaris dtappgather local privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 42403 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance cache_id command injection attempt (more info ...) | web-application-attack | 2016-8592 | 98343 | ||
| 42404 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance cache_id command injection attempt (more info ...) | web-application-attack | 2016-8592 | 98343 | ||
| 42405 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance cache_id command injection attempt (more info ...) | web-application-attack | 2016-8592 | 98343 | ||
| 42489 | SERVER-OTHER Cisco Aironet Mobility Express PnP agent directory traversal attempt (more info ...) | attempted-admin | 2017-3873 | URL | ||
| 42493 | SERVER-OTHER Cisco RV Series Routers SSDP uuid stack buffer overflow attempt (more info ...) | attempted-admin | 2021-34730 | URL | ||
| 42923 | SERVER-WEBAPP Cisco Prime Collaboration ScriptMgr authentication bypass attempt (more info ...) | attempted-admin | 2017-6622 | URL | ||
| 43271 | SERVER-WEBAPP Cisco Prime Infrastructure XML external entity injection attempt (more info ...) | web-application-attack | 2017-6662 | URL | ||
| 43424 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6744 | URL | ||
| 43425 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6743 | URL | ||
| 43426 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6742 | URL | ||
| 43427 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6741 | URL | ||
| 43428 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6740 | URL | ||
| 43429 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6739 | URL | ||
| 43430 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6738 | URL | ||
| 43431 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6737 | URL | ||
| 43432 | PROTOCOL-SNMP Cisco IOS SNMP OID parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2017-6736 | URL | ||
| 43456 | SERVER-WEBAPP Cisco Ultra Services Framework command injection attempt (more info ...) | attempted-admin | 2017-6714 | URL | ||
| 43628 | SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (more info ...) | web-application-attack | 2017-6746 | URL | ||
| 43629 | SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (more info ...) | web-application-attack | 2017-6746 | URL | ||
| 43630 | SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (more info ...) | web-application-attack | 2017-6746 | URL | ||
| 43631 | SERVER-WEBAPP Cisco Web Security Appliance https_proxy command injection attempt (more info ...) | web-application-attack | 2017-6746 | URL | ||
| 44005 | SERVER-WEBAPP Cisco DDR2200 ADSL gateway command injection attempt (more info ...) | web-application-attack | 2017-11588 | URL | ||
| 44006 | SERVER-WEBAPP Cisco DDR2200 ADSL gateway command injection attempt (more info ...) | web-application-attack | 2017-11588 | URL | ||
| 44007 | SERVER-WEBAPP Cisco DDR2200 ADSL gateway command injection attempt (more info ...) | web-application-attack | 2017-11588 | URL | ||
| 44008 | SERVER-WEBAPP Cisco DDR2200 ADSL gateway command injection attempt (more info ...) | web-application-attack | URL | |||
| 44063 | SERVER-WEBAPP Cisco Ultra Services Framework AutoVNF directory traversal attempt (more info ...) | web-application-attack | 2017-6708 | URL | ||
| 44125 | SERVER-WEBAPP Cisco Prime Collaboration logconfigtracer directory traversal attempt (more info ...) | web-application-attack | 2017-6621 | 98522 | URL | |
| 44126 | SERVER-WEBAPP Cisco Prime Collaboration logconfigtracer directory traversal attempt (more info ...) | web-application-attack | 2017-6621 | 98522 | URL | |
| 44127 | SERVER-WEBAPP Cisco Prime Collaboration logconfigtracer directory traversal attempt (more info ...) | web-application-attack | 2017-6621 | 98522 | URL | |
| 44417 | SERVER-WEBAPP Cisco Customer Voice Portal MyAccountEditAction.do privilege escalation attempt (more info ...) | attempted-admin | 2017-12214 | URL | ||
| 44458 | PROTOCOL-SCADA Cisco IE2000 CIP get attributes all packet processing memory leak attempt (more info ...) | attempted-dos | 2017-12233 | URL | ||
| 44459 | PROTOCOL-SCADA Cisco IOS CIP forward open packet processing denial of service attempt (more info ...) | attempted-dos | 2022-20919 | URL | ||
| 44460 | SERVER-WEBAPP Cisco IOS XE Web UI resource path authentication bypass attempt (more info ...) | attempted-admin | 2017-12229 | URL | ||
| 44461 | SERVER-WEBAPP Cisco IOS XE Web UI resource path authentication bypass attempt (more info ...) | attempted-admin | 2017-12229 | URL | ||
| 44462 | SERVER-WEBAPP Cisco IOS XE Web UI rest path authentication bypass attempt (more info ...) | attempted-admin | 2017-12229 | URL | ||
| 44463 | SERVER-WEBAPP Cisco IOS XE Web UI rest path authentication bypass attempt (more info ...) | attempted-admin | 2017-12229 | URL | ||
| 44464 | SERVER-OTHER Cisco IOS IKEv2 session initialization denial of service attempt (more info ...) | attempted-dos | 2017-12237 | URL | ||
| 44498 | SERVER-WEBAPP Cisco License Manager ReportCSV directory traversal attempt (more info ...) | web-application-attack | 2017-12263 | URL | ||
| 44499 | SERVER-WEBAPP Cisco License Manager ReportCSV directory traversal attempt (more info ...) | web-application-attack | 2017-12263 | URL | ||
| 44500 | SERVER-WEBAPP Cisco License Manager ReportCSV directory traversal attempt (more info ...) | web-application-attack | 2017-12263 | URL | ||
| 44503 | SERVER-WEBAPP Cisco Adaptive Security Appliance direct authentication denial of service attempt (more info ...) | attempted-dos | 2017-12246 | URL | ||
| 44724 | SERVER-WEBAPP Cisco Firepower Smart Licensing command injection attempt (more info ...) | web-application-attack | 2017-12277 | URL | ||
| 44725 | PROTOCOL-SNMP Cisco Wireless LAN Controller clExtApDot11IfTable OID memory leak attempt (more info ...) | attempted-dos | 2017-12278 | URL | ||
| 45524 | FILE-OTHER Cisco WebEx Network Recording Player for ARF files dll-load exploit attempt (more info ...) | attempted-user | 2018-0104 | 102382 | URL | |
| 45525 | FILE-OTHER Cisco WebEx Network Recording Player for ARF files dll-load exploit attempt (more info ...) | attempted-user | 2018-0104 | 102382 | URL | |
| 45575 | SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (more info ...) | attempted-admin | 2018-0101 | URL | ||
| 45596 | SERVER-OTHER Cisco ASA VPN aggregateAuthDataHandler double free attempt (more info ...) | attempted-admin | 2018-0101 | URL | ||
| 45597 | INDICATOR-SHELLCODE Cisco ASA alloc_ch connection string (more info ...) | shellcode-detect | 2018-0101 | URL | ||
| 45623 | SERVER-WEBAPP Cisco RV132W and RV134W routers command injection attempt (more info ...) | web-application-attack | 2018-0125 | URL | ||
| 45731 | SERVER-WEBAPP Cisco Elastic Services Controller authentication bypass attempt (more info ...) | attempted-user | 2018-0121 | URL | ||
| 45975 | MALWARE-BACKDOOR Unix.Malware.Chaos backdoor trigger attempt (more info ...) | trojan-activity | URL | |||
| 46096 | SERVER-OTHER Cisco Smart Install init discovery message stack buffer overflow attempt (more info ...) | attempted-admin | 2018-0171 | URL | ||
| 46104 | SERVER-OTHER Cisco IOS DHCP relay agent information memory corruption attempt (more info ...) | attempted-admin | 2018-0172 | URL | ||
| 46105 | PROTOCOL-SNMP Cisco IOS SNMP natPoolRange OID denial of service attempt (more info ...) | attempted-dos | 2018-0160 | URL | ||
| 46110 | SERVER-OTHER Cisco ASR1001 IKEv2 memory leak attempt (more info ...) | attempted-user | ||||
| 46111 | SERVER-OTHER Cisco IOS Adaptive QoS message parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2018-0151 | URL | ||
| 46119 | SERVER-OTHER Cisco IOS DHCP relay reply integer underflow attempt (more info ...) | attempted-admin | 2018-0173 | URL | ||
| 46120 | SERVER-OTHER Cisco IOS DHCP relay integer underflow attempt (more info ...) | attempted-admin | 2018-0174 | URL | ||
| 46125 | SERVER-OTHER Cisco IOS invalid IKEv1 payload denial of service attempt (more info ...) | attempted-dos | 2018-0159 | URL | ||
| 46386 | SERVER-WEBAPP Cisco IOS XE Web UI arbitrary file write attempt (more info ...) | web-application-attack | 2018-0196 | URL | ||
| 46492 | SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (more info ...) | web-application-attack | 2019-1821 | URL | ||
| 46493 | SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (more info ...) | web-application-attack | 2019-1821 | URL | ||
| 46494 | SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (more info ...) | web-application-attack | 2019-1821 | URL | ||
| 46496 | FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (more info ...) | attempted-user | 2018-0264 | URL | ||
| 46497 | FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (more info ...) | attempted-user | 2018-0264 | URL | ||
| 46498 | FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (more info ...) | attempted-user | 2018-0264 | URL | ||
| 46499 | FILE-OTHER Cisco WebEx Recording Player memory corruption attempt (more info ...) | attempted-user | 2018-0264 | URL | ||
| 46738 | SERVER-WEBAPP Cisco DNA Center API directory traversal attempt (more info ...) | web-application-attack | 2018-0271 | URL | ||
| 46739 | SERVER-WEBAPP Cisco DNA Center API default login attempt (more info ...) | default-login-attempt | 2018-0222 | URL | ||
| 46749 | SERVER-OTHER Cisco Meeting Server configuration download attempt (more info ...) | attempted-recon | 2018-0263 | |||
| 46750 | SERVER-OTHER Cisco Meeting Server user configuration download attempt (more info ...) | attempted-recon | 2018-0263 | |||
| 46887 | SERVER-WEBAPP Cisco Network Services Orchestrator arbitrary command execution attempt (more info ...) | attempted-admin | 2018-0274 | URL | ||
| 46888 | SERVER-WEBAPP Cisco Network Services Orchestrator arbitrary command execution attempt (more info ...) | attempted-admin | 2018-0274 | URL | ||
| 46897 | SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (more info ...) | web-application-attack | 2018-0296 | URL | ||
| 46992 | SERVER-WEBAPP Cisco NX-OS NX-API privilege escalation attempt (more info ...) | attempted-admin | 2018-0330 | URL | ||
| 46993 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol denial of service attempt (more info ...) | attempted-dos | 2018-0310 | URL | ||
| 46994 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol denial of service attempt (more info ...) | attempted-dos | 2018-0310 | URL | ||
| 46995 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol heap buffer overflow attempt (more info ...) | attempted-admin | 2018-0312 | URL | ||
| 46996 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol heap buffer overflow attempt (more info ...) | attempted-admin | 2018-0312 | URL | ||
| 47003 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (more info ...) | attempted-admin | 2018-0314 | URL | ||
| 47004 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (more info ...) | attempted-admin | 2018-0314 | URL | ||
| 47008 | SERVER-WEBAPP Cisco NX-OS NX-API ins_api command injection attempt (more info ...) | web-application-attack | 2022-20650 | URL | ||
| 47009 | SERVER-WEBAPP Cisco NX-OS NX-API cli_ascii command injection attempt (more info ...) | web-application-attack | 2018-0313 | URL | ||
| 47010 | SERVER-WEBAPP Cisco FX-OS mod_nuova stack buffer overflow attempt (more info ...) | web-application-attack | 2018-0298 | URL | ||
| 47011 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV out of bounds read attempt (more info ...) | attempted-admin | 2018-0304 | URL | ||
| 47012 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV out of bounds read attempt (more info ...) | attempted-admin | 2018-0304 | URL | ||
| 47013 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV integer overflow attempt (more info ...) | attempted-admin | 2018-0304 | URL | ||
| 47014 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol TLV integer overflow attempt (more info ...) | attempted-admin | 2018-0304 | URL | ||
| 47078 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | ||||
| 47079 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | ||||
| 47080 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | ||||
| 47081 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | ||||
| 47166 | SERVER-WEBAPP Cisco UCS Director launcher.jsp cross site scripting attempt (more info ...) | attempted-user | 2018-0219 | URL | ||
| 47281 | SERVER-OTHER Cisco SD-WAN Solution default login attempt (more info ...) | attempted-user | 2018-0345 | URL | ||
| 47282 | SERVER-OTHER Cisco SD-WAN Solution default login attempt (more info ...) | attempted-user | 2018-0345 | URL | ||
| 47285 | SERVER-OTHER Cisco Policy Suite interface unauthenticated access attempt (more info ...) | attempted-user | 2018-0377 | URL | ||
| 47286 | SERVER-OTHER Cisco Policy Suite interface unauthenticated access attempt (more info ...) | attempted-user | 2018-0377 | URL | ||
| 47363 | FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (more info ...) | attempted-user | 2018-0379 | URL | ||
| 47364 | FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (more info ...) | attempted-user | 2018-0379 | URL | ||
| 47380 | MALWARE-OTHER Unix.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 47381 | MALWARE-OTHER Unix.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 47394 | FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (more info ...) | attempted-user | 2018-0379 | URL | ||
| 47395 | FILE-OTHER Cisco WebEx Network Recording Player out of bounds write attempt (more info ...) | attempted-user | 2018-0379 | URL | ||
| 47571 | SERVER-WEBAPP Cisco Web Security Appliance proxy denial of service attempt (more info ...) | attempted-dos | 2018-0410 | URL | ||
| 47572 | SERVER-WEBAPP Cisco Web Security Appliance proxy denial of service attempt (more info ...) | attempted-dos | 2018-0410 | URL | ||
| 47573 | SERVER-WEBAPP Cisco Web Security Appliance proxy denial of service attempt (more info ...) | attempted-dos | 2018-0410 | URL | ||
| 47679 | SERVER-WEBAPP Cisco TelePresence command injection attempt (more info ...) | web-application-attack | 2015-0713 | URL | ||
| 47680 | SERVER-WEBAPP Cisco TelePresence command injection attempt (more info ...) | web-application-attack | 2015-0713 | URL | ||
| 47681 | SERVER-WEBAPP Cisco TelePresence command injection attempt (more info ...) | web-application-attack | 2015-0713 | URL | ||
| 47698 | SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (more info ...) | web-application-attack | 2020-3371 | URL | ||
| 47704 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2018-0424 | URL | ||
| 47705 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2018-0424 | URL | ||
| 47706 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2018-0424 | URL | ||
| 47707 | SERVER-OTHER Cisco RV Series Router information disclosure attempt (more info ...) | attempted-recon | 2018-0425 | URL | ||
| 47709 | SERVER-WEBAPP Cisco RV Series Routers arbitrary file read attempt (more info ...) | web-application-attack | 2018-0426 | URL | ||
| 47710 | SERVER-WEBAPP Cisco RV Series Router buffer overflow attempt (more info ...) | attempted-user | 2018-0423 | URL | ||
| 47711 | SERVER-WEBAPP Cisco RV Series Router buffer overflow attempt (more info ...) | attempted-user | 2018-0423 | URL | ||
| 47713 | SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (more info ...) | web-application-attack | 2018-0440 | URL | ||
| 47714 | SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (more info ...) | web-application-attack | 2018-0440 | URL | ||
| 47715 | SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (more info ...) | web-application-attack | 2018-0440 | URL | ||
| 47870 | MALWARE-OTHER Unix.Miner.Xbash variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 47871 | MALWARE-OTHER Unix.Miner.Xbash variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 47872 | MALWARE-OTHER Unix.Miner.Xbash variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 47873 | MALWARE-OTHER Unix.Miner.Xbash variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 47878 | FILE-OTHER Cisco WebEx Network Recording Player stack buffer overflow attempt (more info ...) | attempted-user | 2018-15422 | URL | ||
| 47879 | FILE-OTHER Cisco WebEx Network Recording Player stack buffer overflow attempt (more info ...) | attempted-user | 2018-15422 | URL | ||
| 47893 | SERVER-WEBAPP Cisco IOS XE Web UI denial of service attempt (more info ...) | attempted-dos | 2018-0469 | URL | ||
| 47894 | SERVER-WEBAPP Cisco IOS XE Web UI denial of service attempt (more info ...) | attempted-dos | 2018-0469 | URL | ||
| 47916 | SERVER-WEBAPP Cisco IOS XE denial of service attempt (more info ...) | attempted-dos | 2018-0191 | URL | ||
| 48015 | SERVER-WEBAPP Cisco Prime Infrastructure arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2018-15379 | URL | ||
| 48023 | SERVER-WEBAPP Cisco DNA Center unauthenticated user creation attempt (more info ...) | attempted-admin | 2018-0448 | URL | ||
| 48201 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2018-0443 | URL | ||
| 48204 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP information disclosure attempt (more info ...) | attempted-recon | 2018-0442 | URL | ||
| 48357 | SERVER-WEBAPP Cisco Energy Management Suite external executeScript attempt (more info ...) | attempted-user | 2018-15445 | URL | ||
| 48358 | SERVER-WEBAPP Cisco Stealthwatch Management Console authentication bypass attempt (more info ...) | attempted-user | 2018-15394 | URL | ||
| 48572 | MALWARE-OTHER Unix.Trojan.Fastcash download attempt (more info ...) | trojan-activity | URL | |||
| 48938 | MALWARE-OTHER Unix.Rocke.Evasion variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 48939 | MALWARE-OTHER Unix.Rocke.Evasion variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 48946 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-1652 | URL | ||
| 48947 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-1652 | URL | ||
| 48948 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-1652 | URL | ||
| 48949 | SERVER-WEBAPP Cisco RV Series Routers information disclosure attempt (more info ...) | attempted-recon | 2019-1653 | URL | ||
| 48950 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1637 | URL | ||
| 48951 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1637 | URL | ||
| 48952 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1638 | URL | ||
| 48953 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1638 | URL | ||
| 48954 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1639 | URL | ||
| 48955 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1639 | URL | ||
| 48956 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1640 | URL | ||
| 48957 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1640 | URL | ||
| 48958 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1927 | URL | ||
| 48959 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1927 | URL | ||
| 48960 | BROWSER-OTHER Cisco Webex Teams command line injection attempt (more info ...) | attempted-user | 2019-1939 | URL | ||
| 48961 | BROWSER-OTHER Cisco Webex Teams command line injection attempt (more info ...) | attempted-user | 2019-1939 | URL | ||
| 49240 | SERVER-WEBAPP Cisco Prime Collaboration Assurance unauthorized access attempt (more info ...) | attempted-user | 2019-1662 | URL | ||
| 49296 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1843 | URL | ||
| 49334 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1616 | URL | ||
| 49335 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1616 | URL | ||
| 49336 | SERVER-OTHER Cisco FXOS and NX-OS LDAP denial of service attempt (more info ...) | attempted-dos | 2019-1598 | URL | ||
| 49339 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15440 | URL | ||
| 49340 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15440 | URL | ||
| 49341 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49342 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49343 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49344 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49345 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49346 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49347 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49348 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | attempted-user | 2018-15463 | URL | ||
| 49349 | SERVER-WEBAPP Cisco WebEx Meeting Server cross site scripting attempt (more info ...) | attempted-user | 2019-1655 | URL | ||
| 49350 | SERVER-WEBAPP Cisco NX-OS System Software NX-API command injection attempt (more info ...) | attempted-user | 2022-20650 | URL | ||
| 49509 | SERVER-WEBAPP Cisco IP Phone web interface authorization bypass attempt (more info ...) | web-application-attack | 2019-1764 | URL | ||
| 49510 | SERVER-WEBAPP Cisco IP Phone web interface directory traversal attempt (more info ...) | web-application-attack | 2019-1766 | URL | ||
| 49511 | SERVER-WEBAPP Cisco IP Phone web interface stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1716 | URL | ||
| 49588 | SERVER-WEBAPP Cisco IOS XE webui debugBundle command injection attempt (more info ...) | web-application-attack | 2019-1753 | URL | ||
| 49589 | SERVER-WEBAPP Cisco IOS XE webui debugBundle command injection attempt (more info ...) | web-application-attack | 2019-1753 | URL | ||
| 49590 | SERVER-WEBAPP Cisco IOS XE webui debugBundle command injection attempt (more info ...) | web-application-attack | 2019-1753 | URL | ||
| 49591 | SERVER-WEBAPP Cisco IOS XE webui directory traversal attempt (more info ...) | web-application-attack | 2019-1743 | URL | ||
| 49608 | SERVER-WEBAPP Cisco IOS XE webui execPython access attempt (more info ...) | attempted-admin | 2019-1756 | URL | ||
| 49609 | SERVER-WEBAPP Cisco IOS XE webui cdp resource command injection attempt (more info ...) | web-application-attack | 2019-1755 | URL | ||
| 49610 | SERVER-WEBAPP Cisco IOS XE webui dhcp resource command injection attempt (more info ...) | web-application-attack | 2019-1755 | URL | ||
| 49611 | SERVER-WEBAPP Cisco IOS XE webui information disclosure attempt (more info ...) | attempted-recon | 2019-1742 | URL | ||
| 49614 | SERVER-WEBAPP Cisco IOS XE webui rathrottler command injection attempt (more info ...) | web-application-attack | 2019-1754 | URL | ||
| 49615 | SERVER-WEBAPP Cisco IOS XE webui rathrottler command injection attempt (more info ...) | web-application-attack | 2019-1754 | URL | ||
| 49616 | SERVER-WEBAPP Cisco IOS XE webui rathrottler command injection attempt (more info ...) | web-application-attack | 2019-1754 | URL | ||
| 49617 | FILE-OTHER Unix systemd-journald memory corruption attempt (more info ...) | attempted-admin | 2018-16865 | URL | ||
| 49618 | FILE-OTHER Unix systemd-journald memory corruption attempt (more info ...) | attempted-admin | 2018-16865 | URL | ||
| 49619 | SERVER-WEBAPP Cisco RV Series Routers information disclosure attempt (more info ...) | attempted-recon | 2019-1653 | URL | ||
| 49858 | PROTOCOL-VOIP Cisco VCS exponential XML entity expansion attack attempt (more info ...) | attempted-dos | 2019-1721 | URL | ||
| 49859 | SERVER-WEBAPP Cisco Wireless LAN Controller cross site request forgery attempt (more info ...) | web-application-attack | 2019-1797 | URL | ||
| 49866 | SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (more info ...) | attempted-dos | 2018-0248 | URL | ||
| 49867 | SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (more info ...) | attempted-dos | 2018-0248 | URL | ||
| 49879 | SERVER-OTHER Cisco Wireless LAN Controller IAPP message denial of service attempt (more info ...) | attempted-dos | 2019-1800 | URL | ||
| 49986 | SERVER-WEBAPP Cisco Prime Infrastructure arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2019-1823 | URL | ||
| 49990 | PROTOCOL-VOIP Cisco IP Phone malformed SIP presence information data denial of service attempt (more info ...) | attempted-dos | 2019-1635 | URL | ||
| 49992 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2020-3367 | URL | ||
| 49993 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2020-3367 | URL | ||
| 49994 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2020-3367 | URL | ||
| 49995 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2020-3367 | URL | ||
| 49996 | SERVER-WEBAPP Cisco ASA secure desktop login denial of service attempt (more info ...) | attempted-dos | 2018-15388 | URL | ||
| 49997 | SERVER-WEBAPP Cisco RV Series Routers session hijack attempt (more info ...) | attempted-admin | 2019-1724 | URL | ||
| 49998 | SERVER-WEBAPP Cisco Adaptive Security Appliance admin command interface access attempt (more info ...) | attempted-admin | 2022-20828 | URL | ||
| 49999 | SERVER-WEBAPP Cisco Adaptive Security Appliance admin command interface access attempt (more info ...) | attempted-admin | 2022-20828 | URL | ||
| 50037 | SERVER-WEBAPP Cisco Elastic Services Controller authentication bypass attempt (more info ...) | attempted-user | 2019-1867 | URL | ||
| 50117 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2019-1862 | URL | ||
| 50118 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2019-1862 | URL | ||
| 50131 | PROTOCOL-SNMP Cisco Small Business Series Switches SNMP denial of service attempt (more info ...) | attempted-dos | 2019-1806 | URL | ||
| 50132 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1929 | URL | ||
| 50133 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1929 | URL | ||
| 50134 | SERVER-WEBAPP Cisco Video Surveillance Manager directory traversal attempt (more info ...) | web-application-attack | 2019-1717 | URL | ||
| 50135 | SERVER-WEBAPP Cisco Video Surveillance Manager directory traversal attempt (more info ...) | web-application-attack | 2019-1717 | URL | ||
| 50136 | SERVER-WEBAPP Cisco Video Surveillance Manager directory traversal attempt (more info ...) | web-application-attack | 2019-1717 | URL | ||
| 50285 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50286 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50287 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50288 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50289 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50290 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50291 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50292 | MALWARE-OTHER Unix.Miner.Decred additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50320 | SERVER-OTHER Cisco Unified Communications Manager denial of service attempt (more info ...) | attempted-dos | 2019-1845 | URL | ||
| 50335 | SERVER-WEBAPP Cisco Industrial Network Director remote code execution attempt (more info ...) | attempted-admin | 2023-20036 | URL | ||
| 50427 | SERVER-WEBAPP Cisco IOS XE Web UI cross site request forgery attempt (more info ...) | web-application-attack | 2019-1904 | URL | ||
| 50457 | MALWARE-TOOLS Unix.Downloader.HiddenWasp initial deployment script download attempt (more info ...) | trojan-activity | URL | |||
| 50458 | MALWARE-TOOLS Unix.Downloader.HiddenWasp initial deployment script download attempt (more info ...) | trojan-activity | URL | |||
| 50469 | SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (more info ...) | attempted-dos | 2019-1843 | URL | ||
| 50470 | SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (more info ...) | attempted-dos | 2019-1843 | URL | ||
| 50471 | SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (more info ...) | attempted-dos | 2019-1843 | URL | ||
| 50472 | SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (more info ...) | attempted-dos | 2019-1843 | URL | ||
| 50485 | SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (more info ...) | attempted-user | 2019-1874 | URL | ||
| 50486 | SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (more info ...) | attempted-user | 2019-1874 | URL | ||
| 50487 | SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (more info ...) | attempted-user | 2019-1874 | URL | ||
| 50488 | SERVER-WEBAPP Cisco Prime Service Catalog cross site scripting attempt (more info ...) | attempted-user | 2019-1874 | URL | ||
| 50489 | SERVER-WEBAPP Cisco Prime Service Catalog cross site request forgery attempt (more info ...) | attempted-user | 2019-1874 | URL | ||
| 50492 | SERVER-WEBAPP Cisco SD-WAN Solution command injection attempt (more info ...) | web-application-attack | 2019-1624 | URL | ||
| 50512 | SERVER-WEBAPP Cisco Data Center Network Manager authentication bypass attempt (more info ...) | attempted-admin | 2019-1619 | URL | ||
| 50513 | SERVER-WEBAPP Cisco Data Center Network Manager arbitrary WAR file upload attempt (more info ...) | attempted-admin | 2019-1620 | URL | ||
| 50514 | SERVER-WEBAPP Cisco Data Center Network Manager arbitrary file download attempt (more info ...) | attempted-recon | 2019-1621 | URL | ||
| 50515 | SERVER-WEBAPP Cisco Data Center Network Manager information disclosure attempt (more info ...) | attempted-recon | 2019-1622 | URL | ||
| 50622 | SERVER-WEBAPP Cisco Web Security Appliance denial of service attempt (more info ...) | attempted-dos | 2019-1884 | URL | ||
| 50637 | SERVER-WEBAPP Cisco Small Business Series Switches denial of service attempt (more info ...) | attempted-dos | 2019-1891 | URL | ||
| 50650 | SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (more info ...) | web-application-attack | 2021-1421 | URL | ||
| 50651 | SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (more info ...) | web-application-attack | 2021-1421 | URL | ||
| 50652 | SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (more info ...) | web-application-attack | 2021-1421 | URL | ||
| 50653 | SERVER-WEBAPP Cisco Enterprise NFV command injection attempt (more info ...) | web-application-attack | 2021-1421 | URL | ||
| 50794 | PUA-OTHER Unix.Trojan.CoinMiner attempted download (more info ...) | trojan-activity | URL | |||
| 50850 | MALWARE-OTHER Unix.Trojan.EvilGnome variant download attempt (more info ...) | trojan-activity | URL | |||
| 50851 | MALWARE-OTHER Unix.Trojan.EvilGnome variant download attempt (more info ...) | trojan-activity | URL | |||
| 50903 | SERVER-WEBAPP Cisco UCS Director command injection attempt (more info ...) | web-application-attack | 2019-1936 | URL | ||
| 50904 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1925 | URL | ||
| 50905 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1925 | URL | ||
| 50906 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1928 | URL | ||
| 50907 | FILE-OTHER Cisco WebEx Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-1928 | URL | ||
| 51164 | SERVER-WEBAPP Cisco Integrated Management Controller Redfish API command injection attempt (more info ...) | web-application-attack | 2019-1885 | URL | ||
| 51173 | SERVER-WEBAPP Cisco UCS Director authentication bypass attempt (more info ...) | attempted-admin | 2019-1974 | URL | ||
| 51180 | SERVER-OTHER Cisco Integrated Management Controller IPMI command injection attempt (more info ...) | attempted-admin | 2019-1634 | URL | ||
| 51187 | SERVER-WEBAPP Cisco Integrated Management Controller buffer overflow attempt (more info ...) | attempted-admin | 2019-1871 | URL | ||
| 51188 | SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (more info ...) | web-application-attack | 2019-1864 | URL | ||
| 51189 | SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (more info ...) | web-application-attack | 2019-1864 | URL | ||
| 51193 | SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (more info ...) | web-application-attack | 2019-1896 | URL | ||
| 51194 | SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (more info ...) | web-application-attack | 2019-1896 | URL | ||
| 51195 | SERVER-WEBAPP Cisco Integrated Management Controller command injection attempt (more info ...) | web-application-attack | 2019-1896 | URL | ||
| 51198 | SERVER-WEBAPP Cisco Integrated Management Controller denial of service attempt (more info ...) | attempted-dos | 2019-1900 | URL | ||
| 51199 | SERVER-WEBAPP Cisco Integrated Management Controller denial of service attempt (more info ...) | attempted-dos | 2019-1900 | URL | ||
| 51201 | SERVER-WEBAPP Cisco Integrated Management Controller authentication bypass attempt (more info ...) | attempted-admin | 2019-1907 | URL | ||
| 51293 | SERVER-WEBAPP Cisco 220 Series Smart Switches stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1913 | URL | ||
| 51294 | SERVER-WEBAPP Cisco 220 Series Smart Switches stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1913 | URL | ||
| 51295 | SERVER-WEBAPP Cisco 220 Series Smart Switches stack buffer overflow attempt (more info ...) | attempted-admin | 2019-1913 | URL | ||
| 51306 | SERVER-WEBAPP Cisco 220 Series Smart Switches command injection attempt (more info ...) | web-application-attack | 2021-1541 | URL | ||
| 51307 | SERVER-WEBAPP Cisco 220 Series Smart Switches command injection attempt (more info ...) | web-application-attack | 2021-1541 | URL | ||
| 51308 | SERVER-WEBAPP Cisco 220 Series Smart Switches command injection attempt (more info ...) | web-application-attack | 2021-1541 | URL | ||
| 51355 | SERVER-WEBAPP Cisco IOS XE REST API information disclosure attempt (more info ...) | attempted-recon | 2019-12643 | URL | ||
| 51536 | MALWARE-OTHER Unix.Trojan.Agent IoT backdoor download (more info ...) | trojan-activity | URL | |||
| 51582 | SERVER-WEBAPP HP SiteScope APIMonitorImpl information disclosure attempt (more info ...) | web-application-activity | 2012-3259 | 55269 | ||
| 51622 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2020-3229 | URL | ||
| 51623 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2020-3229 | URL | ||
| 51624 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2020-3229 | URL | ||
| 51625 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2020-3229 | URL | ||
| 51705 | SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (more info ...) | web-application-attack | 2019-12689 | URL | ||
| 51706 | SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (more info ...) | web-application-attack | 2019-12689 | URL | ||
| 51707 | SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (more info ...) | web-application-attack | 2019-12689 | URL | ||
| 51708 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12688 | URL | ||
| 51709 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12688 | URL | ||
| 51710 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12688 | URL | ||
| 51711 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12688 | URL | ||
| 51713 | SERVER-WEBAPP Cisco WebVPN denial of service attempt (more info ...) | attempted-dos | 2019-12698 | URL | ||
| 51716 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12690 | URL | ||
| 51717 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12690 | URL | ||
| 51718 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12690 | URL | ||
| 51719 | SERVER-WEBAPP Cisco Firepower Management Center command injection attempt (more info ...) | web-application-attack | 2019-12690 | URL | ||
| 51728 | SERVER-WEBAPP Cisco WebVPN cross site scripting attempt (more info ...) | attempted-user | 2019-12695 | URL | ||
| 51729 | SERVER-WEBAPP Cisco WebVPN cross site scripting attempt (more info ...) | attempted-user | 2019-12695 | URL | ||
| 51890 | SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (more info ...) | attempted-admin | 2019-15252 | URL | ||
| 51891 | SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (more info ...) | attempted-admin | 2019-15252 | URL | ||
| 51892 | SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (more info ...) | attempted-admin | 2019-15252 | URL | ||
| 51893 | SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (more info ...) | attempted-admin | 2019-15252 | URL | ||
| 51894 | SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (more info ...) | attempted-admin | 2019-15252 | URL | ||
| 51895 | SERVER-WEBAPP Cisco SPA100 Series analog telephone adapters buffer overflow attempt (more info ...) | attempted-admin | 2019-15252 | URL | ||
| 51900 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 51901 | SERVER-WEBAPP Cisco Small Business Switches denial of service attempt (more info ...) | attempted-dos | 2019-12636 | URL | ||
| 51902 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 51903 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 51904 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 51905 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 51906 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 51907 | SERVER-WEBAPP Cisco Small Business Switches cross site scripting attempt (more info ...) | attempted-user | 2019-12636 | URL | ||
| 52102 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15283 | URL | ||
| 52103 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15283 | URL | ||
| 52104 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15284 | URL | ||
| 52105 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15284 | URL | ||
| 52106 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15285 | URL | ||
| 52107 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15285 | URL | ||
| 52108 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15286 | URL | ||
| 52109 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15286 | URL | ||
| 52110 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15287 | URL | ||
| 52111 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2019-15287 | URL | ||
| 52119 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-15957 | URL | ||
| 52120 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-15957 | URL | ||
| 52121 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-15957 | URL | ||
| 52122 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2019-15957 | URL | ||
| 52126 | SERVER-WEBAPP Cisco Wireless LAN Controller denial of service attempt (more info ...) | attempted-dos | 2019-15276 | URL | ||
| 52129 | SERVER-WEBAPP Cisco Prime Infrastructure directory traversal attempt (more info ...) | attempted-admin | 2019-15958 | URL | ||
| 52525 | SERVER-WEBAPP Cisco Data Center Network Manager XML external entity injection attempt (more info ...) | web-application-attack | 2019-15983 | URL | ||
| 52526 | SERVER-WEBAPP Cisco Data Center Network Manager XML external entity injection attempt (more info ...) | web-application-attack | 2019-15983 | URL | ||
| 52527 | SERVER-WEBAPP Cisco Data Center Network Manager XML external entity injection attempt (more info ...) | web-application-attack | 2019-15983 | URL | ||
| 52528 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52529 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52530 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52531 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52532 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52533 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | |||
| 52534 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | |||
| 52535 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | |||
| 52536 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52537 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15980 | URL | ||
| 52538 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15981 | URL | ||
| 52539 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15981 | URL | ||
| 52540 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15981 | URL | ||
| 52541 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15982 | URL | ||
| 52542 | SERVER-WEBAPP Cisco Data Center Network Manager displayServerInfos information disclosure attempt (more info ...) | web-application-attack | 2019-15982 | URL | ||
| 52545 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2019-15984 | URL | ||
| 52546 | SERVER-WEBAPP Cisco Data Center Network Manager LanFabricImpl createLanFabric command injection attempt (more info ...) | web-application-attack | 2019-15978 | URL | ||
| 52547 | SERVER-WEBAPP Cisco Data Center Network Manager SanWS importTS arbitrary file upload attempt (more info ...) | web-application-attack | 2019-15979 | URL | ||
| 52555 | SERVER-WEBAPP Cisco Webex Video Mesh Node command injection attempt (more info ...) | web-application-attack | 2019-16005 | URL | ||
| 52627 | SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (more info ...) | attempted-user | 2019-16028 | URL | ||
| 52628 | SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (more info ...) | attempted-user | 2019-16028 | URL | ||
| 52629 | SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (more info ...) | attempted-user | 2019-16028 | URL | ||
| 52630 | SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (more info ...) | attempted-user | 2019-16028 | URL | ||
| 52631 | SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (more info ...) | attempted-user | 2019-16028 | URL | ||
| 52632 | SERVER-WEBAPP Cisco Firepower Management Center LDAP authentication bypass attempt (more info ...) | attempted-user | 2019-16028 | URL | ||
| 52633 | SERVER-OTHER Cisco IOS EVPN NLRI parsing denial of service attempt (more info ...) | attempted-dos | 2019-16023 | URL | ||
| 52643 | SERVER-WEBAPP Cisco Smart Software Manager denial of service attempt (more info ...) | attempted-dos | 2019-16029 | URL | ||
| 52644 | SERVER-WEBAPP Cisco Smart Software Manager denial of service attempt (more info ...) | attempted-dos | 2019-16029 | URL | ||
| 52645 | PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (more info ...) | attempted-dos | 2019-16027 | URL | ||
| 52646 | PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (more info ...) | attempted-dos | 2019-16027 | URL | ||
| 52647 | PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (more info ...) | attempted-dos | 2019-16027 | URL | ||
| 52648 | PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (more info ...) | attempted-dos | 2019-16027 | URL | ||
| 52649 | PROTOCOL-SNMP Cisco IOS IS-IS SNMP denial of service attempt (more info ...) | attempted-dos | 2019-16027 | URL | ||
| 52825 | MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 52826 | MALWARE-OTHER Unix.Trojan.Muhstik variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 52996 | SERVER-WEBAPP Cisco Small Business Series Switches information disclosure attempt (more info ...) | attempted-recon | 2019-15993 | URL | ||
| 52997 | SERVER-WEBAPP Cisco Small Business Series Switches cross site scripting attempt (more info ...) | attempted-user | 2019-15993 | URL | ||
| 52998 | SERVER-WEBAPP Cisco Small Business Series Switches denial of service attempt (more info ...) | attempted-dos | 2020-3147 | URL | ||
| 53131 | MALWARE-OTHER Win.Trojan.Syscon variant payload download attempt (more info ...) | trojan-activity | ||||
| 53132 | MALWARE-OTHER Win.Trojan.Syscon variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53139 | MALWARE-OTHER Win.Trojan.Syscon variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53168 | SERVER-WEBAPP Cisco Unified Contact Center Express arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2019-1888 | URL | ||
| 53175 | SERVER-WEBAPP Cisco Data Center Network Manager cross site request forgery attempt (more info ...) | attempted-user | 2020-3114 | URL | ||
| 53176 | SERVER-WEBAPP Cisco Data Center Network Manager cross site request forgery attempt (more info ...) | attempted-user | 2020-3114 | URL | ||
| 53384 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2020-3127 | URL | ||
| 53385 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2020-3127 | URL | ||
| 53386 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2020-3128 | URL | ||
| 53387 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2020-3128 | URL | ||
| 53388 | SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (more info ...) | attempted-user | 2020-3148 | URL | ||
| 53389 | SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (more info ...) | attempted-user | 2020-3148 | URL | ||
| 53390 | SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (more info ...) | attempted-user | 2020-3148 | URL | ||
| 53391 | SERVER-WEBAPP Cisco Prime Network Registrar cross site request forgery attempt (more info ...) | attempted-user | 2020-3148 | URL | ||
| 53470 | SERVER-OTHER Cisco IOS EnergyWise heap buffer overflow attempt (more info ...) | attempted-admin | 2017-3860 | URL | ||
| 53471 | SERVER-OTHER Cisco IOS EnergyWise integer underflow attempt (more info ...) | attempted-admin | 2017-3862 | URL | ||
| 53472 | SERVER-OTHER Cisco IOS EnergyWise out of bounds read attempt (more info ...) | attempted-admin | 2017-3863 | URL | ||
| 53482 | SERVER-WEBAPP Cisco SD-WAN vManage cross site scripting attempt (more info ...) | attempted-user | 2019-16010 | URL | ||
| 53483 | SERVER-WEBAPP Cisco SD-WAN vManage cross site scripting attempt (more info ...) | attempted-user | 2019-16010 | URL | ||
| 53497 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2020-3211 | URL | ||
| 53498 | SERVER-WEBAPP Cisco IOS XE Web UI file upload directory traversal attempt (more info ...) | attempted-user | 2020-3218 | URL | ||
| 53499 | SERVER-WEBAPP Cisco IOS XE Web UI file upload remote code execution attempt (more info ...) | attempted-user | 2020-3218 | URL | ||
| 53500 | SERVER-WEBAPP Cisco IOS XE Web UI file upload remote code execution attempt (more info ...) | attempted-user | 2020-3218 | URL | ||
| 53501 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2021-1220 | URL | ||
| 53502 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2021-1220 | URL | ||
| 53503 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2020-3212 | URL | ||
| 53527 | MALWARE-OTHER Unix.Exploit.Lotoor-7643871-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53528 | MALWARE-OTHER Unix.Exploit.Lotoor-7643871-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53613 | MALWARE-OTHER PUA.Unix.Adware.Mobidash-7653096-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53614 | MALWARE-OTHER PUA.Unix.Adware.Mobidash-7653096-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53660 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2020-3194 | URL | ||
| 53661 | FILE-OTHER Cisco Webex Network Recording Player memory corruption attempt (more info ...) | attempted-user | 2020-3194 | URL | ||
| 53666 | SERVER-OTHER Cisco Wireless Lan Controller CAPWAP out of bounds access attempt (more info ...) | attempted-admin | 2020-3262 | URL | ||
| 53668 | SERVER-OTHER Cisco Unified Communications Manager TAPS RMI directory traversal attempt (more info ...) | attempted-recon | 2020-3177 | URL | ||
| 53669 | SERVER-WEBAPP Cisco IP Phone libHTTPService.so stack buffer overflow attempt (more info ...) | attempted-admin | 2016-1421 | URL | ||
| 53670 | SERVER-WEBAPP Cisco IP Phone libHTTPService.so stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3161 | URL | ||
| 53671 | SERVER-WEBAPP Cisco UCS Director authentication bypass attempt (more info ...) | web-application-attack | 2020-3243 | URL | ||
| 53672 | SERVER-WEBAPP Cisco UCS Director REST API directory traversal attempt (more info ...) | web-application-attack | 2020-3250 | URL | ||
| 53673 | SERVER-WEBAPP Cisco UCS Director REST API directory traversal attempt (more info ...) | web-application-attack | 2020-3250 | URL | ||
| 53674 | SERVER-WEBAPP Cisco UCS Director REST API directory traversal attempt (more info ...) | web-application-attack | 2020-3250 | URL | ||
| 53675 | SERVER-WEBAPP Cisco UCS Director LargeFileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-3239 | URL | ||
| 53676 | SERVER-WEBAPP Cisco UCS Director LargeFileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-3247 | URL | ||
| 53677 | SERVER-WEBAPP Cisco UCS Director ClientServlet directory traversal attempt (more info ...) | web-application-attack | 2020-3252 | URL | ||
| 53678 | SERVER-WEBAPP Cisco UCS Director ClientServlet directory traversal attempt (more info ...) | web-application-attack | 2020-3252 | URL | ||
| 53679 | SERVER-WEBAPP Cisco UCS Director ClientServlet directory traversal attempt (more info ...) | web-application-attack | 2020-3252 | URL | ||
| 53680 | SERVER-WEBAPP Cisco UCS Director filename directory traversal attempt (more info ...) | web-application-attack | 2020-3240 | URL | ||
| 53681 | SERVER-WEBAPP Cisco UCS Director arbitrary JSP file upload attempt (more info ...) | web-application-attack | 2020-3251 | URL | ||
| 53682 | SERVER-WEBAPP Cisco Mobility Express cross site request forgery attempt (more info ...) | attempted-user | 2020-3261 | URL | ||
| 53683 | SERVER-WEBAPP Cisco Mobility Express cross site request forgery attempt (more info ...) | attempted-user | 2020-3261 | URL | ||
| 53707 | MALWARE-OTHER Unix.Trojan.Coinminer-7668629-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53708 | MALWARE-OTHER Unix.Trojan.Coinminer-7668629-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53847 | PROTOCOL-OTHER Cisco ASA and FTD malformed OSPF denial of service attempt (more info ...) | attempted-dos | 2020-3298 | URL | ||
| 53850 | SERVER-WEBAPP Cisco ASA and FTD memory disclosure attempt (more info ...) | attempted-recon | 2020-3259 | URL | ||
| 53851 | SERVER-WEBAPP Cisco ASA and FTD directory traversal attempt (more info ...) | web-application-attack | 2020-3187 | URL | ||
| 53868 | SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (more info ...) | attempted-dos | 2020-3254 | URL | ||
| 53869 | SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (more info ...) | attempted-dos | 2020-3254 | URL | ||
| 53870 | SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (more info ...) | attempted-dos | 2020-3254 | URL | ||
| 53871 | SERVER-OTHER Cisco ASA and FTD MGCP denial of service attempt (more info ...) | attempted-dos | 2020-3254 | URL | ||
| 54005 | MALWARE-OTHER Unix.Trojan.Rootnik-7825953-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54006 | MALWARE-OTHER Unix.Trojan.Rootnik-7825953-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54034 | SERVER-OTHER Cisco Prime Network Registrar denial of service attempt (more info ...) | attempted-dos | 2020-3272 | URL | ||
| 54158 | PROTOCOL-OTHER Cisco IOS XE NetFlow packet parsing denial of service attempt (more info ...) | attempted-dos | 2020-3221 | URL | ||
| 54159 | SERVER-OTHER Cisco IOS IKE2 invalid port denial of service attempt (more info ...) | attempted-dos | 2020-3230 | URL | ||
| 54160 | SERVER-OTHER Cisco IOS IKE2 invalid port denial of service attempt (more info ...) | attempted-dos | 2020-3230 | URL | ||
| 54281 | INDICATOR-SCAN CallStranger UPnP discovery attempt (more info ...) | misc-attack | 2020-12695 | URL | ||
| 54320 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54321 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54322 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54323 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54324 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54325 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54326 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54327 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54328 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54329 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54330 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54331 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3276 | URL | ||
| 54333 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3286 | URL | ||
| 54334 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3286 | URL | ||
| 54335 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3286 | URL | ||
| 54336 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3286 | URL | ||
| 54337 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3288 | URL | ||
| 54338 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3288 | URL | ||
| 54339 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3287 | URL | ||
| 54340 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3287 | URL | ||
| 54341 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3288 | URL | ||
| 54342 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3288 | URL | ||
| 54343 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3268 | URL | ||
| 54344 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3268 | URL | ||
| 54345 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3268 | URL | ||
| 54346 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3268 | URL | ||
| 54347 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54348 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54349 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54350 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54351 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54352 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54353 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54354 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54355 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54356 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3269 | URL | ||
| 54358 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54359 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54360 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54361 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54362 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54363 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54364 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54365 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54366 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54367 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54368 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54369 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54370 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54371 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54372 | BROWSER-OTHER Cisco Webex Meetings Desktop App arbitrary program execution attempt (more info ...) | attempted-user | 2020-3263 | URL | ||
| 54422 | SERVER-WEBAPP Cisco DNA Center cross site scripting attempt (more info ...) | attempted-user | 2019-15253 | URL | ||
| 54423 | SERVER-WEBAPP Cisco DNA Center cross site scripting attempt (more info ...) | attempted-user | 2019-15253 | URL | ||
| 54538 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3332 | URL | ||
| 54539 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3332 | URL | ||
| 54540 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3332 | URL | ||
| 54541 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2020-3332 | URL | ||
| 54542 | SERVER-WEBAPP Cisco RV Series Routers heap buffer overflow attempt (more info ...) | web-application-attack | 2020-3357 | URL | ||
| 54543 | SERVER-WEBAPP Cisco RV Series Routers heap buffer overflow attempt (more info ...) | web-application-attack | 2020-3357 | URL | ||
| 54546 | SERVER-WEBAPP Cisco SD-WAN vManage cypher query language injection attempt (more info ...) | web-application-attack | 2020-3387 | URL | ||
| 54547 | SERVER-WEBAPP Cisco SD-WAN vManage cypher query language injection attempt (more info ...) | web-application-attack | 2020-3387 | URL | ||
| 54548 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3331 | URL | ||
| 54549 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3331 | URL | ||
| 54550 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3331 | URL | ||
| 54551 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3331 | URL | ||
| 54552 | SERVER-WEBAPP Cisco RV Series Routers null pointer dereference attempt (more info ...) | attempted-dos | 2020-3358 | URL | ||
| 54557 | SERVER-WEBAPP Cisco RV Series Routers authentication bypass attempt (more info ...) | web-application-attack | 2020-3144 | URL | ||
| 54560 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2021-1172 | URL | ||
| 54561 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2021-1172 | URL | ||
| 54562 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3146 | URL | ||
| 54563 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3146 | URL | ||
| 54598 | SERVER-WEBAPP Cisco ASA directory traversal attempt (more info ...) | web-application-attack | 2020-3452 | URL | ||
| 54599 | SERVER-WEBAPP Cisco ASA directory traversal attempt (more info ...) | web-application-attack | 2020-3452 | URL | ||
| 54600 | SERVER-WEBAPP Cisco ASA directory traversal attempt (more info ...) | web-application-attack | 2020-3452 | URL | ||
| 54601 | SERVER-WEBAPP Cisco ASA directory traversal attempt (more info ...) | web-application-attack | 2020-3452 | URL | ||
| 54655 | SERVER-WEBAPP Cisco Data Center Network Manager command injection attempt (more info ...) | web-application-attack | 2020-3384 | URL | ||
| 54668 | SERVER-WEBAPP Cisco Data Center Network Manager directory traversal attempt (more info ...) | web-application-attack | 2020-3383 | URL | ||
| 54694 | FILE-OTHER Cisco AnyConnect Secure Mobility Client dll-load exploit attempt (more info ...) | attempted-user | 2020-3433 | URL | ||
| 54695 | FILE-OTHER Cisco AnyConnect Secure Mobility Client dll-load exploit attempt (more info ...) | attempted-user | 2020-3433 | URL | ||
| 54836 | MALWARE-OTHER Unix.Trojan.Gafgyt-9403217-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54837 | MALWARE-OTHER Unix.Trojan.Gafgyt-9403217-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54896 | SERVER-OTHER Cisco NX-OS malformed BGP UPDATE denial of service attempt (more info ...) | attempted-dos | 2020-3398 | URL | ||
| 54899 | PROTOCOL-OTHER Cisco NX-OS protocol independent multicast denial of service attempt (more info ...) | attempted-dos | 2020-3338 | URL | ||
| 55806 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2020-3488 | URL | ||
| 55807 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2020-3494 | URL | ||
| 55819 | SERVER-OTHER Cisco IOS Common Open Policy Service denial of service attempt (more info ...) | attempted-dos | 2020-3526 | URL | ||
| 55820 | PROTOCOL-OTHER Cisco IOS XE Flexible NetFlow denial of service attempt (more info ...) | attempted-dos | 2020-3492 | URL | ||
| 55830 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2020-3399 | URL | ||
| 55831 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2020-3487 | URL | ||
| 55924 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2020-3487 | URL | ||
| 55925 | SERVER-OTHER Cisco Wireless LAN Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2020-3487 | URL | ||
| 56084 | SERVER-WEBAPP Cisco FXOS Software Firepower Chassis Manager cross site request forgery attempt (more info ...) | attempted-user | 2020-3456 | URL | ||
| 56085 | SERVER-WEBAPP Cisco FXOS Software Firepower Chassis Manager cross site request forgery attempt (more info ...) | attempted-user | 2020-3456 | URL | ||
| 56089 | SERVER-WEBAPP Cisco ASA and FTD denial of service attempt (more info ...) | attempted-dos | 2020-3572 | URL | ||
| 56090 | SERVER-OTHER Cisco ASA/FTD OSPF LLS denial of service attempt (more info ...) | denial-of-service | 2020-3528 | URL | ||
| 56091 | SERVER-OTHER Cisco ASA/FTD OSPF LLS denial of service attempt (more info ...) | denial-of-service | 2020-3528 | URL | ||
| 56216 | FILE-OTHER Cisco Webex Network Recording Player out of bounds write attempt (more info ...) | attempted-user | 2020-3603 | URL | ||
| 56217 | FILE-OTHER Cisco Webex Network Recording Player out of bounds write attempt (more info ...) | attempted-user | 2020-3603 | URL | ||
| 56218 | FILE-OTHER Cisco Webex Network Recording Player buffer overflow attempt (more info ...) | attempted-user | 2020-3604 | URL | ||
| 56219 | FILE-OTHER Cisco Webex Network Recording Player buffer overflow attempt (more info ...) | attempted-user | 2020-3604 | URL | ||
| 56220 | SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (more info ...) | web-application-attack | 2020-26073 | URL | ||
| 56221 | FILE-OTHER Cisco AnyConnect Secure Mobility Client arbitrary code execution attempt (more info ...) | attempted-user | 2020-3556 | URL | ||
| 56222 | FILE-OTHER Cisco AnyConnect Secure Mobility Client arbitrary code execution attempt (more info ...) | attempted-user | 2020-3556 | URL | ||
| 56225 | SERVER-OTHER Cisco Webex Meetings virtual channel remote code execution attempt (more info ...) | attempted-admin | 2020-3588 | URL | ||
| 56256 | MALWARE-OTHER Unix.Worm.Gitpaste12 variant download attempt (more info ...) | trojan-activity | URL | |||
| 56257 | MALWARE-OTHER Unix.Worm.Gitpaste12 variant download attempt (more info ...) | trojan-activity | URL | |||
| 56258 | MALWARE-OTHER Unix.Worm.Gitpaste12 variant outbound infection attempt (more info ...) | trojan-activity | URL | |||
| 56306 | SERVER-WEBAPP Cisco Data Center Network Manager arbitrary file download attempt (more info ...) | attempted-recon | 2019-1621 | URL | ||
| 56404 | SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2020-27130 | URL | ||
| 56405 | SERVER-WEBAPP Cisco Security Manager XmpFileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56414 | SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56415 | SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56416 | SERVER-WEBAPP Cisco Security Manager XmpFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56417 | SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56418 | SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56419 | SERVER-WEBAPP Cisco Security Manager SampleFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56420 | SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56421 | SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56422 | SERVER-WEBAPP Cisco Security Manager resultsFrame directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56423 | SERVER-WEBAPP Cisco Security Manager xdmProxy directory traversal attempt (more info ...) | web-application-attack | 2020-27130 | URL | ||
| 56424 | SERVER-WEBAPP Cisco DNA Spaces Connector command injection attempt (more info ...) | web-application-attack | 2020-3586 | URL | ||
| 56440 | SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3470 | URL | ||
| 56441 | SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3470 | URL | ||
| 56442 | SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3470 | URL | ||
| 56443 | SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3470 | URL | ||
| 56444 | SERVER-WEBAPP Cisco Integrated Management Controller stack buffer overflow attempt (more info ...) | web-application-attack | 2020-3470 | URL | ||
| 56543 | SERVER-OTHER AnyDesk Discovery Feature crafted hostname remote code execution attempt (more info ...) | attempted-user | 2020-13160 | URL | ||
| 56544 | SERVER-OTHER AnyDesk Discovery Feature crafted username remote code execution attempt (more info ...) | attempted-user | 2020-13160 | URL | ||
| 56838 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1150 | URL | ||
| 56839 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1215 | URL | ||
| 56840 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1217 | URL | ||
| 56841 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1211 | URL | ||
| 56842 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1203 | URL | ||
| 56843 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1195 | URL | ||
| 56844 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1204 | URL | ||
| 56861 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1213 | URL | ||
| 56866 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1183 | URL | ||
| 56867 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1189 | URL | ||
| 56868 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1205 | URL | ||
| 56869 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1186 | URL | ||
| 56870 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1201 | URL | ||
| 56871 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1193 | URL | ||
| 56872 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1193 | URL | ||
| 56873 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1193 | URL | ||
| 56874 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1193 | URL | ||
| 56875 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1193 | URL | ||
| 56876 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1210 | URL | ||
| 56881 | FILE-OTHER Cisco AnyConnect information disclosure attempt (more info ...) | attempted-recon | 2021-1258 | URL | ||
| 56882 | FILE-OTHER Cisco AnyConnect information disclosure attempt (more info ...) | attempted-recon | 2021-1258 | URL | ||
| 56883 | FILE-OTHER Cisco AnyConnect information disclosure attempt (more info ...) | attempted-recon | 2021-1258 | URL | ||
| 56884 | FILE-OTHER Cisco AnyConnect information disclosure attempt (more info ...) | attempted-recon | 2021-1258 | URL | ||
| 56885 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1159 | URL | ||
| 56910 | MALWARE-OTHER Unix.Keylogger.Asacub-9821542-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56911 | MALWARE-OTHER Unix.Keylogger.Asacub-9821542-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56938 | SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (more info ...) | web-application-attack | 2021-1140 | URL | ||
| 56939 | SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (more info ...) | web-application-attack | 2021-1140 | URL | ||
| 56940 | SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (more info ...) | web-application-attack | 2021-1140 | URL | ||
| 56941 | SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (more info ...) | web-application-attack | 2021-1140 | URL | ||
| 56942 | SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (more info ...) | web-application-attack | 2021-1299 | URL | ||
| 56943 | SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (more info ...) | web-application-attack | 2021-1299 | URL | ||
| 56944 | SERVER-WEBAPP Cisco SD-WAN vManage directory traversal attempt (more info ...) | web-application-attack | 2021-1299 | URL | ||
| 56945 | SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (more info ...) | web-application-attack | 2021-1141 | URL | ||
| 56946 | SERVER-WEBAPP Cisco SD-WAN WebUI command injection attempt (more info ...) | web-application-attack | 2021-1298 | URL | ||
| 56950 | SERVER-WEBAPP Cisco DNA Center command injection attempt (more info ...) | web-application-attack | 2021-1264 | URL | ||
| 56953 | SERVER-WEBAPP Cisco Smart Software Manager Satellite Web UI command injection attempt (more info ...) | web-application-attack | 2021-1139 | URL | ||
| 57068 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1324 | URL | ||
| 57069 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1321 | URL | ||
| 57072 | SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt (more info ...) | web-application-attack | 2021-1297 | URL | ||
| 57073 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1334 | URL | ||
| 57074 | SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt (more info ...) | web-application-attack | 2021-1296 | URL | ||
| 57075 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1338 | URL | ||
| 57076 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1294 | URL | ||
| 57077 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1342 | URL | ||
| 57078 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1343 | URL | ||
| 57079 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1343 | URL | ||
| 57080 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1343 | URL | ||
| 57081 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1343 | URL | ||
| 57082 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1327 | URL | ||
| 57083 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1346 | URL | ||
| 57084 | SERVER-WEBAPP Cisco RV series routers command injection attempt (more info ...) | web-application-attack | 2021-1318 | URL | ||
| 57085 | SERVER-WEBAPP Cisco RV series routers command injection attempt (more info ...) | web-application-attack | 2021-1318 | URL | ||
| 57086 | SERVER-WEBAPP Cisco RV Series routers command injection attempt (more info ...) | web-application-attack | 2021-1316 | URL | ||
| 57088 | SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt (more info ...) | web-application-attack | 2021-1292 | URL | ||
| 57089 | SERVER-WEBAPP Cisco Small Business RV Series routers command injection attempt (more info ...) | web-application-attack | 2021-1292 | URL | ||
| 57095 | SERVER-WEBAPP Cisco RV Series routers command injection attempt (more info ...) | web-application-attack | 2021-1317 | URL | ||
| 57096 | SERVER-WEBAPP Cisco RV Series routers command injection attempt (more info ...) | web-application-attack | 2021-1317 | URL | ||
| 57098 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-user | 2021-1332 | URL | ||
| 57099 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-user | 2021-1331 | URL | ||
| 57100 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1347 | URL | ||
| 57101 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1322 | URL | ||
| 57102 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1340 | URL | ||
| 57105 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1341 | URL | ||
| 57109 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1337 | URL | ||
| 57110 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | attempted-user | 2021-1336 | URL | ||
| 57113 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1348 | URL | ||
| 57114 | SERVER-WEBAPP Cisco RV Series routers stack overflow attempt (more info ...) | web-application-attack | 2021-1345 | URL | ||
| 57222 | SERVER-OTHER Cisco NX-OS arbitrary file write attempt (more info ...) | attempted-admin | 2021-1361 | URL | ||
| 57343 | SERVER-WEBAPP Cisco IOS and IOS-XE Application Environment directory traversal attempt (more info ...) | web-application-attack | 2021-1385 | URL | ||
| 57344 | SERVER-WEBAPP Cisco IOS-XE Software Plug-and-Play command execution attempt (more info ...) | attempted-admin | 2021-1442 | URL | ||
| 57345 | SERVER-WEBAPP Cisco IOS XE Software cross site request forgery attempt (more info ...) | attempted-user | 2021-1403 | URL | ||
| 57346 | SERVER-WEBAPP Cisco IOS XE Software cross site request forgery attempt (more info ...) | attempted-user | 2021-1403 | URL | ||
| 57349 | SERVER-OTHER Cisco Virtual Switching System stack buffer overflow attempt (more info ...) | attempted-admin | 2021-1451 | URL | ||
| 57355 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2021-1356 | URL | ||
| 57356 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2021-1356 | URL | ||
| 57357 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2021-1356 | URL | ||
| 57358 | SERVER-WEBAPP Cisco IOS XE Web UI command injection attempt (more info ...) | web-application-attack | 2021-1356 | URL | ||
| 57360 | SERVER-OTHER Cisco IOS XE Wireless Controller Software CAPWAP denial of service attempt (more info ...) | attempted-dos | 2021-1373 | URL | ||
| 57392 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1610 | URL | ||
| 57393 | FILE-OTHER Cisco AMP for Endpoints dll-load exploit attempt (more info ...) | attempted-user | 2021-1386 | URL | ||
| 57394 | FILE-OTHER Cisco AMP for Endpoints dll-load exploit attempt (more info ...) | attempted-user | 2021-1386 | URL | ||
| 57396 | SERVER-WEBAPP Cisco Unified Communications Products command injection attempt (more info ...) | attempted-admin | 2021-1362 | URL | ||
| 57398 | SERVER-WEBAPP Cisco Unified Communications Products command injection attempt (more info ...) | attempted-admin | 2021-1362 | URL | ||
| 57399 | SERVER-WEBAPP Cisco Unified Communications Products cross site scripting attempt (more info ...) | attempted-admin | 2021-1362 | URL | ||
| 57400 | SERVER-WEBAPP Cisco Unified Communications Products cross site scripting attempt (more info ...) | attempted-admin | 2021-1362 | URL | ||
| 57402 | SERVER-WEBAPP Cisco RV Series Routers authentication bypass attempt (more info ...) | attempted-admin | 2021-1472 | URL | ||
| 57410 | SERVER-OTHER Cisco IOS XE Wireless Controller Software CAPWAP denial of service attempt (more info ...) | attempted-dos | 2021-1373 | URL | ||
| 57486 | SERVER-WEBAPP Cisco ASA and FTD Web Service buffer overflow attempt (more info ...) | attempted-user | 2021-1493 | URL | ||
| 57488 | SERVER-WEBAPP Cisco ASA and FTD WebVPN denial of service attempt (more info ...) | attempted-dos | 2021-1445 | URL | ||
| 57489 | SERVER-WEBAPP Cisco ASA and FTD WebVPN denial of service attempt (more info ...) | attempted-dos | 2021-1504 | URL | ||
| 57520 | SERVER-WEBAPP Cisco Small Business WAP command injection attempt (more info ...) | web-application-attack | 2021-1401 | URL | ||
| 57521 | SERVER-WEBAPP Cisco Small Business WAP command injection attempt (more info ...) | web-application-attack | 2021-1401 | URL | ||
| 57522 | SERVER-WEBAPP Cisco Small Business WAP command injection attempt (more info ...) | web-application-attack | 2021-1401 | URL | ||
| 57526 | SERVER-WEBAPP Cisco HyperFlex HX Data Platform command injection attempt (more info ...) | web-application-attack | 2021-1498 | URL | ||
| 57527 | SERVER-WEBAPP Cisco HyperFlex HX Data Platform command injection attempt (more info ...) | web-application-attack | 2021-1498 | URL | ||
| 57528 | SERVER-WEBAPP Cisco HyperFlex HX Data Platform command injection attempt (more info ...) | web-application-attack | 2021-1498 | URL | ||
| 57576 | SERVER-WEBAPP Cisco Elastic Services Controller authentication bypass attempt (more info ...) | attempted-user | 2019-1867 | URL | ||
| 57581 | SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (more info ...) | web-application-attack | 2021-1487 | URL | ||
| 57582 | SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (more info ...) | web-application-attack | 2021-1487 | URL | ||
| 57583 | SERVER-WEBAPP Cisco Prime Infrastructure EPNM command injection attempt (more info ...) | web-application-attack | 2021-1487 | URL | ||
| 57584 | SERVER-WEBAPP Cisco Modeling Labs command injection attempt (more info ...) | web-application-attack | 2021-1531 | URL | ||
| 57706 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57707 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57708 | MALWARE-TOOLS Unix.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57809 | SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt (more info ...) | web-application-attack | 2020-28648 | URL | ||
| 57810 | SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt (more info ...) | web-application-attack | 2020-28648 | URL | ||
| 57811 | SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt (more info ...) | web-application-attack | 2020-28648 | URL | ||
| 57812 | SERVER-WEBAPP Nagios XI autodiscovery_component_update_cron command injection attempt (more info ...) | web-application-attack | 2020-28648 | URL | ||
| 57856 | SERVER-WEBAPP Cisco ASA cross site scripting attempt (more info ...) | attempted-user | 2020-3580 | URL | ||
| 57857 | SERVER-WEBAPP Cisco ASA cross site scripting attempt (more info ...) | attempted-user | 2020-3580 | URL | ||
| 57882 | SERVER-WEBAPP Cisco Business Process Automation privilege escalation attempt (more info ...) | attempted-admin | 2021-1574 | URL | ||
| 57883 | SERVER-WEBAPP Cisco Business Process Automation privilege escalation attempt (more info ...) | attempted-admin | 2021-1574 | URL | ||
| 57884 | SERVER-WEBAPP Cisco Business Process Automation privilege escalation attempt (more info ...) | attempted-admin | 2021-1574 | URL | ||
| 57885 | SERVER-WEBAPP Cisco Business Process Automation privilege escalation attempt (more info ...) | attempted-admin | 2021-1574 | URL | ||
| 57887 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | attempted-admin | 2021-1359 | URL | ||
| 57980 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1602 | URL | ||
| 57981 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1602 | URL | ||
| 57982 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2021-1609 | URL | ||
| 58006 | SERVER-WEBAPP Cisco Firepower Device Manager command injection attempt (more info ...) | web-application-attack | 2021-1518 | URL | ||
| 58097 | SERVER-WEBAPP Cisco Enterprise NFVIS authentication bypass attempt (more info ...) | attempted-user | 2021-34746 | URL | ||
| 58098 | SERVER-WEBAPP Cisco Enterprise NFVIS authentication bypass attempt (more info ...) | attempted-user | 2021-34746 | URL | ||
| 58099 | SERVER-WEBAPP Cisco Enterprise NFVIS authentication bypass attempt (more info ...) | attempted-user | 2021-34746 | URL | ||
| 58170 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | URL | |||
| 58171 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | URL | |||
| 58172 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | URL | |||
| 58173 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector command injection attempt (more info ...) | web-application-attack | URL | |||
| 58187 | SERVER-OTHER Cisco IOS XE Wireless Controller Software CAPWAP denial of service attempt (more info ...) | attempted-dos | 2021-34770 | URL | ||
| 58188 | SERVER-OTHER Cisco IOS XE Wireless Controller Software CAPWAP denial of service attempt (more info ...) | attempted-dos | 2021-34770 | URL | ||
| 58191 | SERVER-OTHER Cisco IOS XE Wireless Controller Software CAPWAP denial of service attempt (more info ...) | attempted-dos | 2021-1565 | URL | ||
| 58254 | SERVER-WEBAPP Cisco Identity Services Engine command execution attempt (more info ...) | attempted-admin | 2021-1594 | URL | ||
| 58255 | SERVER-WEBAPP Cisco Analog Telephone Adapter command injection attempt (more info ...) | web-application-attack | 2021-34710 | URL | ||
| 58256 | SERVER-WEBAPP Cisco Analog Telephone Adapter command injection attempt (more info ...) | web-application-attack | 2021-34710 | URL | ||
| 58257 | SERVER-WEBAPP Cisco Analog Telephone Adapter command injection attempt (more info ...) | web-application-attack | 2021-34710 | URL | ||
| 58258 | SERVER-WEBAPP Cisco Analog Telephone Adapter command injection attempt (more info ...) | web-application-attack | 2021-34710 | URL | ||
| 58259 | SERVER-WEBAPP Cisco Intersight Virtual Appliance command injection attempt (more info ...) | web-application-attack | 2021-34748 | URL | ||
| 58440 | SERVER-WEBAPP Cisco ASA and FTD web services stack buffer overflow attempt (more info ...) | attempted-admin | 2021-34704 | URL | ||
| 58441 | SERVER-WEBAPP Cisco ASA and FTD web services denial of service attempt (more info ...) | attempted-dos | 2021-40118 | URL | ||
| 58443 | SERVER-WEBAPP Cisco ASA and FTD web services denial of service attempt (more info ...) | attempted-dos | 2021-1573 | URL | ||
| 58444 | SERVER-WEBAPP Cisco ASA and FTD web services denial of service attempt (more info ...) | attempted-dos | 2021-1573 | URL | ||
| 58445 | SERVER-WEBAPP Cisco ASA and FTD web services denial of service attempt (more info ...) | attempted-dos | 2021-1573 | URL | ||
| 58446 | SERVER-WEBAPP Cisco Firepower Management Center directory traversal attempt (more info ...) | web-application-attack | 2021-34762 | URL | ||
| 58478 | SERVER-WEBAPP Cisco Catalyst PON Series ONT command injection attempt (more info ...) | web-application-attack | 2021-40113 | URL | ||
| 58479 | SERVER-WEBAPP Cisco Catalyst PON Series ONT command injection attempt (more info ...) | web-application-attack | 2021-40113 | URL | ||
| 58480 | SERVER-WEBAPP Cisco Catalyst PON Series ONT command injection attempt (more info ...) | web-application-attack | 2021-40113 | URL | ||
| 58481 | SERVER-WEBAPP Cisco Catalyst PON Series ONT command injection attempt (more info ...) | web-application-attack | 2021-40113 | URL | ||
| 58482 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-40120 | URL | ||
| 58483 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-40120 | URL | ||
| 58484 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-40120 | URL | ||
| 58485 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-40120 | URL | ||
| 58514 | SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt (more info ...) | web-application-attack | 2020-8655 | |||
| 58515 | SERVER-WEBAPP EyesOfNetwork autodiscovery command injection attempt (more info ...) | web-application-attack | 2020-8655 | |||
| 58878 | SERVER-WEBAPP Cisco Unified CCMP and CCDM privilege escalation attempt (more info ...) | attempted-admin | 2022-20658 | URL | ||
| 58879 | SERVER-WEBAPP Cisco Unified CCMP and CCDM privilege escalation attempt (more info ...) | attempted-admin | 2022-20658 | URL | ||
| 58967 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2022-20712 | URL | ||
| 58968 | SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt (more info ...) | web-application-attack | 2022-20707 | URL | ||
| 58969 | SERVER-WEBAPP Cisco RV Series Routers directory traversal attempt (more info ...) | web-application-attack | 2022-20707 | URL | ||
| 58970 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2022-20749 | URL | ||
| 58972 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | attempted-admin | 2022-20841 | URL | ||
| 58984 | SERVER-WEBAPP Cisco RV Series Routers authentication bypass attempt (more info ...) | attempted-admin | 2022-20709 | URL | ||
| 58987 | SERVER-WEBAPP Cisco RV Series Routers arbitrary file overwrite attempt (more info ...) | web-application-attack | 2022-20711 | URL | ||
| 58988 | SERVER-WEBAPP Cisco RV Series Routers arbitrary file overwrite attempt (more info ...) | web-application-attack | 2022-20711 | URL | ||
| 59086 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol heap buffer overflow attempt (more info ...) | attempted-admin | 2022-20624 | URL | ||
| 59087 | SERVER-OTHER Cisco NX-OS Fabric Services Protocol heap buffer overflow attempt (more info ...) | attempted-admin | 2022-20624 | URL | ||
| 59095 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | attempted-user | URL | |||
| 59096 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | attempted-user | URL | |||
| 59097 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | attempted-user | URL | |||
| 59098 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | attempted-user | URL | |||
| 59118 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server directory traversal attempt (more info ...) | web-application-attack | 2022-20754 | URL | ||
| 59119 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server directory traversal attempt (more info ...) | web-application-attack | 2022-20754 | URL | ||
| 59120 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server directory traversal attempt (more info ...) | web-application-attack | 2022-20754 | URL | ||
| 59121 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server command injection attempt (more info ...) | web-application-attack | 2022-20755 | URL | ||
| 59122 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server command injection attempt (more info ...) | web-application-attack | 2022-20755 | URL | ||
| 59123 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server command injection attempt (more info ...) | web-application-attack | 2022-20755 | URL | ||
| 59124 | SERVER-WEBAPP Cisco Expressway and TelePresence Video Communication Server command injection attempt (more info ...) | web-application-attack | 2022-20755 | URL | ||
| 59134 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | trojan-activity | URL | |||
| 59135 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | trojan-activity | URL | |||
| 59136 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | trojan-activity | URL | |||
| 59137 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | trojan-activity | URL | |||
| 59138 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | trojan-activity | URL | |||
| 59139 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | trojan-activity | URL | |||
| 59140 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | trojan-activity | URL | |||
| 59141 | MALWARE-OTHER Unix.Trojan.CyclopsBlink upload attempt (more info ...) | trojan-activity | URL | |||
| 59142 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | trojan-activity | URL | |||
| 59143 | MALWARE-OTHER Unix.Trojan.CyclopsBlink download attempt (more info ...) | trojan-activity | URL | |||
| 59430 | MALWARE-OTHER Unix.Malware.B1txor20 download attempt (more info ...) | trojan-activity | URL | |||
| 59431 | MALWARE-OTHER Unix.Malware.B1txor20 download attempt (more info ...) | trojan-activity | URL | |||
| 59566 | SERVER-WEBAPP Cisco IOx application environment command injection attempt (more info ...) | web-application-attack | 2022-20718 | URL | ||
| 59567 | SERVER-WEBAPP Cisco IOx application environment command injection attempt (more info ...) | web-application-attack | 2022-20719 | URL | ||
| 59568 | PROTOCOL-OTHER Cisco IOS XE RPKI-RTR denial of service attempt (more info ...) | attempted-dos | 2022-20694 | URL | ||
| 59569 | PROTOCOL-OTHER Cisco IOS XE RPKI-RTR denial of service attempt (more info ...) | attempted-dos | 2022-20694 | URL | ||
| 59618 | PROTOCOL-VOIP Cisco TelePresence and RoomOS H.323 denial of service attempt (more info ...) | attempted-dos | 2022-20783 | URL | ||
| 59722 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance firewall_setting command injection attempt (more info ...) | web-application-attack | URL | |||
| 59723 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance firewall_setting command injection attempt (more info ...) | web-application-attack | URL | |||
| 59724 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance firewall_setting command injection attempt (more info ...) | web-application-attack | URL | |||
| 59750 | SERVER-WEBAPP Cisco Enterprise NFV Infrastructure command injection attempt (more info ...) | attempted-admin | 2022-20779 | URL | ||
| 59751 | SERVER-WEBAPP Cisco Enterprise NFV Infrastructure command injection attempt (more info ...) | attempted-admin | 2022-20779 | URL | ||
| 59957 | MALWARE-OTHER Unix.Trojan.Symbiote variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59958 | MALWARE-OTHER Unix.Trojan.Symbiote variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59979 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2022-20825 | URL | ||
| 59986 | SERVER-WEBAPP Cisco Email Security Appliance authentication bypass attempt (more info ...) | attempted-admin | 2022-20798 | URL | ||
| 59987 | SERVER-WEBAPP Cisco Email Security Appliance information disclosure attempt (more info ...) | attempted-recon | 2022-20664 | URL | ||
| 60174 | SERVER-WEBAPP Cisco TelePresence VCS arbitrary file write attempt (more info ...) | attempted-admin | 2022-20812 | URL | ||
| 60175 | SERVER-WEBAPP Cisco TelePresence VCS arbitrary file write attempt (more info ...) | attempted-admin | 2022-20812 | URL | ||
| 60356 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | attempted-admin | 2022-20827 | URL | ||
| 60357 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | web-application-attack | 2022-20842 | URL | ||
| 60424 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2022-20871 | URL | ||
| 60425 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2022-20871 | URL | ||
| 60426 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2022-20871 | URL | ||
| 60427 | SERVER-WEBAPP Cisco Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2022-20871 | URL | ||
| 60472 | SERVER-OTHER Cisco NX-OS OSPFv3 link-state advertisement denial of service attempt (more info ...) | attempted-dos | 2022-20823 | URL | ||
| 60629 | SERVER-OTHER Cisco IOS XE Wireless Controller CAPWAP denial of service attempt (more info ...) | attempted-dos | 2022-20856 | URL | ||
| 60688 | SERVER-WEBAPP Cisco Expressway and TelePresence cross site request forgery attempt (more info ...) | attempted-dos | 2022-20853 | URL | ||
| 60689 | SERVER-WEBAPP Cisco Expressway and TelePresence cross site request forgery attempt (more info ...) | attempted-dos | 2022-20853 | URL | ||
| 60751 | SERVER-WEBAPP Cisco Identity Services Engine directory traversal attempt (more info ...) | web-application-attack | 2022-20822 | URL | ||
| 60752 | SERVER-WEBAPP Cisco Identity Services Engine directory traversal attempt (more info ...) | web-application-attack | 2022-20822 | URL | ||
| 60801 | SERVER-WEBAPP Cisco BroadWorks CommPilot arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2022-20958 | URL | ||
| 60802 | SERVER-WEBAPP Cisco BroadWorks CommPilot server side request forgery attempt (more info ...) | web-application-attack | 2022-20951 | URL | ||
| 60839 | PROTOCOL-SNMP Cisco ASA SNMP OID parsing denial of service attempt (more info ...) | attempted-dos | 2022-20924 | URL | ||
| 60856 | SERVER-WEBAPP Cisco Identity Services Engine command injection attempt (more info ...) | web-application-attack | 2022-20965 | URL | ||
| 60857 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | web-application-attack | 2022-20966 | URL | ||
| 60886 | SERVER-WEBAPP Cisco Identity Services Engine cross site scripting attempt (more info ...) | web-application-attack | 2022-20967 | URL | ||
| 60887 | SERVER-WEBAPP Cisco ASA DAP HostScan denial of service attempt (more info ...) | attempted-dos | 2022-20947 | URL | ||
| 61077 | SERVER-WEBAPP Cisco IP Phone web interface authentication bypass attempt (more info ...) | web-application-attack | 2023-20018 | URL | ||
| 61078 | SERVER-WEBAPP Cisco Industrial Network Director cross site scripting attempt (more info ...) | attempted-user | 2023-20037 | URL | ||
| 61079 | SERVER-WEBAPP Cisco BroadWorks Application Delivery Platform denial of service attempt (more info ...) | attempted-dos | 2023-20020 | URL | ||
| 61080 | SERVER-WEBAPP Cisco BroadWorks Application Delivery Platform denial of service attempt (more info ...) | attempted-dos | 2023-20020 | URL | ||
| 61086 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20026 | URL | ||
| 61087 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20026 | URL | ||
| 61088 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20026 | URL | ||
| 61089 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20026 | URL | ||
| 61090 | SERVER-WEBAPP Cisco RV Series Routers authentication bypass attempt (more info ...) | web-application-attack | 2023-20025 | URL | ||
| 61187 | MALWARE-OTHER Unix.Malware.Dacls logcollector file download attempt (more info ...) | trojan-activity | URL | |||
| 61188 | MALWARE-OTHER Unix.Malware.Dacls logcollector file download attempt (more info ...) | trojan-activity | URL | |||
| 61189 | MALWARE-OTHER Unix.Malware.Dacls malware file download attempt (more info ...) | trojan-activity | URL | |||
| 61190 | MALWARE-OTHER Unix.Malware.Dacls malware file download attempt (more info ...) | trojan-activity | URL | |||
| 61252 | SERVER-WEBAPP Cisco IOx application environment command injection attempt (more info ...) | web-application-attack | 2023-20076 | URL | ||
| 61449 | SERVER-WEBAPP Cisco IP Phone web interface command injection attempt (more info ...) | attempted-admin | 2023-20078 | URL | ||
| 61457 | SERVER-WEBAPP Cisco RV series routers command injection attempt (more info ...) | web-application-attack | 2021-1318 | URL | ||
| 61458 | SERVER-WEBAPP Cisco RV series routers command injection attempt (more info ...) | web-application-attack | 2021-1318 | URL | ||
| 61591 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20117 | URL | ||
| 61592 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20117 | URL | ||
| 61593 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20117 | URL | ||
| 61594 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20117 | URL | ||
| 61595 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20128 | URL | ||
| 61596 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20128 | URL | ||
| 61597 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20128 | URL | ||
| 61598 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2023-20128 | URL | ||
| 61704 | POLICY-OTHER Cisco SPA112 firmware upgrade detected (more info ...) | policy-violation | 2023-20126 | URL | ||
| 61785 | SERVER-WEBAPP Cisco Small Business Series Switches stack buffer overflow attempt (more info ...) | web-application-attack | 2023-20189 | URL | ||
| 61786 | SERVER-WEBAPP Cisco Small Business Series Switches heap buffer overflow attempt (more info ...) | web-application-attack | 2023-20156 | URL | ||
| 61787 | SERVER-WEBAPP Cisco Small Business Series Switches configuration disclosure attempt (more info ...) | attempted-recon | 2023-20162 | URL | ||
| 61788 | SERVER-WEBAPP Cisco Small Business Series Switches heap buffer overflow attempt (more info ...) | web-application-attack | 2023-20024 | URL | ||
| 61789 | SERVER-WEBAPP Cisco Small Business Series Switches heap buffer overflow attempt (more info ...) | web-application-attack | 2023-20157 | URL | ||
| 61790 | SERVER-WEBAPP Cisco Small Business Series Switches buffer overflow attempt (more info ...) | web-application-attack | 2023-20160 | URL | ||
| 61791 | SERVER-WEBAPP Cisco Small Business Series Switches buffer overflow attempt (more info ...) | web-application-attack | 2023-20160 | URL | ||
| 61895 | SERVER-OTHER Cisco Unified Communications Manager denial of service attempt (more info ...) | attempted-dos | 2023-20108 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 218 | MALWARE-BACKDOOR MISC Solaris 2.5 attempt (more info ...) | attempted-user | ||||
| 267 | OS-SOLARIS EXPLOIT sparc overflow attempt (more info ...) | attempted-admin | ||||
| 289 | PROTOCOL-POP EXPLOIT x86 SCO overflow (more info ...) | attempted-admin | 1999-0006 | 156 | ||
| 300 | OS-SOLARIS Oracle Solaris npls x86 overflow (more info ...) | attempted-admin | 1999-1588 | 2319 | ||
| 304 | SERVER-OTHER SCO calserver overflow (more info ...) | attempted-admin | 2000-0306 | 2353 | ||
| 640 | INDICATOR-SHELLCODE AIX NOOP (more info ...) | shellcode-detect | ||||
| 641 | INDICATOR-SHELLCODE Digital UNIX NOOP (more info ...) | shellcode-detect | ||||
| 1132 | SERVER-WEBAPP Netscape Unixware overflow (more info ...) | attempted-recon | 1999-0744 | 908 | ||
| 1165 | SERVER-WEBAPP Novell Groupwise gwweb.exe access (more info ...) | attempted-recon | 1999-1006 | 879 | 10877 | |
| 1209 | SERVER-WEBAPP .nsconfig access (more info ...) | attempted-recon | ||||
| 1544 | SERVER-WEBAPP Cisco Catalyst command execution attempt (more info ...) | web-application-activity | 2000-0945 | 1846 | 10545 | |
| 1545 | SERVER-OTHER Cisco denial of service attempt (more info ...) | web-application-attack | ||||
| 1614 | SERVER-WEBAPP Novell Groupwise gwweb.exe attempt (more info ...) | attempted-recon | 1999-1006 | 879 | 10877 | |
| 1718 | SERVER-WEBAPP statsconfig.pl access (more info ...) | web-application-activity | 2001-0113 | 2211 | ||
| 1814 | SERVER-WEBAPP CISCO VoIP DOS ATTEMPT (more info ...) | misc-attack | 2002-0882 | 4794 | 11013 | |
| 1858 | SERVER-WEBAPP CISCO PIX Firewall Manager directory traversal attempt (more info ...) | misc-attack | 1999-0158 | 691 | 10819 | |
| 3467 | SERVER-WEBAPP CISCO VoIP Portinformation access (more info ...) | web-application-activity | 2002-0882 | 4798 | ||
| 4127 | SERVER-OTHER Novell eDirectory Server iMonitor overflow attempt (more info ...) | attempted-admin | 2005-2551 | 14548 | ||
| 4129 | SERVER-OTHER Novell ZenWorks Remote Management Agent large login packet DoS attempt (more info ...) | attempted-dos | 2005-1543 | 13678 | ||
| 4130 | SERVER-OTHER Novell ZenWorks Remote Management Agent buffer overflow Attempt (more info ...) | attempted-dos | 2005-1543 | 13678 | ||
| 4144 | OS-SOLARIS Oracle Solaris lpd control file upload attempt (more info ...) | misc-attack | ||||
| 5798 | PUA-ADWARE Adware mydailyhoroscope runtime detection (more info ...) | misc-activity | URL | |||
| 5799 | BROWSER-PLUGINS mydailyhoroscope update or installation in progress (more info ...) | misc-activity | URL | |||
| 6017 | MALWARE-BACKDOOR dsk lite 1.0 runtime detection - disconnect (more info ...) | trojan-activity | URL | |||
| 6384 | MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - agent discover broadcast (more info ...) | successful-recon-limited | URL | |||
| 6414 | SERVER-WEBAPP Novell GroupWise Messenger Accept-Language header buffer overflow attempt (more info ...) | attempted-admin | 2006-0992 | 17503 | ||
| 7720 | MALWARE-BACKDOOR desktop scout runtime detection (more info ...) | trojan-activity | URL | |||
| 8081 | INDICATOR-SCAN UPnP service discover attempt (more info ...) | network-scan | URL | |||
| 8711 | SERVER-WEBAPP Novell eDirectory HTTP redirection buffer overflow attempt (more info ...) | attempted-admin | 2006-5478 | 20655 | ||
| 9633 | SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt TCP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 9634 | SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt TCP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 9635 | SERVER-OTHER Computer Associates Product Discovery Service type 9B remote buffer overflow attempt UDP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 9636 | SERVER-OTHER Computer Associates Product Discovery Service type 9C remote buffer overflow attempt UDP (more info ...) | attempted-admin | 2006-6379 | 21502 | ||
| 10134 | SERVER-OTHER CA Brightstor discovery service buffer overflow attempt (more info ...) | attempted-admin | 2005-0260 | 12491 | ||
| 10418 | OS-SOLARIS Oracle Solaris lpd unlink file attempt (more info ...) | misc-attack | 2005-4797 | 14510 | ||
| 12080 | OS-SOLARIS Oracle Solaris printd arbitrary file deletion vulnerability (more info ...) | misc-attack | 2005-4797 | 14510 | URL | |
| 12223 | SERVER-OTHER Novell WebAdmin long user name (more info ...) | attempted-admin | 2007-1350 | 22857 | ||
| 12299 | OS-OTHER Cisco NHRP incorrect packet size (more info ...) | attempted-user | 2007-4286 | 25238 | ||
| 12300 | OS-OTHER Cisco NHRP incorrect packet size (more info ...) | attempted-user | 2007-4286 | 25238 | ||
| 13510 | SERVER-OTHER Novell eDirectory EventsRequest heap overflow attempt (more info ...) | attempted-admin | 2006-4509 | 20663 | URL | |
| 13511 | SERVER-OTHER Novell eDirectory EventsRequest invalid event count exploit attempt (more info ...) | attempted-admin | 2006-4510 | 20663 | URL | |
| 13620 | SERVER-OTHER CA Brightstor discovery service alternate buffer overflow attempt (more info ...) | attempted-admin | 2005-0260 | |||
| 14990 | SERVER-WEBAPP Novell eDirectory SOAP Accept Charset header overflow attempt (more info ...) | attempted-user | 2008-4479 | |||
| 15446 | SERVER-WEBAPP Novell eDirectory management console Accept-Language buffer overflow attempt (more info ...) | attempted-admin | 2008-5094 | 31553 | URL | |
| 15958 | SERVER-OTHER Novell ZENworks Remote Management overflow attempt (more info ...) | attempted-admin | 2005-1543 | 13678 | ||
| 15973 | SERVER-OTHER Novell eDirectory LDAP null search parameter buffer overflow attempt (more info ...) | attempted-admin | 2008-1809 | 30175 | URL | |
| 16019 | SERVER-OTHER Novell Distributed Print Services integer overflow attempt (more info ...) | attempted-user | 2006-2327 | |||
| 16028 | SERVER-WEBAPP Novell Groupwise Messenger parameters invalid memory access attempt (more info ...) | attempted-admin | 2006-4511 | 20316 | ||
| 16052 | SERVER-OTHER Novell iManager Tree parameter denial of service attempt (more info ...) | attempted-dos | 2010-1930 | 40485 | ||
| 16194 | SERVER-WEBAPP Novell eDirectory HTTP request content-length heap buffer overflow attempt (more info ...) | attempted-user | 2008-4478 | |||
| 16429 | SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - GET request (more info ...) | attempted-admin | 2009-4486 | 37672 | ||
| 16430 | SERVER-WEBAPP Novell iManager eDirectory plugin schema buffer overflow attempt - POST request (more info ...) | attempted-admin | 2009-4486 | 37672 | ||
| 16522 | SERVER-OTHER Novell QuickFinder server cross-site-scripting attempt (more info ...) | web-application-attack | 2009-0611 | |||
| 16597 | SERVER-MAIL Novell GroupWise Internet Agent Email address processing buffer overflow attempt (more info ...) | attempted-admin | 2009-1636 | 35064 | ||
| 16787 | FILE-OTHER Symantec multiple products AeXNSConsoleUtilities RunCMD buffer overflow attempt (more info ...) | attempted-user | 2009-3033 | 37092 | ||
| 16950 | POLICY-SPAM tabscotti71i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17027 | POLICY-SPAM scoreenjoy.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17287 | SERVER-WEBAPP Cisco IOS HTTP service HTML injection attempt (more info ...) | attempted-dos | 2005-3921 | 15602 | ||
| 17353 | OS-SOLARIS Oracle Solaris printd Daemon Arbitrary File Deletion attempt (more info ...) | misc-attack | 2005-4797 | 14510 | URL | |
| 17391 | SERVER-OTHER Multiple products UNIX platform backslash directory traversal attempt (more info ...) | web-application-attack | 2017-16744 | 99515 | URL | |
| 17433 | OS-SOLARIS Oracle Solaris DHCP Client Arbitrary Code Execution attempt (more info ...) | attempted-user | 2005-2870 | 14687 | ||
| 17504 | SERVER-OTHER Novell ZENworks Asset Management buffer overflow attempt (more info ...) | attempted-admin | 2006-6299 | 21395 | ||
| 17620 | SERVER-OTHER Products Discovery Service Buffer Overflow (more info ...) | attempted-user | 2006-5143 | 20364 | ||
| 17621 | SERVER-OTHER Products Discovery Service Buffer Overflow (more info ...) | attempted-user | 2006-5143 | 20364 | ||
| 17713 | SERVER-OTHER Novell NetMail NMAP STOR buffer overflow attempt (more info ...) | attempted-admin | 2006-6424 | 21725 | ||
| 18512 | SERVER-OTHER Novell ZENworks Remote Management overflow attempt (more info ...) | attempted-admin | 2005-1543 | 13678 | ||
| 18790 | SERVER-OTHER Novell ZENworks Handheld Management ZfHIPCND.exe overflow attempt (more info ...) | attempted-admin | 2010-4299 | 44700 | ||
| 18796 | SERVER-WEBAPP Novell iManager ClassName handling overflow attempt (more info ...) | attempted-admin | 2010-1929 | 40480 | ||
| 18960 | SERVER-WEBAPP Novell GroupWise agents HTTP request remote code execution attempt (more info ...) | attempted-admin | 2010-4714 | 44732 | ||
| 19087 | SERVER-OTHER CA Discovery Service Overflow Attempt (more info ...) | attempted-admin | 2006-6379 | |||
| 19088 | SERVER-OTHER CA Discovery Service Overflow Attempt (more info ...) | attempted-admin | 2006-6379 | |||
| 19089 | SERVER-OTHER CA Discovery Service Overflow Attempt (more info ...) | attempted-admin | 2006-6379 | |||
| 19090 | SERVER-OTHER CA Discovery Serice Overflow Attempt (more info ...) | attempted-admin | 2006-6379 | |||
| 19205 | SERVER-OTHER Novell iManager Tree parameter denial of service attempt (more info ...) | attempted-dos | 2010-1930 | 40485 | ||
| 19609 | SERVER-OTHER Novell ZENworks Handheld Management upload directory traversal attempt (more info ...) | attempted-admin | 48467 | |||
| 19741 | MALWARE-OTHER PWS.Win32.Scofted keylogger runtime detection (more info ...) | trojan-activity | URL | |||
| 19813 | SERVER-WEBAPP Novell File Reporter Agent stack buffer overflow attempt (more info ...) | attempted-admin | 2011-0994 | |||
| 20576 | SERVER-OTHER Novell ZENworks Remote Management overflow attempt (more info ...) | attempted-admin | 2005-1543 | 13678 | ||
| 20995 | POLICY-OTHER HP SiteScope integrationViewer default credentials policy-bypass attempt (more info ...) | policy-violation | URL | |||
| 21116 | FILE-OTHER Cisco Webex selector and size2 subrecords corruption attempt (more info ...) | attempted-user | 2011-3319 | URL | ||
| 21378 | SERVER-OTHER Novell iPrint attributes-natural-language buffer overflow attempt (more info ...) | attempted-user | 2011-4194 | 51791 | URL | |
| 21385 | SERVER-WEBAPP Cisco Common Services Help servlet XSS attempt (more info ...) | web-application-attack | 2011-0961 | |||
| 21389 | SERVER-WEBAPP Cisco Common Services Device Center XSS attempt (more info ...) | web-application-attack | 2011-0962 | |||
| 22947 | FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (more info ...) | attempted-user | 2012-0418 | 55729 | URL | |
| 23354 | SERVER-WEBAPP Novell iManager buffer overflow attempt (more info ...) | attempted-admin | 2011-4188 | URL | ||
| 23363 | SERVER-OTHER Novell Netware XNFS.NLM xdrdecodeString heap buffer overflow attempt (more info ...) | misc-attack | 2011-4191 | 50804 | ||
| 23364 | SERVER-OTHER Novell Netware XNFS.NLM v2 xdrdecodeString heap buffer overflow attempt (more info ...) | misc-attack | 2011-4191 | 50804 | ||
| 23365 | SERVER-OTHER Novell Netware XNFS.NLM NFS v3 xdrdecodeString heap buffer overflow attempt (more info ...) | misc-attack | 2011-4191 | 50804 | ||
| 23366 | SERVER-OTHER Novell Netware XNFS.NLM NFS v2 xdrdecodeString heap buffer overflow attempt (more info ...) | misc-attack | 2011-4191 | 50804 | ||
| 23384 | SERVER-WEBAPP Novell Groupwise Messenger parameter memory corruption attempt (more info ...) | attempted-admin | URL | |||
| 23580 | FILE-OTHER Novell Groupwise Addressbook buffer overflow attempt (more info ...) | attempted-user | 2012-0418 | 55729 | URL | |
| 23998 | SERVER-OTHER DHCP discover broadcast flood attempt (more info ...) | denial-of-service | 53649 | URL | ||
| 24114 | INDICATOR-SHELLCODE x86 OS agnostic avoid_underscore_tolower encoder (more info ...) | shellcode-detect | ||||
| 24337 | SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (more info ...) | denial-of-service | ||||
| 24435 | SERVER-WEBAPP Novell ZENworks Asset Management default admin credentials function call attempt (more info ...) | attempted-admin | 2012-4933 | URL | ||
| 24436 | SERVER-WEBAPP Novell ZENworks Asset Management default admin credentials function call attempt (more info ...) | attempted-admin | 2012-4933 | URL | ||
| 24447 | SERVER-WEBAPP HP SiteScope DownloadFilesHandler directory traversal attempt (more info ...) | web-application-activity | 2012-3264 | 55273 | ||
| 24448 | SERVER-WEBAPP HP SiteScope UploadFilesHandler directory traversal attempt (more info ...) | web-application-activity | 2012-3264 | 55273 | ||
| 24524 | SERVER-MAIL Novell GroupWise internet agent iCalendar parsing denial of service attempt (more info ...) | denial-of-service | 2011-3827 | 55574 | URL | |
| 24531 | MALWARE-CNC Win.Trojan.Scondatie.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24532 | MALWARE-CNC Win.Trojan.Scondatie.A inbound connection (more info ...) | trojan-activity | URL | |||
| 24766 | SERVER-WEBAPP Novell File Reporter SRS request arbitrary file download attempt (more info ...) | attempted-admin | 2012-4957 | 56579 | ||
| 24806 | SERVER-WEBAPP Novell GroupWise WebAccess directory traversal attempt - POST request (more info ...) | attempted-recon | 2012-0410 | 54253 | URL | |
| 24807 | SERVER-WEBAPP Novell GroupWise WebAccess directory traversal attempt - GET request (more info ...) | attempted-recon | 2012-0410 | 54253 | URL | |
| 25019 | OS-OTHER Cisco Nexus OS software command injection attempt (more info ...) | attempted-admin | 2011-2569 | URL | ||
| 25020 | OS-OTHER Cisco Nexus OS software command injection attempt (more info ...) | attempted-admin | 2011-2569 | URL | ||
| 25101 | SERVER-OTHER Cisco IOS syslog message flood denial of service attempt (more info ...) | attempted-dos | 2001-1097 | 3096 | ||
| 25341 | FILE-OTHER Cisco WebEx player remote code execution attempt (more info ...) | attempted-user | 2011-4004 | |||
| 26180 | SERVER-OTHER Novell ZENworks Configuration Management Preboot service code overflow attempt (more info ...) | attempted-admin | 40486 | |||
| 26432 | FILE-OTHER Cisco WebEx recording integer overflow attempt (more info ...) | attempted-user | URL | |||
| 26433 | FILE-OTHER Cisco WebEx recording integer overflow attempt (more info ...) | attempted-user | URL | |||
| 26527 | EXPLOIT-KIT Unix.Backdoor.Cdorked possible blackhole request attempt (more info ...) | trojan-activity | URL | |||
| 26528 | INDICATOR-COMPROMISE Unix.Backdoor.Cdorked redirect attempt (more info ...) | trojan-activity | URL | |||
| 26529 | MALWARE-BACKDOOR Unix.Backdoor.Cdorked backdoor command attempt (more info ...) | trojan-activity | URL | |||
| 26530 | INDICATOR-COMPROMISE Unix.Backdoor.Cdorked redirected URI attempt (more info ...) | trojan-activity | URL | |||
| 27001 | SERVER-OTHER Novell ZENWorks Remote Management overflow attempt (more info ...) | attempted-admin | 2005-1543 | 13678 | ||
| 27036 | SERVER-OTHER Novell NetIQ User Manager modifyAccounts policy bypass attempt (more info ...) | attempted-admin | 56535 | |||
| 27075 | SERVER-OTHER Novell NetIQ User Manager ldapagnt_eval remote code execution attempt (more info ...) | attempted-admin | 56539 | |||
| 27599 | MALWARE-CNC Fort Disco Registration variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27746 | MALWARE-CNC Unix.Trojan.Hanthie variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28563 | MALWARE-CNC Win.Trojan.Pkdesco variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28564 | MALWARE-CNC Win.Trojan.Pkdesco variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28937 | SERVER-WEBAPP HP SiteScope issuesiebelcmd soap request code execution attempt (more info ...) | attempted-user | 2013-4835 | |||
| 28956 | SERVER-WEBAPP Novell Zenworks configuration management umaninv information disclosure attempt (more info ...) | attempted-user | 2013-1084 | |||
| 29000 | SERVER-WEBAPP Cisco EPC3925 cross site request forgery attempt (more info ...) | attempted-user | URL | |||
| 29118 | SERVER-WEBAPP Novell Groupwise Messenger Server process memory information disclosure attempt (more info ...) | attempted-user | 2011-3179 | |||
| 29266 | SERVER-OTHER Cisco Prime Data Center Network Manager arbitrary file read attempt (more info ...) | web-application-attack | 2013-5487 | 62483 | ||
| 29362 | SERVER-OTHER Novell NetWare AFP denial of service attempt (more info ...) | attempted-dos | 2010-0317 | 37616 | ||
| 29792 | SERVER-OTHER Novell iPrint Server remote code execution attempt (more info ...) | attempted-user | 2010-4328 | 46309 | ||
| 30338 | SERVER-OTHER Cisco 677-678 telnet buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 30339 | SERVER-OTHER Cisco Catalyst telnet memory leak denial of service attempt (more info ...) | attempted-dos | 2072 | URL | ||
| 30340 | SERVER-WEBAPP Cisco 675 web administration denial of service attempt (more info ...) | attempted-dos | 2012 | URL | ||
| 30350 | INDICATOR-SHELLCODE Metasploit payload aix_ppc_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30351 | INDICATOR-SHELLCODE Metasploit payload aix_ppc_shell_find_port (more info ...) | shellcode-detect | ||||
| 30352 | INDICATOR-SHELLCODE Metasploit payload aix_ppc_shell_interact (more info ...) | shellcode-detect | ||||
| 30353 | INDICATOR-SHELLCODE Metasploit payload aix_ppc_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30364 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_awk (more info ...) | shellcode-detect | ||||
| 30365 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_inetd (more info ...) | shellcode-detect | ||||
| 30366 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_lua (more info ...) | shellcode-detect | ||||
| 30367 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_netcat (more info ...) | shellcode-detect | ||||
| 30368 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_netcat_gaping (more info ...) | shellcode-detect | ||||
| 30369 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_netcat_gaping_ipv6 (more info ...) | shellcode-detect | ||||
| 30370 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_nodejs (more info ...) | shellcode-detect | ||||
| 30371 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_perl (more info ...) | shellcode-detect | ||||
| 30372 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_perl_ipv6 (more info ...) | shellcode-detect | ||||
| 30373 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_ruby (more info ...) | shellcode-detect | ||||
| 30374 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_bind_zsh (more info ...) | shellcode-detect | ||||
| 30375 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse (more info ...) | shellcode-detect | ||||
| 30376 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_awk (more info ...) | shellcode-detect | ||||
| 30377 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_lua (more info ...) | shellcode-detect | ||||
| 30378 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_openssl (more info ...) | shellcode-detect | ||||
| 30379 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_perl (more info ...) | shellcode-detect | ||||
| 30380 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_perl_ssl (more info ...) | shellcode-detect | ||||
| 30382 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_python (more info ...) | shellcode-detect | ||||
| 30383 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_ruby (more info ...) | shellcode-detect | ||||
| 30384 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_ruby_ssl (more info ...) | shellcode-detect | ||||
| 30385 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_zsh (more info ...) | shellcode-detect | ||||
| 30465 | INDICATOR-SHELLCODE Metasploit payload solaris_sparc_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30466 | INDICATOR-SHELLCODE Metasploit payload solaris_sparc_shell_find_port (more info ...) | shellcode-detect | ||||
| 30467 | INDICATOR-SHELLCODE Metasploit payload solaris_sparc_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30468 | INDICATOR-SHELLCODE Metasploit payload solaris_x86_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30469 | INDICATOR-SHELLCODE Metasploit payload solaris_x86_shell_find_port (more info ...) | shellcode-detect | ||||
| 30470 | INDICATOR-SHELLCODE Metasploit payload solaris_x86_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30884 | PROTOCOL-VOIP Cisco MXP Telepresence gssapi-data unauthenticated denial of service attempt (more info ...) | attempted-dos | 2014-2158 | URL | ||
| 30885 | PROTOCOL-VOIP Cisco SIP malformed date header buffer overflow attempt (more info ...) | attempted-dos | 2014-2162 | URL | ||
| 30886 | PROTOCOL-VOIP Cisco SIP malformed date header buffer overflow attempt (more info ...) | attempted-dos | 2014-2162 | URL | ||
| 31013 | SERVER-OTHER UNIX platform forwardslash directory traversal (more info ...) | web-application-attack | 2014-0130 | 67244 | URL | |
| 31668 | SERVER-WEBAPP Cisco Unified Web and E-Mail Interaction Manager cross site scripting attempt (more info ...) | web-application-attack | 2014-2194 | 67464 | URL | |
| 31905 | SERVER-WEBAPP HP SiteScope DownloadFilesHandler directory traversal attempt (more info ...) | web-application-activity | 2012-3264 | 55273 | ||
| 31906 | SERVER-WEBAPP HP SiteScope UploadFilesHandler directory traversal attempt (more info ...) | web-application-activity | 2012-3264 | 55273 | ||
| 31942 | SERVER-WEBAPP Novell GroupWise Admin Service FileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2014-0600 | 69424 | URL | |
| 31943 | SERVER-WEBAPP HP SiteScope EmailServlet directory traversal attempt (more info ...) | web-application-activity | 2014-2614 | URL | ||
| 31979 | SERVER-OTHER Cisco IOS MediaNet metadata over RSVP IPFIX setlen=4 denial of service attempt (more info ...) | attempted-dos | 2014-3356 | URL | ||
| 31980 | SERVER-OTHER Cisco IOS RSVP Path message with no session attribute denial of service attempt (more info ...) | attempted-dos | 2014-3354 | URL | ||
| 31981 | SERVER-OTHER Cisco RSVP Protocol invalid Set ID DoS attempt (more info ...) | attempted-dos | 2014-3355 | URL | ||
| 32007 | SERVER-WEBAPP HP SiteScope UploadFilesHandler unauthorized file upload attempt (more info ...) | web-application-activity | 2012-3264 | 55273 | ||
| 32106 | SERVER-OTHER Cisco ASA SCPS command injection attempt (more info ...) | attempted-admin | 2015-0675 | URL | ||
| 32110 | SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (more info ...) | attempted-dos | 2014-3384 | URL | ||
| 32111 | SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (more info ...) | attempted-dos | 2014-3384 | URL | ||
| 32112 | SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (more info ...) | attempted-dos | 2014-3384 | URL | ||
| 32113 | SERVER-OTHER Cisco ASA IKEv2 denial of service attempt (more info ...) | attempted-dos | 2014-3384 | URL | ||
| 32277 | SERVER-OTHER Novell ZENworks PreBoot directory traversal attempt (more info ...) | attempted-admin | 2013-3706 | URL | ||
| 32398 | SERVER-OTHER Cisco RV180W Router cross-site request forgery attempt (more info ...) | attempted-user | 2014-2178 | URL | ||
| 33024 | SERVER-WEBAPP Cisco Security Agent Management Center code execution attempt (more info ...) | web-application-attack | 2011-0364 | 46420 | ||
| 33025 | SERVER-WEBAPP Cisco Security Agent Management Center code execution attempt (more info ...) | web-application-attack | 2011-0364 | 46420 | ||
| 33113 | SERVER-WEBAPP Novell eDirectory IMONITOR cross site scripting attempt (more info ...) | attempted-user | 2014-5212 | 71741 | ||
| 33217 | MALWARE-CNC Win.Trojan.Nuovoscor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33620 | MALWARE-CNC Unix.Trojan.lubot outbound connection (more info ...) | trojan-activity | URL | |||
| 33621 | MALWARE-CNC Unix.Trojan.lubot outbound connection (more info ...) | trojan-activity | URL | |||
| 33679 | SERVER-OTHER Cisco CNS Network Registrar denial of service attempt (more info ...) | denial-of-service | 2004-1164 | |||
| 33680 | SERVER-OTHER Cisco CNS Network Registrar denial of service attempt (more info ...) | denial-of-service | 2004-1164 | |||
| 33869 | PROTOCOL-VOIP Cisco TelePresence Video Communication Server SDP media description denial of service attempt (more info ...) | attempted-dos | 2015-0652 | URL | ||
| 33870 | PROTOCOL-VOIP Cisco TelePresence Video Communication Server SDP media description denial of service attempt (more info ...) | attempted-dos | 2015-0652 | URL | ||
| 34022 | PROTOCOL-VOIP Cisco Unity Connection malformed contact header denial of service attempt (more info ...) | attempted-dos | 2015-0614 | |||
| 34224 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_perl (more info ...) | shellcode-detect | ||||
| 34584 | POLICY-OTHER Novell ZENworks Configuration Management session id disclosure attempt (more info ...) | policy-violation | 2015-0784 | 74289 | ||
| 34968 | SERVER-WEBAPP Cisco Sourcefire 3D System integrated BMC arbitrary file upload attempt (more info ...) | attempted-admin | 2015-0739 | 74709 | URL | |
| 35315 | MALWARE-CNC Unix.Trojan.Downloader.Comsteal outbound connection (more info ...) | trojan-activity | URL | |||
| 35668 | SERVER-WEBAPP Novell GroupWise WebAccess cross-site scripting attempt (more info ...) | attempted-user | 2014-0611 | |||
| 35669 | SERVER-WEBAPP Novell GroupWise WebAccess cross-site scripting attempt (more info ...) | attempted-user | 2014-0611 | |||
| 36037 | SERVER-WEBAPP Novell Zenworks Mobile Management cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 36038 | SERVER-WEBAPP Novell Zenworks Mobile Management cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 36039 | SERVER-WEBAPP Novell Zenworks Mobile Management cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 36040 | SERVER-WEBAPP Novell Zenworks Mobile Management cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 36246 | PROTOCOL-VOIP Cisco IOS SIP header parsing memory leak attempt (more info ...) | attempted-dos | URL | |||
| 36461 | SERVER-OTHER Novell eDirectory DHost sadminpwd buffer overflow attempt (more info ...) | attempted-user | 2009-4654 | 37042 | ||
| 36462 | SERVER-OTHER Novell eDirectory DHost verifypwd buffer overflow attempt (more info ...) | attempted-user | 2009-4654 | 37042 | ||
| 36557 | SERVER-OTHER Cisco ASA DHCPv6 relay denial of service attempt (more info ...) | attempted-dos | 2015-6324 | URL | ||
| 36558 | SERVER-OTHER Cisco ASA DHCPv6 relay solicit denial of service attempt (more info ...) | attempted-dos | 2016-1367 | URL | ||
| 36649 | SERVER-OTHER Cisco Web Security Appliance range request memory leak denial of service attempt (more info ...) | denial-of-service | 2015-6293 | URL | ||
| 36652 | SERVER-OTHER Cisco ESA malformed spf TXT record anti-spam bypass attempt (more info ...) | misc-attack | 2015-4184 | URL | ||
| 36912 | SERVER-OTHER Novell eDirectory dhost buffer overflow attempt (more info ...) | attempted-admin | 2009-4653 | 36815 | URL | |
| 38087 | SERVER-WEBAPP Cisco WLAN Controller insecure configuration wizard access attempt (more info ...) | policy-violation | 2015-6314 | URL | ||
| 38302 | SERVER-OTHER Cisco IOS DHCPv6 relay denial of service attempt (more info ...) | attempted-dos | URL | |||
| 38351 | SERVER-WEBAPP Cisco Prime Data Center Network Manager processImageSave.jsp directory traversal attempt (more info ...) | attempted-admin | 2013-5486 | 62484 | URL | |
| 38397 | SERVER-WEBAPP Cisco Prime Infrastructure API authentication bypass attempt (more info ...) | web-application-attack | 2016-1289 | URL | ||
| 38399 | SERVER-WEBAPP Cisco TelePresence Server denial of service attempt (more info ...) | attempted-dos | 2015-6313 | URL | ||
| 38400 | SERVER-WEBAPP Cisco Prime Infrastructure API credentials enumeration attempt (more info ...) | web-application-attack | 2016-1290 | URL | ||
| 38584 | MALWARE-CNC Win.Backdoor.DFSCook variant JS dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 38585 | MALWARE-CNC Win.Backdoor.DFSCook variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38586 | MALWARE-CNC Win.Backdoor.DFSCook variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38587 | MALWARE-CNC Win.Backdoor.DFSCook variant temporary redirect attempt (more info ...) | trojan-activity | URL | |||
| 38588 | MALWARE-CNC Win.Backdoor.DFSCook variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38591 | SERVER-WEBAPP Cisco WLAN Controller management interface denial of service attempt (more info ...) | attempted-dos | 2016-1362 | URL | ||
| 38735 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38736 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38737 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38738 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38739 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38740 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38741 | SERVER-WEBAPP Cisco TelePresence XML API authentication bypass attempt (more info ...) | attempted-admin | 2016-1387 | URL | ||
| 38958 | SERVER-OTHER Cisco Web Security Appliance socket exhaustion denial of service attempt (more info ...) | attempted-dos | URL | |||
| 39185 | SERVER-WEBAPP Cisco Unified Interactive Voice Response directory traversal attempt (more info ...) | web-application-attack | 2011-3315 | |||
| 39186 | SERVER-WEBAPP Cisco Unified Interactive Voice Response directory traversal attempt (more info ...) | web-application-attack | 2011-3315 | |||
| 39187 | SERVER-WEBAPP Cisco Unified Interactive Voice Response directory traversal attempt (more info ...) | web-application-attack | 2011-3315 | |||
| 39358 | SERVER-WEBAPP Cisco DPC2420 router configuration file access attempt (more info ...) | attempted-recon | URL | |||
| 39371 | SERVER-WEBAPP Cisco Prime Infrastructure API default credentials authentication attempt (more info ...) | attempted-user | URL | |||
| 39472 | SERVER-OTHER Jenkins server auto-discovery attempt (more info ...) | policy-violation | URL | |||
| 39707 | BROWSER-OTHER Novell Messenger Client folder name buffer overflow attempt (more info ...) | attempted-user | 52062 | |||
| 39708 | BROWSER-OTHER Novell Messenger Client folder name buffer overflow attempt (more info ...) | attempted-user | 52062 | |||
| 39709 | BROWSER-OTHER Novell Messenger Client folder name buffer overflow attempt (more info ...) | attempted-user | 52062 | |||
| 39795 | SERVER-WEBAPP Cisco RV Series Routers insecure guest account login attempt (more info ...) | attempted-admin | 2015-6397 | URL | ||
| 39796 | PROTOCOL-VOIP Cisco Unified Communications Manager null pointer dereference attempt (more info ...) | attempted-dos | 2016-1466 | URL | ||
| 39797 | PROTOCOL-VOIP Cisco Unified Communications Manager null pointer dereference attempt (more info ...) | attempted-dos | 2016-1466 | URL | ||
| 39983 | INDICATOR-COMPROMISE Cisco IOS commandline overflow attempt (more info ...) | attempted-admin | 2016-6367 | |||
| 39984 | INDICATOR-COMPROMISE Cisco IOS commandline overflow attempt. (more info ...) | attempted-admin | 2016-6367 | |||
| 39985 | INDICATOR-COMPROMISE Cisco IOS commandline overflow attempt. (more info ...) | attempted-admin | 2016-6367 | |||
| 39986 | INDICATOR-COMPROMISE Cisco IOS commandline overflow attempt (more info ...) | attempted-admin | 2016-6367 | |||
| 39987 | INDICATOR-COMPROMISE Cisco IOS commandline overflow attempt. (more info ...) | attempted-admin | 2016-6367 | |||
| 40013 | FILE-OTHER Cisco WebEx Meetings Player arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 40014 | FILE-OTHER Cisco WebEx Meetings Player arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 40072 | MALWARE-CNC Cisco ASA backdoor installer inbound connection attempt (more info ...) | trojan-activity | ||||
| 40131 | POLICY-OTHER Cisco Prime Collaboration Assurance session ID privilege escalation attempt (more info ...) | policy-violation | 2015-4306 | URL | ||
| 40239 | SERVER-OTHER Cisco WebEx meetings server denial of service attempt (more info ...) | attempted-dos | 2016-1483 | URL | ||
| 40504 | SERVER-OTHER Cisco Snort HTTP chunked transfer encoding processing denial of service attempt (more info ...) | attempted-dos | 2016-6439 | URL | ||
| 40519 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | URL | |||
| 40520 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | URL | |||
| 40521 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | URL | |||
| 40522 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise fingerprinting (more info ...) | trojan-activity | URL | |||
| 40523 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise echo loader attempt (more info ...) | trojan-activity | URL | |||
| 40580 | POLICY-OTHER Cisco Universal Media Services potentially unauthorized API access detected (more info ...) | policy-violation | 2016-6397 | URL | ||
| 40599 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise echo loader attempt (more info ...) | trojan-activity | URL | |||
| 40600 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise echo loader attempt (more info ...) | trojan-activity | URL | |||
| 40601 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise activity (more info ...) | trojan-activity | URL | |||
| 40612 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download attempt (more info ...) | trojan-activity | URL | |||
| 40636 | POLICY-OTHER Cisco Prime Home API insecure SSO authentication detected (more info ...) | default-login-attempt | 2016-6452 | URL | ||
| 41137 | SERVER-OTHER Cisco IOS XR command line interface privilege escalation attempt (more info ...) | attempted-admin | 2016-6428 | URL | ||
| 41226 | INDICATOR-SHELLCODE AIX /bin/sh (more info ...) | shellcode-detect | ||||
| 41285 | INDICATOR-SHELLCODE SCO OpenServer x86 shell (more info ...) | shellcode-detect | ||||
| 41286 | INDICATOR-SHELLCODE Solaris x86 bind shell (more info ...) | shellcode-detect | ||||
| 41287 | INDICATOR-SHELLCODE Solaris x86 FindSock shell (more info ...) | shellcode-detect | ||||
| 41288 | INDICATOR-SHELLCODE Solaris x86 reverse connect shell (more info ...) | shellcode-detect | ||||
| 41389 | POLICY-OTHER Cisco Firepower Management Console rule import access detected (more info ...) | policy-violation | 2016-6433 | URL | ||
| 41409 | POLICY-OTHER Cisco Webex explicit use of web plugin detected (more info ...) | policy-violation | 2017-6753 | URL | ||
| 41415 | PROTOCOL-VOIP Cisco Expressway and TelePresence VCS denial of service attempt (more info ...) | attempted-dos | 2017-3790 | URL | ||
| 41487 | POLICY-OTHER Cisco Prime Home portlet API access detected (more info ...) | policy-violation | 2017-3791 | URL | ||
| 42004 | POLICY-OTHER Cisco Mobility Express Access Point radio.html access detected (more info ...) | policy-violation | 2017-3831 | URL | ||
| 42016 | PROTOCOL-SCADA Moxa discovery packet information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 42069 | SERVER-OTHER Cisco IOS XE DHCP vendor class identifier format string exploit attempt (more info ...) | attempted-admin | 2017-3859 | URL | ||
| 42070 | SERVER-OTHER Cisco IOS L2TP invalid message digest AVP denial of service attempt (more info ...) | attempted-dos | 2017-3857 | URL | ||
| 42071 | SERVER-WEBAPP Cisco IOS XE webui denial of service attempt (more info ...) | attempted-dos | 2017-3856 | URL | ||
| 42113 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | URL | |||
| 42114 | MALWARE-CNC Unix.Trojan.Mirai variant new bot registered (more info ...) | trojan-activity | URL | |||
| 42281 | OS-SOLARIS Solaris catflap telnet remote code execution attempt (more info ...) | attempted-admin | ||||
| 42282 | OS-SOLARIS Solaris catflap telnet remote code execution attempt (more info ...) | attempted-admin | ||||
| 42283 | OS-SOLARIS Solaris catflap telnet remote code execution attempt (more info ...) | attempted-admin | ||||
| 42293 | PROTOCOL-VOIP Cisco Unified Communications Manager SIP NOTIFY denial of service attempt (more info ...) | attempted-dos | 2017-3808 | URL | ||
| 42924 | POLICY-OTHER Cisco Prime Collaboration potentially unauthorized log file access detected (more info ...) | policy-violation | 2017-6621 | URL | ||
| 43265 | SERVER-WEBAPP Novell NetIQ Sentinel Server ReportViewServlet directory traversal attempt directory traversal attempt (more info ...) | web-application-attack | 2016-1605 | |||
| 43266 | SERVER-WEBAPP Novell NetIQ Sentinel Server ReportViewServlet directory traversal attempt directory traversal attempt (more info ...) | web-application-attack | 2016-1605 | |||
| 43267 | SERVER-WEBAPP Novell NetIQ Sentinel Server ReportViewServlet directory traversal attempt directory traversal attempt (more info ...) | web-application-attack | 2016-1605 | |||
| 43297 | SERVER-OTHER Cisco IOS HTTP percent sign denial of service attempt (more info ...) | denial-of-service | 1154 | |||
| 43351 | MALWARE-CNC Unix.Trojan.Erebus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43435 | SERVER-WEBAPP Cisco Secure Access Control Server cross site scripting attempt (more info ...) | attempted-user | 2006-3101 | |||
| 43452 | POLICY-OTHER Cisco Ultra Services Framework unauthenticated ZAB connect request detected (more info ...) | policy-violation | 2017-6711 | URL | ||
| 43499 | SERVER-WEBAPP Cisco Prime Infrastructure cross site scripting attempt (more info ...) | attempted-user | 2017-6699 | URL | ||
| 43500 | SERVER-WEBAPP Cisco Prime Infrastructure cross site scripting attempt (more info ...) | attempted-user | 2017-6699 | URL | ||
| 43501 | SERVER-WEBAPP Cisco Prime Infrastructure cross site scripting attempt (more info ...) | attempted-user | 2017-6700 | URL | ||
| 43502 | SERVER-WEBAPP Cisco Prime Infrastructure cross site scripting attempt (more info ...) | attempted-user | 2017-6700 | URL | ||
| 43514 | SERVER-OTHER Cisco IOS authentication proxy authentication request attempt (more info ...) | attempted-user | 2009-2863 | |||
| 43525 | SERVER-OTHER Cisco ASA malformed SCCP packet denial of service attempt (more info ...) | denial-of-service | 2010-0151 | |||
| 43573 | SERVER-OTHER Cisco IOS DHCP denial of service attempt (more info ...) | attempted-dos | 2013-5475 | URL | ||
| 43752 | SERVER-OTHER Sun Solaris dhcpd malformed bootp denial of service attempt (more info ...) | denial-of-service | 2007-5365 | 32213 | ||
| 43775 | SERVER-WEBAPP HP Sitescope EmailServlet directory traversal attempt (more info ...) | web-application-attack | 2014-2614 | |||
| 43776 | SERVER-WEBAPP HP Sitescope EmailServlet directory traversal attempt (more info ...) | web-application-attack | 2014-2614 | |||
| 43777 | SERVER-WEBAPP HP Sitescope EmailServlet directory traversal attempt (more info ...) | web-application-attack | 2014-2614 | |||
| 44457 | POLICY-OTHER Cisco IOS XE Web UI user administration page access detected (more info ...) | policy-violation | 2017-12230 | URL | ||
| 44555 | SERVER-WEBAPP Cisco FirePower Management Center cross site scripting attempt (more info ...) | attempted-user | 2017-12220 | URL | ||
| 44556 | SERVER-WEBAPP Cisco Unity Connection edit-nuance.do cross site scripting attempt (more info ...) | attempted-user | 2017-12212 | 100645 | URL | |
| 44557 | SERVER-WEBAPP Cisco Unity Connection nick-name.do cross site scripting attempt (more info ...) | attempted-user | 2017-12212 | 100645 | URL | |
| 44558 | SERVER-WEBAPP Cisco Unity Connection serviceParamEdit.do cross site scripting attempt (more info ...) | attempted-user | 2017-12212 | 100645 | URL | |
| 44604 | SERVER-OTHER Novell eDirectory LDAP server buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 44739 | SERVER-OTHER Novell GroupWise HTTP interface arbitrary file retrieval attempt (more info ...) | attempted-recon | 2012-0419 | |||
| 44740 | SERVER-OTHER Novell GroupWise HTTP interface arbitrary file retrieval attempt (more info ...) | attempted-recon | 2012-0419 | |||
| 44741 | SERVER-OTHER Novell GroupWise HTTP interface arbitrary file retrieval attempt (more info ...) | attempted-recon | 2012-0419 | |||
| 44742 | SERVER-OTHER Novell GroupWise HTTP interface arbitrary file retrieval attempt (more info ...) | attempted-recon | 2012-0419 | |||
| 44971 | SERVER-OTHER QNAP transcode server command injection attempt (more info ...) | attempted-admin | URL | |||
| 44974 | SERVER-OTHER Cisco IOS Smart Install identification attempt (more info ...) | attempted-recon | URL | |||
| 45099 | MALWARE-CNC Win.Trojan.Syscon variant inbound connection (more info ...) | trojan-activity | URL | |||
| 45100 | MALWARE-CNC Win.Trojan.Syscon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45120 | SERVER-OTHER Cisco Application Control Engine padding oracle attack attempt (more info ...) | attempted-recon | URL | |||
| 45464 | PROTOCOL-VOIP Cisco Unified Customer Voice Portal denial of service attempt (more info ...) | attempted-dos | 2018-0086 | URL | ||
| 45513 | SERVER-OTHER OpenLDAP zero size PagedResultsControl denial of service attempt (more info ...) | denial-of-service | 2017-9287 | |||
| 45563 | MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45564 | MALWARE-CNC Unix.Trojan.Vpnfilter variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45729 | POLICY-OTHER Cisco Unified Communications Manager appuserFindList.do access detected (more info ...) | policy-violation | 2018-0135 | URL | ||
| 45730 | SERVER-OTHER Cisco TelePresence TC and TE software authentication bypass attempt (more info ...) | attempted-admin | 2014-2174 | URL | ||
| 45813 | SERVER-WEBAPP Cisco Unified Communications Manager information disclosure attempt (more info ...) | attempted-recon | 2018-0198 | URL | ||
| 45941 | SERVER-OTHER Memcached UDP version discovery attempt (more info ...) | attempted-recon | URL | |||
| 45956 | MALWARE-CNC Unix.Trojan.PyCryptoMiner outbound connection (more info ...) | trojan-activity | URL | |||
| 46121 | PROTOCOL-OTHER use of undocumented ScMM test interface in Cisco small business devices detected (more info ...) | misc-activity | 2014-0659 | |||
| 46122 | PROTOCOL-OTHER use of undocumented ScMM test interface in Cisco small business devices detected (more info ...) | misc-activity | 2014-0659 | |||
| 46123 | PROTOCOL-OTHER use of undocumented ScMM test interface in Cisco small business devices detected (more info ...) | misc-activity | 2014-0659 | |||
| 46124 | PROTOCOL-OTHER use of undocumented ScMM test interface in Cisco small business devices detected (more info ...) | misc-activity | 2014-0659 | |||
| 46325 | SERVER-WEBAPP HPE Intelligent Management Center UrlAccessController authentication bypass attempt (more info ...) | web-application-attack | 2017-8982 | URL | ||
| 46782 | MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (more info ...) | trojan-activity | URL | |||
| 46783 | MALWARE-CNC Unix.Trojan.Vpnfilter variant SSL connection attempt (more info ...) | trojan-activity | URL | |||
| 47084 | MALWARE-CNC Unix.Trojan.Vpnfilter variant connection attempt (more info ...) | trojan-activity | URL | |||
| 47236 | MALWARE-CNC Unix.Trojan.Prowli variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47377 | MALWARE-CNC Unix.Trojan.Vpnfilter plugin variant connection attempt (more info ...) | trojan-activity | URL | |||
| 47426 | PROTOCOL-VOIP Cisco SPA514G SDP field processing denial of service attempt (more info ...) | attempted-dos | 2018-0389 | URL | ||
| 47919 | PROTOCOL-VOIP Cisco IOS XE NAT SIP application layer gateway denial of service attempt (more info ...) | attempted-dos | 2019-12646 | URL | ||
| 48109 | SERVER-OTHER Aktakom oscilloscope denial of service attempt (more info ...) | attempted-dos | URL | |||
| 48160 | POLICY-OTHER Infrasightlabs vScopeServer admin user creation attempt (more info ...) | misc-activity | URL | |||
| 48192 | MALWARE-CNC Unix.Worm.Hakai outbound connection (more info ...) | trojan-activity | URL | |||
| 48239 | SERVER-OTHER Cisco NX-OS precision time protocol denial of service attempt (more info ...) | attempted-dos | 2018-0378 | URL | ||
| 48240 | SERVER-OTHER Cisco NX-OS precision time protocol denial of service attempt (more info ...) | attempted-dos | 2018-0378 | URL | ||
| 48275 | MALWARE-CNC Unix.Trojan.Gafgyt variant new bot registered (more info ...) | trojan-activity | URL | |||
| 48281 | MALWARE-CNC Unix.Trojan.Chalubo downloader connection (more info ...) | trojan-activity | URL | |||
| 48282 | MALWARE-CNC Unix.Trojan.Chalubo outbound connection (more info ...) | trojan-activity | URL | |||
| 48283 | MALWARE-CNC Unix.Trojan.Chalubo outbound connection (more info ...) | trojan-activity | URL | |||
| 48284 | MALWARE-CNC Unix.Trojan.Chalubo outbound connection (more info ...) | trojan-activity | URL | |||
| 48285 | MALWARE-CNC Unix.Trojan.Chalubo outbound connection (more info ...) | trojan-activity | URL | |||
| 48286 | MALWARE-CNC Unix.Trojan.Chalubo outbound connection (more info ...) | trojan-activity | URL | |||
| 48644 | POLICY-OTHER Cisco Adaptive Security Appliance admin REST API access attempt (more info ...) | policy-violation | 2018-15465 | URL | ||
| 48962 | SERVER-OTHER Cisco IoT Field Network Director UDP flood attempt (more info ...) | attempted-dos | 2019-1644 | URL | ||
| 49512 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49513 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49514 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49515 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49516 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49517 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49518 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49519 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49520 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49606 | PROTOCOL-VOIP Cisco IOS SIP calling display name denial of service attempt (more info ...) | attempted-dos | 2019-1752 | URL | ||
| 49607 | PROTOCOL-VOIP Cisco IOS SIP calling display name denial of service attempt (more info ...) | attempted-dos | 2019-1752 | URL | ||
| 49612 | POLICY-OTHER Cisco Virtual Switching System standby interested message detected (more info ...) | policy-violation | 2019-1750 | URL | ||
| 49613 | POLICY-OTHER Cisco Virtual Switching System master request message detected (more info ...) | policy-violation | URL | |||
| 49664 | MALWARE-CNC Win.Trojan.TSCookie variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49791 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49792 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49793 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 49794 | MALWARE-CNC Unix.Trojan.Mirai variant post compromise download (more info ...) | trojan-activity | ||||
| 50006 | SERVER-WEBAPP Cisco Web Security Appliance proxy service buffer overflow attempt (more info ...) | attempted-dos | 2019-1817 | URL | ||
| 50007 | SERVER-WEBAPP Cisco ASA WebVPN expired session page direct access denial of service attempt (more info ...) | attempted-dos | 2019-1693 | URL | ||
| 50164 | MALWARE-CNC Unix.Trojan.Winnti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50166 | MALWARE-CNC Unix.Trojan.Winnti malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50167 | MALWARE-CNC Unix.Trojan.Winnti malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50281 | MALWARE-CNC Unix.Miner.Decred variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50282 | MALWARE-CNC Unix.Miner.Decred variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50283 | MALWARE-CNC Unix.Miner.Decred variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50284 | MALWARE-CNC Unix.Miner.Decred variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50808 | MALWARE-CNC Unix.Backdoor.Godlua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50809 | MALWARE-CNC Unix.Backdoor.Godlua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50810 | MALWARE-CNC Unix.Backdoor.Godlua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50811 | MALWARE-CNC Unix.Backdoor.Godlua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50902 | POLICY-OTHER Cisco ASA running configuration download request detected (more info ...) | policy-violation | 2019-1934 | URL | ||
| 50990 | MALWARE-CNC Unix.Malware.ech0raix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 50991 | MALWARE-CNC Unix.Malware.ech0raix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 50992 | MALWARE-CNC Unix.Malware.ech0raix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 50993 | MALWARE-CNC Unix.Malware.ech0raix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51027 | SERVER-OTHER Novell iManager ASN.1 client hello parsing denial of service attempt (more info ...) | denial-of-service | 2003-0543 | |||
| 51190 | SERVER-WEBAPP Novell iManager buffer overflow attempt (more info ...) | attempted-admin | 2011-4188 | URL | ||
| 51298 | POLICY-OTHER Cisco 220 Series Smart Switches unauthenticated request detected (more info ...) | policy-violation | 2019-1912 | URL | ||
| 51299 | POLICY-OTHER Cisco 220 Series Smart Switches unauthenticated request detected (more info ...) | policy-violation | 2019-1912 | URL | ||
| 51300 | POLICY-OTHER Cisco 220 Series Smart Switches unauthenticated request detected (more info ...) | policy-violation | 2019-1912 | URL | ||
| 51365 | SERVER-WEBAPP Cisco NX-OS Software NX-API denial of service attempt (more info ...) | attempted-dos | 2019-1968 | URL | ||
| 51366 | SERVER-WEBAPP Cisco NX-OS Software NX-API denial of service attempt (more info ...) | attempted-dos | 2019-1968 | URL | ||
| 51367 | SERVER-WEBAPP Cisco NX-OS Software NX-API denial of service attempt (more info ...) | attempted-dos | 2019-1968 | URL | ||
| 51414 | POLICY-OTHER Cisco Industrial Network Director unauthenticated configuration request detected (more info ...) | policy-violation | 2019-1976 | URL | ||
| 51626 | PROTOCOL-VOIP Cisco IOS SIP denial of service attempt (more info ...) | attempted-dos | 2019-12654 | URL | ||
| 51627 | PROTOCOL-VOIP Cisco IOS SIP denial of service attempt (more info ...) | attempted-dos | 2019-12654 | URL | ||
| 51628 | POLICY-OTHER Cisco IOS Layer 2 Traceroute vlan enumeration detected (more info ...) | attempted-recon | URL | |||
| 51645 | SERVER-OTHER Cisco IOx invalid TLS handshake type denial of service attempt (more info ...) | attempted-dos | 2019-12656 | URL | ||
| 51724 | SERVER-OTHER Novell Remote Manager off-by-one denial of service attempt (more info ...) | denial-of-service | ||||
| 51795 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51796 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51797 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51798 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51799 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51800 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51801 | MALWARE-CNC Unix.Malware.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51898 | OS-OTHER Cisco Nexus OS software command injection attempt (more info ...) | attempted-admin | 2011-2569 | URL | ||
| 52127 | POLICY-OTHER Cisco Web Security Appliance system setup wizard access detected (more info ...) | policy-violation | 2019-15956 | URL | ||
| 52128 | POLICY-OTHER Cisco Web Security Appliance system setup wizard access detected (more info ...) | policy-violation | 2019-15956 | URL | ||
| 52554 | MALWARE-CNC Unix.Trojan.Mirai variant outbound Technicolor TD5130v2 TD5336 routers command injection attempt (more info ...) | trojan-activity | 2019-18396 | |||
| 52559 | SERVER-WEBAPP Cisco IOS Web UI cross site request forgery attempt (more info ...) | attempted-user | 2019-16009 | URL | ||
| 52560 | SERVER-WEBAPP Cisco IOS Web UI cross site request forgery attempt (more info ...) | attempted-user | 2019-16009 | URL | ||
| 52588 | MALWARE-CNC Unix.Trojan.Mirai Enigma NMS command injection attempt (more info ...) | trojan-activity | 2019-16072 | |||
| 52824 | MALWARE-CNC Unix.Trojan.Muhstik variant IRC outbound connection (more info ...) | trojan-activity | URL | |||
| 52993 | POLICY-OTHER Cisco Small Business Series Switches admin settings page access detected (more info ...) | policy-violation | 2019-15993 | URL | ||
| 52994 | POLICY-OTHER Cisco Small Business Series Switches device configuration page access detected (more info ...) | policy-violation | 2019-15993 | URL | ||
| 52995 | POLICY-OTHER Cisco Small Business Series Switches device configuration page access detected (more info ...) | policy-violation | 2019-15993 | URL | ||
| 53142 | MALWARE-CNC Win.Trojan.Syscon variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53143 | MALWARE-CNC Win.Trojan.Syscon variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53144 | MALWARE-CNC Win.Trojan.Syscon variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53170 | SERVER-OTHER Cisco Email Security Appliance mail log parsing denial of service attempt (more info ...) | attempted-dos | 2019-1983 | URL | ||
| 53172 | POLICY-OTHER Cisco Data Center Network Manager user add detected (more info ...) | policy-violation | 2019-3114 | URL | ||
| 53173 | POLICY-OTHER Cisco Data Center Network Manager server properties update detected (more info ...) | policy-violation | 2020-3112 | URL | ||
| 53174 | POLICY-OTHER Cisco Data Center Network Manager saveDefaultCredentials detected (more info ...) | policy-violation | 2020-3112 | URL | ||
| 53392 | POLICY-OTHER Cisco Prime Network Registrar AddObject request detected (more info ...) | policy-violation | 2020-3148 | URL | ||
| 53393 | POLICY-OTHER Cisco Prime Network Registrar EditAdmin request detected (more info ...) | policy-violation | 2020-3148 | URL | ||
| 53400 | MALWARE-CNC Unix.Trojan.snoopy TCP connection attempt (more info ...) | trojan-activity | URL | |||
| 53401 | MALWARE-CNC Unix.Trojan.snoopy TCP connection attempt (more info ...) | trojan-activity | URL | |||
| 53551 | MALWARE-OTHER Unix.Malware.Lotoor-7645228-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53552 | MALWARE-OTHER Unix.Malware.Lotoor-7645228-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53595 | MALWARE-OTHER PUA.Unix.Adware.Mobidash-7648778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53596 | MALWARE-OTHER PUA.Unix.Adware.Mobidash-7648778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53667 | POLICY-OTHER Cisco Unified Communications Manager TAPS RMI method lookup detected (more info ...) | policy-violation | 2020-3177 | URL | ||
| 53697 | MALWARE-OTHER Unix.Exploit.Generic-7664564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53698 | MALWARE-OTHER Unix.Exploit.Generic-7664564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53699 | MALWARE-OTHER Unix.Trojan.Feejar-7665621-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53700 | MALWARE-OTHER Unix.Trojan.Feejar-7665621-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53701 | MALWARE-OTHER Unix.Trojan.Mirai-7666587-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53702 | MALWARE-OTHER Unix.Trojan.Mirai-7666587-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54083 | MALWARE-OTHER PUA.Unix.Adware.Mobidash-7914334-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54084 | MALWARE-OTHER PUA.Unix.Adware.Mobidash-7914334-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54155 | SERVER-OTHER Cisco IOx Application Environment external VDS control message attempt (more info ...) | attempted-user | 2020-3258 | URL | ||
| 54161 | POLICY-OTHER Cisco IOx token service access detected (more info ...) | policy-violation | 2020-3227 | URL | ||
| 54163 | PROTOCOL-VOIP Cisco IOS malformed SIP Via header denial of service attempt (more info ...) | attempted-dos | 2020-3226 | URL | ||
| 54164 | PROTOCOL-VOIP Cisco IOS malformed SIP Via header denial of service attempt (more info ...) | attempted-dos | 2020-3226 | URL | ||
| 54306 | POLICY-OTHER Novell ZENworks Configuration Management session id disclosure attempt (more info ...) | policy-violation | 2015-0784 | 74289 | ||
| 54332 | POLICY-OTHER Cisco TelePresence API SoftwareUpgrade SystemUnit command detected (more info ...) | policy-violation | 2020-3336 | URL | ||
| 54417 | MALWARE-OTHER PUA.Unix.Adware.Macsearch-8347867-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54418 | MALWARE-OTHER PUA.Unix.Adware.Macsearch-8347867-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54544 | POLICY-OTHER Cisco RV110W Router default credential login detected (more info ...) | policy-violation | 2020-3330 | URL | ||
| 54553 | POLICY-OTHER Cisco SD-WAN vManage file upload detected (more info ...) | policy-violation | 2020-3381 | URL | ||
| 54564 | POLICY-OTHER Cisco RV Series Routers configuration download detected (more info ...) | policy-violation | 2020-3146 | URL | ||
| 54656 | POLICY-OTHER Cisco Data Center Network Manager device manager access detected (more info ...) | policy-violation | 2020-3376 | URL | ||
| 54696 | POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (more info ...) | policy-violation | 2020-3386 | URL | ||
| 54697 | POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (more info ...) | policy-violation | 2020-3386 | URL | ||
| 54698 | POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (more info ...) | policy-violation | 2020-3386 | URL | ||
| 54699 | POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (more info ...) | policy-violation | 2020-3386 | URL | ||
| 54700 | POLICY-OTHER Cisco Data Center Network Manager privileged API access detected (more info ...) | policy-violation | 2020-3386 | URL | ||
| 54703 | MALWARE-CNC Unix.Malware.QSnatch infected QNAP device outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 54793 | MALWARE-CNC Unix.Malware.Drovorub cnc inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54848 | MALWARE-OTHER Unix.Malware.Mrblack-9428384-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54849 | MALWARE-OTHER Unix.Malware.Mrblack-9428384-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55795 | MALWARE-OTHER PUA.Unix.Adware.Cimpli-9764278-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55796 | MALWARE-OTHER PUA.Unix.Adware.Cimpli-9764278-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55808 | POLICY-OTHER Cisco IOS Software VLPWA file read detected (more info ...) | policy-violation | 2020-3426 | URL | ||
| 55815 | POLICY-OTHER Cisco IOS XE WebUI administrative access detected (more info ...) | policy-violation | 2020-3141 | URL | ||
| 55816 | POLICY-OTHER Cisco IOS XE WebUI administrative access detected (more info ...) | policy-violation | 2020-3141 | URL | ||
| 55817 | POLICY-OTHER Cisco IOS XE WebUI administrative access detected (more info ...) | policy-violation | 2020-3141 | URL | ||
| 55818 | POLICY-OTHER Cisco IOS XE WebUI administrative access detected (more info ...) | policy-violation | 2020-3425 | URL | ||
| 55833 | POLICY-OTHER Cisco IOS XE WebUI restricted character in authentication detected (more info ...) | policy-violation | 2020-3516 | URL | ||
| 56087 | SERVER-WEBAPP Cisco ASA and FTD web services large file upload denial of service attempt (more info ...) | attempted-dos | 2020-3436 | URL | ||
| 56088 | MALWARE-CNC Unix.Spyware.WellMess variant outbound cnc attempt (more info ...) | trojan-activity | URL | |||
| 56408 | POLICY-OTHER Cisco Security Manager vulnerable CsJaasServiceServlet access detected (more info ...) | policy-violation | 2020-27131 | URL | ||
| 56409 | POLICY-OTHER Cisco Security Manager vulnerable SecretService.jsp access detected (more info ...) | policy-violation | 2020-27131 | URL | ||
| 56410 | POLICY-OTHER Cisco Security Manager vulnerable AuthTokenServlet access detected (more info ...) | policy-violation | 2020-27131 | URL | ||
| 56411 | POLICY-OTHER Cisco Security Manager vulnerable ClientServicesServlet access detected (more info ...) | policy-violation | 2020-27131 | URL | ||
| 56412 | POLICY-OTHER Cisco Security Manager vulnerable CTMServlet access detected (more info ...) | policy-violation | 2020-27131 | URL | ||
| 56413 | POLICY-OTHER Cisco Security Manager vulnerable SecretServiceServlet access detected (more info ...) | policy-violation | 2020-27131 | URL | ||
| 56431 | POLICY-OTHER Cisco IoT Field Network Director access detected (more info ...) | policy-violation | 2020-3531 | URL | ||
| 56447 | POLICY-OTHER Cisco IoT Field Network Director access detected (more info ...) | policy-violation | 2020-3392 | URL | ||
| 56448 | POLICY-OTHER Cisco IoT Field Network Director access detected (more info ...) | policy-violation | 2020-26072 | URL | ||
| 56819 | MALWARE-OTHER Unix.Miner.PGMiner variant exploit attempt (more info ...) | trojan-activity | URL | |||
| 56820 | MALWARE-OTHER Unix.Miner.PGMiner variant dropped bash script (more info ...) | trojan-activity | URL | |||
| 56821 | MALWARE-OTHER Unix.Miner.PGMiner variant exploit attempt (more info ...) | trojan-activity | URL | |||
| 56955 | POLICY-OTHER Cisco Smart Software Manager Satellite Web UI user creation detected (more info ...) | policy-violation | 2021-1142 | URL | ||
| 56956 | POLICY-OTHER Cisco Data Center Network Manager session validation request detected (more info ...) | policy-violation | 2021-1272 | URL | ||
| 56957 | POLICY-OTHER Cisco SD-WAN vManage terminal request detected (more info ...) | policy-violation | 2021-1302 | URL | ||
| 56958 | POLICY-OTHER Cisco SD-WAN vManage terminal request detected (more info ...) | policy-violation | 2021-1304 | URL | ||
| 56959 | POLICY-OTHER Cisco SD-WAN vManage enumeration request detected (more info ...) | policy-violation | 2021-1304 | URL | ||
| 56960 | POLICY-OTHER Cisco SD-WAN vManage enumeration request detected (more info ...) | policy-violation | 2021-1304 | URL | ||
| 56961 | POLICY-OTHER Cisco SD-WAN vManage enumeration request detected (more info ...) | policy-violation | 2021-1304 | URL | ||
| 56962 | POLICY-OTHER Cisco SD-WAN vManage configuration request detected (more info ...) | policy-violation | 2021-1304 | URL | ||
| 56963 | POLICY-OTHER Cisco SD-WAN vManage request detected (more info ...) | policy-violation | 2021-1305 | URL | ||
| 57087 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | attempted-admin | 2021-1289 | URL | ||
| 57090 | SERVER-WEBAPP Cisco Small Business RV series routers denial of service attempt (more info ...) | attempted-user | 2021-1325 | URL | ||
| 57091 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | attempted-admin | 2021-1290 | URL | ||
| 57092 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1295 | URL | ||
| 57093 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | attempted-admin | 2021-1289 | URL | ||
| 57094 | SERVER-WEBAPP Cisco RV Series Routers command injection attempt (more info ...) | web-application-attack | 2021-1291 | URL | ||
| 57097 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2021-1293 | URL | ||
| 57223 | POLICY-OTHER Cisco Application Services Engine API access detected (more info ...) | policy-violation | 2021-1396 | URL | ||
| 57300 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2021-1287 | URL | ||
| 57368 | MALWARE-CNC Unix.Malware.Exaramel outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57369 | MALWARE-CNC Unix.Malware.Exaramel outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57370 | MALWARE-CNC Unix.Malware.Exaramel outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57401 | SERVER-WEBAPP Cisco RV Series Routers stack buffer overflow attempt (more info ...) | attempted-admin | 2021-1459 | URL | ||
| 57448 | SERVER-OTHER Cisco FTD SSL inspection denial of service attempt (more info ...) | attempted-dos | 2020-3562 | URL | ||
| 57451 | MALWARE-CNC Unix.Trojan.Malcodecov data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 57529 | SERVER-WEBAPP Cisco HyperFlex HX Installer command injection attempt (more info ...) | web-application-attack | 2021-1497 | URL | ||
| 57530 | SERVER-WEBAPP Cisco HyperFlex HX Installer command injection attempt (more info ...) | web-application-attack | 2021-1497 | URL | ||
| 57531 | SERVER-WEBAPP Cisco HyperFlex HX Installer command injection attempt (more info ...) | web-application-attack | 2021-1497 | URL | ||
| 57535 | POLICY-OTHER Cisco SD-WAN vManage administrator API access detected (more info ...) | policy-violation | 2021-1505 | URL | ||
| 57536 | SERVER-WEBAPP Novell eDirectory iMonitor crafted Accept-Language header buffer overflow attempt (more info ...) | attempted-user | 2009-0192 | |||
| 57538 | POLICY-OTHER Cisco SD-WAN vManage cluster API access detected (more info ...) | policy-violation | 2021-1508 | URL | ||
| 57886 | POLICY-OTHER Cisco Business Process Automation permissions modification detected (more info ...) | policy-violation | 2021-1574 | URL | ||
| 58061 | POLICY-OTHER Cisco TelePresence Video Communication Server upgrade request detected (more info ...) | policy-violation | 2021-34716 | URL | ||
| 58062 | MALWARE-CNC Unix.Backdoor.SNIcat outbound request attempt (more info ...) | trojan-activity | 2021-34749 | URL | ||
| 58110 | POLICY-OTHER Cisco BroadWorks administrator account modification detected (more info ...) | policy-violation | 2021-34786 | URL | ||
| 58182 | SERVER-OTHER Cisco IOS XE Software for CBR8 COPS denial of service attempt (more info ...) | attempted-dos | 2021-1622 | URL | ||
| 58189 | POLICY-OTHER Cisco IOS and IOS XE TrustSec deprecated API access detected (more info ...) | policy-violation | 2021-34699 | URL | ||
| 58190 | POLICY-OTHER Cisco IOS and IOS XE TrustSec deprecated API access detected (more info ...) | policy-violation | 2021-34699 | URL | ||
| 58346 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center UrlAccessController Filter directory traversal attempt (more info ...) | web-application-attack | 2017-5791 | |||
| 58442 | SERVER-OTHER Cisco ASA and FTD denial of service attempt (more info ...) | attempted-dos | 2021-40117 | URL | ||
| 58486 | POLICY-OTHER Cisco Catalyst PON Series ONT enable telnet request detected (more info ...) | policy-violation | 2021-40112 | URL | ||
| 58488 | POLICY-OTHER Cisco Catalyst PON Series ONT default credential login detected (more info ...) | policy-violation | 2021-34795 | URL | ||
| 58971 | POLICY-OTHER Cisco PnP image_install response detected (more info ...) | policy-violation | 2022-20703 | URL | ||
| 58989 | SERVER-WEBAPP Cisco RV Series Routers denial of service attempt (more info ...) | attempted-dos | 2022-20710 | URL | ||
| 59060 | POLICY-OTHER Cisco RV Series Routers driver upload detected (more info ...) | policy-violation | 2022-20700 | URL | ||
| 59065 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59066 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59067 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59068 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise discovery_iscsi_device command injection attempt (more info ...) | web-application-attack | ||||
| 59069 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise discovery_iscsi_device command injection attempt (more info ...) | web-application-attack | ||||
| 59078 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59079 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59232 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59233 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59234 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59235 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59587 | POLICY-OTHER Schneider Electric UDP discovery packet detected (more info ...) | policy-violation | URL | |||
| 59654 | SERVER-WEBAPP Cisco ASA and FTD web services denial of service attempt (more info ...) | attempted-dos | 2022-20745 | URL | ||
| 59658 | SERVER-WEBAPP Cisco ASA and FTD SSL VPN heap buffer overflow attempt (more info ...) | attempted-dos | 2022-20737 | URL | ||
| 59659 | SERVER-WEBAPP Cisco ASA and FTD SSL VPN heap buffer overflow attempt (more info ...) | attempted-dos | 2022-20737 | URL | ||
| 59660 | SERVER-WEBAPP Cisco ASA and FTD SSL VPN heap buffer overflow attempt (more info ...) | attempted-dos | 2022-20737 | URL | ||
| 59661 | SERVER-WEBAPP Cisco ASA and FTD SSL VPN heap buffer overflow attempt (more info ...) | attempted-dos | 2022-20737 | URL | ||
| 59662 | SERVER-WEBAPP Cisco ASA and FTD SSL VPN heap buffer overflow attempt (more info ...) | attempted-dos | 2022-20737 | URL | ||
| 59668 | SERVER-WEBAPP Cisco ASA and FTD privilege escalation attempt (more info ...) | attempted-admin | 2022-20759 | URL | ||
| 59670 | SERVER-WEBAPP Cisco Firepower Management Console security bypass file upload attempt (more info ...) | attempted-user | 2022-20743 | URL | ||
| 60273 | POLICY-OTHER Cisco Nexus Dashboard Kubernetes API access detected (more info ...) | policy-violation | 2022-20857 | URL | ||
| 60274 | POLICY-OTHER Cisco Nexus Dashboard Kubernetes API access detected (more info ...) | policy-violation | 2022-20857 | URL | ||
| 60514 | MALWARE-CNC Unix.Backdoor.KeyPlug variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60515 | MALWARE-CNC Unix.Backdoor.KeyPlug variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60624 | POLICY-OTHER Cisco IOS XE Wireless Controller PSK SNMP get request detected (more info ...) | policy-violation | 2022-20810 | URL | ||
| 60628 | SERVER-OTHER Cisco IOS XE Wireless Controller DHCP processing denial of service attempt (more info ...) | attempted-dos | 2022-20847 | URL | ||
| 60817 | MALWARE-CNC Unix.Trojan.RedXOR variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60895 | MALWARE-CNC Unix.Downloader.Shikitega variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 61367 | SERVER-WEBAPP Cisco Email Security Appliance arbitrary code execution attempt (more info ...) | attempted-admin | 2023-20009 | URL | ||
| 61450 | SERVER-WEBAPP Cisco IP Phone web interface stack buffer overflow attempt (more info ...) | attempted-admin | 2023-20079 | URL | ||
| 61724 | POLICY-OTHER Cisco SD-WAN vManage cluster mode access (more info ...) | policy-violation | 2023-20113 | URL | ||
| 61725 | POLICY-OTHER Cisco SD-WAN vManage cluster mode access (more info ...) | policy-violation | 2023-20113 | URL | ||
| 61726 | POLICY-OTHER Cisco SD-WAN vManage cluster mode access (more info ...) | policy-violation | 2023-20113 | URL | ||
| 61727 | POLICY-OTHER Cisco SD-WAN vManage cluster mode acess (more info ...) | policy-violation | 2023-20113 | URL | ||
| 61728 | POLICY-OTHER Cisco SD-WAN vManage cluster mode access (more info ...) | policy-violation | 2023-20113 | URL | ||
| 61729 | POLICY-OTHER Cisco SD-WAN vManage cluster mode access (more info ...) | policy-violation | 2023-20113 | URL | ||
| 62048 | POLICY-OTHER Cisco SD-WAN vManage REST API access detected (more info ...) | policy-violation | 2023-20214 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 18525 | SERVER-OTHER Lotus Domino LDAP Heap Buffer Overflow Attempt (more info ...) | attempted-user | 2010-0358 | |||
| 26369 | MALWARE-OTHER Double HTTP Server declared (more info ...) | trojan-activity | ||||
| 35944 | SERVER-MAIL IBM Domino BMP color palette stack buffer overflow attempt (more info ...) | attempted-admin | 2015-1903 | 74598 | ||
| 36153 | SERVER-OTHER IBM Domino LDAP server ModifyRequest stack buffer overflow attempt (more info ...) | attempted-admin | 2015-0117 | 73911 | URL | |
| 39654 | SERVER-MAIL IBM Lotus Domino Server nrouter.exe malformed GIF parsing remote exploit attempt (more info ...) | attempted-user | 2015-0135 | 74194 | URL | |
| 39655 | SERVER-MAIL IBM Lotus Domino Server nrouter.exe malformed GIF parsing remote exploit attempt (more info ...) | attempted-user | 2015-0135 | 74194 | URL | |
| 42438 | SERVER-MAIL IBM Domino BMP parsing integer overflow attempt (more info ...) | attempted-admin | 2015-1902 | 74597 | URL | |
| 49094 | BROWSER-PLUGINS IBM Lotus Domino Quickr ActiveX clsid access attempt (more info ...) | attempted-user | 2013-3026 | |||
| 49095 | BROWSER-PLUGINS IBM Lotus Domino Quickr ActiveX clsid access attempt (more info ...) | attempted-user | 2013-3026 | |||
| 49096 | BROWSER-PLUGINS IBM Lotus Domino Quickr ActiveX clsid access attempt (more info ...) | attempted-user | 2013-3026 | |||
| 49097 | BROWSER-PLUGINS IBM Lotus Domino Quickr ActiveX clsid access attempt (more info ...) | attempted-user | 2013-3026 | |||
| 52561 | POLICY-OTHER Yachtcontrol webserver unauthenticated remote code execution attempt (more info ...) | attempted-user | 2019-17270 | |||
| 52562 | POLICY-OTHER Yachtcontrol webserver unauthenticated remote code execution attempt (more info ...) | attempted-user | 2019-17270 | |||
| 59417 | SERVER-OTHER Git HTTP server submodule potential remote code execution attempt (more info ...) | attempted-user | 2017-1000117 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1072 | SERVER-WEBAPP Lotus Domino directory traversal (more info ...) | web-application-attack | 2001-0009 | 2173 | 12248 | |
| 1115 | SERVER-WEBAPP ICQ webserver DOS (more info ...) | attempted-dos | 1999-0474 | URL | ||
| 1150 | SERVER-WEBAPP Domino catalog.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1151 | SERVER-WEBAPP Domino domcfg.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1152 | SERVER-WEBAPP Domino domlog.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1153 | SERVER-WEBAPP Domino log.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1154 | SERVER-WEBAPP Domino names.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1505 | SERVER-WEBAPP alchemy http server PRN arbitrary command execution attempt (more info ...) | web-application-activity | 2001-0871 | 3599 | 10818 | |
| 1506 | SERVER-WEBAPP alchemy http server NUL arbitrary command execution attempt (more info ...) | web-application-activity | 2001-0871 | 3599 | 10818 | |
| 1575 | SERVER-WEBAPP Domino mab.nsf access (more info ...) | attempted-recon | 2001-1567 | 4022 | 10953 | |
| 1576 | SERVER-WEBAPP Domino cersvr.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1577 | SERVER-WEBAPP Domino setup.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1578 | SERVER-WEBAPP Domino statrep.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1579 | SERVER-WEBAPP Domino webadmin.nsf access (more info ...) | attempted-recon | 2004-2369 | 9901 | 10629 | |
| 1580 | SERVER-WEBAPP Domino events4.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1581 | SERVER-WEBAPP Domino ntsync4.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1582 | SERVER-WEBAPP Domino collect4.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1583 | SERVER-WEBAPP Domino mailw46.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1584 | SERVER-WEBAPP Domino bookmark.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1585 | SERVER-WEBAPP Domino agentrunner.nsf access (more info ...) | attempted-recon | 10629 | |||
| 1586 | SERVER-WEBAPP Domino mail.box access (more info ...) | attempted-recon | 2000-0023 | 881 | 10629 | |
| 13258 | BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX clsid access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13260 | BROWSER-PLUGINS IBM Lotus Domino Web Access 6 ActiveX function call access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13262 | BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX clsid access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 13264 | BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX function call access (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 15956 | SERVER-ORACLE http Server mod_access restriction bypass attempt (more info ...) | attempted-user | 2005-1383 | 13418 | ||
| 16017 | SERVER-OTHER IBM Lotus Domino LDAP server invalid DN message buffer overflow attempt (more info ...) | attempted-user | 2007-1739 | 23174 | ||
| 16060 | SERVER-OTHER IBM Lotus Domino LDAP server memory exception attempt (more info ...) | attempted-dos | 2006-0580 | 16523 | ||
| 16671 | BROWSER-PLUGINS IBM Lotus Domino Web Access ActiveX exploit attempt (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 17466 | BROWSER-PLUGINS IBM Lotus Domino Web Access 7 ActiveX exploit attempt (more info ...) | attempted-user | 2010-0919 | 26972 | ||
| 17545 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 18461 | SERVER-MAIL IBM Lotus Domino nrouter.exe iCalendar MAILTO stack buffer overflow attempt (more info ...) | attempted-admin | 2010-3407 | 43219 | URL | |
| 21358 | SERVER-WEBAPP iPlanet Webserver command injection attempt (more info ...) | web-application-attack | 2002-1315 | 6202 | ||
| 23433 | SERVER-WEBAPP IBM Lotus Domino cross site scripting attempt (more info ...) | web-application-attack | 2005-3015 | 14845 | ||
| 23434 | SERVER-WEBAPP IBM Lotus Domino cross site scripting attempt (more info ...) | web-application-attack | 2005-3015 | 14845 | ||
| 23480 | SERVER-WEBAPP IBM Lotus Domino webadmin.nsf directory traversal attempt (more info ...) | web-application-attack | 2004-2369 | 9900 | ||
| 30011 | SERVER-WEBAPP GE Proficy CIMPLICITY CimWebServer remote code execution attempt (more info ...) | attempted-admin | 2014-0750 | 65124 | URL | |
| 30031 | SERVER-WEBAPP IBM Lotus Domino stack buffer overflow attempt (more info ...) | web-application-attack | 2011-3575 | 49705 | ||
| 30341 | SERVER-WEBAPP Cisco CatOS CiscoView HTTP server buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 30342 | SERVER-WEBAPP Cisco IOS HTTP server denial of service attempt (more info ...) | attempted-dos | 1838 | URL | ||
| 35928 | SERVER-WEBAPP IBM Domino cross site scripting attempt (more info ...) | web-application-attack | ||||
| 37495 | FILE-PDF IBM Domino KeyView PDF filter compressed stream length code execution attempt (more info ...) | attempted-user | 2016-0278 | URL | ||
| 37496 | FILE-PDF IBM Domino KeyView PDF filter compressed stream length code execution attempt (more info ...) | attempted-user | 2016-0278 | URL | ||
| 37498 | FILE-PDF IBM Domino KeyView PDF filter encrypted stream code execution attempt (more info ...) | attempted-user | 2016-0277 | URL | ||
| 37499 | FILE-PDF IBM Domino KeyView PDF Filter Basefont string overflow attempt (more info ...) | attempted-user | 2016-0279 | URL | ||
| 37500 | FILE-PDF IBM Domino KeyView PDF Filter Basefont string overflow attempt (more info ...) | attempted-user | 2016-0279 | URL | ||
| 37501 | FILE-PDF IBM Domino KeyView PDF Filter Trailer ID array heap buffer overflow attempt (more info ...) | attempted-user | 2016-0301 | URL | ||
| 37502 | FILE-PDF IBM Domino KeyView PDF Filter Trailer ID array heap buffer overflow attempt (more info ...) | attempted-user | 2016-0301 | URL | ||
| 41187 | SERVER-WEBAPP IBM Lotus Domino BOX mailbox information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 41188 | SERVER-WEBAPP IBM Lotus Domino NSF database information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 41189 | SERVER-WEBAPP IBM Lotus Domino srvnam.htm information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 41747 | PROTOCOL-SCADA Moxa SoftCMS webserver DOS attempt (more info ...) | attempted-dos | ||||
| 43349 | SERVER-OTHER Karjasoft Sami HTTP Server denial of service attempt (more info ...) | denial-of-service | 2007-0548 | |||
| 44378 | SERVER-WEBAPP Easy File Sharing HTTP Server Post buffer overflow attempt (more info ...) | web-application-attack | ||||
| 46540 | SERVER-WEBAPP UltiDev Cassini Webserver file download attempt (more info ...) | web-application-attack | URL | |||
| 51406 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 51407 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 51408 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 51409 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 51410 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 51411 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 51412 | BROWSER-PLUGINS Lotus Domino Web Access ActiveX Controls buffer overflow attempt (more info ...) | attempted-user | 2010-0919 | 38457 | URL | |
| 52563 | MALWARE-CNC Unix.Trojan.Mirai variant outbound Yachtcontrol webserver unauthenticated remote code execution attempt (more info ...) | trojan-activity | 2019-17270 | |||
| 52564 | MALWARE-CNC Unix.Trojan.Mirai variant outbound Yachtcontrol webserver unauthenticated remote code execution attempt (more info ...) | trojan-activity | 2019-17270 | |||
| 57875 | SERVER-WEBAPP IBM Lotus Domino Web Service denial of service attempt (more info ...) | attempted-user | 2005-0986 | 13045 | ||
| 59418 | SERVER-OTHER Git HTTP server submodule potential remote code execution attempt (more info ...) | attempted-user | 2017-1000117 | |||
| 59419 | SERVER-OTHER Git HTTP server submodule potential remote code execution attempt (more info ...) | attempted-user | 2017-1000117 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 14771 | SERVER-APACHE BEA WebLogic Apache Oracle connector Transfer-Encoding buffer overflow attempt (more info ...) | attempted-admin | 2008-4008 | 31683 | URL | |
| 15511 | SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (more info ...) | attempted-admin | 2008-3257 | 30273 | URL | |
| 16198 | SERVER-APACHE Apache mod_auth_pgsql module logging facility format string exploit attempt (more info ...) | attempted-user | 2005-3656 | 16153 | ||
| 16479 | SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt - public shell code (more info ...) | attempted-admin | 2010-0425 | 38494 | ||
| 16480 | SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (more info ...) | attempted-admin | 2010-0425 | 38494 | ||
| 17156 | SERVER-APACHE HP Performance Manager Apache Tomcat policy bypass attempt (more info ...) | attempted-admin | 2009-3843 | 37086 | ||
| 18283 | SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (more info ...) | attempted-admin | 2008-3257 | 30273 | URL | |
| 19107 | SERVER-APACHE Apache mod_isapi dangling pointer code execution attempt (more info ...) | attempted-admin | 2010-0425 | 38494 | ||
| 19124 | SERVER-APACHE Apache mod_isapi dangling pointer exploit attempt (more info ...) | attempted-admin | 2010-0425 | 38494 | ||
| 21072 | SERVER-APACHE Apache Struts remote code execution attempt - GET parameter (more info ...) | attempted-admin | 2016-3081 | URL | ||
| 21073 | SERVER-APACHE Apache Struts allowStaticMethodAccess invocation attempt (more info ...) | attempted-admin | 2012-0391 | URL | ||
| 21075 | SERVER-APACHE Apache Struts remote code execution attempt - DebuggingInterceptor (more info ...) | attempted-admin | 2012-0394 | URL | ||
| 21656 | SERVER-APACHE Apache Struts remote code execution attempt - GET parameter (more info ...) | attempted-admin | 2016-3081 | URL | ||
| 23631 | SERVER-APACHE Apache Struts remote code execution attempt - POST parameter (more info ...) | attempted-admin | 2017-9791 | URL | ||
| 26772 | SERVER-OTHER Apache Struts2 skillName remote code execution attempt (more info ...) | attempted-admin | 2013-1965 | 60082 | ||
| 26824 | SERVER-OTHER Apache Struts allowStaticMethodAccess invocation attempt (more info ...) | attempted-admin | 2013-2115 | 60166 | URL | |
| 26825 | SERVER-OTHER Apache Struts allowStaticMethodAccess invocation attempt (more info ...) | attempted-admin | 2013-2115 | 60166 | URL | |
| 27243 | SERVER-APACHE Apache Struts2 blacklisted method redirectAction (more info ...) | web-application-attack | 2013-2251 | URL | ||
| 27244 | SERVER-APACHE Apache Struts2 blacklisted method redirect (more info ...) | web-application-attack | 2013-2251 | URL | ||
| 27245 | SERVER-APACHE Apache Struts2 remote code execution attempt (more info ...) | web-application-attack | 2013-2251 | URL | ||
| 27572 | SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (more info ...) | attempted-admin | 2013-2134 | 60346 | URL | |
| 27573 | SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (more info ...) | attempted-admin | 2013-2134 | 60346 | URL | |
| 27574 | SERVER-APACHE Apache Struts OGNL getRuntime.exec static method access attempt (more info ...) | attempted-admin | 2013-2135 | 60346 | URL | |
| 27575 | SERVER-APACHE Apache Struts arbitrary OGNL remote code execution attempt (more info ...) | attempted-admin | 2013-2135 | 60345 | URL | |
| 29523 | SERVER-APACHE Oracle WebLogic Apache Connector buffer overflow attempt (more info ...) | attempted-admin | 2008-3257 | 30273 | URL | |
| 29747 | SERVER-APACHE Apache Struts2 blacklisted method redirect (more info ...) | web-application-attack | 2013-2251 | URL | ||
| 29748 | SERVER-APACHE Apache Struts2 blacklisted method redirect (more info ...) | web-application-attack | 2013-2251 | URL | ||
| 29859 | SERVER-APACHE Apache Struts allowStaticMethodAccess invocation attempt (more info ...) | attempted-admin | 2013-2115 | 60166 | URL | |
| 38392 | SERVER-WEBAPP Apache Jetspeed Portal Site Manager directory traversal attempt (more info ...) | attempted-admin | 2016-0709 | URL | ||
| 38393 | SERVER-WEBAPP Apache Jetspeed Portal Site Manager directory traversal attempt (more info ...) | attempted-admin | 2016-0709 | URL | ||
| 39190 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2018-11776 | URL | ||
| 39191 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2018-11776 | URL | ||
| 40359 | SERVER-APACHE Apache Struts xslt.location local file inclusion attempt (more info ...) | attempted-admin | 2016-3082 | URL | ||
| 40846 | SERVER-APACHE Apache Subversion svnserve integer overflow attempt (more info ...) | attempted-user | 2015-5259 | URL | ||
| 40847 | SERVER-APACHE Apache Subversion svnserve integer overflow attempt (more info ...) | attempted-user | 2015-5259 | URL | ||
| 40848 | SERVER-APACHE Apache Subversion svnserve integer overflow attempt (more info ...) | attempted-user | 2015-5259 | URL | ||
| 40849 | SERVER-APACHE Apache Subversion svnserve integer overflow attempt (more info ...) | attempted-user | 2015-5259 | URL | ||
| 41390 | SERVER-WEBAPP Apache Commons Library FileUpload unauthorized Java object upload attempt (more info ...) | attempted-user | 2016-1000031 | URL | ||
| 41818 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2017-9791 | URL | ||
| 41819 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2017-9791 | URL | ||
| 41922 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2019-0230 | URL | ||
| 41923 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2019-0230 | URL | ||
| 43790 | SERVER-OTHER Apache mod_auth_digest out of bounds read attempt (more info ...) | attempted-user | 2017-9788 | URL | ||
| 44327 | SERVER-APACHE Apache Struts freemarker tag OGNL expression injection attempt (more info ...) | attempted-admin | 2017-12611 | URL | ||
| 44328 | SERVER-APACHE Apache Struts freemarker tag OGNL expression injection attempt (more info ...) | attempted-admin | 2020-17530 | URL | ||
| 44329 | SERVER-APACHE Apache Struts freemarker tag OGNL expression injection attempt (more info ...) | attempted-admin | 2017-12611 | URL | ||
| 44330 | SERVER-APACHE Apache Struts freemarker tag OGNL expression injection attempt (more info ...) | attempted-admin | 2017-12611 | URL | ||
| 44531 | SERVER-APACHE Apache Tomcat remote JSP file upload attempt (more info ...) | attempted-user | 2017-12617 | 100954 | URL | |
| 44890 | SERVER-OTHER Apache CouchDB remote privilege escalation attempt (more info ...) | attempted-user | 2017-12635 | |||
| 45083 | SERVER-APACHE Apache Solr RunExecutableListener arbitrary command execution attempt (more info ...) | attempted-admin | 2017-12629 | 101261 | ||
| 45084 | SERVER-APACHE Apache Solr xmlparser external doctype or entity expansion attempt (more info ...) | web-application-attack | 2017-12629 | 101261 | ||
| 45269 | SERVER-OTHER Apache CouchDB remote code execution attempt (more info ...) | attempted-user | 2017-12636 | |||
| 45353 | SERVER-APACHE Sling framework information disclosure attempt (more info ...) | web-application-attack | 2016-0956 | URL | ||
| 46071 | SERVER-APACHE Apache Tomcat Java JmxRemoteLifecycleListener unauthorized serialized object attempt (more info ...) | attempted-user | 2016-8735 | URL | ||
| 46440 | SERVER-OTHER Apache CouchDB remote code execution attempt (more info ...) | attempted-user | 2017-12636 | |||
| 47615 | SERVER-APACHE Apache Tika crafted HTTP header command injection attempt (more info ...) | attempted-user | 2018-1335 | |||
| 47634 | SERVER-APACHE Apache Struts OGNL getRuntime.exec static method access attempt (more info ...) | attempted-admin | 2018-11776 | URL | ||
| 47649 | SERVER-WEBAPP Apache Struts remote code execution attempt (more info ...) | attempted-user | 2018-11776 | URL | ||
| 47689 | SERVER-APACHE Apache Struts java.net.Socket class access attempt (more info ...) | attempted-user | 2018-11776 | URL | ||
| 47690 | SERVER-APACHE Apache Struts java.lang.ProcessBuilder class access attempt (more info ...) | attempted-user | 2020-17530 | URL | ||
| 47691 | SERVER-APACHE Apache Struts ognl remote code execution attempt (more info ...) | attempted-user | 2018-11776 | URL | ||
| 48231 | SERVER-WEBAPP Apache Syncope XSL transform code injection attempt (more info ...) | web-application-attack | 2018-1321 | URL | ||
| 48232 | SERVER-WEBAPP Apache Syncope XSL transform code injection attempt (more info ...) | web-application-attack | 2018-1321 | URL | ||
| 48381 | SERVER-APACHE Apache Tomcat mod_jk access control bypass attempt (more info ...) | attempted-user | 2018-11759 | |||
| 48382 | SERVER-APACHE Apache Tomcat mod_jk access control bypass attempt (more info ...) | attempted-user | 2018-11759 | |||
| 48383 | SERVER-APACHE Apache Tomcat mod_jk access control bypass attempt (more info ...) | attempted-user | 2018-11759 | |||
| 48384 | SERVER-APACHE Apache Tomcat mod_jk access control bypass attempt (more info ...) | attempted-user | 2018-11759 | |||
| 48474 | SERVER-APACHE Apache Hadoop YARN ResourceManager arbitrary command execution attempt (more info ...) | attempted-user | URL | |||
| 48549 | SERVER-WEBAPP Apache Superset python pickle library remote code execution attempt (more info ...) | attempted-user | 2018-8021 | |||
| 48550 | SERVER-WEBAPP Apache Superset python pickle library remote code execution attempt (more info ...) | attempted-user | 2018-8021 | |||
| 48551 | SERVER-WEBAPP Apache Superset python pickle library remote code execution attempt (more info ...) | attempted-user | 2018-8021 | |||
| 49376 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2017-9791 | URL | ||
| 49377 | SERVER-APACHE Apache Struts remote code execution attempt (more info ...) | attempted-admin | 2017-9791 | URL | ||
| 49557 | SERVER-WEBAPP Apache Solr jmx.serviceUrl remote code execution attempt (more info ...) | attempted-admin | 2019-0192 | URL | ||
| 49885 | SERVER-APACHE Apache Struts2 remote code execution attempt (more info ...) | web-application-attack | 2013-2251 | URL | ||
| 52130 | SERVER-WEBAPP Apache Struts OGNL expression injection attempt (more info ...) | attempted-admin | 2017-9791 | URL | ||
| 52324 | SERVER-APACHE Apache Solr Velocity Response Writer remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52325 | SERVER-APACHE Apache Solr Velocity Response Writer remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52494 | SERVER-APACHE Apache httpd mod_remoteip heap buffer overflow attempt (more info ...) | attempted-user | 2019-10097 | URL | ||
| 53341 | SERVER-APACHE Apache Tomcat AJP connector arbitrary file access attempt (more info ...) | attempted-user | 2020-1938 | |||
| 53475 | SERVER-OTHER Apache Log4j SocketServer insecure deserialization remote code execution attempt (more info ...) | attempted-user | 2019-17571 | URL | ||
| 54162 | SERVER-WEBAPP Apache Tomcat FileStore directory traversal attempt (more info ...) | web-application-attack | 2020-9484 | |||
| 54650 | SERVER-WEBAPP Apache Kylin REST API migrate command injection attempt (more info ...) | attempted-admin | 2020-1956 | URL | ||
| 55978 | SERVER-OTHER Apache OFBiz XMLRPC deserialization attempt (more info ...) | attempted-admin | 2022-35405 | URL | ||
| 55999 | SERVER-APACHE Apache Struts denial of service attempt (more info ...) | attempted-admin | 2019-0233 | URL | ||
| 56000 | SERVER-APACHE Apache Struts denial of service attempt (more info ...) | attempted-admin | 2019-0233 | URL | ||
| 56001 | SERVER-APACHE Apache Struts denial of service attempt (more info ...) | attempted-admin | 2019-0233 | URL | ||
| 56990 | SERVER-WEBAPP Apache Unomi OGNL MVEL2 remote command execution attempt (more info ...) | attempted-user | 2020-13942 | URL | ||
| 57921 | SERVER-WEBAPP Apache OFBiz XMLRPC unsafe deserialization attempt (more info ...) | attempted-user | 2021-29200 | |||
| 57984 | SERVER-OTHER Apache Dubbo insecure deserialization remote code execution attempt (more info ...) | attempted-user | 2021-25641 | |||
| 58067 | SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt (more info ...) | web-application-attack | 2020-17518 | |||
| 58068 | SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt (more info ...) | web-application-attack | 2020-17518 | |||
| 58069 | SERVER-WEBAPP Apache Flink FileUploadHandler directory traversal attempt (more info ...) | web-application-attack | 2020-17518 | |||
| 58276 | SERVER-WEBAPP Apache HTTP Server httpd directory traversal attempt (more info ...) | web-application-attack | 2021-42013 | URL | ||
| 58447 | SERVER-APACHE Apache Druid remote code execution attempt (more info ...) | attempted-admin | 2021-25646 | URL | ||
| 58722 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58723 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58724 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58725 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58726 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58727 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58728 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58729 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58730 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58731 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58732 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58733 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58734 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58735 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58736 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58737 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58738 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58739 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58740 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58741 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58742 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2022-20933 | URL | ||
| 58743 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58744 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58751 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58784 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58785 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58786 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58787 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58788 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58789 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58790 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58795 | SERVER-OTHER Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58802 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58803 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58804 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58805 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58806 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58807 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58808 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58809 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58810 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-user | 2021-45105 | URL | ||
| 58820 | SERVER-APACHE Apache HTTP server SSRF attempt (more info ...) | attempted-user | 2021-40438 | |||
| 58966 | SERVER-WEBAPP Apache Airflow command injection attempt (more info ...) | web-application-attack | 2020-11978 | |||
| 59088 | SERVER-APACHE Apache Shiro HTTP Cookie insecure deserialization attempt (more info ...) | attempted-user | 2016-4437 | URL | ||
| 59115 | SERVER-APACHE Apache Druid JDBC connection remote code execution attempt (more info ...) | attempted-user | 2021-26919 | |||
| 59246 | SERVER-WEBAPP Apache Log4j logging remote code execution attempt (more info ...) | attempted-admin | 2021-45105 | URL | ||
| 59274 | SERVER-APACHE Mod Proxy DOS Attempt (more info ...) | denial-of-service | 2021-44224 | URL | ||
| 59333 | SERVER-WEBAPP Apache Kylin REST API DiagnosisService command injection attempt (more info ...) | web-application-attack | 2020-13925 | |||
| 59334 | SERVER-WEBAPP Apache Kylin REST API DiagnosisService command injection attempt (more info ...) | web-application-attack | 2020-13925 | |||
| 59480 | SERVER-WEBAPP Apache APISIX default admin API backdoor usage attempt (more info ...) | attempted-admin | 2022-24112 | URL | ||
| 59481 | SERVER-WEBAPP Apache APISIX default admin API backdoor usage attempt (more info ...) | attempted-admin | 2022-24112 | URL | ||
| 59513 | SERVER-WEBAPP Apache APISIX Dashboard authentication bypass attempt (more info ...) | web-application-attack | 2021-45232 | URL | ||
| 59876 | SERVER-WEBAPP Apache Solr configset Java expression language injection attempt (more info ...) | web-application-attack | 2020-13957 | URL | ||
| 59906 | SERVER-WEBAPP Apache Struts OGNL sandbox bypass attempt (more info ...) | attempted-user | 2021-31805 | |||
| 60227 | SERVER-WEBAPP Apache httpd mod_lua req_parsebody denial of service attempt (more info ...) | attempted-dos | 2022-22719 | |||
| 60358 | SERVER-WEBAPP Apache Spark command injection attempt (more info ...) | web-application-attack | 2022-33891 | |||
| 60359 | SERVER-WEBAPP Apache Spark command injection attempt (more info ...) | web-application-attack | 2022-33891 | |||
| 60360 | SERVER-WEBAPP Apache Spark command injection attempt (more info ...) | web-application-attack | 2022-33891 | |||
| 60361 | SERVER-WEBAPP Apache Spark command injection attempt (more info ...) | web-application-attack | 2022-33891 | |||
| 60737 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 60738 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 60739 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 60740 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 60741 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 60742 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 61390 | SERVER-WEBAPP Apache Kylin runSparkSubmit command injection attempt (more info ...) | web-application-attack | 2022-24697 | |||
| 61454 | SERVER-WEBAPP Apache Kafka Connect remote code execution attempt (more info ...) | attempted-user | 2023-25194 | URL | ||
| 61472 | SERVER-WEBAPP Apache OFBiz XMLRPC unsafe deserialization attempt (more info ...) | attempted-user | 2021-26295 | |||
| 62047 | SERVER-OTHER Apache RocketMQ command injection attempt (more info ...) | attempted-admin | 2023-33246 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1056 | SERVER-APACHE Apache Tomcat view source attempt (more info ...) | web-application-attack | 2001-0590 | 2527 | ||
| 1108 | SERVER-APACHE Apache Tomcat server snoop access (more info ...) | attempted-recon | 2000-0760 | 1532 | 10478 | |
| 1110 | SERVER-WEBAPP apache source.asp file access (more info ...) | attempted-recon | 2000-0628 | 1457 | 10480 | |
| 1111 | SERVER-APACHE Apache Tomcat server exploit access (more info ...) | attempted-recon | 2000-0672 | 1548 | 10477 | |
| 1519 | SERVER-WEBAPP apache ?M=D directory list attempt (more info ...) | web-application-activity | 2001-0731 | 3009 | 10704 | |
| 1808 | SERVER-WEBAPP Apache chunked-encoding memory corruption exploit attempt (more info ...) | web-application-activity | 2002-0392 | 5033 | ||
| 1809 | SERVER-APACHE Apache chunked-encoding worm attempt (more info ...) | web-application-attack | 2002-0392 | 5033 | 10932 | |
| 1827 | SERVER-APACHE Apache Tomcat servlet mapping cross site scripting attempt (more info ...) | web-application-attack | 2002-0682 | 5193 | 11041 | |
| 1829 | SERVER-APACHE Apache Tomcat TroubleShooter servlet access (more info ...) | web-application-activity | 2002-2006 | 4575 | 11046 | |
| 1830 | SERVER-APACHE Apache Tomcat SnoopServlet servlet access (more info ...) | web-application-activity | 2002-2006 | 4575 | 11046 | |
| 2061 | SERVER-APACHE Apache Tomcat null byte directory listing attempt (more info ...) | web-application-attack | 2003-0042 | 6721 | 11438 | |
| 5715 | SERVER-APACHE Apache malformed ipv6 uri overflow attempt (more info ...) | web-application-attack | 2004-0786 | 11187 | ||
| 11272 | SERVER-APACHE Apache newline exploit attempt (more info ...) | web-application-attack | 2003-0132 | 7254 | ||
| 11273 | SERVER-APACHE Apache header parsing space saturation denial of service attempt (more info ...) | attempted-dos | 2004-0942 | |||
| 11679 | SERVER-APACHE Apache mod_rewrite buffer overflow attempt (more info ...) | attempted-admin | 2006-3747 | |||
| 12465 | SERVER-APACHE Apache APR memory corruption attempt (more info ...) | attempted-admin | 2003-0245 | 7723 | ||
| 12591 | SERVER-APACHE Apache mod_cache denial of service attempt (more info ...) | denial-of-service | 2007-1863 | 24649 | ||
| 12711 | SERVER-APACHE Apache Tomcat WebDAV system tag remote file disclosure attempt (more info ...) | successful-recon-limited | 2007-5461 | 26070 | URL | |
| 13302 | SERVER-APACHE Apache mod_imagemap cross site scripting attempt (more info ...) | web-application-attack | 2007-5000 | 26838 | ||
| 15578 | MALWARE-TOOLS Slowloris http DoS tool (more info ...) | attempted-dos | 2007-0086 | |||
| 15980 | SERVER-APACHE Apache mod_ssl hook functions format string attempt (more info ...) | attempted-user | 2004-0700 | 10736 | ||
| 16021 | SERVER-APACHE Apache http Server mod_tcl format string attempt (more info ...) | attempted-user | 2006-4154 | 20527 | ||
| 16611 | SERVER-APACHE Apache 413 error HTTP request method cross-site scripting attack (more info ...) | web-application-attack | 2007-6203 | 26663 | ||
| 17107 | SERVER-APACHE Apache Tomcat JK Web Server Connector long URL stack overflow attempt - 1 (more info ...) | attempted-admin | 2007-0774 | 22791 | ||
| 17354 | SERVER-APACHE Apache Byte-Range Filter denial of service attempt (more info ...) | attempted-dos | 2005-2728 | 14660 | ||
| 17387 | SERVER-APACHE Apache Tomcat allowLinking URIencoding directory traversal attempt (more info ...) | suspicious-filename-detect | 2008-2938 | 30633 | ||
| 17498 | SERVER-APACHE Apache Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17499 | SERVER-APACHE Apache Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17500 | SERVER-APACHE Apache Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17501 | SERVER-APACHE Apache Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17502 | SERVER-APACHE Apache Tomcat UNIX platform directory traversal (more info ...) | web-application-attack | 2007-0450 | 22960 | URL | |
| 17533 | SERVER-APACHE Apache Struts Information Disclosure Attempt (more info ...) | attempted-recon | 2008-6505 | 32104 | ||
| 17656 | SERVER-APACHE Apache HTTP server mod_rewrite module LDAP scheme handling buffer overflow attempt (more info ...) | attempted-user | 2006-3747 | |||
| 18096 | SERVER-APACHE Apache Tomcat username enumeration attempt (more info ...) | attempted-recon | 2009-0580 | 35196 | ||
| 18931 | SERVER-APACHE Apache Struts OGNL parameter interception bypass command execution attempt (more info ...) | attempted-admin | 2010-1870 | 41592 | ||
| 19709 | SERVER-APACHE Apache APR apr_fn match infinite loop denial of service attempt (more info ...) | attempted-dos | 2011-0419 | URL | ||
| 19825 | SERVER-APACHE Apache Killer denial of service tool exploit attempt (more info ...) | attempted-dos | 2011-3192 | 49303 | URL | |
| 20528 | SERVER-APACHE Apache mod_proxy reverse proxy information disclosure attempt (more info ...) | attempted-recon | 2011-4317 | |||
| 20612 | SERVER-APACHE Apache Tomcat Java AJP connector invalid header timeout DOS attempt (more info ...) | attempted-dos | 2009-0033 | 35193 | ||
| 20821 | SERVER-APACHE Apache APR header memory corruption attempt (more info ...) | attempted-admin | 2003-0245 | 7723 | ||
| 21074 | SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (more info ...) | attempted-admin | 2012-0392 | 51257 | URL | |
| 21214 | SERVER-APACHE Apache server mod_proxy reverse proxy bypass attempt (more info ...) | attempted-recon | 2011-4317 | |||
| 21260 | SERVER-APACHE Apache Byte-Range Filter denial of service attempt (more info ...) | attempted-dos | 2005-2728 | 14660 | ||
| 21337 | SERVER-APACHE Apache XML HMAC truncation authentication bypass attempt (more info ...) | attempted-user | 2009-0217 | 35671 | ||
| 21356 | SERVER-APACHE Apache URI directory traversal attempt (more info ...) | attempted-recon | 2002-0661 | 5434 | ||
| 21515 | SERVER-APACHE Apache Tomcat Web Application Manager access (more info ...) | attempted-recon | URL | |||
| 21522 | SERVER-APACHE Apache Struts parameters interceptor remote code execution attempt (more info ...) | attempted-user | 2011-3923 | URL | ||
| 21923 | SERVER-APACHE Apache Tomcat PUT request remote file deployment attempt (more info ...) | attempted-user | URL | |||
| 23779 | SERVER-APACHE Apache WebDAV mod_dav nested entity reference DoS attempt (more info ...) | attempted-dos | 2009-1955 | 35253 | ||
| 24306 | SERVER-APACHE HP Operations Dashboard Apache Tomcat default admin account access attempt (more info ...) | attempted-admin | 2009-4188 | 36258 | URL | |
| 24348 | SERVER-APACHE Apache mod_rpaf X-Forwarded-For header denial of service attempt (more info ...) | web-application-attack | 2012-3526 | |||
| 24697 | SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (more info ...) | denial-of-service | 2012-0021 | 51705 | ||
| 24698 | SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (more info ...) | denial-of-service | 2012-0021 | 51705 | ||
| 26431 | SERVER-WEBAPP Apache mod_proxy_balancer cross site scripting attempt (more info ...) | web-application-attack | 2012-4558 | 58165 | ||
| 27203 | INDICATOR-COMPROMISE Apache auto_prepend_file a.control.bin C2 traffic (more info ...) | trojan-activity | URL | |||
| 29639 | SERVER-APACHE Apache Struts wildcard matching OGNL remote code execution attempt (more info ...) | attempted-admin | 2018-11776 | 60346 | URL | |
| 29647 | SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (more info ...) | attempted-user | 2013-4212 | 63928 | ||
| 29648 | SERVER-APACHE Apache Roller OGNL injection remote code execution attempt (more info ...) | attempted-user | 2013-4212 | 63928 | ||
| 29649 | SERVER-APACHE Apache Roller allowStaticMethodAccess invocation attempt (more info ...) | attempted-user | 2013-4212 | 63928 | ||
| 29896 | SERVER-APACHE Apache Tomcat infinite loop denial of service attempt (more info ...) | denial-of-service | 2014-0050 | |||
| 29936 | SERVER-APACHE Apache Struts remote code execution attempt - CookieInterceptor (more info ...) | attempted-admin | 2012-0392 | 51257 | URL | |
| 30010 | SERVER-APACHE Apache Solr SolrResourceLoader directory traversal attempt (more info ...) | attempted-admin | 2013-6397 | 63935 | URL | |
| 30194 | SERVER-WEBAPP Apache Camel XSLT unauthorized code execution (more info ...) | attempted-user | 2014-0003 | URL | ||
| 30944 | SERVER-APACHE Apache Struts CookieInterceptor classloader access attempt (more info ...) | attempted-admin | 2014-0113 | 67081 | URL | |
| 31405 | SERVER-APACHE Apache Chunked-Encoding worm attempt (more info ...) | web-application-attack | 2002-0392 | 5033 | 10932 | |
| 34048 | SERVER-APACHE Apache mod_log_config cookie handling denial of service attempt (more info ...) | denial-of-service | 2012-0021 | 51705 | ||
| 34973 | SERVER-OTHER Apache mod_include buffer overflow attempt (more info ...) | attempted-user | 2004-0940 | 11471 | ||
| 35314 | SERVER-APACHE Apache HTTP Server mod_proxy denial of service attempt (more info ...) | attempted-admin | 2014-0117 | URL | ||
| 35406 | SERVER-APACHE Apache HTTP Server mod_status heap buffer overflow attempt (more info ...) | web-application-activity | 2014-0226 | URL | ||
| 35531 | SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (more info ...) | attempted-dos | 2013-4352 | 69248 | URL | |
| 35532 | SERVER-WEBAPP Apache HTTP server mod_cache denial of service attempt (more info ...) | attempted-dos | 2013-4352 | 69248 | URL | |
| 36057 | SERVER-WEBAPP Apache ActiveMQ directory traversal attempt (more info ...) | web-application-attack | 2015-1830 | |||
| 37503 | SERVER-OTHER Apache ActiveMQ shutdown command denial of service attempt (more info ...) | denial-of-service | 2014-3576 | 76272 | ||
| 37968 | SERVER-WEBAPP Apache HTTP server potential cookie disclosure attempt (more info ...) | web-application-attack | 2012-0053 | 51706 | ||
| 38268 | SERVER-APACHE 404 OK response (more info ...) | misc-attack | URL | |||
| 38990 | SERVER-WEBAPP Apache Struts I18NInterceptor locale object cross site scripting attempt (more info ...) | attempted-user | 2016-2162 | |||
| 40302 | SERVER-APACHE Apache Jetspeed Portal cross-site scripting attempt (more info ...) | attempted-user | 2016-0712 | URL | ||
| 40316 | SERVER-APACHE Apache Tomcat default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40317 | SERVER-APACHE Apache Tomcat default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40318 | SERVER-APACHE Apache Tomcat default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40319 | SERVER-APACHE Apache Tomcat default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40320 | SERVER-APACHE Apache Tomcat default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40321 | SERVER-APACHE Apache Tomcat credential disclosure attempt (more info ...) | attempted-admin | URL | |||
| 41688 | SERVER-APACHE Apache HTTP Server mod_http2 denial of service attempt (more info ...) | denial-of-service | 2016-8740 | |||
| 41811 | SERVER-OTHER Apache ActiveMQ fileserver broker service file delete attempt (more info ...) | attempted-user | 2016-3088 | |||
| 41850 | SERVER-WEBAPP Apache Struts URL validator denial of service attempt (more info ...) | web-application-attack | 2016-4465 | URL | ||
| 42133 | SERVER-APACHE Apache mod_session_crypto padding oracle brute force attempt (more info ...) | web-application-attack | 2016-0736 | URL | ||
| 42878 | SERVER-WEBAPP Apache TomEE java deserialization attempt (more info ...) | attempted-user | 2017-3248 | URL | ||
| 42879 | SERVER-WEBAPP Apache TomEE java deserialization attempt (more info ...) | attempted-user | 2016-0779 | URL | ||
| 43247 | SERVER-APACHE Apache Rave information disclosure attempt (more info ...) | attempted-recon | 2013-1814 | |||
| 43547 | SERVER-APACHE httpd mod_mime content-type buffer overflow attempt (more info ...) | attempted-user | 2017-7679 | |||
| 43587 | SERVER-WEBAPP Apache httpd ap_find_token buffer overread attempt (more info ...) | attempted-user | 2017-7668 | 99137 | ||
| 44155 | SERVER-APACHE Apache Qpid AMQP denial of service attempt (more info ...) | denial-of-service | 2015-0203 | |||
| 44156 | SERVER-APACHE Apache Qpid AMQP denial of service attempt (more info ...) | denial-of-service | 2015-0203 | |||
| 44703 | POLICY-OTHER Apache OpenOffice malicious macro exploitation attempt (more info ...) | policy-violation | ||||
| 44704 | POLICY-OTHER Apache OpenOffice malicious macro exploitation attempt (more info ...) | policy-violation | ||||
| 44705 | POLICY-OTHER Apache OpenOffice malicious macro exploitation attempt (more info ...) | policy-violation | ||||
| 44706 | POLICY-OTHER Apache OpenOffice malicious macro exploitation attempt (more info ...) | policy-violation | ||||
| 44808 | INDICATOR-COMPROMISE Apache HTTP Server possible mod_dav.c remote denial of service vulnerability attempt (more info ...) | attempted-dos | 2013-1896 | 100872 | ||
| 45093 | SERVER-WEBAPP Apache Archiva XML server side request forgery attempt (more info ...) | web-application-attack | 2016-5002 | |||
| 45307 | SERVER-APACHE Apache SSI error page cross-site scripting attempt (more info ...) | web-application-attack | 2002-0840 | 5847 | ||
| 46115 | SERVER-APACHE FrontPage privilege escalation attempt (more info ...) | attempted-admin | ||||
| 46116 | SERVER-APACHE FrontPage privilege escalation attempt (more info ...) | attempted-admin | ||||
| 46304 | SERVER-OTHER Apache ActiveMQ JMS ObjectMessage deserialization attempt (more info ...) | misc-activity | 2015-5254 | |||
| 46326 | SERVER-APACHE Apache Jetspeed PageManagementService persistent XSS attempt (more info ...) | attempted-user | 2016-0711 | |||
| 46327 | SERVER-APACHE Apache Jetspeed PageManagementService persistent XSS attempt (more info ...) | attempted-user | 2016-0711 | |||
| 46328 | SERVER-WEBAPP Apache Jetspeed PageManagementService persistent XSS attempt (more info ...) | attempted-user | 2016-0711 | |||
| 46336 | SERVER-APACHE Apache Jetspeed User Manager service unauthorized API access attempt (more info ...) | policy-violation | 2016-2171 | |||
| 47061 | SERVER-WEBAPP Apache Struts URL validator denial of service attempt (more info ...) | web-application-attack | 2016-4465 | URL | ||
| 48233 | SERVER-WEBAPP Apache Syncope information disclosure by orderBy (more info ...) | attempted-recon | 2018-1322 | URL | ||
| 48234 | SERVER-WEBAPP Apache Syncope information disclosure by fiql (more info ...) | attempted-recon | 2018-1322 | URL | ||
| 51287 | SERVER-WEBAPP Apache CouchDB _config command injection attempt (more info ...) | web-application-attack | 2018-8007 | URL | ||
| 51662 | SERVER-APACHE Apache Qpid AMQP denial of service attempt (more info ...) | denial-of-service | 2015-0203 | |||
| 52471 | SERVER-APACHE Apache Tomcat chunked transfer encoding denial of service attempt (more info ...) | attempted-dos | 2014-0227 | |||
| 55800 | SERVER-WEBAPP Apache Tomcat HTTP/2 denial of service attempt (more info ...) | denial-of-service | 2020-13934 | |||
| 55801 | SERVER-WEBAPP Apache Tomcat HTTP/2 denial of service attempt (more info ...) | denial-of-service | 2020-13934 | |||
| 56086 | SERVER-WEBAPP Apache Tomcat WebSocket length denial of service attempt (more info ...) | attempted-dos | 2020-13935 | |||
| 56989 | SERVER-WEBAPP Apache OpenMeetings NetTest denial of service attempt (more info ...) | attempted-dos | 2020-13951 | |||
| 57299 | SERVER-WEBAPP Apache HTTP server mod_rewrite external URL redirection attempt (more info ...) | misc-attack | 2020-1927 | URL | ||
| 57537 | POLICY-OTHER Cisco SD-WAN vManage user creation via Apache Kafka detected (more info ...) | policy-violation | 2021-1468 | URL | ||
| 57580 | SERVER-APACHE Apache HTTP Server auth_ldap format string exploit attempt (more info ...) | attempted-user | 2006-0150 | 16177 | ||
| 58939 | SERVER-WEBAPP Apache Superset Markdown component cross site scripting attempt (more info ...) | attempted-user | 2021-27907 | URL | ||
| 58940 | SERVER-WEBAPP Apache Superset Markdown component cross site scripting attempt (more info ...) | attempted-user | 2021-27907 | URL | ||
| 59032 | SERVER-WEBAPP Apache ActiveMQ Web Console cross site scripting attempt (more info ...) | attempted-user | 2020-13947 | |||
| 59033 | SERVER-WEBAPP Apache ActiveMQ Web Console cross site scripting attempt (more info ...) | attempted-user | 2020-13947 | |||
| 59114 | SERVER-APACHE Apache Druid JDBC connection remote code execution attempt (more info ...) | attempted-user | 2021-26919 | |||
| 59258 | POLICY-OTHER Apache ShenYu plugins API access attempt (more info ...) | policy-violation | 2022-23944 | URL | ||
| 59302 | SERVER-APACHE Apache httpd mod_lua integer underflow attempt (more info ...) | attempted-admin | 2021-44790 | URL | ||
| 59363 | SERVER-WEBAPP Apache Airflow trigger origin cross site scripting attempt (more info ...) | attempted-user | 2020-13944 | |||
| 59364 | SERVER-WEBAPP Apache Airflow trigger origin cross site scripting attempt (more info ...) | attempted-user | 2020-13944 | |||
| 59440 | SERVER-APACHE Apache mod_http2 NULL pointer dereference attempt (more info ...) | denial-of-service | 2017-7659 | |||
| 59656 | SERVER-WEBAPP Apache Groovy Elastic Search unauthorized serialized object attempt (more info ...) | attempted-user | 2015-5377 | URL | ||
| 59667 | SERVER-APACHE SVN URL command injection attempt (more info ...) | attempted-user | 2017-9800 | |||
| 59669 | SERVER-WEBAPP Apache Subversion denial-of-service attempt (more info ...) | attempted-dos | 2018-11803 | URL | ||
| 59742 | SERVER-APACHE Apache SVN mod_authz_svn MOVE denial of service attempt (more info ...) | attempted-dos | 2016-2168 | |||
| 59743 | SERVER-APACHE Apache SVN mod_authz_svn COPY denial of service attempt (more info ...) | attempted-dos | 2016-2168 | |||
| 59874 | POLICY-OTHER Apache Solr configset upload attempt (more info ...) | policy-violation | URL | |||
| 59875 | POLICY-OTHER Apache Solr configset upload attempt (more info ...) | policy-violation | URL | |||
| 60078 | SERVER-APACHE Apache Tomcat open redirect attempt (more info ...) | misc-attack | 2018-11784 | URL | ||
| 60685 | SERVER-APACHE Apache Struts multipart request handler DOS attempt (more info ...) | attempted-dos | 2006-1547 | URL | ||
| 60888 | SERVER-OTHER Apache CouchDB node remote command execution attempt (more info ...) | attempted-admin | 2022-24706 | URL | ||
| 61650 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 | |||
| 61651 | SERVER-OTHER Apache Commons Text string interpolation remote code execution attempt (more info ...) | web-application-attack | 2022-42889 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3087 | SERVER-IIS w3who.dll buffer overflow attempt (more info ...) | attempted-admin | 2004-1134 | 11820 | ||
| 13922 | SERVER-IIS Microsoft IIS HTMLEncode Unicode string buffer overflow attempt (more info ...) | web-application-attack | 2008-0075 | URL | ||
| 15959 | SERVER-IIS Microsoft ASP.NET viewstate DoS attempt (more info ...) | attempted-dos | 2005-1665 | URL | ||
| 18243 | SERVER-IIS Microsoft Windows 7 IIS7.5 FTPSVC buffer overflow attempt (more info ...) | attempted-admin | 2010-3972 | 45542 | URL | |
| 21161 | SERVER-IIS Microsoft Windows IIS5 NTLM and basic authentication bypass attempt (more info ...) | attempted-user | 2007-2815 | 24105 | URL | |
| 34061 | SERVER-IIS Microsoft IIS Range header integer overflow attempt (more info ...) | attempted-dos | 2015-1635 | 74013 | URL | |
| 39905 | OS-WINDOWS Microsoft Windows IIS denial of service attempt (more info ...) | denial-of-service | 2022-35748 | URL | ||
| 42110 | SERVER-WEBAPP Microsoft IIS ScStoragePathFromUrl function buffer overflow attempt (more info ...) | attempted-admin | 2017-7269 | 97127 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 971 | SERVER-IIS ISAPI .printer access (more info ...) | web-application-activity | 2001-0241 | 2674 | 10661 | URL |
| 973 | SERVER-IIS *.idc attempt (more info ...) | web-application-attack | 2000-0661 | 1448 | ||
| 974 | SERVER-IIS Microsoft Windows IIS directory traversal attempt (more info ...) | web-application-attack | 1999-0229 | 2218 | ||
| 978 | SERVER-IIS ASP contents view (more info ...) | web-application-attack | 2000-0302 | 1084 | 10356 | URL |
| 979 | SERVER-IIS ASP contents view (more info ...) | web-application-attack | 2000-0942 | 1861 | URL | |
| 980 | SERVER-IIS CGImail.exe access (more info ...) | web-application-activity | 2000-0726 | 1623 | 11721 | |
| 984 | SERVER-IIS JET VBA access (more info ...) | web-application-activity | 1999-0874 | 307 | 10116 | |
| 985 | SERVER-IIS JET VBA access (more info ...) | web-application-activity | 1999-0874 | 286 | ||
| 986 | SERVER-IIS MSProxy access (more info ...) | web-application-activity | URL | |||
| 991 | SERVER-IIS achg.htr access (more info ...) | web-application-activity | 1999-0407 | 2110 | ||
| 992 | SERVER-IIS adctest.asp access (more info ...) | web-application-activity | ||||
| 993 | SERVER-IIS iisadmin access (more info ...) | web-application-attack | 1999-1538 | 189 | 11032 | |
| 994 | SERVER-IIS /scripts/iisadmin/default.htm access (more info ...) | web-application-attack | ||||
| 995 | SERVER-IIS ism.dll access (more info ...) | web-application-attack | 2000-0630 | 189 | ||
| 996 | SERVER-IIS anot.htr access (more info ...) | web-application-activity | 1999-0407 | 2110 | ||
| 997 | SERVER-IIS asp-dot attempt (more info ...) | web-application-attack | 1814 | 10363 | ||
| 998 | SERVER-IIS asp-srch attempt (more info ...) | web-application-attack | ||||
| 999 | SERVER-IIS bdir access (more info ...) | web-application-activity | 2280 | |||
| 1000 | SERVER-IIS bdir.htr access (more info ...) | web-application-activity | 2280 | 10577 | ||
| 1003 | SERVER-IIS cmd? access (more info ...) | web-application-attack | ||||
| 1004 | SERVER-IIS codebrowser Exair access (more info ...) | web-application-activity | 1999-0815 | |||
| 1005 | SERVER-IIS codebrowser SDK access (more info ...) | web-application-activity | 1999-0736 | 167 | ||
| 1007 | SERVER-IIS Form_JScript.asp access (more info ...) | web-application-attack | 2000-1104 | 1595 | 10572 | URL |
| 1008 | SERVER-IIS del attempt (more info ...) | web-application-attack | ||||
| 1011 | SERVER-IIS exec-src access (more info ...) | web-application-activity | ||||
| 1012 | SERVER-IIS fpcount attempt (more info ...) | web-application-attack | 1999-1376 | 2252 | ||
| 1013 | SERVER-IIS fpcount access (more info ...) | web-application-activity | 1999-1376 | 2252 | ||
| 1015 | SERVER-IIS getdrvs.exe access (more info ...) | web-application-activity | ||||
| 1017 | SERVER-IIS idc-srch attempt (more info ...) | web-application-attack | 1999-0874 | |||
| 1018 | SERVER-IIS iisadmpwd attempt (more info ...) | web-application-attack | 1999-0407 | 2110 | 10371 | |
| 1019 | SERVER-IIS Malformed Hit-Highlighting Argument File Access Attempt (more info ...) | web-application-attack | 2000-0097 | 950 | URL | |
| 1020 | SERVER-IIS isc$data attempt (more info ...) | web-application-attack | 1999-0874 | 307 | 10116 | |
| 1021 | SERVER-IIS ism.dll attempt (more info ...) | web-application-attack | 2000-0457 | 1193 | 10680 | URL |
| 1022 | SERVER-IIS jet vba access (more info ...) | web-application-activity | 1999-0874 | 286 | URL | |
| 1023 | SERVER-IIS msadcs.dll access (more info ...) | web-application-activity | 1999-1011 | 529 | 10357 | URL |
| 1024 | SERVER-IIS newdsn.exe access (more info ...) | web-application-activity | 1999-0191 | 1818 | 10360 | |
| 1025 | SERVER-IIS perl access (more info ...) | web-application-activity | ||||
| 1026 | SERVER-IIS perl-browse newline attempt (more info ...) | web-application-attack | 2003-1365 | 6833 | ||
| 1027 | SERVER-IIS perl-browse space attempt (more info ...) | web-application-attack | 2003-1365 | 6833 | ||
| 1028 | SERVER-IIS query.asp access (more info ...) | web-application-activity | 1999-0449 | 193 | ||
| 1029 | SERVER-IIS scripts-browse access (more info ...) | web-application-attack | 11032 | |||
| 1030 | SERVER-IIS search97.vts access (more info ...) | web-application-activity | 162 | |||
| 1031 | SERVER-IIS /SiteServer/Publishing/viewcode.asp access (more info ...) | web-application-activity | 10576 | |||
| 1032 | SERVER-IIS showcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1033 | SERVER-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1034 | SERVER-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1035 | SERVER-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1036 | SERVER-IIS viewcode access (more info ...) | web-application-activity | 1999-0737 | 10576 | URL | |
| 1037 | SERVER-IIS showcode.asp access (more info ...) | web-application-activity | 1999-0736 | 167 | 10007 | URL |
| 1038 | SERVER-IIS site server config access (more info ...) | web-application-activity | 1999-1520 | 256 | ||
| 1039 | SERVER-IIS srch.htm access (more info ...) | web-application-activity | ||||
| 1040 | SERVER-IIS srchadm access (more info ...) | web-application-activity | 11032 | |||
| 1041 | SERVER-IIS uploadn.asp access (more info ...) | web-application-activity | 1999-0360 | 1811 | ||
| 1043 | SERVER-IIS viewcode.asp access (more info ...) | web-application-activity | 1999-0737 | 10576 | ||
| 1044 | SERVER-IIS webhits access (more info ...) | web-application-activity | 2000-0097 | 950 | ||
| 1045 | SERVER-IIS Unauthorized IP Access Attempt (more info ...) | web-application-attack | ||||
| 1046 | SERVER-IIS site/iisamples access (more info ...) | web-application-activity | 10370 | |||
| 1075 | SERVER-IIS postinfo.asp access (more info ...) | web-application-activity | 1999-0360 | 1811 | ||
| 1076 | SERVER-IIS repost.asp access (more info ...) | web-application-activity | 10372 | |||
| 1244 | SERVER-IIS ISAPI .idq attempt (more info ...) | web-application-attack | 2001-0500 | 968 | 10115 | |
| 1256 | SERVER-IIS CodeRed v2 root.exe access (more info ...) | web-application-attack | URL | |||
| 1283 | SERVER-IIS Microsoft Office Outlook web dos (more info ...) | web-application-attack | 3223 | |||
| 1285 | SERVER-IIS msdac access (more info ...) | web-application-activity | 11032 | |||
| 1286 | SERVER-IIS _mem_bin access (more info ...) | web-application-activity | 11032 | |||
| 1380 | SERVER-IIS Form_VBScript.asp access (more info ...) | web-application-attack | 2000-1104 | 1595 | 10572 | URL |
| 1400 | SERVER-IIS /scripts/samples/ access (more info ...) | web-application-attack | 10370 | |||
| 1401 | SERVER-IIS /msadc/samples/ access (more info ...) | web-application-attack | 1999-0736 | 167 | 1007 | |
| 1485 | SERVER-IIS mkilog.exe access (more info ...) | web-application-activity | 10359 | |||
| 1486 | SERVER-IIS ctss.idc access (more info ...) | web-application-activity | 10359 | |||
| 1487 | SERVER-IIS /iisadmpwd/aexp2.htr access (more info ...) | web-application-activity | 2002-0421 | 4236 | 10371 | |
| 1567 | SERVER-IIS /exchange/root.asp attempt (more info ...) | web-application-attack | 2001-0660 | 3301 | 10781 | URL |
| 1568 | SERVER-IIS /exchange/root.asp access (more info ...) | web-application-activity | 2001-0660 | 3301 | 10781 | |
| 1595 | SERVER-IIS htimage.exe access (more info ...) | web-application-activity | 2000-0256 | 964 | 10376 | |
| 1618 | SERVER-IIS .asp chunked Transfer-Encoding (more info ...) | web-application-attack | 2002-0079 | 4485 | 10932 | |
| 1626 | SERVER-IIS /StoreCSVS/InstantOrder.asmx request (more info ...) | web-application-activity | ||||
| 1661 | SERVER-IIS cmd32.exe access (more info ...) | web-application-attack | ||||
| 1726 | SERVER-IIS doctodep.btr access (more info ...) | web-application-activity | ||||
| 1753 | SERVER-IIS as_web.exe access (more info ...) | web-application-activity | 2002-1728 | 4670 | ||
| 1754 | SERVER-IIS as_web4.exe access (more info ...) | web-application-activity | 2002-1728 | 4670 | ||
| 1756 | SERVER-IIS NewsPro administration authentication attempt (more info ...) | web-application-activity | 2002-1734 | 4672 | ||
| 1772 | SERVER-IIS pbserver access (more info ...) | web-application-activity | 2000-1089 | URL | ||
| 1802 | SERVER-IIS .asa HTTP header buffer overflow attempt (more info ...) | web-application-attack | 2002-0150 | 4476 | 10936 | URL |
| 1803 | SERVER-IIS .cer HTTP header buffer overflow attempt (more info ...) | web-application-attack | 2002-0150 | 4476 | 10936 | URL |
| 1804 | SERVER-IIS .cdx HTTP header buffer overflow attempt (more info ...) | web-application-attack | 2002-0150 | 4476 | 10936 | URL |
| 1806 | SERVER-IIS .htr chunked Transfer-Encoding (more info ...) | web-application-attack | 2002-0364 | 5003 | 11028 | |
| 1817 | SERVER-IIS MS Site Server default login attempt (more info ...) | web-application-attack | 11018 | URL | ||
| 1818 | SERVER-IIS MS Site Server admin attempt (more info ...) | web-application-attack | 11018 | |||
| 1970 | SERVER-IIS MDAC Content-Type overflow attempt (more info ...) | web-application-attack | 2002-1142 | 6214 | 11161 | URL |
| 2090 | SERVER-IIS WEBDAV exploit attempt (more info ...) | attempted-admin | 2003-0109 | 7716 | 11413 | URL |
| 2091 | SERVER-IIS WEBDAV nessus safe scan attempt (more info ...) | attempted-admin | 2003-0109 | 7116 | 11413 | URL |
| 2117 | SERVER-IIS Battleaxe Forum login.asp access (more info ...) | web-application-activity | 2003-0215 | 7416 | 11548 | |
| 2130 | SERVER-IIS IISProtect siteadmin.asp access (more info ...) | web-application-activity | 2003-0377 | 7675 | 11662 | |
| 2131 | SERVER-IIS IISProtect access (more info ...) | web-application-activity | 11661 | |||
| 2132 | SERVER-IIS Synchrologic Email Accelerator userid list access attempt (more info ...) | web-application-activity | 11657 | |||
| 2133 | SERVER-IIS MS BizTalk server access (more info ...) | web-application-activity | 2003-0118 | 7470 | 11638 | URL |
| 2157 | SERVER-IIS IISProtect globaladmin.asp access (more info ...) | web-application-activity | 11661 | |||
| 2247 | SERVER-IIS UploadScript11.asp access (more info ...) | web-application-activity | 2001-0938 | 3608 | 11746 | |
| 2248 | SERVER-IIS DirectoryListing.asp access (more info ...) | web-application-activity | 2001-0938 | |||
| 2249 | SERVER-IIS /pcadmin/login.asp access (more info ...) | web-application-activity | 8103 | 11785 | ||
| 2321 | SERVER-IIS foxweb.exe access (more info ...) | web-application-activity | 11939 | |||
| 2322 | SERVER-IIS foxweb.dll access (more info ...) | web-application-activity | 11939 | |||
| 2324 | SERVER-IIS VP-ASP shopsearch.asp access (more info ...) | web-application-activity | 9134 | 11942 | ||
| 2325 | SERVER-IIS VP-ASP ShopDisplayProducts.asp access (more info ...) | web-application-activity | 9134 | 11942 | ||
| 2326 | SERVER-IIS sgdynamo.exe access (more info ...) | web-application-activity | 2002-0375 | 4720 | 11955 | |
| 2386 | SERVER-IIS NTLM ASN1 vulnerability scan attempt (more info ...) | attempted-dos | 2003-0818 | 9635 | 12065 | URL |
| 2571 | SERVER-IIS SmarterTools SmarterMail frmGetAttachment.aspx access (more info ...) | web-application-activity | 2004-2585 | 9805 | ||
| 2572 | SERVER-IIS SmarterTools SmarterMail login.aspx buffer overflow attempt (more info ...) | web-application-attack | 2004-2585 | 9805 | ||
| 2573 | SERVER-IIS SmarterTools SmarterMail frmCompose.asp access (more info ...) | web-application-activity | 2004-2585 | 9805 | ||
| 2667 | SERVER-IIS ping.asp access (more info ...) | web-application-activity | 10968 | |||
| 3150 | SERVER-IIS SQLXML content type overflow (more info ...) | attempted-admin | 2002-0186 | 5004 | 11304 | URL |
| 3193 | SERVER-IIS .cmd executable file parsing attack (more info ...) | web-application-attack | 2000-0886 | 1912 | ||
| 3194 | SERVER-IIS .bat executable file parsing attack (more info ...) | web-application-attack | 2000-0886 | 1912 | ||
| 3201 | SERVER-IIS httpodbc.dll access - nimda (more info ...) | web-application-activity | 2001-0333 | 2708 | ||
| 7027 | SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (more info ...) | attempted-user | 2006-0015 | 17452 | URL | |
| 7028 | SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (more info ...) | attempted-user | 2006-0015 | 17452 | URL | |
| 7029 | SERVER-IIS Microsoft Office FrontPage server extensions 2002 cross site scripting attempt (more info ...) | attempted-user | 2006-0015 | 17452 | URL | |
| 8349 | SERVER-IIS Indexing Service ciRestriction cross-site scripting attempt (more info ...) | misc-attack | 2006-0032 | 19927 | URL | |
| 8700 | SERVER-IIS ASP.NET 2.0 cross-site scripting attempt (more info ...) | attempted-user | 2006-3436 | 20337 | URL | |
| 11191 | SERVER-IIS Microsoft Content Management Server memory corruption (more info ...) | attempted-user | 2007-0938 | 22861 | URL | |
| 12043 | SERVER-IIS Microsoft XML parser IIS WebDAV attack attempt (more info ...) | denial-of-service | 2003-0718 | 11384 | ||
| 12064 | SERVER-IIS w3svc _vti_bin null pointer dereference attempt (more info ...) | attempted-dos | 2005-4360 | 15921 | URL | |
| 12595 | SERVER-IIS malicious ASP file upload attempt (more info ...) | attempted-user | 2006-0026 | 18858 | URL | |
| 15470 | FILE-EXECUTABLE IIS ASP/ASP.NET potentially malicious file upload attempt (more info ...) | attempted-user | 2009-0080 | URL | ||
| 15851 | SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (more info ...) | attempted-dos | 2009-1536 | URL | ||
| 15974 | SERVER-IIS Microsoft IIS ASP handling buffer overflow attempt (more info ...) | web-application-attack | 2008-0075 | 27676 | URL | |
| 16147 | SERVER-IIS Microsoft Windows IIS malformed URL .dll denial of service attempt (more info ...) | attempted-dos | 2005-4360 | 15921 | URL | |
| 16312 | SERVER-IIS ADFS custom header arbitrary code execution attempt (more info ...) | attempted-admin | 2009-2509 | URL | ||
| 16356 | SERVER-IIS multiple extension code execution attempt (more info ...) | web-application-attack | 2009-4444 | |||
| 17103 | SERVER-IIS IIS 5.1 alternate data stream authentication bypass attempt (more info ...) | web-application-attack | 2011-4963 | URL | ||
| 17254 | SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (more info ...) | attempted-dos | 2010-1899 | URL | ||
| 17431 | SERVER-IIS Microsoft Windows IIS SChannel improper certificate verification (more info ...) | misc-activity | 2009-0085 | URL | ||
| 17440 | SERVER-IIS RSA Authentication Agent chunked HTTP request buffer overflow attempt (more info ...) | web-application-attack | 2005-4734 | 26424 | URL | |
| 17525 | SERVER-IIS Microsoft Windows IIS 5.0 WebDav Request Directory Security Bypass (more info ...) | attempted-admin | 2009-1122 | 35232 | ||
| 17564 | SERVER-IIS WebDAV Request Directory Security Bypass attempt (more info ...) | attempted-admin | 2009-1535 | 34993 | ||
| 17648 | SERVER-IIS source code disclosure attempt (more info ...) | attempted-recon | 14764 | |||
| 17652 | SERVER-IIS Microsoft Windows IIS source code disclosure attempt (more info ...) | misc-attack | 2005-2678 | URL | ||
| 17653 | SERVER-IIS Microsoft Windows IIS source code disclosure attempt (more info ...) | misc-attack | 2005-2678 | URL | ||
| 17705 | SERVER-IIS RSA Authentication Agent chunked HTTP request buffer overflow attempt (more info ...) | web-application-attack | 2005-1471 | 13524 | URL | |
| 17724 | OS-WINDOWS Microsoft IIS malicious ASP file upload attempt (more info ...) | attempted-user | 2006-0026 | 18858 | URL | |
| 19183 | SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (more info ...) | attempted-admin | 2010-2730 | 43138 | URL | |
| 19192 | SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (more info ...) | attempted-dos | 2010-1899 | 43140 | URL | |
| 20664 | SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (more info ...) | attempted-recon | 2000-0246 | 1081 | URL | |
| 20665 | SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (more info ...) | attempted-recon | 2000-0246 | 1081 | URL | |
| 20675 | SERVER-IIS Microsoft Active Directory Federation Services code execution attempt (more info ...) | web-application-attack | 2009-2509 | URL | ||
| 20828 | SERVER-IIS Microsoft Windows IIS aspx login ReturnURL arbitrary redirect attempt (more info ...) | web-application-attack | 2011-3415 | URL | ||
| 20829 | SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (more info ...) | suspicious-login | 2011-3416 | URL | ||
| 21599 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21600 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21601 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21602 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21603 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21604 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21605 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 21606 | SERVER-IIS Microsoft Windows IIS 6 multiple executable extension access attempt (more info ...) | web-application-attack | 2009-4444 | 37460 | URL | |
| 23360 | SERVER-IIS tilde character file name discovery attempt (more info ...) | attempted-recon | URL | |||
| 23361 | SERVER-IIS tilde character file name discovery attempt (more info ...) | attempted-recon | URL | |||
| 23362 | SERVER-IIS tilde character file name discovery attempt (more info ...) | attempted-recon | URL | |||
| 23626 | SERVER-IIS cmd.exe access (more info ...) | web-application-attack | ||||
| 24274 | SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (more info ...) | attempted-dos | 2010-1899 | 43140 | URL | |
| 24275 | SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (more info ...) | attempted-dos | 2010-1899 | 43140 | URL | |
| 24276 | SERVER-IIS Microsoft Windows IIS stack exhaustion DoS attempt (more info ...) | attempted-dos | 2010-1899 | 43140 | URL | |
| 24379 | SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (more info ...) | attempted-admin | 2010-2730 | 43138 | URL | |
| 24380 | SERVER-IIS Microsoft Windows IIS FastCGI request header buffer overflow attempt (more info ...) | attempted-admin | 2010-2730 | 43138 | URL | |
| 24866 | SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (more info ...) | attempted-recon | 2000-0246 | 1081 | URL | |
| 24867 | SERVER-IIS Microsoft Windows IIS UNC mapped virtual host file source code access attempt (more info ...) | attempted-recon | 2000-0246 | 1081 | URL | |
| 25250 | SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (more info ...) | suspicious-login | 2011-3416 | URL | ||
| 25251 | SERVER-IIS Microsoft Windows IIS .NET null character username truncation attempt (more info ...) | suspicious-login | 2011-3416 | URL | ||
| 25274 | SERVER-IIS Microsoft Windows Server 2012 IIS OData protocol nested replace filter dos attempt (more info ...) | attempted-dos | 2013-0005 | URL | ||
| 29715 | SERVER-IIS Microsoft Windows ASP .NET denial of service attempt (more info ...) | denial-of-service | 2014-0253 | URL | ||
| 29866 | SERVER-IIS Microsoft Windows Server 2012 IIS OData protocol nested replace filter dos attempt (more info ...) | attempted-dos | 2013-0005 | URL | ||
| 31443 | SERVER-WEBAPP ActiveState ActivePerl perlIIS.dll server URI buffer overflow attempt (more info ...) | attempted-admin | 2001-0815 | 3526 | URL | |
| 34088 | SERVER-IIS Web.config information disclosure attempt (more info ...) | web-application-attack | 2015-1648 | URL | ||
| 34769 | SERVER-IIS Microsoft Active Directory Federation Services wct parameter cross site scripting attempt (more info ...) | attempted-user | 2015-1757 | URL | ||
| 43054 | OS-WINDOWS Microsoft Windows IIS buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 43807 | SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (more info ...) | denial-of-service | 2009-1536 | URL | ||
| 43808 | SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (more info ...) | denial-of-service | 2009-1536 | URL | ||
| 51780 | SERVER-IIS Microsoft IIS IDC ISAPI cross-site scripting attempt (more info ...) | web-application-attack | URL | |||
| 56804 | SERVER-IIS Microsoft ASP.NET bad request denial of service attempt (more info ...) | denial-of-service | 2009-1536 | URL | ||
| 59729 | SERVER-IIS Microsoft Windows HTTP.sys denial of service attempt (more info ...) | attempted-dos | 2016-0150 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 6409 | SERVER-OTHER Microsoft Frontpage server extension long host string overflow attempt (more info ...) | attempted-admin | 2003-0824 | 9008 | URL | |
| 6410 | SERVER-OTHER Microsoft Frontpage server extension long host string overflow attempt (more info ...) | attempted-admin | 2003-0824 | 9008 | URL | |
| 6411 | SERVER-OTHER Microsoft Frontpage server extension long host string overflow attempt (more info ...) | attempted-admin | 2003-0824 | 9008 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 15257 | SERVER-ORACLE Secure Backup common.php variable based command injection attempt (more info ...) | attempted-admin | 2008-4006 | |||
| 15258 | SERVER-ORACLE Secure Backup login.php variable based command injection attempt (more info ...) | attempted-admin | 2008-5449 | |||
| 17638 | SERVER-ORACLE Secure Backup administration server login.php cookies command injection attempt (more info ...) | attempted-admin | 2008-4006 | 33177 | ||
| 18293 | SERVER-WEBAPP Secure Backup login.php uname variable based command injection attempt (more info ...) | attempted-admin | 2008-5449 | |||
| 20558 | EXPLOIT-KIT URI request for known malicious URI /stat2.php (more info ...) | trojan-activity | URL | |||
| 21041 | EXPLOIT-KIT Blackhole exploit kit URL - main.php?page= (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21042 | EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?f= (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21043 | EXPLOIT-KIT Blackhole exploit kit post-compromise download attempt - .php?e= (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21347 | EXPLOIT-KIT Blackhole exploit kit URL - .php?page= (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21348 | EXPLOIT-KIT Blackhole exploit kit URL - search.php?page= (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21550 | MALWARE-BACKDOOR ToolsPack PHP Backdoor access (more info ...) | web-application-attack | URL | |||
| 21659 | EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Home/index.php (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 21660 | EXPLOIT-KIT Blackhole exploit kit landing page Requested - /Index/index.php (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 23111 | POLICY-OTHER PHP uri tag injection attempt (more info ...) | web-application-attack | 2019-11043 | |||
| 23783 | SERVER-WEBAPP Symantec Web Gateway pbcontrol.php filename parameter command injection attempt (more info ...) | attempted-admin | 2012-2953 | 54426 | ||
| 24017 | MALWARE-OTHER Possible malicious redirect - rebots.php (more info ...) | misc-activity | URL | |||
| 24256 | MALWARE-BACKDOOR phpMyAdmin server_sync.php backdoor access attempt (more info ...) | trojan-activity | 2012-5159 | 55672 | URL | |
| 24518 | SERVER-WEBAPP Symantec Web Gateway PHP remote code injection attempt (more info ...) | attempted-admin | 2012-0299 | 53443 | URL | |
| 24519 | SERVER-WEBAPP Symantec Web Gateway PHP remote code execution attempt (more info ...) | attempted-admin | 2012-0299 | 53443 | URL | |
| 25096 | MALWARE-OTHER PHP.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 25097 | MALWARE-OTHER PHP.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 26339 | EXPLOIT-KIT Blackhole exploit kit landing page retrieval - ff.php (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 26834 | EXPLOIT-KIT Sweet Orange exploit kit landing page in.php base64 uri (more info ...) | trojan-activity | 2013-2423 | |||
| 28251 | SERVER-WEBAPP Zabbix httpmon.php SQL injection attempt (more info ...) | web-application-attack | 2013-5743 | 62794 | URL | |
| 28288 | SERVER-WEBAPP WebTester install2.php arbitrary command execution attempt (more info ...) | attempted-admin | URL | |||
| 28796 | EXPLOIT-KIT iFRAMEr successful cnt.php redirection (more info ...) | trojan-activity | URL | |||
| 29157 | SERVER-WEBAPP NagiosQL hostdependencies.php cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 29158 | SERVER-WEBAPP NagiosQL hostdependencies.php cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 29815 | SERVER-WEBAPP Kloxo webcommand.php SQL injection attempt (more info ...) | attempted-admin | URL | |||
| 29949 | SERVER-WEBAPP WebCalendar index.php form_single_user_login parameter command injection (more info ...) | web-application-attack | 2012-1495 | 53207 | ||
| 30042 | SERVER-WEBAPP WebCalendar index.php form_readonly login parameter command injection (more info ...) | web-application-attack | 2012-1495 | 53207 | ||
| 30100 | FILE-OTHER ftpchk3.php malicious script upload attempt (more info ...) | trojan-activity | URL | |||
| 30101 | FILE-OTHER ftpchk3.php malicious script upload attempt (more info ...) | trojan-activity | URL | |||
| 30249 | SERVER-WEBAPP Embedded php in Exif data upload attempt (more info ...) | attempted-admin | URL | |||
| 31356 | SERVER-WEBAPP Wordpress timthumb.php webshot source attack attempt (more info ...) | web-application-attack | URL | |||
| 31499 | INDICATOR-COMPROMISE Liz0ziM php shell download attempt (more info ...) | attempted-user | URL | |||
| 31500 | INDICATOR-COMPROMISE Liz0ziM php shell upload attempt (more info ...) | attempted-user | URL | |||
| 31501 | INDICATOR-COMPROMISE Liz0ziM php shell command and control attempt (more info ...) | attempted-user | URL | |||
| 31502 | INDICATOR-COMPROMISE Liz0ziM php shell command and control attempt (more info ...) | attempted-user | URL | |||
| 31503 | INDICATOR-COMPROMISE Liz0ziM php shell download attempt (more info ...) | attempted-user | URL | |||
| 31892 | SERVER-WEBAPP HybridAuth install.php code injection attempt (more info ...) | web-application-attack | 69043 | |||
| 32128 | SERVER-WEBAPP PineApp Mail-SeCure confpremenu.php command injection attempt (more info ...) | attempted-admin | 61476 | |||
| 32203 | SERVER-WEBAPP PineApp Mail-SeCure ldapsyncnow.php command injection attempt (more info ...) | attempted-admin | 61474 | URL | ||
| 32247 | MALWARE-BACKDOOR PHP IRCBot command execution attempt (more info ...) | trojan-activity | URL | |||
| 32248 | MALWARE-BACKDOOR PHP IRCBot file edit attempt (more info ...) | trojan-activity | URL | |||
| 32249 | MALWARE-BACKDOOR PHP IRCBot port bind attempt (more info ...) | trojan-activity | URL | |||
| 32269 | SERVER-WEBAPP PineApp Mail-SeCure confpremenu.php install license command injection attempt (more info ...) | attempted-admin | 61475 | |||
| 32352 | SERVER-WEBAPP Centreon displayServiceStatus.php command injection attempt (more info ...) | attempted-admin | 2014-3829 | 70649 | ||
| 32611 | SERVER-WEBAPP phpMemcachedAdmin path traversal attempt (more info ...) | web-application-attack | 2014-8731 | URL | ||
| 32742 | SERVER-WEBAPP Arris VAP2500 tools_command.php command execution attempt (more info ...) | attempted-admin | 2014-8423 | 71299 | ||
| 32887 | SERVER-WEBAPP ActualScripts ActualAnalyzer aa.php command injection attempt (more info ...) | attempted-admin | ||||
| 33276 | SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 33277 | SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 33278 | SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 33832 | SERVER-WEBAPP Seagate BlackArmor NAS getAlias.php command injection attempt (more info ...) | web-application-attack | 2013-6924 | 64655 | ||
| 34000 | SERVER-WEBAPP Berta Content Management System PHP code execution attempt (more info ...) | attempted-admin | 2015-2780 | |||
| 34569 | SERVER-WEBAPP Wordpress Creative Contact Form arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2014-8739 | 70723 | ||
| 35014 | SERVER-WEBAPP Centreon GetXMLTrapsForVendor.php SQL injection attempt (more info ...) | web-application-attack | 2014-3828 | 70648 | ||
| 35015 | SERVER-WEBAPP Centreon GetXmlTree.php SQL injection attempt (more info ...) | web-application-attack | 2015-1560 | 75602 | ||
| 35016 | SERVER-WEBAPP Centreon cmdGetExample.php SQL injection attempt (more info ...) | web-application-attack | 2014-3828 | 70648 | ||
| 35017 | SERVER-WEBAPP Centreon makeXML_ListMetrics.php SQL injection attempt (more info ...) | web-application-attack | 2014-3828 | 70648 | ||
| 35678 | SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 35679 | SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 35680 | SERVER-WEBAPP Dell KACE Appliance downloadpxy.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 35681 | SERVER-WEBAPP Dell KACE Appliance kbot_upload.php authentication bypass attempt (more info ...) | web-application-attack | ||||
| 35682 | SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 35683 | SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 35684 | SERVER-WEBAPP Dell KACE Appliance kbot_upload.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 36022 | SERVER-WEBAPP FireEye ModuleDispatch.php name parameter directory traversal directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36023 | SERVER-WEBAPP FireEye ModuleDispatch.php name parameter directory traversal directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36024 | SERVER-WEBAPP FireEye ModuleDispatch.php name parameter directory traversal directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36104 | SERVER-WEBAPP Silver Peak VXOA configdb_file.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 36270 | SERVER-WEBAPP Centreon main.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 36763 | SERVER-WEBAPP vBulletin decodeArguments PHP object injection attempt (more info ...) | attempted-admin | 2015-7808 | |||
| 37321 | SERVER-WEBAPP Cacti graphs_new.php SQL injection attempt (more info ...) | web-application-attack | 2015-8604 | URL | ||
| 37412 | SERVER-WEBAPP SevOne NMS kill.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 37413 | SERVER-WEBAPP SevOne NMS kill.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 38140 | SERVER-WEBAPP ATutor connections.php SQL injection attempt (more info ...) | web-application-attack | 2016-2555 | |||
| 38229 | SERVER-WEBAPP Wordpress Simple Ads Manager sam-ajax-admin.php directory traversal attempt (more info ...) | web-application-attack | 2015-2825 | 73924 | ||
| 38347 | FILE-EXECUTABLE PHP libmagic PE out of bounds memory access attempt (more info ...) | attempted-admin | 2014-2270 | 66002 | URL | |
| 39177 | SERVER-WEBAPP Nagios XI graphApi.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39178 | SERVER-WEBAPP Nagios XI graphApi.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39179 | SERVER-WEBAPP Nagios XI nagiosim.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39180 | SERVER-WEBAPP Nagios XI nagiosim.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39181 | SERVER-WEBAPP Nagios XI ajaxproxy.php server side request forgery attempt (more info ...) | web-application-attack | URL | |||
| 39328 | SERVER-WEBAPP TikiWiki tiki-calendar.php template command injection attempt (more info ...) | web-application-attack | URL | |||
| 39329 | SERVER-WEBAPP TikiWiki tiki-calendar.php template command injection attempt (more info ...) | web-application-attack | URL | |||
| 39330 | SERVER-WEBAPP TikiWiki tiki-calendar.php template command injection attempt (more info ...) | web-application-attack | URL | |||
| 39359 | SERVER-WEBAPP WordPress Ninja Forms nf_async_upload arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2016-1209 | |||
| 39399 | SERVER-WEBAPP Symantec open redirect in external URL .php script attempt (more info ...) | web-application-attack | 2016-5304 | URL | ||
| 39562 | SERVER-WEBAPP Invision Power Board index.php content_class PHP code injection attempt (more info ...) | web-application-attack | 2016-6174 | URL | ||
| 39849 | SERVER-WEBAPP Trend Micro Smart Protection Server ccca_ajaxhandler.php command injection attempt (more info ...) | web-application-attack | 2016-6266 | |||
| 39850 | SERVER-WEBAPP Trend Micro Smart Protection Server ccca_ajaxhandler.php command injection attempt (more info ...) | web-application-attack | 2016-6266 | |||
| 39912 | SERVER-WEBAPP Trend Micro Smart Protection Server admin_notification.php command injection attempt (more info ...) | web-application-attack | 2016-6267 | |||
| 39913 | SERVER-WEBAPP Trend Micro Smart Protection Server admin_notification.php command injection attempt (more info ...) | web-application-attack | 2016-6267 | |||
| 39942 | SERVER-WEBAPP FreePBX Recordings Module ajax.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39943 | SERVER-WEBAPP FreePBX Recordings Module ajax.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39944 | SERVER-WEBAPP FreePBX Recordings Module ajax.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39945 | SERVER-WEBAPP FreePBX Recordings Module ajax.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 40030 | SERVER-WEBAPP FreePBX Module Administration config.php remotemod command injection attempt (more info ...) | web-application-attack | URL | |||
| 40031 | SERVER-WEBAPP FreePBX Module Administration config.php remotemod command injection attempt (more info ...) | web-application-attack | URL | |||
| 40032 | SERVER-WEBAPP FreePBX Module Administration config.php remotemod command injection attempt (more info ...) | web-application-attack | URL | |||
| 40033 | SERVER-WEBAPP FreePBX Module Administration config.php remotemod command injection attempt (more info ...) | web-application-attack | URL | |||
| 40039 | SERVER-WEBAPP FreePBX config.php unauthenticated SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40040 | SERVER-WEBAPP FreePBX config.php unauthenticated SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40068 | SERVER-WEBAPP Zabbix Network Monitoring System jsrpc.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40069 | SERVER-WEBAPP Zabbix Network Monitoring System jsrpc.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40070 | SERVER-WEBAPP Zabbix Network Monitoring System latest.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40071 | SERVER-WEBAPP Zabbix Network Monitoring System latest.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40184 | EXPLOIT-KIT Phoenix Exploit Kit inbound geoip.php bdr exploit attempt (more info ...) | web-application-activity | URL | |||
| 40255 | SERVER-WEBAPP FreePBX Music Module ajax.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 40276 | SERVER-WEBAPP SugarCRM SugarRestSerialize.php PHP object injection attempt (more info ...) | web-application-attack | URL | |||
| 40277 | SERVER-WEBAPP SugarCRM SugarRestSerialize.php PHP object injection attempt (more info ...) | web-application-attack | URL | |||
| 40283 | SERVER-WEBAPP Kaltura redirectWidgetCmd PHP object injection attempt (more info ...) | attempted-admin | URL | |||
| 40341 | SERVER-WEBAPP FreePBX Hotelwakeup Module ajax.php PHP code injection attempt (more info ...) | web-application-attack | URL | |||
| 40342 | SERVER-WEBAPP FreePBX Hotelwakeup Module ajax.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 40494 | SERVER-WEBAPP Wordpress Symposium arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2014-10021 | 71686 | URL | |
| 40589 | SERVER-WEBAPP DaloRADIUS config-maint-disconnect-user.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 40590 | SERVER-WEBAPP DaloRADIUS config-maint-disconnect-user.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 40591 | SERVER-WEBAPP DaloRADIUS config-maint-disconnect-user.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 40592 | SERVER-WEBAPP DaloRADIUS notificationsBatchDetails.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 40754 | SERVER-WEBAPP Alienvault OSSIM gauge.php value SQL injection attempt (more info ...) | web-application-attack | 2016-8582 | 93866 | URL | |
| 40817 | SERVER-WEBAPP Symantec Web Gateway new_whitelist.php command injection attempt (more info ...) | web-application-attack | 2016-5313 | 93284 | URL | |
| 40881 | SERVER-WEBAPP Wordpress Symposium get_album_item.php SQL injection attempt (more info ...) | web-application-attack | 2015-6522 | 76499 | ||
| 40882 | SERVER-WEBAPP Wordpress Symposium get_album_item.php SQL injection attempt (more info ...) | web-application-attack | 2015-6522 | 76499 | ||
| 40933 | SERVER-WEBAPP Reference Design Kit ajax_network_diagnostic_tools.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 41106 | SERVER-WEBAPP PHPMailer command injection remote code execution attempt (more info ...) | attempted-admin | 2016-10074 | URL | ||
| 41420 | SERVER-WEBAPP WordPress wp-config.php access via directory traversal attempt (more info ...) | web-application-attack | 69497 | |||
| 41421 | SERVER-WEBAPP WordPress wp-config.php access via directory traversal attempt (more info ...) | web-application-attack | 69497 | |||
| 41536 | SERVER-WEBAPP ZoneMinder file.php directory traversal attempt (more info ...) | web-application-attack | 2017-5595 | URL | ||
| 41813 | SERVER-WEBAPP PHPMailer command injection remote code execution attempt (more info ...) | attempted-admin | 2016-10074 | URL | ||
| 41841 | SERVER-WEBAPP phpFileManager cmd parameter command injection attempt (more info ...) | web-application-attack | 2015-5958 | URL | ||
| 41842 | SERVER-WEBAPP phpFileManager cmd parameter command injection attempt (more info ...) | web-application-attack | 2015-5958 | URL | ||
| 41843 | SERVER-WEBAPP phpFileManager cmd parameter command injection attempt (more info ...) | web-application-attack | 2015-5958 | URL | ||
| 41844 | SERVER-WEBAPP phpFileManager cmd parameter command injection attempt (more info ...) | web-application-attack | 2015-5958 | URL | ||
| 42105 | SERVER-WEBAPP EyesOfNetwork ged_actions.php command injection attempt (more info ...) | web-application-attack | 2017-6087 | URL | ||
| 42106 | SERVER-WEBAPP EyesOfNetwork ged_actions.php command injection attempt (more info ...) | web-application-attack | 2017-6087 | URL | ||
| 42119 | SERVER-WEBAPP pfSense openvpn_wizard PHP code injection attempt (more info ...) | web-application-attack | URL | |||
| 42250 | SERVER-WEBAPP ProcessMaker Enterprise translationsAjax.php SQL injection attempt (more info ...) | web-application-attack | 2016-9048 | URL | ||
| 42252 | SERVER-WEBAPP ProcessMaker Enterprise PHP object injection attempt (more info ...) | web-application-attack | 2016-9045 | URL | ||
| 42426 | SERVER-WEBAPP Phpcms attachment upload SQL injection attempt (more info ...) | web-application-attack | ||||
| 42427 | SERVER-WEBAPP Phpcms attachment upload SQL injection attempt (more info ...) | web-application-attack | ||||
| 42428 | SERVER-WEBAPP Phpcms attachment upload SQL injection attempt (more info ...) | web-application-attack | ||||
| 42429 | SERVER-WEBAPP Phpcms user registration remote file include attempt (more info ...) | web-application-attack | ||||
| 42430 | SERVER-WEBAPP Phpcms user registration remote file include attempt (more info ...) | web-application-attack | ||||
| 42455 | SERVER-WEBAPP Unitrends Enterprise Backup Appliance password.php command injection attempt (more info ...) | web-application-attack | 2017-7280 | URL | ||
| 42456 | SERVER-WEBAPP Unitrends Enterprise Backup Appliance password.php command injection attempt (more info ...) | web-application-attack | 2017-7280 | URL | ||
| 42457 | SERVER-WEBAPP Unitrends Enterprise Backup Appliance password.php command injection attempt (more info ...) | web-application-attack | 2017-7280 | URL | ||
| 42461 | SERVER-WEBAPP Unitrends Enterprise Backup Appliance reports.php PHP file injection attempt (more info ...) | web-application-attack | 2017-7281 | URL | ||
| 42462 | SERVER-WEBAPP Unitrends Enterprise Backup Appliance reports.php directory traversal attempt (more info ...) | web-application-attack | 2017-7281 | URL | ||
| 42839 | SERVER-WEBAPP Crypttech CryptoLog login.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 42840 | SERVER-WEBAPP Crypttech CryptoLog logshares_ajax.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 43147 | SERVER-WEBAPP IBM OpenAdmin Tool SOAP welcomeService.php PHP code injection attempt (more info ...) | web-application-attack | 2017-1092 | 98615 | URL | |
| 43451 | SERVER-WEBAPP TerraMaster NAS arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 43534 | SERVER-WEBAPP AlienVault OSSIM nfsen.php command injection attempt (more info ...) | web-application-attack | 2017-6971 | URL | ||
| 43535 | SERVER-WEBAPP AlienVault OSSIM nfsen.php command injection attempt (more info ...) | web-application-attack | 2017-6971 | URL | ||
| 43536 | SERVER-WEBAPP AlienVault OSSIM nfsen.php command injection attempt (more info ...) | web-application-attack | 2017-6971 | URL | ||
| 43934 | SERVER-WEBAPP Synology Photo Station PixlrEditorHandler.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2017-11154 | URL | ||
| 43935 | SERVER-WEBAPP Synology Photo Station PixlrEditorHandler.php directory traversal attempt (more info ...) | web-application-attack | 2017-11152 | URL | ||
| 43936 | SERVER-WEBAPP Synology Photo Station file_upload.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 43937 | SERVER-WEBAPP Synology Photo Station file_upload.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 43938 | SERVER-WEBAPP Synology Photo Station file_upload.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 43939 | SERVER-WEBAPP Synology Photo Station synotheme_upload.php session forgery attempt (more info ...) | attempted-admin | 2017-11151 | URL | ||
| 44079 | SERVER-WEBAPP Schneider Electric Umotion Builder localize.php SQL injection attempt (more info ...) | web-application-attack | 2017-7973 | 99344 | URL | |
| 44080 | SERVER-WEBAPP Schneider Electric Umotion Builder localize.php SQL injection attempt (more info ...) | web-application-attack | 2017-7973 | 99344 | URL | |
| 44175 | SERVER-WEBAPP Schneider Electric Umotion Builder runscript.php arbitrary file include attempt (more info ...) | web-application-attack | 2017-7974 | 99344 | URL | |
| 44176 | SERVER-WEBAPP Schneider Electric Umotion Builder runscript.php arbitrary file include attempt (more info ...) | web-application-attack | 2017-7974 | 99344 | URL | |
| 44232 | SERVER-WEBAPP Western Digital Dropbox App dropbox.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44233 | SERVER-WEBAPP Western Digital Dropbox App dropbox.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44234 | SERVER-WEBAPP Western Digital Dropbox App dropbox.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44235 | INDICATOR-OBFUSCATION FOPO obfuscated PHP file upload attempt (more info ...) | misc-attack | URL | |||
| 44236 | SERVER-WEBAPP Wordpress Symposium arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2014-10021 | 71686 | URL | |
| 44359 | SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (more info ...) | web-application-attack | 2017-11394 | 100130 | URL | |
| 44360 | SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (more info ...) | web-application-attack | 2017-11394 | 100130 | URL | |
| 44361 | SERVER-WEBAPP Trend Micro proxy_controller.php command injection attempt (more info ...) | web-application-attack | 2017-11394 | 100130 | URL | |
| 44388 | SERVER-WEBAPP Multiple routers getcfg.php credential disclosure attempt (more info ...) | attempted-recon | 2018-7034 | URL | ||
| 44436 | SERVER-WEBAPP DenyAll WAF tail.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44437 | SERVER-WEBAPP DenyAll WAF tail.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44465 | SERVER-WEBAPP Fibaro Home Center liliSetDeviceCommand.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44466 | SERVER-WEBAPP Fibaro Home Center liliSetDeviceCommand.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44467 | SERVER-WEBAPP Fibaro Home Center liliSetDeviceCommand.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44471 | SERVER-WEBAPP Netgear ReadyNAS Surveillance upgrade_handle.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44472 | SERVER-WEBAPP Netgear ReadyNAS Surveillance upgrade_handle.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 44578 | SERVER-WEBAPP QNAP NAS HelpDesk App supportutils.php SQL injection attempt (more info ...) | attempted-user | 2017-13068 | URL | ||
| 44684 | SERVER-WEBAPP Kaltura userzone cookie PHP object injection attempt (more info ...) | web-application-attack | 2017-14143 | 100976 | ||
| 44731 | SERVER-WEBAPP Tuleap getRecentElements PHP object injection attempt (more info ...) | web-application-attack | 2017-7411 | URL | ||
| 44764 | SERVER-WEBAPP CMS Made Simple editusertag.php arbitrary PHP code execution attempt (more info ...) | web-application-attack | 2017-8912 | URL | ||
| 44767 | SERVER-WEBAPP Trend Micro Smart Protection Server cm_agent.php command injection attempt (more info ...) | web-application-attack | 2017-11395 | 100461 | URL | |
| 45060 | SERVER-WEBAPP pfSense system_groupmanager.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 45235 | SERVER-WEBAPP Palo Alto Networks Firewall router.php XML attribute injection attempt (more info ...) | attempted-admin | 2017-15944 | 102079 | URL | |
| 45240 | SERVER-WEBAPP OpenEMR fax_dispatch.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 45421 | SERVER-WEBAPP PhpCollab editclient.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2017-6090 | URL | ||
| 45479 | SERVER-WEBAPP Western Digital MyCloud multi_uploadify.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2017-17560 | URL | ||
| 45523 | SERVER-OTHER Magneto CE and EE PHP objection injection attempt (more info ...) | attempted-admin | 2016-4010 | |||
| 45749 | SERVER-WEBAPP PHPUnit PHP remote code execution attempt (more info ...) | web-application-attack | 2017-9841 | |||
| 45917 | SERVER-WEBAPP PHPMailer command injection remote code execution attempt (more info ...) | web-application-attack | 2016-10074 | URL | ||
| 45984 | SERVER-WEBAPP Joomla component Jimtawl 2.2.5 arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2018-6580 | URL | ||
| 46026 | SERVER-WEBAPP EventManager page.php sql injection attempt SQL injection attempt (more info ...) | web-application-attack | 2018-6576 | URL | ||
| 46027 | SERVER-WEBAPP EventManager page.php sql injection attempt SQL injection attempt (more info ...) | web-application-attack | 2018-6576 | URL | ||
| 46343 | SERVER-WEBAPP Cisco Prime Network Analysis graph.php directory traversal attempt (more info ...) | web-application-attack | 2017-12285 | 101527 | URL | |
| 46753 | SERVER-WEBAPP LG NAS login_check.php command injection attempt (more info ...) | web-application-attack | 2018-10818 | URL | ||
| 46822 | SERVER-WEBAPP Western Digital MyCloud raid_cgi.php arbitrary command execution attempt (more info ...) | web-application-attack | URL | |||
| 46860 | SERVER-WEBAPP Western Digital MyCloud jqueryFileTree.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 46861 | SERVER-WEBAPP Western Digital MyCloud jqueryFileTree.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 46862 | SERVER-WEBAPP Western Digital MyCloud jqueryFileTree.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 46886 | SERVER-WEBAPP Quest KACE Systems Management Appliance ajax_email_connection_test.php command injection attempt (more info ...) | web-application-attack | 2018-11139 | URL | ||
| 47041 | SERVER-WEBAPP Quest KACE Systems Management Appliance download_agent_installer.php command injection attempt (more info ...) | web-application-attack | 2018-11138 | URL | ||
| 47042 | SERVER-WEBAPP Quest KACE Systems Management Appliance download_agent_installer.php command injection attempt (more info ...) | web-application-attack | 2018-11138 | URL | ||
| 47499 | SERVER-WEBAPP TestLink Open Source Test Management PHP code injection attempt (more info ...) | web-application-attack | 2018-7466 | |||
| 47500 | SERVER-WEBAPP TestLink Open Source Test Management PHP code injection attempt (more info ...) | web-application-attack | 2018-7466 | |||
| 47543 | SERVER-WEBAPP MicroFocus Secure Messaging Gateway enginelist.php SQL injection attempt (more info ...) | web-application-attack | 2018-12464 | URL | ||
| 47544 | SERVER-WEBAPP MicroFocus Secure Messaging Gateway enginelist.php SQL injection attempt (more info ...) | web-application-attack | 2018-12464 | URL | ||
| 47657 | SERVER-WEBAPP Horde Groupware Webmail encryptMessage prefs.php command injection attempt (more info ...) | web-application-attack | 2017-7413 | URL | ||
| 47658 | SERVER-WEBAPP Horde Groupware Webmail encryptMessage prefs.php command injection attempt (more info ...) | web-application-attack | 2017-7413 | URL | ||
| 47659 | SERVER-WEBAPP Horde Groupware Webmail encryptMessage prefs.php command injection attempt (more info ...) | web-application-attack | 2017-7413 | URL | ||
| 47660 | SERVER-WEBAPP Horde Groupware Webmail encryptMessage edit.php command injection attempt (more info ...) | web-application-attack | 2017-7413 | URL | ||
| 47661 | SERVER-WEBAPP Horde Groupware Webmail encryptMessage prefs.php command injection attempt (more info ...) | web-application-attack | 2017-7413 | URL | ||
| 47672 | SERVER-WEBAPP TerraMaster NAS logtable.php command injection attempt (more info ...) | web-application-attack | 2018-13354 | URL | ||
| 47817 | SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (more info ...) | web-application-attack | 2018-14417 | 104914 | URL | |
| 47818 | SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (more info ...) | web-application-attack | 2018-14417 | 104914 | URL | |
| 47819 | SERVER-WEBAPP SoftNAS StorageCenter snserv.php command injection attempt (more info ...) | web-application-attack | 2018-14417 | 104914 | URL | |
| 47831 | SERVER-WEBAPP phpmyadmin post-authentication local file inclusion attempt (more info ...) | web-application-attack | 2018-12613 | URL | ||
| 47832 | SERVER-WEBAPP WordPress Responsive Thumbnail Slider arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 48004 | SERVER-WEBAPP Navigate CMS login.php SQL injection attempt (more info ...) | web-application-attack | 2018-17552 | URL | ||
| 48005 | SERVER-WEBAPP Navigate CMS navigate_upload.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2018-17553 | URL | ||
| 48006 | SERVER-WEBAPP Navigate CMS navigate_upload.php directory traversal attempt (more info ...) | web-application-attack | 2018-17553 | URL | ||
| 48007 | SERVER-WEBAPP Navigate CMS navigate_upload.php directory traversal attempt (more info ...) | web-application-attack | 2018-17553 | URL | ||
| 48008 | SERVER-WEBAPP Navigate CMS navigate_upload.php directory traversal attempt (more info ...) | web-application-attack | 2018-17553 | URL | ||
| 48061 | SERVER-WEBAPP pfSense status_interfaces.php command injection attempt (more info ...) | web-application-attack | 2018-16055 | URL | ||
| 48104 | SERVER-WEBAPP CMS Made Simple arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2018-1000094 | |||
| 48252 | SERVER-WEBAPP Idreamsoft iCMS admincp.php SQL injection attempt (more info ...) | web-application-attack | 2018-12888 | URL | ||
| 48263 | SERVER-WEBAPP Blueimp jQuery File Upload arbitrary PHP file upload attempt (more info ...) | web-application-attack | 2018-9206 | URL | ||
| 48443 | SERVER-WEBAPP Nagios XI magpie_debug.php command argument injection attempt (more info ...) | web-application-attack | 2018-15708 | URL | ||
| 48484 | SERVER-WEBAPP Nagios XI cmdsubsys.php command injection attempt (more info ...) | web-application-attack | 2018-15709 | URL | ||
| 48838 | SERVER-WEBAPP Wifi-Soft Unibox diagnostic_tools_controller.php command injection attempt (more info ...) | web-application-attack | 2019-3496 | URL | ||
| 48839 | SERVER-WEBAPP Wifi-Soft Unibox diagnostic_tools_controller.php command injection attempt (more info ...) | web-application-attack | 2019-3496 | URL | ||
| 48840 | SERVER-WEBAPP Wifi-Soft Unibox diagnostic_tools_controller.php command injection attempt (more info ...) | web-application-attack | 2019-3496 | URL | ||
| 48841 | SERVER-WEBAPP Wifi-Soft Unibox ping.php command injection attempt (more info ...) | web-application-attack | 2019-3497 | URL | ||
| 48842 | SERVER-WEBAPP Wifi-Soft Unibox ping.php command injection attempt (more info ...) | web-application-attack | 2019-3497 | URL | ||
| 48843 | SERVER-WEBAPP Wifi-Soft Unibox ping.php command injection attempt (more info ...) | web-application-attack | 2019-3497 | URL | ||
| 49257 | SERVER-WEBAPP Drupal Core 8 PHP object injection RCE attempt (more info ...) | web-application-attack | 2019-6340 | |||
| 49298 | SERVER-WEBAPP NoneCms V1.3 PHP code execution attempt (more info ...) | web-application-attack | 2018-20062 | URL | ||
| 49456 | SERVER-OTHER PHP webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49457 | SERVER-OTHER PHP webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49458 | SERVER-OTHER PHP webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49537 | SERVER-WEBAPP elFinder PHP connector arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2019-9194 | URL | ||
| 49538 | SERVER-WEBAPP elFinder PHP connector command injection attempt (more info ...) | web-application-attack | 2019-9194 | URL | ||
| 49635 | SERVER-WEBAPP CMS Made Simple Showtime2 Module arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2019-9692 | URL | ||
| 49657 | INDICATOR-COMPROMISE php web shell upload attempt (more info ...) | web-application-attack | ||||
| 49672 | SERVER-OTHER PHP gdImageColorMatch heap buffer overflow file upload attempt (more info ...) | web-application-attack | 2019-6977 | URL | ||
| 49673 | SERVER-OTHER PHP gdImageColorMatch heap buffer overflow file download attempt (more info ...) | web-application-attack | 2019-6977 | URL | ||
| 49674 | FILE-OTHER PHP use after free attempt (more info ...) | attempted-user | ||||
| 49675 | FILE-OTHER PHP use after free attempt (more info ...) | attempted-user | ||||
| 49714 | SERVER-WEBAPP Horde Groupware Webmail Contact Management add.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2019-9858 | URL | ||
| 49715 | SERVER-WEBAPP Horde Groupware Webmail Contact Management add.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49768 | SERVER-WEBAPP D-Link DNS-320L ShareCenter PHP code injection attempt (more info ...) | web-application-attack | URL | |||
| 49769 | SERVER-WEBAPP D-Link DNS-320L ShareCenter PHP code injection attempt (more info ...) | web-application-attack | URL | |||
| 49991 | SERVER-WEBAPP WordPress WooCommerce Checkout Manager Plugin arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 50182 | INDICATOR-SCAN PHP backdoor scan attempt (more info ...) | misc-activity | URL | |||
| 50507 | MALWARE-BACKDOOR WebShellOrb PHP shell outbound connection attempt (more info ...) | trojan-activity | ||||
| 50508 | MALWARE-BACKDOOR WebShellOrb PHP shell upload attempt (more info ...) | trojan-activity | ||||
| 50646 | SERVER-WEBAPP NUUO NVRmini upgrade_handle.php command injection attempt (more info ...) | web-application-attack | 2018-14933 | URL | ||
| 50647 | SERVER-WEBAPP NUUO NVRmini upgrade_handle.php command injection attempt (more info ...) | web-application-attack | 2018-14933 | URL | ||
| 50648 | SERVER-WEBAPP NUUO NVRmini upgrade_handle.php command injection attempt (more info ...) | web-application-attack | 2018-14933 | URL | ||
| 50649 | SERVER-WEBAPP NUUO NVRmini upgrade_handle.php command injection attempt (more info ...) | web-application-attack | 2018-14933 | URL | ||
| 50995 | SERVER-WEBAPP PHP ProjectPier remote file include attempt (more info ...) | web-application-attack | 2018-10759 | |||
| 50996 | SERVER-WEBAPP PHP ProjectPier remote file include attempt (more info ...) | web-application-attack | 2018-10759 | |||
| 51142 | SERVER-WEBAPP Moodle 3.x PHP code injection attempt (more info ...) | web-application-attack | 2018-1133 | |||
| 51143 | SERVER-WEBAPP Moodle 3.x PHP code injection attempt (more info ...) | web-application-attack | 2018-1133 | |||
| 51396 | SERVER-WEBAPP ThinkPHP 5.0.23/5.1.31 command injection attempt (more info ...) | web-application-attack | URL | |||
| 51397 | SERVER-WEBAPP ThinkPHP SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 51398 | SERVER-WEBAPP ThinkPHP command injection attempt (more info ...) | web-application-attack | URL | |||
| 51399 | SERVER-WEBAPP ThinkPHP SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 51570 | SERVER-WEBAPP osCommerce PHP code injection attempt (more info ...) | web-application-attack | URL | |||
| 51667 | SERVER-WEBAPP Trend Micro Control Manager download.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 51668 | SERVER-WEBAPP Trend Micro Control Manager download.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 51669 | SERVER-WEBAPP Trend Micro Control Manager download.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 51816 | SERVER-WEBAPP vBulletin updateAvatar PHP remote code execution attempt (more info ...) | web-application-attack | 2019-17132 | |||
| 51817 | SERVER-WEBAPP vBulletin updateAvatar PHP remote code execution attempt (more info ...) | web-application-attack | 2019-17132 | |||
| 51818 | SERVER-WEBAPP vBulletin updateAvatar PHP remote code execution attempt (more info ...) | web-application-attack | 2019-17132 | |||
| 51924 | SERVER-WEBAPP YouPHPTube getImage.php command injection attempt (more info ...) | web-application-attack | 2019-5127 | URL | ||
| 51925 | SERVER-WEBAPP YouPHPTube getImageMP4.php command injection attempt (more info ...) | web-application-attack | 2019-5128 | URL | ||
| 51926 | SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (more info ...) | web-application-attack | 2019-5129 | URL | ||
| 51927 | SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 51928 | SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 51977 | SERVER-WEBAPP FusionPBX service_edit.php command injection attempt (more info ...) | web-application-attack | 2019-15029 | |||
| 51978 | SERVER-WEBAPP FusionPBX service_edit.php command injection attempt (more info ...) | web-application-attack | 2019-15029 | |||
| 51979 | SERVER-WEBAPP FusionPBX service_edit.php command injection attempt (more info ...) | web-application-attack | 2019-15029 | |||
| 51980 | SERVER-WEBAPP FusionPBX service_edit.php command injection attempt (more info ...) | web-application-attack | 2019-15029 | |||
| 52123 | SERVER-WEBAPP PHP FPM env_path_info buffer underflow attempt (more info ...) | web-application-attack | 2019-11043 | URL | ||
| 52350 | SERVER-WEBAPP Wordpress Plainview Activity Monitor activities_overview.php command injection attempt (more info ...) | web-application-attack | 2018-15877 | |||
| 52351 | SERVER-WEBAPP Wordpress Plainview Activity Monitor activities_overview.php command injection attempt (more info ...) | web-application-attack | 2018-15877 | |||
| 52352 | SERVER-WEBAPP Wordpress Plainview Activity Monitor activities_overview.php command injection attempt (more info ...) | web-application-attack | 2018-15877 | |||
| 52353 | SERVER-WEBAPP rConfig ajaxServerSettingsChk.php command injection attempt (more info ...) | web-application-attack | 2019-16662 | URL | ||
| 52354 | SERVER-WEBAPP rConfig ajaxServerSettingsChk.php command injection attempt (more info ...) | web-application-attack | 2019-16662 | URL | ||
| 52355 | SERVER-WEBAPP rConfig ajaxServerSettingsChk.php command injection attempt (more info ...) | web-application-attack | 2019-16662 | URL | ||
| 53505 | SERVER-WEBAPP Horde Groupware Webmail data import PHP code injection attempt (more info ...) | web-application-attack | 2020-8518 | |||
| 53506 | SERVER-WEBAPP Horde Groupware Webmail data import PHP code injection attempt (more info ...) | web-application-attack | 2020-8518 | |||
| 53566 | SERVER-WEBAPP WordPress Plugin ThemeREX PHP code injection attempt (more info ...) | web-application-attack | 2020-10257 | URL | ||
| 53567 | SERVER-WEBAPP WordPress Plugin ThemeREX PHP code injection attempt (more info ...) | web-application-attack | 2020-10257 | URL | ||
| 53568 | SERVER-WEBAPP WordPress Plugin ThemeREX PHP code injection attempt (more info ...) | web-application-attack | 2020-10257 | URL | ||
| 54767 | SERVER-WEBAPP vBulletin template rendering arbitrary PHP code execution attempt (more info ...) | attempted-user | 2020-17496 | URL | ||
| 56519 | SERVER-WEBAPP WordPress plugin Autoptimize arbitrary PHP file upload attempt (more info ...) | attempted-user | 2020-24948 | URL | ||
| 56545 | SERVER-WEBAPP rConfig commands.inc.php SQL injection attempt (more info ...) | web-application-attack | 2020-10220 | URL | ||
| 56823 | SERVER-WEBAPP Citrix CakePHP command injection attempt (more info ...) | web-application-attack | 2020-8271 | URL | ||
| 56824 | SERVER-WEBAPP Citrix CakePHP command injection attempt (more info ...) | web-application-attack | 2020-8271 | URL | ||
| 56830 | SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 56831 | SERVER-WEBAPP WordPress Adning Advertising plugin arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 56877 | SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt (more info ...) | web-application-attack | 2020-5791 | |||
| 56879 | SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt (more info ...) | web-application-attack | 2020-5791 | |||
| 56880 | SERVER-WEBAPP Nagios XI mibs.php remote command injection attempt (more info ...) | web-application-attack | 2020-5791 | |||
| 57425 | MALWARE-BACKDOOR Php.Malware.Matamu inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57426 | SERVER-WEBAPP Zend and laminas-http frameworks streamName PHP object injection attempt (more info ...) | web-application-attack | 2021-3007 | URL | ||
| 57490 | SERVER-WEBAPP Klog Server authenticate.php user command injection attempt (more info ...) | web-application-attack | 2020-35729 | |||
| 57491 | SERVER-WEBAPP Klog Server authenticate.php user command injection attempt (more info ...) | web-application-attack | 2020-35729 | |||
| 57492 | SERVER-WEBAPP Klog Server authenticate.php user command injection attempt (more info ...) | web-application-attack | 2020-35729 | |||
| 57493 | SERVER-WEBAPP Klog Server authenticate.php user command injection attempt (more info ...) | web-application-attack | 2020-35729 | |||
| 57517 | SERVER-WEBAPP Serendipity index.php SQL injection attempt (more info ...) | web-application-attack | 2007-1326 | |||
| 57518 | SERVER-WEBAPP Serendipity index.php SQL injection attempt (more info ...) | web-application-attack | 2007-1326 | |||
| 57519 | SERVER-WEBAPP Serendipity index.php SQL injection attempt (more info ...) | web-application-attack | 2007-1326 | |||
| 57911 | SERVER-WEBAPP Nagios XI monitoringplugins.php command injection attempt (more info ...) | web-application-attack | 2020-35578 | URL | ||
| 58048 | MALWARE-OTHER Php.Webshell.CNHonker download attempt (more info ...) | trojan-activity | URL | |||
| 58049 | MALWARE-OTHER Php.Webshell.CNHonker download attempt (more info ...) | trojan-activity | URL | |||
| 58050 | MALWARE-OTHER Php.Webshell.CNHonker upload attempt (more info ...) | trojan-activity | URL | |||
| 58051 | MALWARE-OTHER Php.Webshell.CNHonker upload attempt (more info ...) | trojan-activity | URL | |||
| 58089 | MALWARE-OTHER Php.Webshell.Phpshell3 upload attempt (more info ...) | trojan-activity | URL | |||
| 58090 | MALWARE-OTHER Php.Webshell.Phpshell3 upload attempt (more info ...) | trojan-activity | URL | |||
| 58091 | MALWARE-OTHER Php.Webshell.Phpshell3 download attempt (more info ...) | trojan-activity | URL | |||
| 58092 | MALWARE-OTHER Php.Webshell.Phpshell3 download attempt (more info ...) | trojan-activity | URL | |||
| 58138 | MALWARE-OTHER Php.Webshell.R57 download attempt (more info ...) | trojan-activity | URL | |||
| 58139 | MALWARE-OTHER Php.Webshell.R57 upload attempt (more info ...) | trojan-activity | URL | |||
| 58142 | MALWARE-OTHER Php.Webshell.WorseLinux upload attempt (more info ...) | trojan-activity | URL | |||
| 58143 | MALWARE-OTHER Php.Webshell.WorseLinux download attempt (more info ...) | trojan-activity | URL | |||
| 58144 | MALWARE-OTHER Php.Webshell.WorseLinux download attempt (more info ...) | trojan-activity | URL | |||
| 58145 | MALWARE-OTHER Php.Webshell.WorseLinux upload attempt (more info ...) | trojan-activity | URL | |||
| 58149 | MALWARE-OTHER Php.Webshell.Ayyildiz upload attempt (more info ...) | trojan-activity | URL | |||
| 58150 | MALWARE-OTHER Php.Webshell.Ayyildiz download attempt (more info ...) | trojan-activity | URL | |||
| 58151 | MALWARE-OTHER Php.Webshell.Ayyildiz upload attempt (more info ...) | trojan-activity | URL | |||
| 58152 | MALWARE-OTHER Php.Webshell.Ayyildiz download attempt (more info ...) | trojan-activity | URL | |||
| 58161 | MALWARE-OTHER Php.Webshell.C99Madnet download attempt (more info ...) | trojan-activity | URL | |||
| 58162 | MALWARE-OTHER Php.Webshell.C99Madnet upload attempt (more info ...) | trojan-activity | URL | |||
| 58165 | MALWARE-OTHER Php.Webshell.Icesword upload attempt (more info ...) | trojan-activity | URL | |||
| 58166 | MALWARE-OTHER Php.Webshell.Icesword download attempt (more info ...) | trojan-activity | URL | |||
| 58167 | MALWARE-OTHER Php.Webshell.Icesword download attempt (more info ...) | trojan-activity | URL | |||
| 58168 | MALWARE-OTHER Php.Webshell.Icesword upload attempt (more info ...) | trojan-activity | URL | |||
| 58228 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58229 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58243 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58244 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58341 | SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt (more info ...) | web-application-attack | 2020-26935 | |||
| 58342 | SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt (more info ...) | web-application-attack | 2020-26935 | |||
| 58343 | SERVER-WEBAPP PHPMyAdmin SearchController SQL injection attempt (more info ...) | web-application-attack | 2020-26935 | |||
| 58347 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58348 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58349 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58350 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58351 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58369 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58370 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58371 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58372 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58373 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58396 | SERVER-WEBAPP Nagios XI PHP file injection attempt (more info ...) | web-application-attack | 2021-37343 | |||
| 58397 | SERVER-WEBAPP Nagios XI PHP file injection attempt (more info ...) | web-application-attack | 2021-37343 | |||
| 58398 | SERVER-WEBAPP Nagios XI PHP file injection attempt (more info ...) | web-application-attack | 2021-37343 | |||
| 58428 | SERVER-WEBAPP Trend Micro Control Manager Widget modDLPViolationCntdrildown.php directory traversal attempt (more info ...) | web-application-attack | ||||
| 58434 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58435 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58436 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58437 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58438 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58439 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58470 | SERVER-WEBAPP Trend Micro Deep Discovery Email Inspector Virtual Appliance policy_setting arbitrary PHP file upload attempt (more info ...) | attempted-admin | ||||
| 58522 | SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (more info ...) | web-application-attack | 2020-10221 | |||
| 58523 | SERVER-WEBAPP rConfig ajaxAddTemplate.php command injection attempt (more info ...) | web-application-attack | 2020-10221 | |||
| 58549 | SERVER-WEBAPP Unraid Operating System PHP code injection attempt (more info ...) | web-application-attack | 2020-5849 | |||
| 58550 | SERVER-WEBAPP Unraid Operating System PHP code injection attempt (more info ...) | web-application-attack | 2020-5849 | |||
| 58595 | SERVER-WEBAPP OpenEMR backup.php command injection attempt (more info ...) | web-application-attack | 2020-36243 | |||
| 58596 | SERVER-WEBAPP OpenEMR backup.php command injection attempt (more info ...) | web-application-attack | 2020-36243 | |||
| 58700 | MALWARE-OTHER Php.Webshell.PhpJackal upload attempt (more info ...) | trojan-activity | URL | |||
| 58701 | MALWARE-OTHER Php.Webshell.PhpJackal download attempt (more info ...) | trojan-activity | URL | |||
| 58912 | MALWARE-OTHER Php.Webshell.AcceptLanguage upload attempt (more info ...) | trojan-activity | URL | |||
| 58913 | MALWARE-OTHER Php.Webshell.AcceptLanguage download attempt (more info ...) | trojan-activity | URL | |||
| 58914 | MALWARE-OTHER Php.Webshell.529 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58915 | MALWARE-OTHER Php.Webshell.529 download attempt (more info ...) | trojan-activity | URL | |||
| 58916 | MALWARE-OTHER Php.Webshell.529 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58917 | MALWARE-OTHER Php.Webshell.529 upload attempt (more info ...) | trojan-activity | URL | |||
| 58918 | MALWARE-OTHER Php.Webshell.529 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58920 | MALWARE-OTHER Php.Webshell.AjaxPHPCommandShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58921 | MALWARE-OTHER Php.Webshell.AjaxPHPCommandShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58922 | MALWARE-OTHER Php.Webshell.AjaxPHPCommandShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58923 | MALWARE-OTHER Php.Webshell.AjaxPHPCommandShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58924 | MALWARE-OTHER Php.Webshell.AjaxPHPCommandShell upload attempt (more info ...) | trojan-activity | URL | |||
| 58925 | MALWARE-OTHER Php.Webshell.AjaxPHPCommandShell download attempt (more info ...) | trojan-activity | URL | |||
| 59021 | MALWARE-OTHER Php.Webshell.Antichat download attempt (more info ...) | trojan-activity | URL | |||
| 59022 | MALWARE-OTHER Php.Webshell.Antichat upload attempt (more info ...) | trojan-activity | URL | |||
| 59044 | MALWARE-OTHER Php.Webshell.AK74 download attempt (more info ...) | trojan-activity | URL | |||
| 59045 | MALWARE-OTHER Php.Webshell.AK74 upload attempt (more info ...) | trojan-activity | URL | |||
| 59048 | MALWARE-OTHER Php.Webshell.Generic outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59050 | MALWARE-OTHER Php.Webshell.Andela download attempt (more info ...) | trojan-activity | URL | |||
| 59051 | MALWARE-OTHER Php.Webshell.Andela upload attempt (more info ...) | trojan-activity | URL | |||
| 59056 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 59057 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 59092 | MALWARE-OTHER Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 59094 | MALWARE-OTHER Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 59260 | MALWARE-OTHER Php.Webshell.Generic outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59261 | MALWARE-OTHER Php.Webshell.C0ders download attempt (more info ...) | trojan-activity | URL | |||
| 59262 | MALWARE-OTHER Php.Webshell.C0ders outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59263 | MALWARE-OTHER Php.Webshell.C0ders inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59264 | MALWARE-OTHER Php.Webshell.C0ders inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59265 | MALWARE-OTHER Php.Webshell.C0ders upload attempt (more info ...) | trojan-activity | URL | |||
| 59347 | MALWARE-OTHER Php.Webshell.CWShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59348 | MALWARE-OTHER Php.Webshell.CWShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59349 | MALWARE-OTHER Php.Webshell.CWShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59350 | MALWARE-OTHER Php.Webshell.CWShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59351 | MALWARE-OTHER Php.Webshell.SmallShell upload attempt (more info ...) | trojan-activity | URL | |||
| 59352 | MALWARE-OTHER Php.Webshell.SmallShell download attempt (more info ...) | trojan-activity | URL | |||
| 59353 | MALWARE-OTHER Php.Webshell.SmallShell download attempt (more info ...) | trojan-activity | URL | |||
| 59354 | MALWARE-OTHER Php.Webshell.SmallShell upload attempt (more info ...) | trojan-activity | URL | |||
| 59361 | SERVER-WEBAPP YouPHPTube checkConfiguration php PHP code injection attempt (more info ...) | web-application-attack | 2019-16124 | |||
| 59362 | SERVER-WEBAPP YouPHPTube checkConfiguration php PHP code injection attempt (more info ...) | web-application-attack | 2019-16124 | |||
| 59483 | SERVER-WEBAPP GilaCMS arbitrary php file upload attempt (more info ...) | web-application-attack | 2020-5514 | URL | ||
| 59515 | SERVER-WEBAPP CentOS Web Panel PHP file injection attempt (more info ...) | web-application-attack | 2021-45466 | URL | ||
| 59516 | SERVER-WEBAPP CentOS Web Panel PHP file injection attempt (more info ...) | web-application-attack | 2021-45466 | URL | ||
| 59517 | SERVER-WEBAPP CentOS Web Panel PHP file injection attempt (more info ...) | web-application-attack | 2021-45466 | URL | ||
| 59577 | SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (more info ...) | web-application-attack | 2020-10221 | |||
| 59578 | SERVER-WEBAPP rConfig ajaxAddTemplate.php directory traversal attempt (more info ...) | web-application-attack | 2020-10221 | |||
| 59904 | SERVER-WEBAPP ImpressCMS findusers.php groups SQL injection attempt (more info ...) | web-application-attack | 2021-26599 | URL | ||
| 59905 | SERVER-WEBAPP ImpressCMS findusers.php groups SQL injection attempt (more info ...) | web-application-attack | 2021-26599 | URL | ||
| 60085 | SERVER-WEBAPP OctoberCMS PHP file injection attempt (more info ...) | web-application-attack | 2022-21705 | |||
| 60086 | SERVER-WEBAPP OctoberCMS PHP file injection attempt (more info ...) | web-application-attack | 2022-21705 | |||
| 60087 | SERVER-WEBAPP OctoberCMS PHP file injection attempt (more info ...) | web-application-attack | 2022-21705 | |||
| 60284 | MALWARE-OTHER Php.Webshell.CrewShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60285 | MALWARE-OTHER Php.Webshell.CrewShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60286 | MALWARE-OTHER Php.Webshell.CrewShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60296 | MALWARE-OTHER Php.Webshell.Cybershell download attempt (more info ...) | trojan-activity | URL | |||
| 60297 | MALWARE-OTHER Php.Webshell.Cybershell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60299 | MALWARE-OTHER Php.Webshell.Cybershell upload attempt (more info ...) | trojan-activity | URL | |||
| 60300 | MALWARE-OTHER Php.Webshell.Cybershell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60301 | MALWARE-OTHER Php.Webshell.Cybershell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60302 | MALWARE-OTHER Php.Webshell.Cybershell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60339 | MALWARE-OTHER Php.Webshell.DiveShell upload attempt (more info ...) | trojan-activity | URL | |||
| 60340 | MALWARE-OTHER Php.Webshell.DiveShell download attempt (more info ...) | trojan-activity | URL | |||
| 60399 | MALWARE-OTHER Php.Webshell.DToolPro download attempt (more info ...) | trojan-activity | URL | |||
| 60400 | MALWARE-OTHER Php.Webshell.DToolPro upload attempt (more info ...) | trojan-activity | URL | |||
| 60422 | SERVER-WEBAPP PAN-OS Simple Certificate Enrollment Protocol arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2021-3060 | |||
| 60423 | SERVER-WEBAPP PAN-OS Simple Certificate Enrollment Protocol arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2021-3060 | |||
| 60451 | MALWARE-OTHER Php.Webshell.Erne inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60452 | MALWARE-OTHER Php.Webshell.Erne inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60469 | MALWARE-OTHER Php.Webshell.CmdShell upload attempt (more info ...) | trojan-activity | URL | |||
| 60470 | MALWARE-OTHER Php.Webshell.CmdShell download attempt (more info ...) | trojan-activity | URL | |||
| 60471 | MALWARE-OTHER Php.Webshell.CmdShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60494 | MALWARE-OTHER Php.Webshell.Exoshell upload attempt (more info ...) | trojan-activity | URL | |||
| 60495 | MALWARE-OTHER Php.Webshell.Exoshell download attempt (more info ...) | trojan-activity | URL | |||
| 60506 | MALWARE-OTHER Php.Webshell.FTPSearch outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60569 | SERVER-WEBAPP QNAP Photo Station combine.php remote code execution attempt (more info ...) | web-application-attack | 2022-27593 | |||
| 60589 | MALWARE-OTHER Php.Webshell.GoShell download attempt (more info ...) | trojan-activity | URL | |||
| 60697 | SERVER-WEBAPP VICIdial user_stats.php SQL injection attempt (more info ...) | web-application-attack | 2022-34878 | URL | ||
| 60791 | SERVER-WEBAPP GLPI htmlawed php remote code execution attempt (more info ...) | web-application-attack | 2022-35914 | URL | ||
| 60792 | SERVER-WEBAPP GLPI htmlawed php remote code execution attempt (more info ...) | web-application-attack | 2022-35914 | URL | ||
| 61046 | MALWARE-OTHER Php.Webshell.HiddenShell download attempt (more info ...) | trojan-activity | URL | |||
| 61047 | MALWARE-OTHER Php.Webshell.HiddenShell upload attempt (more info ...) | trojan-activity | URL | |||
| 61132 | SERVER-WEBAPP Fscan scanner PHP object injection attempt (more info ...) | web-application-attack | URL | |||
| 61177 | SERVER-WEBAPP SugarCRM EmailTemplates PHP webshell access attempt (more info ...) | attempted-user | 2023-22952 | URL | ||
| 61178 | SERVER-WEBAPP SugarCRM EmailTemplates PHP webshell access attempt (more info ...) | attempted-user | 2023-22952 | URL | ||
| 61179 | SERVER-WEBAPP SugarCRM EmailTemplates PHP file injection attempt (more info ...) | web-application-attack | 2023-22952 | URL | ||
| 61534 | SERVER-WEBAPP Avaya Aura Device Services PhoneBackup arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 61834 | SERVER-WEBAPP Bitrix CMS Vote Module PHP file injection attempt (more info ...) | web-application-attack | 2022-27228 | URL | ||
| 61835 | SERVER-WEBAPP Bitrix CMS HTML Editor Module PHP file injection attempt (more info ...) | web-application-attack | 2022-27228 | URL | ||
| 62055 | MALWARE-BACKDOOR Php.Webshell.AntSword transfer attempt (more info ...) | trojan-activity | URL | |||
| 62056 | MALWARE-BACKDOOR Php.Webshell.AntSword transfer attempt (more info ...) | trojan-activity | URL | |||
| 62096 | SERVER-WEBAPP WordPress Core l10n.php directory traversal attempt (more info ...) | web-application-attack | 2023-2745 | |||
| 62097 | SERVER-WEBAPP WordPress Core l10n.php directory traversal attempt (more info ...) | web-application-attack | 2023-2745 | |||
| 62115 | SERVER-WEBAPP GetSimple CMS PHP code injection attempt (more info ...) | web-application-attack | 2022-41544 | URL | ||
| 62116 | SERVER-WEBAPP GetSimple CMS PHP code injection attempt (more info ...) | web-application-attack | 2022-41544 | URL | ||
| 62117 | MALWARE-BACKDOOR Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 62118 | MALWARE-BACKDOOR Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 62119 | MALWARE-BACKDOOR Php.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 62120 | MALWARE-BACKDOOR Php.Webshell.Generic download attempt (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 824 | SERVER-WEBAPP php.cgi access (more info ...) | attempted-recon | 1999-0238 | 712 | 10178 | |
| 1161 | SERVER-WEBAPP piranha passwd.php3 access (more info ...) | attempted-recon | 2000-0322 | 1149 | ||
| 1254 | SERVER-WEBAPP PHPLIB remote command attempt (more info ...) | attempted-user | 2001-1370 | 3079 | 14910 | |
| 1255 | SERVER-WEBAPP PHPLIB remote command attempt (more info ...) | attempted-user | 2001-1370 | 3079 | ||
| 1300 | SERVER-WEBAPP admin.php file upload attempt (more info ...) | attempted-admin | 2001-1032 | 3361 | ||
| 1301 | SERVER-WEBAPP admin.php access (more info ...) | attempted-recon | 2001-1032 | 9270 | ||
| 1399 | SERVER-WEBAPP PHP-Nuke remote file include attempt (more info ...) | web-application-attack | 2002-0206 | 3889 | ||
| 1407 | SERVER-WEBAPP smssend.php access (more info ...) | web-application-activity | 2002-0220 | 3982 | ||
| 1490 | SERVER-WEBAPP Phorum /support/common.php attempt (more info ...) | web-application-attack | 1997 | |||
| 1491 | SERVER-WEBAPP Phorum /support/common.php access (more info ...) | web-application-attack | 2004-0034 | 9361 | ||
| 1742 | SERVER-WEBAPP Blahz-DNS dostuff.php modify user attempt (more info ...) | web-application-attack | 2002-0599 | 4618 | ||
| 1743 | SERVER-WEBAPP Blahz-DNS dostuff.php access (more info ...) | web-application-activity | 2002-0599 | 4618 | ||
| 1745 | SERVER-WEBAPP Messagerie supp_membre.php access (more info ...) | web-application-activity | 4635 | |||
| 1773 | SERVER-WEBAPP php.exe access (more info ...) | web-application-activity | URL | |||
| 1774 | SERVER-WEBAPP bb_smilies.php access (more info ...) | web-application-activity | URL | |||
| 1815 | SERVER-WEBAPP directory.php arbitrary command attempt (more info ...) | misc-attack | 2002-0434 | 4278 | 11017 | |
| 1816 | SERVER-WEBAPP directory.php access (more info ...) | misc-attack | 2002-0434 | 4278 | ||
| 1834 | SERVER-WEBAPP PHP-Wiki cross site scripting attempt (more info ...) | web-application-attack | 2002-1070 | 5254 | ||
| 1967 | SERVER-WEBAPP phpbb quick-reply.php arbitrary command attempt (more info ...) | web-application-attack | 2002-2287 | 6173 | ||
| 1968 | SERVER-WEBAPP phpbb quick-reply.php access (more info ...) | web-application-activity | 2002-2287 | 6173 | ||
| 1999 | SERVER-WEBAPP edit_image.php access (more info ...) | web-application-activity | 2001-1020 | 3288 | 11104 | |
| 2000 | SERVER-WEBAPP readmsg.php access (more info ...) | web-application-activity | 2001-1408 | 11073 | ||
| 2074 | SERVER-WEBAPP Mambo uploadimage.php upload php file attempt (more info ...) | web-application-attack | 2003-1204 | 6572 | 16315 | |
| 2075 | SERVER-WEBAPP Mambo upload.php upload php file attempt (more info ...) | web-application-attack | 2003-1204 | 6572 | 16315 | |
| 2076 | SERVER-WEBAPP Mambo uploadimage.php access (more info ...) | web-application-activity | 2003-1204 | 6572 | 16315 | |
| 2078 | SERVER-WEBAPP phpBB privmsg.php access (more info ...) | web-application-activity | 2003-1530 | 6634 | ||
| 2140 | SERVER-WEBAPP p-news.php access (more info ...) | web-application-activity | 11669 | |||
| 2141 | SERVER-WEBAPP shoutbox.php directory traversal attempt (more info ...) | web-application-attack | 11668 | |||
| 2142 | SERVER-WEBAPP shoutbox.php access (more info ...) | web-application-activity | 11668 | |||
| 2143 | SERVER-WEBAPP b2 cafelog gm-2-b2.php remote file include attempt (more info ...) | web-application-attack | 11667 | |||
| 2144 | SERVER-WEBAPP b2 cafelog gm-2-b2.php access (more info ...) | web-application-activity | 11667 | |||
| 2145 | SERVER-WEBAPP TextPortal admin.php default password admin attempt (more info ...) | web-application-activity | 7673 | 11660 | URL | |
| 2146 | SERVER-WEBAPP TextPortal admin.php default password 12345 attempt (more info ...) | web-application-activity | 7673 | 11660 | URL | |
| 2147 | SERVER-WEBAPP BLNews objects.inc.php4 remote file include attempt (more info ...) | web-application-attack | 2003-0394 | 7677 | 11647 | |
| 2148 | SERVER-WEBAPP BLNews objects.inc.php4 access (more info ...) | web-application-activity | 2003-0394 | 7677 | 11647 | |
| 2149 | SERVER-WEBAPP Turba status.php access (more info ...) | web-application-activity | 11646 | |||
| 2150 | SERVER-WEBAPP ttCMS header.php remote file include attempt (more info ...) | web-application-attack | 2003-1459 | 7625 | 11636 | |
| 2151 | SERVER-WEBAPP ttCMS header.php access (more info ...) | web-application-activity | 2003-1459 | 7625 | 11636 | |
| 2152 | SERVER-WEBAPP test.php access (more info ...) | web-application-activity | 11617 | |||
| 2153 | SERVER-WEBAPP autohtml.php directory traversal attempt (more info ...) | web-application-attack | 11630 | |||
| 2154 | SERVER-WEBAPP autohtml.php access (more info ...) | web-application-activity | 11630 | |||
| 2227 | SERVER-WEBAPP forum_details.php access (more info ...) | web-application-attack | 7933 | 11760 | ||
| 2228 | SERVER-WEBAPP phpMyAdmin db_details_importdocsql.php access (more info ...) | web-application-attack | 7965 | 11761 | ||
| 2229 | SERVER-WEBAPP viewtopic.php access (more info ...) | web-application-attack | 2003-0486 | 7979 | 11767 | |
| 2279 | SERVER-WEBAPP UpdateClasses.php access (more info ...) | web-application-activity | 9057 | |||
| 2282 | SERVER-WEBAPP GlobalFunctions.php access (more info ...) | web-application-activity | 9057 | |||
| 2283 | SERVER-WEBAPP DatabaseFunctions.php access (more info ...) | web-application-activity | 9057 | |||
| 2287 | SERVER-WEBAPP Advanced Poll admin_comment.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2288 | SERVER-WEBAPP Advanced Poll admin_edit.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2289 | SERVER-WEBAPP Advanced Poll admin_embed.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2290 | SERVER-WEBAPP Advanced Poll admin_help.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2291 | SERVER-WEBAPP Advanced Poll admin_license.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2292 | SERVER-WEBAPP Advanced Poll admin_logout.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2293 | SERVER-WEBAPP Advanced Poll admin_password.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2294 | SERVER-WEBAPP Advanced Poll admin_preview.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2295 | SERVER-WEBAPP Advanced Poll admin_settings.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2296 | SERVER-WEBAPP Advanced Poll admin_stats.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2297 | SERVER-WEBAPP Advanced Poll admin_templates_misc.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2298 | SERVER-WEBAPP Advanced Poll admin_templates.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2299 | SERVER-WEBAPP Advanced Poll admin_tpl_misc_new.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2300 | SERVER-WEBAPP Advanced Poll admin_tpl_new.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2301 | SERVER-WEBAPP Advanced Poll booth.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2302 | SERVER-WEBAPP Advanced Poll poll_ssi.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2303 | SERVER-WEBAPP Advanced Poll popup.php access (more info ...) | web-application-activity | 2003-1181 | 8890 | 11487 | |
| 2304 | SERVER-WEBAPP files.inc.php access (more info ...) | web-application-activity | 2003-1153 | 8910 | ||
| 2305 | SERVER-WEBAPP chatbox.php access (more info ...) | web-application-activity | 2003-1191 | 8930 | ||
| 2328 | SERVER-WEBAPP authentication_index.php access (more info ...) | web-application-activity | 2004-0032 | 11982 | ||
| 2345 | SERVER-WEBAPP PhpGedView search.php access (more info ...) | web-application-activity | 2004-0032 | 9369 | ||
| 2346 | SERVER-WEBAPP myPHPNuke chatheader.php access (more info ...) | web-application-activity | 6544 | |||
| 2353 | SERVER-WEBAPP IdeaBox cord.php file include (more info ...) | web-application-activity | 7488 | |||
| 2354 | SERVER-WEBAPP IdeaBox notification.php file include (more info ...) | web-application-activity | 7488 | |||
| 2355 | SERVER-WEBAPP Invision Board emailer.php file include (more info ...) | web-application-activity | 7204 | |||
| 2356 | SERVER-WEBAPP WebChat db_mysql.php file include (more info ...) | web-application-attack | 2007-0485 | 7000 | ||
| 2357 | SERVER-WEBAPP WebChat english.php file include (more info ...) | web-application-attack | 2007-0485 | 7000 | ||
| 2358 | SERVER-WEBAPP Typo3 translations.php file include (more info ...) | web-application-attack | 6984 | |||
| 2359 | SERVER-WEBAPP Invision Board ipchat.php file include (more info ...) | web-application-attack | 2003-1385 | 6976 | ||
| 2360 | SERVER-WEBAPP myphpPagetool pt_config.inc file include (more info ...) | web-application-attack | 6744 | |||
| 2361 | SERVER-WEBAPP news.php file include (more info ...) | web-application-attack | 6674 | |||
| 2362 | SERVER-WEBAPP YaBB SE packages.php file include (more info ...) | web-application-attack | 6663 | |||
| 2363 | SERVER-WEBAPP Cyboards default_header.php access (more info ...) | web-application-activity | 6597 | |||
| 2364 | SERVER-WEBAPP Cyboards options_form.php access (more info ...) | web-application-activity | 6597 | |||
| 2365 | SERVER-WEBAPP newsPHP Language file include attempt (more info ...) | web-application-activity | 8488 | |||
| 2366 | SERVER-WEBAPP PhpGedView PGV authentication_index.php base directory manipulation attempt (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 2367 | SERVER-WEBAPP PhpGedView PGV functions.php base directory manipulation attempt (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 2368 | SERVER-WEBAPP PhpGedView PGV config_gedcom.php base directory manipulation attempt (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 2372 | SERVER-WEBAPP Photopost PHP Pro showphoto.php access (more info ...) | web-application-activity | 2004-0250 | 9557 | ||
| 2398 | SERVER-WEBAPP WAnewsletter newsletter.php file include attempt (more info ...) | web-application-attack | 6965 | |||
| 2399 | SERVER-WEBAPP WAnewsletter db_type.php access (more info ...) | web-application-activity | 6964 | |||
| 2405 | SERVER-WEBAPP phptest.php access (more info ...) | web-application-activity | 2004-2374 | 9737 | ||
| 2410 | SERVER-WEBAPP IGeneric Free Shopping Cart page.php access (more info ...) | web-application-activity | 9773 | |||
| 2566 | SERVER-WEBAPP PHPBB viewforum.php access (more info ...) | web-application-activity | 2004-1809 | 9866 | 12093 | |
| 2575 | SERVER-WEBAPP Opt-X header.php remote file include attempt (more info ...) | web-application-attack | 2004-2368 | 9732 | ||
| 2654 | SERVER-WEBAPP PHPNuke Forum viewtopic SQL insertion attempt (more info ...) | web-application-attack | 7193 | |||
| 2926 | SERVER-WEBAPP PhpGedView PGV base directory manipulation (more info ...) | web-application-attack | 2004-0030 | 9368 | ||
| 3544 | SERVER-WEBAPP TrackerCam ComGetLogFile.php3 directory traversal attempt (more info ...) | web-application-attack | 2005-0481 | 12592 | 17160 | |
| 3545 | SERVER-WEBAPP TrackerCam ComGetLogFile.php3 log information disclosure (more info ...) | web-application-activity | 2005-0481 | 12592 | 17160 | |
| 3547 | SERVER-WEBAPP TrackerCam overly long php parameter overflow attempt (more info ...) | web-application-attack | 2005-0481 | 12592 | ||
| 3690 | SERVER-WEBAPP Nucleus CMS action.php itemid SQL injection (more info ...) | web-application-activity | 2004-2056 | 10798 | 14194 | |
| 4650 | SERVER-WEBAPP cacti graph_image.php access (more info ...) | web-application-activity | 14042 | |||
| 5744 | PUA-ADWARE Hijacker actualnames outbound connection - online.php request (more info ...) | misc-activity | URL | |||
| 5848 | PUA-ADWARE Adware warez_p2p runtime detection - ip.php request (more info ...) | misc-activity | URL | |||
| 6020 | MALWARE-CNC dsk lite 1.0 variant outbound connection php notification (more info ...) | trojan-activity | URL | |||
| 6042 | MALWARE-CNC fear 0.2 variant outbound connection php notification (more info ...) | trojan-activity | URL | |||
| 7149 | MALWARE-CNC Hacker-Tool sars notifier variant outbound connection php notification (more info ...) | misc-activity | URL | |||
| 7639 | MALWARE-CNC air variant outbound connection php notification (more info ...) | trojan-activity | URL | |||
| 9653 | MALWARE-CNC apofis 1.0 variant outbound connection php notification (more info ...) | trojan-activity | URL | |||
| 10196 | MALWARE-BACKDOOR Wordpress backdoor feed.php code execution (more info ...) | trojan-activity | 2007-1277 | 22797 | URL | |
| 10197 | MALWARE-BACKDOOR Wordpress backdoor theme.php code execution (more info ...) | trojan-activity | 2007-1277 | 22797 | URL | |
| 11664 | SERVER-WEBAPP sphpblog password.txt access attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11665 | SERVER-WEBAPP sphpblog install03_cgi access attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11666 | SERVER-WEBAPP sphpblog upload_img_cgi access attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11667 | SERVER-WEBAPP sphpblog arbitrary file delete attempt (more info ...) | attempted-user | 2005-2733 | 14667 | ||
| 11668 | SERVER-WEBAPP vbulletin php code injection (more info ...) | attempted-user | 2005-0511 | URL | ||
| 12610 | SERVER-WEBAPP phpBB viewtopic double URL encoding attempt (more info ...) | web-application-attack | 2004-1315 | |||
| 13816 | SERVER-WEBAPP PHP xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | 14088 | ||
| 13817 | SERVER-WEBAPP PHP xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | 14088 | ||
| 13818 | SERVER-WEBAPP PHP alternate xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | 14088 | ||
| 15424 | SERVER-WEBAPP phpBB mod shoutbox sql injection attempt (more info ...) | web-application-attack | 2008-6301 | 32123 | URL | |
| 15425 | SERVER-WEBAPP phpBB mod tag board sql injection attempt (more info ...) | web-application-attack | 2008-6314 | 32701 | URL | |
| 15977 | SERVER-WEBAPP PHP strip_tags bypass vulnerability exploit attempt (more info ...) | attempted-user | 2004-0595 | 10724 | ||
| 16078 | SERVER-WEBAPP PHP memory_limit vulnerability exploit attempt (more info ...) | attempted-user | 2004-0594 | 10725 | ||
| 16190 | SERVER-ORACLE Oracle Secure Backup Administration server property_box.php command injection attempt (more info ...) | attempted-admin | 2009-1978 | 35678 | ||
| 16243 | MALWARE-CNC downloader-ash.gen.b variant outbound connection 3264.php (more info ...) | trojan-activity | URL | |||
| 16613 | INDICATOR-COMPROMISE c99shell.php command request - cmd (more info ...) | policy-violation | URL | |||
| 16614 | INDICATOR-COMPROMISE c99shell.php command request - search (more info ...) | policy-violation | URL | |||
| 16615 | INDICATOR-COMPROMISE c99shell.php command request - upload (more info ...) | policy-violation | URL | |||
| 16616 | INDICATOR-COMPROMISE c99shell.php command request - about (more info ...) | policy-violation | URL | |||
| 16617 | INDICATOR-COMPROMISE c99shell.php command request - encoder (more info ...) | policy-violation | URL | |||
| 16618 | INDICATOR-COMPROMISE c99shell.php command request - bind (more info ...) | policy-violation | URL | |||
| 16619 | INDICATOR-COMPROMISE c99shell.php command request - ps_aux (more info ...) | policy-violation | URL | |||
| 16620 | INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (more info ...) | policy-violation | URL | |||
| 16621 | INDICATOR-COMPROMISE c99shell.php command request - security (more info ...) | policy-violation | URL | |||
| 16622 | INDICATOR-COMPROMISE c99shell.php command request - sql (more info ...) | policy-violation | URL | |||
| 16623 | INDICATOR-COMPROMISE c99shell.php command request - eval (more info ...) | policy-violation | URL | |||
| 16624 | INDICATOR-COMPROMISE c99shell.php command request - feedback (more info ...) | policy-violation | URL | |||
| 16625 | INDICATOR-COMPROMISE c99shell.php command request - selfremove (more info ...) | policy-violation | URL | |||
| 16626 | INDICATOR-COMPROMISE c99shell.php command request - fsbuff (more info ...) | policy-violation | URL | |||
| 16627 | INDICATOR-COMPROMISE c99shell.php command request - ls (more info ...) | policy-violation | URL | |||
| 16628 | INDICATOR-COMPROMISE c99shell.php command request - phpinfo (more info ...) | policy-violation | URL | |||
| 16913 | MALWARE-CNC URI request for known malicious URI - count_log/log/boot.php?p= (more info ...) | trojan-activity | URL | |||
| 16923 | MALWARE-CNC URI request for known malicious URI - /search.php?username=coolweb07&keywords= (more info ...) | trojan-activity | URL | |||
| 16924 | MALWARE-CNC URI request for known malicious URI - /inst.php?fff= (more info ...) | trojan-activity | URL | |||
| 16925 | MALWARE-CNC URI request for known malicious URI - /message.php?subid= (more info ...) | trojan-activity | URL | |||
| 16927 | MALWARE-CNC URI request for known malicious URI - MGWEB.php?c=TestUrl (more info ...) | trojan-activity | URL | |||
| 16929 | MALWARE-CNC URI request for known malicious URI - gate.php?guid= (more info ...) | trojan-activity | URL | |||
| 16931 | MALWARE-CNC URI request for known malicious URI - feedbigfoot.php?m= (more info ...) | trojan-activity | URL | |||
| 17597 | SERVER-WEBAPP TikiWiki jhot.php script file upload attempt (more info ...) | attempted-user | 2006-4602 | 19819 | URL | |
| 17898 | MALWARE-CNC URI request for known malicious URI - /get2.php?c=VTOXUGUI&d= (more info ...) | trojan-activity | URL | |||
| 17905 | MALWARE-CNC URI request for known malicious URI - 1de49069b6044785e9dfcd4c035cfd0c.php (more info ...) | trojan-activity | URL | |||
| 17906 | MALWARE-CNC URI request for known malicious URI - 2x/.*php (more info ...) | trojan-activity | URL | |||
| 18333 | SERVER-WEBAPP phpBook date command execution attempt (more info ...) | attempted-admin | 2006-0206 | 16229 | ||
| 18334 | SERVER-WEBAPP phpBook mail command execution attempt (more info ...) | attempted-admin | 2006-0075 | 16106 | ||
| 18478 | SERVER-WEBAPP miniBB rss.php premodDir remote file include attempt (more info ...) | web-application-attack | ||||
| 18493 | INDICATOR-OBFUSCATION generic PHP code obfuscation attempt (more info ...) | trojan-activity | URL | |||
| 18586 | SERVER-WEBAPP Visuplay CMS news_article.php unspecified SQL injection attempt (more info ...) | web-application-activity | 33209 | |||
| 18678 | SERVER-WEBAPP osCommerce categories.php Arbitrary File Upload And Code Execution (more info ...) | web-application-attack | 44995 | |||
| 18797 | SERVER-WEBAPP Oracle Secure Backup Administration property_box.php other variable command execution attempt (more info ...) | attempted-admin | 2010-0899 | 41616 | ||
| 19553 | SERVER-WEBAPP phpMyAdmin session_to_unset session variable injection attempt (more info ...) | attempted-user | 2011-2506 | URL | ||
| 19625 | MALWARE-CNC URI request for known malicious URI - .sys.php?getexe= (more info ...) | trojan-activity | URL | |||
| 19628 | MALWARE-CNC URI request for known malicious URI - /1cup/script.php (more info ...) | trojan-activity | URL | |||
| 19632 | MALWARE-CNC URI request for known malicious URI - /VertexNet/adduser.php?uid= (more info ...) | trojan-activity | URL | |||
| 19633 | MALWARE-CNC URI request for known malicious URI - /VertexNet/tasks.php?uid= (more info ...) | trojan-activity | URL | |||
| 19653 | SERVER-WEBAPP Wordpress timthumb.php theme remote file include attack attempt (more info ...) | web-application-attack | 47374 | URL | ||
| 19661 | SERVER-OTHER Alucar php shell download attempt (more info ...) | attempted-user | 47374 | URL | ||
| 19778 | MALWARE-CNC URI request for known malicious URI - /games/java_trust.php?f= (more info ...) | trojan-activity | URL | |||
| 19869 | MALWARE-TOOLS Anonymous PHP RefRef DoS tool (more info ...) | attempted-dos | URL | |||
| 19913 | MALWARE-CNC URI request for known malicious URI - optima/index.php (more info ...) | trojan-activity | URL | |||
| 20045 | SQL PHPSESSID SQL injection attempt (more info ...) | web-application-attack | ||||
| 20046 | SQL PHPSESSID SQL injection attempt (more info ...) | web-application-attack | ||||
| 20184 | INDICATOR-SHELLCODE Metasploit php meterpreter stub .php file upload (more info ...) | shellcode-detect | URL | |||
| 20533 | SERVER-WEBAPP php tiny shell upload attempt (more info ...) | misc-activity | URL | |||
| 20629 | SERVER-WEBAPP geoBlog SQL injection in viewcat.php cat parameter attempt (more info ...) | web-application-activity | 2006-0249 | 16249 | ||
| 20631 | SERVER-WEBAPP Akarru remote file include in main_content.php bm_content (more info ...) | web-application-activity | 2006-4645 | 19870 | ||
| 20632 | SERVER-WEBAPP AnnoncesV annonce.php remote file include attempt (more info ...) | web-application-attack | 2006-4622 | 19854 | ||
| 20633 | SERVER-WEBAPP Boite de News remote file include in inc.php url_index (more info ...) | web-application-activity | 2006-4123 | 19440 | ||
| 20640 | SERVER-WEBAPP VEGO Web Forum SQL injection in login.php username attempt (more info ...) | web-application-attack | 2006-0067 | 16108 | ||
| 20641 | SERVER-WEBAPP TheWebForum SQL injection in login.php username attempt (more info ...) | web-application-attack | 2006-0135 | 16161 | ||
| 20642 | SERVER-WEBAPP TankLogger SQL injection in showInfo.php livestock_id attempt (more info ...) | web-application-attack | 2006-0209 | 16228 | ||
| 20643 | SERVER-WEBAPP ScozBook SQL injection in auth.php adminname attempt (more info ...) | web-application-attack | 2006-0079 | 16115 | ||
| 20644 | SERVER-WEBAPP Lizard Cart CMS SQL injection in detail.php id attempt (more info ...) | web-application-attack | 2006-0087 | 16140 | ||
| 20645 | SERVER-WEBAPP Lizard Cart CMS SQL injection in pages.php id attempt (more info ...) | web-application-attack | 2006-0087 | 16140 | ||
| 20646 | SERVER-WEBAPP Benders Calendar SQL injection in index.php this_day attempt (more info ...) | web-application-attack | 2006-0252 | 16242 | ||
| 20647 | SERVER-WEBAPP inTouch SQL injection in index.php user attempt (more info ...) | web-application-attack | 2006-0088 | 16110 | ||
| 20648 | SERVER-WEBAPP Bit 5 Blog SQL injection in processlogin.php username via (more info ...) | web-application-attack | 2006-0320 | 16244 | ||
| 20649 | SERVER-WEBAPP ADNForum SQL injection in index.php fid attempt (more info ...) | web-application-attack | 2006-0123 | 16157 | ||
| 20650 | SERVER-WEBAPP MyNewsGroups remote file include in layersmenu.inc.php myng_root (more info ...) | web-application-attack | 2006-3966 | 19258 | ||
| 20651 | SERVER-WEBAPP Modernbill remote file include in config.php DIR (more info ...) | web-application-attack | 2006-4034 | 19335 | ||
| 20652 | SERVER-WEBAPP ME Download System remote file include in header.php Vb8878b936c2bd8ae0cab (more info ...) | web-application-attack | 2006-4053 | 19336 | ||
| 20654 | SERVER-WEBAPP GrapAgenda remote file include in index.php page (more info ...) | web-application-attack | 2006-4610 | 19857 | ||
| 20656 | SERVER-WEBAPP GestArtremote file include in aide.php3 aide (more info ...) | web-application-attack | 2006-5612 | 22825 | ||
| 20657 | SERVER-WEBAPP Free File Hosting remote file include in forgot_pass.php ad_body_temp (more info ...) | web-application-attack | 2006-5762 | 20781 | ||
| 20660 | SERVER-OTHER sl.php script injection (more info ...) | misc-activity | URL | |||
| 20663 | SERVER-WEBAPP Comet WebFileManager remote file include in CheckUpload.php Language (more info ...) | web-application-attack | 2006-4077 | 19433 | ||
| 20669 | EXPLOIT-KIT URI request for known malicious URI - w.php?f= (more info ...) | trojan-activity | URL | |||
| 20680 | SERVER-WEBAPP Flashchat aedating4CMS.php remote file include attempt (more info ...) | web-application-activity | 2006-4583 | 19826 | ||
| 20728 | SERVER-WEBAPP WoW Roster remote file include with hslist.php and conf.php attempt (more info ...) | web-application-attack | 2006-3998 | 19269 | ||
| 20731 | SERVER-WEBAPP TSEP tsep_config absPath parameter PHP remote file include attempt (more info ...) | web-application-attack | 2006-4055 | 19326 | ||
| 20732 | SERVER-WEBAPP Sabdrimer PHP pluginpath remote file include attempt (more info ...) | web-application-attack | 2006-3520 | 18907 | ||
| 20815 | SERVER-WEBAPP Vmist Downstat remote file include in chart.php art (more info ...) | web-application-activity | 2006-4827 | 20007 | ||
| 20816 | SERVER-WEBAPP Vmist Downstat remote file include in admin.php art (more info ...) | web-application-activity | 2006-4827 | 20007 | ||
| 20817 | SERVER-WEBAPP Vmist Downstat remote file include in modes.php art (more info ...) | web-application-activity | 2006-4827 | 20007 | ||
| 20818 | SERVER-WEBAPP Vmist Downstat remote file include in stats.php art (more info ...) | web-application-activity | 2006-4827 | 20007 | ||
| 20827 | SERVER-WEBAPP phpThumb fltr[] parameter remote command execution attempt (more info ...) | attempted-user | 2010-1598 | 39605 | URL | |
| 21555 | MALWARE-OTHER Horde javascript.php href backdoor (more info ...) | trojan-activity | 2012-0209 | URL | ||
| 21670 | SERVER-WEBAPP PHP phpinfo cross site scripting attempt (more info ...) | attempted-user | 2007-1287 | URL | ||
| 21926 | SERVER-WEBAPP Joomla JCE multiple plugin arbitrary PHP file execution attempt (more info ...) | attempted-user | URL | |||
| 21941 | INDICATOR-COMPROMISE Wordpress Request for php file in fgallery directory (more info ...) | web-application-attack | ||||
| 22063 | SERVER-WEBAPP PHP-CGI remote file include attempt (more info ...) | attempted-admin | 2012-2336 | |||
| 22064 | SERVER-WEBAPP PHP-CGI command injection attempt (more info ...) | attempted-admin | 2012-2336 | |||
| 22097 | SERVER-WEBAPP PHP-CGI command injection attempt (more info ...) | attempted-admin | 2012-2336 | |||
| 22917 | INDICATOR-COMPROMISE c99shell.php command request - cmd (more info ...) | policy-violation | URL | |||
| 22918 | INDICATOR-COMPROMISE c99shell.php command request - search (more info ...) | policy-violation | URL | |||
| 22919 | INDICATOR-COMPROMISE c99shell.php command request - upload (more info ...) | policy-violation | URL | |||
| 22920 | INDICATOR-COMPROMISE c99shell.php command request - about (more info ...) | policy-violation | URL | |||
| 22921 | INDICATOR-COMPROMISE c99shell.php command request - encoder (more info ...) | policy-violation | URL | |||
| 22922 | INDICATOR-COMPROMISE c99shell.php command request - bind (more info ...) | policy-violation | URL | |||
| 22923 | INDICATOR-COMPROMISE c99shell.php command request - ps_aux (more info ...) | policy-violation | URL | |||
| 22924 | INDICATOR-COMPROMISE c99shell.php command request - ftpquickbrute (more info ...) | policy-violation | URL | |||
| 22925 | INDICATOR-COMPROMISE c99shell.php command request - security (more info ...) | policy-violation | URL | |||
| 22926 | INDICATOR-COMPROMISE c99shell.php command request - sql (more info ...) | policy-violation | URL | |||
| 22927 | INDICATOR-COMPROMISE c99shell.php command request - eval (more info ...) | policy-violation | URL | |||
| 22928 | INDICATOR-COMPROMISE c99shell.php command request - feedback (more info ...) | policy-violation | URL | |||
| 22929 | INDICATOR-COMPROMISE c99shell.php command request - selfremove (more info ...) | policy-violation | URL | |||
| 22930 | INDICATOR-COMPROMISE c99shell.php command request - fsbuff (more info ...) | policy-violation | URL | |||
| 22931 | INDICATOR-COMPROMISE c99shell.php command request - ls (more info ...) | policy-violation | URL | |||
| 22932 | INDICATOR-COMPROMISE c99shell.php command request - phpinfo (more info ...) | policy-violation | URL | |||
| 22933 | INDICATOR-COMPROMISE c99shell.php command request - tools (more info ...) | policy-violation | URL | |||
| 23057 | MALWARE-CNC Flame malware connection - /view.php (more info ...) | trojan-activity | URL | |||
| 23114 | INDICATOR-OBFUSCATION GIF header with PHP tags - likely malicious (more info ...) | misc-activity | URL | |||
| 23177 | SERVER-WEBAPP Symantec Web Gateway timer.php cross site scripting attempt (more info ...) | web-application-attack | 2012-0296 | 53396 | ||
| 23405 | SERVER-WEBAPP PHP-Nuke index.php SQL injection attempt (more info ...) | web-application-attack | 2007-1061 | 22638 | ||
| 23406 | SERVER-WEBAPP PHP-Nuke index.php SQL injection attempt (more info ...) | web-application-attack | 2007-1061 | 22638 | ||
| 23438 | INDICATOR-COMPROMISE php-shell remote command shell initialization attempt (more info ...) | attempted-admin | ||||
| 23439 | INDICATOR-COMPROMISE php-shell remote command shell upload attempt (more info ...) | attempted-admin | ||||
| 23440 | INDICATOR-COMPROMISE php-shell remote command shell upload attempt (more info ...) | attempted-admin | ||||
| 23441 | INDICATOR-COMPROMISE php-shell remote command shell upload attempt (more info ...) | attempted-admin | ||||
| 23442 | INDICATOR-COMPROMISE php-shell remote command injection attempt (more info ...) | attempted-admin | ||||
| 23443 | INDICATOR-COMPROMISE php-shell failed remote command injection attempt (more info ...) | attempted-admin | ||||
| 23485 | SERVER-WEBAPP Wordpress Invit0r plugin php upload attempt (more info ...) | web-application-attack | 53995 | URL | ||
| 23791 | SERVER-WEBAPP PHP use-after-free in substr_replace attempt (more info ...) | misc-activity | 2011-1148 | |||
| 23792 | SERVER-WEBAPP PHP use-after-free in substr_replace attempt (more info ...) | misc-activity | 2011-1148 | |||
| 23895 | SERVER-WEBAPP PHP truncated crypt function attempt (more info ...) | attempted-admin | 2012-2143 | |||
| 23896 | SERVER-WEBAPP PHP truncated crypt function attempt (more info ...) | attempted-admin | 2012-2143 | |||
| 23934 | SERVER-WEBAPP Symantec Web Gateway blocked.php blind sql injection attempt (more info ...) | attempted-user | 2012-2574 | 54424 | URL | |
| 24060 | SERVER-WEBAPP PHP 5.3.3 mt_rand integer overflow attempt (more info ...) | misc-activity | 2011-0755 | |||
| 24061 | SERVER-WEBAPP PHP 5.3.3 mt_rand integer overflow attempt (more info ...) | misc-activity | 2011-0755 | |||
| 24112 | SERVER-WEBAPP inTouch SQL injection in index.php user attempt (more info ...) | web-application-attack | 2006-0088 | 16110 | ||
| 24391 | INDICATOR-COMPROMISE itsoknoproblembro start php (more info ...) | policy-violation | URL | |||
| 24434 | INDICATOR-COMPROMISE fx29shell.php connection attempt (more info ...) | policy-violation | ||||
| 24502 | SERVER-WEBAPP TikiWiki tiki-graph_formula.php remote php code execution attempt (more info ...) | attempted-admin | 2007-5423 | 26006 | ||
| 24517 | SERVER-WEBAPP F5 Networks FirePass my.activation.php3 state parameter sql injection attempt (more info ...) | attempted-admin | 2012-1777 | URL | ||
| 24561 | SERVER-WEBAPP WordPress XSS fs-admin.php injection attempt (more info ...) | web-application-attack | ||||
| 24804 | SERVER-WEBAPP Invision IP Board PHP unserialize code execution attempt (more info ...) | attempted-admin | 2012-5692 | 56288 | URL | |
| 25063 | SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (more info ...) | attempted-admin | 51860 | URL | ||
| 25064 | SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (more info ...) | attempted-admin | 51860 | URL | ||
| 25236 | SERVER-WEBAPP WikkaWikki php code injection attempt (more info ...) | web-application-attack | 2011-4451 | 50866 | ||
| 25238 | SERVER-WEBAPP OpenX server file upload PHP code execution attempt (more info ...) | attempted-admin | 2009-4098 | 37110 | ||
| 25370 | SERVER-OTHER CakePHP unserialize method vulnerability exploitation attempt (more info ...) | attempted-admin | 2010-4335 | |||
| 25907 | SERVER-WEBAPP PHPmyadmin brute force login attempt - User-Agent User-Agent (more info ...) | trojan-activity | URL | |||
| 26023 | MALWARE-CNC Win.Trojan.Zbot variant in.php outbound connection (more info ...) | trojan-activity | URL | |||
| 26191 | SERVER-WEBAPP MobileCartly arbitrary PHP file upload attempt (more info ...) | attempted-admin | 54970 | |||
| 26314 | SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (more info ...) | attempted-admin | 2008-0506 | |||
| 26315 | SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (more info ...) | attempted-admin | 2008-0506 | |||
| 26316 | SERVER-OTHER Coppermine Photo Gallery picEditor.php command execution attempt (more info ...) | attempted-admin | 2008-0506 | |||
| 26547 | SERVER-WEBAPP phpMyAdmin preg_replace remote code execution attempt (more info ...) | attempted-admin | 2013-3238 | URL | ||
| 26585 | INDICATOR-COMPROMISE config.inc.php in iframe (more info ...) | trojan-activity | URL | |||
| 26593 | SERVER-WEBAPP PHP htmlspecialchars htmlentities function buffer overflow attempt (more info ...) | attempted-admin | 51860 | URL | ||
| 27018 | SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (more info ...) | attempted-admin | 2013-1082 | 60179 | URL | |
| 27019 | SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (more info ...) | attempted-admin | 2013-1082 | 60179 | URL | |
| 27020 | SERVER-WEBAPP Novell ZENworks Mobile Management dusap.php directory traversal attempt (more info ...) | attempted-admin | 2013-1082 | 60179 | URL | |
| 27027 | POLICY-OTHER PHP tag injection in http header attempt (more info ...) | web-application-attack | 2013-1081 | |||
| 27028 | SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (more info ...) | attempted-admin | 2013-1081 | 58402 | URL | |
| 27029 | SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (more info ...) | attempted-admin | 2013-1081 | 58402 | URL | |
| 27030 | SERVER-WEBAPP Novell ZENworks Mobile Management mdm.php directory traversal attempt (more info ...) | attempted-admin | 2013-1081 | 58402 | URL | |
| 27192 | SERVER-WEBAPP DM Albums album.php remote file include attempt (more info ...) | web-application-attack | 2009-2399 | 35521 | ||
| 27196 | SERVER-WEBAPP OpenEngine filepool.php remote file include attempt (more info ...) | web-application-attack | 2008-4791 | 31423 | URL | |
| 27218 | SERVER-WEBAPP Themescript remote file include in CheckUpload.php Language (more info ...) | web-application-attack | 2008-5066 | 31959 | ||
| 27226 | SERVER-WEBAPP DokuWiki PHP file inclusion attempt (more info ...) | web-application-attack | 2009-1960 | 35095 | ||
| 27227 | SERVER-WEBAPP txtSQL startup.php remote file include attempt (more info ...) | attempted-user | 2008-3595 | 30625 | ||
| 27230 | SERVER-WEBAPP Pragyan CMS form.lib.php remove file include attempt (more info ...) | attempted-user | 2008-3207 | 30235 | ||
| 27284 | SERVER-WEBAPP SezHoo remote file include in SezHooTabsAndActions.php (more info ...) | web-application-attack | 31756 | |||
| 27623 | SERVER-OTHER Joomla media.php arbitrary file upload attempt (more info ...) | attempted-admin | 2013-5576 | 61582 | URL | |
| 27667 | SERVER-WEBAPP Joomla media.php file.upload direct administrator access attempt (more info ...) | attempted-admin | 2013-5576 | 61582 | URL | |
| 27752 | SERVER-WEBAPP Neocrome Land Down Under profile.inc.php SQL injection attempt (more info ...) | attempted-user | 2006-6268 | 21227 | URL | |
| 27980 | MALWARE-CNC URI request for known malicious URI - /botnet/adduser.php?uid= (more info ...) | trojan-activity | ||||
| 27981 | MALWARE-CNC URI request for known malicious URI - /botnet/tasks.php?uid= (more info ...) | trojan-activity | ||||
| 28048 | SERVER-WEBAPP GLPI install.php arbitrary code injection attempt (more info ...) | attempted-admin | 2013-5696 | URL | ||
| 28049 | SERVER-WEBAPP GLPI install.php arbitrary code injection attempt (more info ...) | attempted-admin | 2013-5696 | URL | ||
| 28050 | SERVER-WEBAPP GLPI install.php arbitrary code injection attempt (more info ...) | attempted-admin | 2013-5696 | URL | ||
| 28051 | SERVER-WEBAPP GLPI install.php arbitrary code injection attempt (more info ...) | attempted-admin | 2013-5696 | URL | ||
| 28215 | SERVER-WEBAPP vBulletin upgrade.php exploit attempt (more info ...) | attempted-admin | URL | |||
| 28348 | MALWARE-OTHER SimpleTDS - request to go.php (more info ...) | misc-activity | URL | |||
| 28909 | SERVER-WEBAPP OTManager ADM_Pagina.php remote file include attempt (more info ...) | web-application-attack | 2008-5063 | 32235 | ||
| 28910 | SERVER-WEBAPP mcRefer install.php arbitrary PHP code injection attempt (more info ...) | web-application-attack | 2007-1073 | |||
| 28912 | SERVER-WEBAPP Joomla simple RSS reader admin.rssreader.php remote file include attempt (more info ...) | web-application-attack | 2008-5053 | 32265 | ||
| 28957 | SERVER-WEBAPP RSS-aggregator display.php remote file include attempt (more info ...) | attempted-user | 2008-2884 | 29873 | ||
| 29549 | SERVER-WEBAPP PineApp Mail-SeCure test_li_connection.php command injection (more info ...) | attempted-admin | URL | |||
| 29746 | SERVER-WEBAPP Symantec Web Gateway languagetest.php language parameter directory traversal attempt (more info ...) | attempted-admin | 2012-2957 | 54429 | ||
| 29757 | SERVER-WEBAPP Datalife Engine preview.php Remote Code Execution attempt (more info ...) | attempted-user | 2013-1412 | URL | ||
| 30199 | SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (more info ...) | attempted-dos | 2013-6712 | 64018 | URL | |
| 30200 | SERVER-WEBAPP PHP DateInterval heap buffer overread denial of service attempt (more info ...) | attempted-dos | 2013-6712 | 64018 | URL | |
| 30280 | SERVER-WEBAPP FreePBX config.php remote code execution attempt (more info ...) | attempted-admin | 2014-1903 | 65509 | URL | |
| 30294 | SERVER-WEBAPP SePortal poll.php SQL injection attempt (more info ...) | web-application-attack | 2008-5191 | |||
| 30295 | SERVER-WEBAPP SePortal print.php SQL injection attempt (more info ...) | web-application-attack | 2008-5191 | |||
| 30296 | SERVER-WEBAPP SePortal staticpages.php SQL injection attempt (more info ...) | web-application-attack | 2008-5191 | |||
| 30305 | SERVER-WEBAPP Horde Framework variables.php unserialize PHP code execution attempt (more info ...) | attempted-admin | 2014-1691 | 65200 | ||
| 30381 | INDICATOR-SHELLCODE Metasploit payload cmd_unix_reverse_php_ssl (more info ...) | shellcode-detect | ||||
| 30452 | INDICATOR-SHELLCODE Metasploit payload php_bind_perl (more info ...) | shellcode-detect | ||||
| 30453 | INDICATOR-SHELLCODE Metasploit payload php_download_exec (more info ...) | shellcode-detect | ||||
| 30454 | INDICATOR-SHELLCODE Metasploit payload php_exec (more info ...) | shellcode-detect | ||||
| 30455 | INDICATOR-SHELLCODE Metasploit payload php_meterpreter_bind_tcp (more info ...) | shellcode-detect | ||||
| 30456 | INDICATOR-SHELLCODE Metasploit payload php_meterpreter_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30457 | INDICATOR-SHELLCODE Metasploit payload php_reverse_perl (more info ...) | shellcode-detect | ||||
| 30458 | INDICATOR-SHELLCODE Metasploit payload php_reverse_php (more info ...) | shellcode-detect | ||||
| 30459 | INDICATOR-SHELLCODE Metasploit payload php_shell_findsock (more info ...) | shellcode-detect | ||||
| 31360 | SERVER-WEBAPP PHP include parameter remote file include attempt (more info ...) | attempted-user | 2001-1237 | 3397 | ||
| 31362 | SERVER-WEBAPP MiniBB PHP arbitrary remote code execution attempt (more info ...) | attempted-user | 2006-3690 | 18998 | ||
| 31363 | SERVER-WEBAPP MF Piadas admin.php page parameter PHP remote file include attempt (more info ...) | web-application-attack | 2006-3323 | 18679 | ||
| 31364 | SERVER-WEBAPP FlashGameScript index.php func parameter PHP remote file include attempt (more info ...) | web-application-attack | 2007-1078 | 22646 | ||
| 31377 | SERVER-WEBAPP PHP includedir parameter remote file include attempt (more info ...) | web-application-attack | 2007-5014 | 3397 | ||
| 31419 | SERVER-WEBAPP PHPMyAdmin file inclusion arbitrary command execution attempt (more info ...) | web-application-attack | 2001-0478 | 2642 | ||
| 31425 | SERVER-WEBAPP PHP Simple Shop abs_path parameter PHP remote file include attempt (more info ...) | web-application-attack | 2006-4052 | URL | ||
| 31426 | SERVER-WEBAPP Jevontech PHPenpals PersonalID SQL injection attempt (more info ...) | attempted-admin | 2006-0074 | 16109 | ||
| 31460 | SERVER-WEBAPP PHP DNS parsing heap overflow attempt (more info ...) | web-application-attack | 2014-4049 | URL | ||
| 31546 | SERVER-WEBAPP Ultimate PHP Board admin_iplog remote code execution attempt (more info ...) | attempted-user | 2003-0395 | 7678 | ||
| 31565 | SERVER-WEBAPP Flashchat aedatingCMS2.php remote file include attempt (more info ...) | web-application-activity | 2006-4583 | 19826 | ||
| 31566 | SERVER-WEBAPP Flashchat aedatingCMS.php remote file include attempt (more info ...) | web-application-activity | 2006-4583 | 19826 | ||
| 31569 | SERVER-WEBAPP Tiki Wiki 8.3 unserialize PHP remote code execution attempt (more info ...) | web-application-attack | 2012-0911 | 54298 | ||
| 31638 | SERVER-WEBAPP Voodoo Chat index.php remote include path attempt (more info ...) | web-application-attack | 2006-3991 | 19277 | ||
| 31672 | MALWARE-CNC Inbound command to php based DoS bot (more info ...) | trojan-activity | ||||
| 31730 | SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (more info ...) | web-application-attack | 2014-1651 | 67754 | ||
| 31731 | SERVER-WEBAPP Symantec Web Gateway dbutils.php SQL injection attempt (more info ...) | web-application-attack | 2014-1651 | 67754 | ||
| 31886 | SERVER-WEBAPP WebEdition captchaMemory.class PHP code injection attempt (more info ...) | web-application-attack | URL | |||
| 31945 | SERVER-WEBAPP PhpWiki Ploticus plugin command injection attempt (more info ...) | web-application-attack | 2014-5519 | 69444 | ||
| 32014 | SERVER-WEBAPP GetSimpleCMS arbitrary PHP code execution attempt (more info ...) | attempted-admin | ||||
| 32268 | SERVER-WEBAPP PineApp Mail-SeCure confpremenu.php install license command injection attempt (more info ...) | attempted-admin | 61475 | |||
| 32581 | SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (more info ...) | attempted-admin | 2014-7146 | 70993 | ||
| 32582 | SERVER-WEBAPP Mantis Bug Tracker XmlImportExport plugin PHP code injection attempt (more info ...) | attempted-admin | 2014-7146 | 70993 | ||
| 32735 | MALWARE-CNC Win.Trojan.CryptoPHP variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32736 | MALWARE-CNC Win.Trojan.CryptoPHP variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32885 | SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (more info ...) | attempted-admin | 2014-8791 | 71335 | ||
| 32886 | SERVER-WEBAPP Enalean Tuleap PHP unserialize code execution attempt (more info ...) | attempted-admin | 2014-8791 | 71335 | ||
| 32891 | MALWARE-CNC Php.Malware.SoakSoakRedirect Malware traffic containing WordPress Administrator credentials (more info ...) | attempted-user | URL | |||
| 33294 | SERVER-WEBAPP phpBB viewtopic double URL encoding attempt (more info ...) | web-application-attack | 2004-1315 | |||
| 33440 | SERVER-WEBAPP WordPress EasyCart PHP code execution attempt (more info ...) | web-application-attack | 2014-9308 | 71983 | ||
| 33514 | SERVER-WEBAPP WordPress Photo Gallery PHP code execution attempt (more info ...) | attempted-admin | 2014-9312 | |||
| 33632 | SERVER-WEBAPP PHP xmlrpc.php command injection attempt (more info ...) | attempted-admin | 2005-1921 | 14088 | ||
| 33676 | SERVER-WEBAPP Symantec Web Gateway restore.php command injection attempt (more info ...) | web-application-attack | 2014-7285 | 71620 | ||
| 33682 | SERVER-OTHER PHP unserialize use after free attempt (more info ...) | attempted-user | 2014-8142 | |||
| 33683 | SERVER-OTHER PHP unserialize use after free attempt (more info ...) | attempted-user | 2014-8142 | |||
| 33685 | SERVER-OTHER PHPMoAdmin remote code execution attempt (more info ...) | attempted-admin | 2015-2208 | URL | ||
| 33960 | SERVER-OTHER PHP unserialize code execution attempt (more info ...) | attempted-admin | 2015-0231 | |||
| 33961 | SERVER-OTHER PHP unserialize code execution attempt (more info ...) | attempted-admin | 2015-0231 | |||
| 34027 | SERVER-OTHER PHP 4 unserialize ZVAL Reference Counter Overflow attempt (more info ...) | attempted-admin | 2007-1286 | |||
| 34053 | SERVER-OTHER PHP unserialize and __wakeup use after free attempt (more info ...) | attempted-user | 2015-2787 | |||
| 34054 | SERVER-OTHER PHP unserialize and __wakeup use after free attempt (more info ...) | attempted-user | 2015-2787 | |||
| 34123 | SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (more info ...) | web-application-attack | 2015-0273 | 72701 | URL | |
| 34124 | SERVER-WEBAPP PHP php_date.c DateTimeZone data user after free attempt (more info ...) | web-application-attack | 2015-0273 | 72701 | URL | |
| 34213 | SERVER-WEBAPP WordPress overly large password class-phpass.php denial of service attempt (more info ...) | attempted-dos | 2014-9034 | |||
| 34238 | SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (more info ...) | attempted-user | 2015-2331 | |||
| 34239 | SERVER-OTHER PHP zip_cdir_new function integer overflow file upload attempt (more info ...) | attempted-user | 2015-2331 | |||
| 34373 | SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (more info ...) | attempted-user | 2015-2331 | |||
| 34374 | SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (more info ...) | attempted-user | 2015-2331 | |||
| 34375 | SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (more info ...) | attempted-user | 2015-2331 | |||
| 34376 | SERVER-OTHER PHP zip_cdir_new function integer overflow file download attempt (more info ...) | attempted-user | 2015-2331 | |||
| 34623 | SERVER-WEBAPP PHP unserialize function integer overflow attempt (more info ...) | attempted-admin | 2014-3669 | URL | ||
| 34710 | SERVER-OTHER PHP unserialize datetimezone object code execution attempt (more info ...) | attempted-admin | 2015-0273 | |||
| 34951 | SERVER-OTHER PHP DateTime object timezone type confusion attempt (more info ...) | attempted-admin | 2015-0273 | URL | ||
| 34983 | SERVER-WEBAPP PHP SoapClient __call method type confusion attempt (more info ...) | attempted-user | 2015-4147 | URL | ||
| 35006 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 35007 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 35008 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 35009 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 35010 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 35011 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 35040 | SERVER-WEBAPP PHP php_parse_metadata heap corruption attempt (more info ...) | attempted-dos | 2015-3307 | |||
| 35041 | SERVER-WEBAPP PHP php_parse_metadata heap corruption attempt (more info ...) | attempted-dos | 2015-3307 | |||
| 35092 | SERVER-OTHER PHP core compressed file temp_len buffer overflow attempt (more info ...) | attempted-admin | 2015-3329 | |||
| 35093 | SERVER-OTHER PHP core compressed file temp_len buffer overflow attempt (more info ...) | attempted-admin | 2015-3329 | |||
| 35310 | SERVER-WEBAPP Centreon getStats.php command injection attempt (more info ...) | web-application-attack | 2015-1561 | 75605 | ||
| 35311 | SERVER-WEBAPP Centreon getStats.php command injection attempt (more info ...) | web-application-attack | 2015-1561 | 75605 | ||
| 35372 | SERVER-WEBAPP WebUI mainfile.php command injection attempt (more info ...) | web-application-attack | ||||
| 35373 | SERVER-WEBAPP WebUI mainfile.php command injection attempt (more info ...) | web-application-attack | ||||
| 35374 | SERVER-WEBAPP WebUI mainfile.php command injection attempt (more info ...) | web-application-attack | ||||
| 35375 | SERVER-WEBAPP WebUI mainfile.php command injection attempt (more info ...) | web-application-attack | ||||
| 35399 | SERVER-WEBAPP WordPress MailChimp Subscribe Forms PHP Code Execution command injection attempt (more info ...) | web-application-attack | ||||
| 35704 | SERVER-WEBAPP Maarch LetterBox arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2015-1587 | 72621 | ||
| 35846 | SERVER-WEBAPP Navis DocumentCloud WordPress plugin window.php cross site scripting attempt (more info ...) | attempted-user | 2015-2807 | |||
| 35853 | SERVER-WEBAPP PHP exif_ifd_make_value thumbnail heap buffer overflow attempt (more info ...) | attempted-dos | 2014-3670 | |||
| 35854 | SERVER-WEBAPP PHP exif_ifd_make_value thumbnail heap buffer overflow attempt (more info ...) | attempted-dos | 2014-3670 | |||
| 35855 | SERVER-WEBAPP PHP exif_ifd_make_value thumbnail heap buffer overflow attempt (more info ...) | attempted-dos | 2014-3670 | |||
| 35856 | SERVER-WEBAPP PHP exif_ifd_make_value thumbnail heap buffer overflow attempt (more info ...) | attempted-dos | 2014-3670 | |||
| 35940 | SERVER-WEBAPP PHP phar_parse_tarfile method integer overflow attempt (more info ...) | attempted-user | 2015-4021 | 74700 | URL | |
| 36059 | SERVER-WEBAPP PHP CDF file handling infinite loop dos attempt (more info ...) | attempted-dos | 2014-0238 | 67765 | URL | |
| 36261 | SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (more info ...) | attempted-dos | 2014-3587 | 69325 | URL | |
| 36262 | SERVER-WEBAPP PHP fileinfo cdf_read_property_info denial of service attempt (more info ...) | attempted-dos | 2014-3587 | 69325 | URL | |
| 36449 | SERVER-WEBAPP Wordpress xmlrpc.php multiple failed authentication response (more info ...) | web-application-attack | ||||
| 36594 | SERVER-WEBAPP OpenEMR globals.php authentication bypass attempt (more info ...) | attempted-user | 2015-4453 | 75299 | URL | |
| 36595 | SERVER-WEBAPP OpenEMR globals.php authentication bypass attempt (more info ...) | attempted-user | 2015-4453 | 75299 | URL | |
| 36638 | SERVER-WEBAPP WordPress Font Plugin AjaxProxy.php absolute path traversal attempt (more info ...) | attempted-recon | 2015-7683 | |||
| 37038 | SERVER-WEBAPP HumHub index.php from parameter SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 37444 | SERVER-WEBAPP Roundcube Webmail index.php _skin directory traversal attempt (more info ...) | web-application-attack | 2015-8770 | URL | ||
| 37941 | SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 37942 | SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 37943 | SERVER-WEBAPP AlienVault OSSIM a_deployment.php command injection attempt (more info ...) | attempted-admin | URL | |||
| 38012 | SERVER-WEBAPP Alienvault OSSIM graph_geoloc.php SQL injection attempt (more info ...) | web-application-attack | ||||
| 38049 | SERVER-WEBAPP Centreon Web Interface index.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 38236 | SERVER-WEBAPP Wordpress MM Forms community plugin arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2012-3574 | 53852 | ||
| 38371 | SERVER-WEBAPP Bharat Mediratta Gallery PHP file inclusion attempt (more info ...) | attempted-admin | 2002-1412 | 5375 | ||
| 38512 | SERVER-WEBAPP ATutor question_import.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 38513 | SERVER-WEBAPP ATutor question_import.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 38609 | SERVER-WEBAPP pfSense status_rrd_graph_img.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 38675 | SERVER-WEBAPP Sefrengo CMS main.php SQL injection attempt (more info ...) | web-application-attack | 2015-0919 | 71885 | ||
| 38753 | MALWARE-CNC 1.php outbound connection attempt (more info ...) | trojan-activity | ||||
| 38807 | SERVER-WEBAPP PHP-Address remote file include attempt (more info ...) | web-application-attack | 2002-0953 | 5039 | ||
| 39324 | SERVER-WEBAPP Bomgar Remote Support session_complete PHP object injection attempt (more info ...) | web-application-attack | 2015-0935 | 74460 | ||
| 39325 | SERVER-WEBAPP Bomgar Remote Support session_complete PHP object injection attempt (more info ...) | web-application-attack | 2015-0935 | 74460 | ||
| 39353 | SERVER-WEBAPP WolfCMS file_manager arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2015-6568 | URL | ||
| 39363 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler index.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39364 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler index.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39365 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler popup.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39366 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler popup.php command injection attempt (more info ...) | web-application-attack | URL | |||
| 39456 | SERVER-WEBAPP NAS4Free txtPHPCommand remote code execution attempt (more info ...) | attempted-admin | 2013-3631 | 63448 | URL | |
| 39590 | SERVER-WEBAPP TikiWiki elFinder component arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 39662 | SERVER-WEBAPP PHP phar extension remote code execution attempt (more info ...) | attempted-user | 2016-4072 | URL | ||
| 39714 | SERVER-WEBAPP phpFileManager command injection attempt (more info ...) | web-application-attack | URL | |||
| 39715 | SERVER-WEBAPP phpFileManager command injection attempt (more info ...) | web-application-attack | URL | |||
| 39716 | SERVER-WEBAPP phpFileManager command injection attempt (more info ...) | web-application-attack | URL | |||
| 39717 | SERVER-WEBAPP phpFileManager command injection attempt (more info ...) | web-application-attack | URL | |||
| 39733 | SERVER-WEBAPP InBoundio Marketing for Wordpress plugin PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 40038 | SERVER-WEBAPP PHP unserialize var_hash use-after-free attempt (more info ...) | attempted-user | 2016-6290 | URL | ||
| 40046 | SERVER-OTHER PHP locale_accept_from_http out of bounds read attempt (more info ...) | web-application-attack | 2016-6294 | URL | ||
| 40243 | FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (more info ...) | attempted-user | 2016-6292 | URL | ||
| 40244 | FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (more info ...) | attempted-user | 2016-6292 | URL | ||
| 40245 | FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (more info ...) | attempted-user | 2016-6292 | URL | ||
| 40246 | FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (more info ...) | attempted-user | 2016-6292 | URL | ||
| 40247 | FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (more info ...) | attempted-user | 2016-6292 | URL | ||
| 40248 | FILE-IMAGE PHP exif_process_user_comment null pointer dereference attempt (more info ...) | attempted-user | 2016-6292 | URL | ||
| 40256 | SERVER-WEBAPP Idera Up.Time Monitoring Station post2file.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 64031 | |||
| 40294 | FILE-IMAGE PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt (more info ...) | attempted-user | 2016-6291 | URL | ||
| 40295 | FILE-IMAGE PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt (more info ...) | attempted-user | 2016-6291 | URL | ||
| 40296 | FILE-IMAGE PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt (more info ...) | attempted-user | 2016-6291 | URL | ||
| 40297 | FILE-IMAGE PHP exif_process_IFD_in_MAKERNOTE out of bounds read attempt (more info ...) | attempted-user | 2016-6291 | URL | ||
| 41355 | SERVER-WEBAPP WordPress Admin API ajax-actions.php directory traversal attempt (more info ...) | web-application-attack | 2016-6897 | 92573 | ||
| 41383 | SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (more info ...) | attempted-admin | 2016-3078 | URL | ||
| 41384 | SERVER-WEBAPP PHP ZipArchive getFromIndex and getFromName integer overflow attempt (more info ...) | attempted-admin | 2016-3078 | URL | ||
| 41404 | SERVER-WEBAPP Joomla JCE multiple plugin arbitrary PHP file upload attempt (more info ...) | attempted-user | URL | |||
| 41430 | SERVER-WEBAPP PHP unserialize function use after free memory corruption vulnerability attempt (more info ...) | attempted-admin | 2016-7479 | URL | ||
| 41431 | SERVER-WEBAPP PHP unserialize function use after free memory corruption vulnerability attempt (more info ...) | attempted-admin | 2016-7479 | URL | ||
| 41432 | SERVER-WEBAPP PHP unserialize function use after free memory corruption vulnerability attempt (more info ...) | attempted-admin | 2016-7479 | URL | ||
| 41433 | SERVER-WEBAPP PHP unserialize function use after free memory corruption vulnerability attempt (more info ...) | attempted-admin | 2016-7479 | URL | ||
| 41643 | SERVER-WEBAPP Wordpress xmlrpc.php multiple failed authentication response (more info ...) | web-application-attack | ||||
| 41647 | POLICY-OTHER Piwik Analytics Platform PHP plugin installation detected (more info ...) | policy-violation | URL | |||
| 41689 | SERVER-OTHER PHP Exception Handling remote denial of service attempt (more info ...) | attempted-admin | 2016-7478 | |||
| 41690 | SERVER-OTHER PHP Exception Handling remote denial of service attempt (more info ...) | attempted-admin | 2016-7478 | |||
| 41845 | SERVER-WEBAPP pfSense status_rrd_graph_img.php command injection via CSRF attempt (more info ...) | web-application-attack | URL | |||
| 42289 | INDICATOR-SCAN PHP info leak attempt (more info ...) | attempted-recon | URL | |||
| 42451 | SERVER-WEBAPP MCA Sistemas ScadaBR index.php brute force login attempt (more info ...) | web-application-attack | URL | |||
| 43066 | SERVER-WEBAPP Trend Micro Control Manager importFile.php directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 43244 | SERVER-WEBAPP Active Calendar showcode.php directory traversal attempt (more info ...) | web-application-attack | 2007-1110 | |||
| 43245 | SERVER-WEBAPP Active Calendar showcode.php directory traversal attempt (more info ...) | web-application-attack | 2007-1110 | |||
| 43246 | SERVER-WEBAPP Active Calendar showcode.php directory traversal attempt (more info ...) | web-application-attack | 2007-1110 | |||
| 43329 | SERVER-WEBAPP AssetMan download_pdf.php directory traversal attempt (more info ...) | web-application-attack | 2007-1427 | |||
| 43330 | SERVER-WEBAPP AssetMan download_pdf.php directory traversal attempt (more info ...) | web-application-attack | 2007-1427 | |||
| 43331 | SERVER-WEBAPP AssetMan download_pdf.php directory traversal attempt (more info ...) | web-application-attack | 2007-1427 | |||
| 43365 | SERVER-WEBAPP Wordpress Complete Gallery Manager arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2013-5962 | |||
| 43653 | SERVER-WEBAPP Pheap edit.php directory traversal attempt (more info ...) | web-application-attack | 2007-1140 | |||
| 43654 | SERVER-WEBAPP Pheap edit.php directory traversal attempt (more info ...) | web-application-attack | 2007-1140 | |||
| 43655 | SERVER-WEBAPP Pheap edit.php directory traversal attempt (more info ...) | web-application-attack | 2007-1140 | |||
| 43668 | SERVER-WEBAPP PHP core unserialize use after free attempt (more info ...) | attempted-user | 2014-8142 | |||
| 43680 | SERVER-WEBAPP phpSecurePages secure.php remote file include attempt (more info ...) | web-application-attack | 2001-1468 | |||
| 43681 | SERVER-WEBAPP phpSecurePages secure.php remote file include attempt (more info ...) | web-application-attack | 2001-1468 | |||
| 43691 | SERVER-WEBAPP Ultimate Fun Book function.php remote file include attempt (more info ...) | web-application-attack | 2007-1059 | |||
| 43718 | SERVER-WEBAPP Site-Assistant menu.php remote file include attempt (more info ...) | web-application-attack | 2007-0867 | 22467 | ||
| 43719 | SERVER-WEBAPP Site-Assistant menu.php remote file include attempt (more info ...) | web-application-attack | 2007-0867 | 22467 | ||
| 43756 | SERVER-WEBAPP Coppermine Photo Gallery thumbnails.php SQL injection attempt (more info ...) | web-application-attack | 2007-1107 | 22709 | ||
| 44001 | SERVER-WEBAPP PHP malformed quoted printable denial of service attempt (more info ...) | denial-of-service | 2013-2110 | |||
| 44390 | SERVER-WEBAPP PHP form-based file upload DoS attempt (more info ...) | denial-of-service | 2015-4024 | |||
| 44644 | SERVER-WEBAPP pSys index.php shownews parameter SQL injection attempt (more info ...) | web-application-attack | 2008-5269 | |||
| 44645 | SERVER-WEBAPP pSys index.php shownews parameter SQL injection attempt (more info ...) | web-application-attack | 2008-5269 | |||
| 44744 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 44745 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 44746 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 44747 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 44748 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 44749 | SERVER-WEBAPP PHP unserialize call SPL ArrayObject and SPLObjectStorage memory corruption attempt (more info ...) | attempted-user | 2014-3515 | |||
| 44765 | SERVER-WEBAPP CMS Made Simple addgroup.php cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 44766 | SERVER-WEBAPP CMS Made Simple addgroup.php cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 44975 | MALWARE-CNC Php.Dropper.Mayhem variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45372 | SERVER-WEBAPP Trend Micro Smart Protection Server admin_update_program.php command injection attempt (more info ...) | web-application-attack | 2017-14094 | 102275 | URL | |
| 45406 | SERVER-WEBAPP Possible Phpmyadmin CSRF exploitation attempt (more info ...) | policy-violation | 2017-1000499 | |||
| 45456 | SERVER-WEBAPP Samsung SRN-1670D network_ssl_upload.php arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2017-16524 | URL | ||
| 45457 | SERVER-WEBAPP Samsung SRN-1670D cslog_export.php arbitrary file read attempt (more info ...) | attempted-recon | 2015-8279 | URL | ||
| 45676 | SERVER-WEBAPP PHP php_mime_split multipart file upload buffer overflow attempt (more info ...) | attempted-user | 2002-0081 | |||
| 45768 | SERVER-WEBAPP PHP unserialize integer overflow attempt (more info ...) | attempted-admin | 2017-5340 | 95371 | ||
| 45769 | SERVER-WEBAPP PHP unserialize integer overflow attempt (more info ...) | attempted-admin | 2017-5340 | 95371 | ||
| 45914 | INDICATOR-COMPROMISE PHP phpinfo command execution attempt (more info ...) | web-application-attack | ||||
| 45915 | INDICATOR-COMPROMISE PHP obfuscated eval command execution attempt (more info ...) | web-application-attack | URL | |||
| 45916 | INDICATOR-COMPROMISE PHP shell_exec command execution attempt (more info ...) | web-application-attack | ||||
| 46315 | SERVER-WEBAPP Joomla restore.php PHP object injection attempt (more info ...) | web-application-attack | 2014-7228 | |||
| 46340 | SERVER-WEBAPP Akeeba Kickstart restoration.php reconnaissance attempt (more info ...) | web-application-attack | 2014-7229 | |||
| 46347 | SERVER-WEBAPP MediaWiki index.php rs cross site scripting attempt (more info ...) | attempted-user | 2007-0177 | |||
| 46469 | SERVER-WEBAPP PHP unserialize integer overflow attempt (more info ...) | attempted-admin | 2017-5340 | 95371 | ||
| 46470 | SERVER-WEBAPP PHP unserialize integer overflow attempt (more info ...) | attempted-admin | 2017-5340 | 95371 | ||
| 46808 | SERVER-WEBAPP PHP .phar cross site scripting attempt (more info ...) | attempted-user | 2018-5712 | 104020 | ||
| 47045 | SERVER-WEBAPP phpMyAdmin preg_replace null byte injection attempt (more info ...) | web-application-attack | 2016-5734 | URL | ||
| 47046 | SERVER-WEBAPP phpMyAdmin preg_replace null byte injection attempt (more info ...) | web-application-attack | 2016-5734 | URL | ||
| 47155 | SERVER-WEBAPP PHP unserialize integer overflow attempt (more info ...) | attempted-admin | 2017-5340 | 95371 | ||
| 47156 | SERVER-WEBAPP PHP unserialize integer overflow attempt (more info ...) | attempted-admin | 2017-5340 | 95371 | ||
| 47207 | SERVER-WEBAPP PHP phar extension remote code execution attempt (more info ...) | attempted-user | 2016-4072 | URL | ||
| 47537 | SERVER-WEBAPP Bacula-Web client-report.php SQL injection attempt (more info ...) | web-application-attack | 2017-15367 | |||
| 47538 | SERVER-WEBAPP Bacula-Web jobs.php SQL injection attempt (more info ...) | web-application-attack | 2017-15367 | |||
| 47539 | SERVER-WEBAPP Bacula-Web jobs.php SQL injection attempt (more info ...) | web-application-attack | 2017-15367 | |||
| 47540 | SERVER-WEBAPP Bacula-Web client-report.php SQL injection attempt (more info ...) | web-application-attack | 2017-15367 | |||
| 47768 | SERVER-WEBAPP ClipBucket beats_uploader arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2018-7665 | |||
| 47769 | SERVER-WEBAPP ClipBucket photo_uploader arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2018-7665 | |||
| 47770 | SERVER-WEBAPP ClipBucket edit_account arbitrary PHP file upload attempt (more info ...) | attempted-admin | 2018-7665 | |||
| 48029 | SERVER-MAIL PHPMailer information disclosure attempt (more info ...) | attempted-recon | 2017-5223 | URL | ||
| 48486 | SERVER-WEBAPP Wordpress Portable phpMyAdmin plugin authentication bypass attempt (more info ...) | web-application-attack | 2012-5469 | URL | ||
| 49184 | INDICATOR-COMPROMISE PEAR Archive_Tar PHP object injection attempt (more info ...) | web-application-attack | 2018-1000888 | URL | ||
| 49185 | INDICATOR-COMPROMISE PEAR Archive_Tar PHP object injection attempt (more info ...) | web-application-attack | 2018-1000888 | URL | ||
| 49207 | MALWARE-CNC PHP.PEAR.Backdoor malicious script download attempt (more info ...) | trojan-activity | URL | |||
| 49208 | MALWARE-CNC PHP.PEAR.Backdoor malicious script download attempt (more info ...) | trojan-activity | URL | |||
| 50171 | MALWARE-CNC Php.Webshell.Backdoor inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51138 | SERVER-WEBAPP PHP phpinfo function cross site scripting attempt (more info ...) | web-application-attack | ||||
| 51139 | SERVER-WEBAPP PHP phpinfo function cross site scripting attempt (more info ...) | web-application-attack | ||||
| 51239 | SERVER-OTHER PHP-Proxy local file include attempt (more info ...) | web-application-attack | 2018-19246 | |||
| 51262 | SERVER-WEBAPP TinyPHPForum action.php cross site scripting attempt (more info ...) | attempted-user | 2006-0102 | |||
| 51263 | SERVER-WEBAPP TinyPHPForum action.php cross site scripting attempt (more info ...) | attempted-user | 2006-0102 | |||
| 51273 | SERVER-WEBAPP Modx Revolution PHP code injection attempt (more info ...) | web-application-attack | 2018-1000207 | URL | ||
| 51274 | SERVER-WEBAPP Modx Revolution PHP code injection attempt (more info ...) | web-application-attack | 2018-1000207 | URL | ||
| 51278 | SERVER-WEBAPP SolusLabs SolusVM centralbackup.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 51279 | SERVER-WEBAPP SolusLabs SolusVM centralbackup.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 51280 | SERVER-WEBAPP SolusLabs SolusVM centralbackup.php SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 51923 | INDICATOR-OBFUSCATION Possible PHP eval backdoor upload attempt (more info ...) | web-application-attack | URL | |||
| 52265 | SERVER-WEBAPP phpMyAdmin delete server cross-site request forgery attempt (more info ...) | web-application-attack | 2019-12922 | |||
| 52266 | SERVER-WEBAPP phpMyAdmin direct access server deletion attempt (more info ...) | web-application-attack | 2019-12922 | |||
| 52267 | SERVER-WEBAPP phpMyAdmin delete server cross-site request forgery attempt (more info ...) | web-application-attack | 2019-12922 | |||
| 52454 | SERVER-WEBAPP PHP malformed quoted printable denial of service attempt (more info ...) | denial-of-service | 2013-2110 | |||
| 53120 | SERVER-WEBAPP Wordpress DreamworkGallery plugin arbitrary PHP file upload attempt (more info ...) | web-application-attack | URL | |||
| 53649 | INDICATOR-COMPROMISE PHP eval command execution attempt (more info ...) | web-application-attack | ||||
| 55648 | INDICATOR-SCAN Drupal PHP remote debug attempt (more info ...) | web-application-activity | ||||
| 57415 | SERVER-WEBAPP Adobe Magento DownloadCss.php cross site scripting attempt (more info ...) | attempted-user | 2021-21029 | |||
| 57578 | SERVER-OTHER PHP DateTime object timezone type confusion attempt (more info ...) | attempted-admin | 2015-0273 | URL | ||
| 57942 | MALWARE-CNC Php.Webshell.C99 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57943 | MALWARE-CNC Php.Webshell.C99 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57944 | MALWARE-CNC Php.Webshell.C99 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57945 | MALWARE-CNC Php.Webshell.C99 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57946 | MALWARE-CNC Php.Webshell.C99 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57947 | MALWARE-CNC Php.Webshell.C99 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58334 | SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance arbitrary PHP file upload attempt (more info ...) | attempted-admin | ||||
| 58652 | SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Editscript PHP code injection attempt (more info ...) | web-application-attack | ||||
| 58653 | SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Editscript PHP code injection attempt (more info ...) | web-application-attack | ||||
| 58702 | MALWARE-CNC Php.Webshell.PhpJackal outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58963 | SERVER-WEBAPP Aviatrix Controller PHP file injection attempt (more info ...) | web-application-attack | 2021-40870 | |||
| 58964 | SERVER-WEBAPP Aviatrix Controller PHP file injection attempt (more info ...) | web-application-attack | 2021-40870 | |||
| 58965 | SERVER-WEBAPP Aviatrix Controller PHP file injection attempt (more info ...) | web-application-attack | 2021-40870 | |||
| 59024 | MALWARE-CNC Php.Webshell.Antichat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59035 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59037 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59038 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59039 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59040 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59041 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59042 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59043 | MALWARE-OTHER Php.Webshell.AK74 inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59091 | MALWARE-OTHER Php.Webshell.Azrail inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59219 | MALWARE-OTHER Php.Webshell.C99Madnet inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59259 | MALWARE-OTHER Php.Webshell.Bypass inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59266 | MALWARE-OTHER Php.Webshell.C0ders inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59536 | SERVER-WEBAPP YouPHPTube getSpiritsFromVideo.php command injection attempt (more info ...) | web-application-attack | 2019-5129 | URL | ||
| 59617 | PROTOCOL-DNS PHP dns_get_record out of bounds read attempt (more info ...) | attempted-user | 2019-9022 | |||
| 59699 | SERVER-WEBAPP Magento PHP object injection attempt (more info ...) | web-application-attack | 2016-4010 | |||
| 59859 | PROTOCOL-DNS PHP dns_get_record out of bounds read attempt (more info ...) | attempted-user | 2019-9022 | |||
| 60337 | MALWARE-CNC Php.Webshell.DiveShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60338 | MALWARE-CNC Php.Webshell.DiveShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60401 | MALWARE-CNC Php.Webshell.DToolPro inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60402 | MALWARE-CNC Php.Webshell.DToolPro outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60496 | MALWARE-CNC Php.Webshell.Exoshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60497 | MALWARE-CNC Php.Webshell.Exoshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60498 | MALWARE-CNC Php.Webshell.Exoshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60632 | SERVER-WEBAPP WordPress Property Plugin arbitrary PHP file upload attempt (more info ...) | attempted-admin | URL | |||
| 60825 | MALWARE-CNC Php.Webshell.GReatPost inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61043 | MALWARE-CNC Php.Webshell.H4ntu outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61083 | MALWARE-CNC Php.Webshell.IronShell outbound connection (more info ...) | trojan-activity | URL | |||
| 61435 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61436 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61437 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61438 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61439 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61440 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61441 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61442 | MALWARE-OTHER Php.Webshell.Generic file delivery attempt (more info ...) | attempted-user | ||||
| 61493 | MALWARE-CNC Php.Webshell.Agent outbound connection (more info ...) | trojan-activity | URL | |||
| 61494 | MALWARE-CNC Php.Webshell.Agent outbound connection (more info ...) | trojan-activity | URL | |||
| 62057 | MALWARE-CNC Php.Webshell.AntSword inbound connection (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1547 | SERVER-WEBAPP csSearch.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 2002-0495 | 4368 | 10924 | |
| 1548 | SERVER-WEBAPP csSearch.cgi access (more info ...) | web-application-activity | 2002-0495 | 4368 | 10924 | |
| 13161 | SERVER-OTHER HP OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2008-0067 | 26741 | ||
| 13656 | SERVER-WEBAPP Cisco Secure Access Control Server UCP Application CSuserCGI.exe buffer overflow attempt (more info ...) | attempted-admin | 2008-0532 | 28222 | URL | |
| 15510 | SERVER-OTHER Trend Micro OfficeScan Server cgiRecvFile overflow attempt (more info ...) | attempted-admin | 2008-2437 | 31139 | ||
| 15908 | SERVER-WEBAPP Trend Micro OfficeScan multiple CGI modules HTTP form processing buffer overflow attempt (more info ...) | attempted-admin | 2008-3862 | |||
| 16674 | SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2011-3167 | |||
| 18579 | SERVER-WEBAPP HP OpenView Network Node Manager OpenView5 CGI buffer overflow attempt (more info ...) | attempted-user | 2008-0067 | 33147 | ||
| 19137 | SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI ICount parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1554 | |||
| 19138 | SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI hostname parameter buffer overflow attempt (more info ...) | attempted-admin | 2010-1555 | 40072 | URL | |
| 19139 | SERVER-WEBAPP HP OpenView NNM getnnmdata.exe CGI MaxAge parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1553 | |||
| 19140 | SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1552 | |||
| 20177 | SERVER-WEBAPP HP OpenView NNM ovlogin.exe CGI Host parameter buffer overflow attempt (more info ...) | attempted-user | 2009-4180 | URL | ||
| 20240 | SERVER-WEBAPP HP OpenView NNM nnmRptConfig.exe CGI Host parameter buffer overflow attempt (more info ...) | attempted-user | 2009-3848 | URL | ||
| 20241 | SERVER-WEBAPP HP OpenView NNM snmp.exe CGI Host parameter buffer overflow attempt (more info ...) | attempted-user | 2009-3849 | URL | ||
| 21850 | MALWARE-OTHER TDS Sutra - request hi.cgi (more info ...) | trojan-activity | URL | |||
| 24693 | SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2011-3167 | |||
| 26275 | SERVER-WEBAPP DD-WRT httpd cgi-bin remote command execution attempt (more info ...) | attempted-admin | 2016-6277 | 94819 | ||
| 28052 | SERVER-WEBAPP Linksys WRT110 ping.cgi remote command execution attempt (more info ...) | attempted-admin | 2013-3568 | 61151 | ||
| 29401 | SERVER-WEBAPP Netgear DGN1000B setup.cgi parameter code execution attempt (more info ...) | attempted-user | 57836 | |||
| 29402 | SERVER-WEBAPP Netgear DGN1000B setup.cgi parameter code execution attempt (more info ...) | attempted-user | 57836 | |||
| 29403 | SERVER-WEBAPP Netgear DGN1000B setup.cgi cross site scripting attempt (more info ...) | web-application-attack | 57836 | |||
| 29502 | SERVER-WEBAPP HP OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2011-3167 | |||
| 29511 | SERVER-WEBAPP HP OpenView NNM jovgraph.exe CGI hostname parameter bugger overflow attempt (more info ...) | attempted-user | 2010-1555 | |||
| 29992 | SERVER-WEBAPP Linksys WRT120N tmUnblock.cgi TM_Block_URL parameter fprintf stack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 31148 | SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (more info ...) | attempted-admin | 2013-3621 | |||
| 31149 | SERVER-WEBAPP Supermicro Intelligent Management Controller login.cgi buffer overflow attempt (more info ...) | attempted-admin | 2013-3621 | |||
| 31210 | SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (more info ...) | attempted-admin | 2013-3623 | 63775 | ||
| 31211 | SERVER-WEBAPP Supermicro Intelligent Management Controller close_window.cgi buffer overflow attempt (more info ...) | attempted-admin | 2013-3623 | 63775 | ||
| 31375 | SERVER-WEBAPP Hp OpenView CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2011-3166 | URL | ||
| 31975 | OS-OTHER Bash CGI environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 31977 | OS-OTHER Bash CGI environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 31978 | OS-OTHER Bash CGI environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32047 | OS-OTHER Bash CGI nested loops word_lineno denial of service attempt (more info ...) | attempted-dos | 2014-7187 | URL | ||
| 32049 | OS-OTHER Bash CGI nested loops word_lineno denial of service attempt (more info ...) | attempted-dos | 2014-7187 | URL | ||
| 33984 | SERVER-WEBAPP D-Link DNS-345 Network Storage System system_mgr.cgi command injection attempt (more info ...) | web-application-attack | 2014-2691 | |||
| 34220 | SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (more info ...) | web-application-attack | ||||
| 34221 | SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (more info ...) | web-application-attack | ||||
| 34222 | SERVER-WEBAPP Barracuda Networks Web Filter index.cgi command injection attempt (more info ...) | web-application-attack | ||||
| 35356 | SERVER-WEBAPP AirLink101 SkyIPCam snwrite.cgi command injection attempt (more info ...) | web-application-attack | 2015-2280 | 75597 | ||
| 35357 | SERVER-WEBAPP AirLink101 SkyIPCam snwrite.cgi command injection attempt (more info ...) | web-application-attack | 2015-2280 | 75597 | ||
| 36030 | SERVER-WEBAPP Synology Video Station subtitle.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 36031 | SERVER-WEBAPP Synology Video Station subtitle.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 36032 | SERVER-WEBAPP Synology Video Station subtitle.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 36033 | SERVER-WEBAPP Synology Video Station subtitle.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 36041 | SERVER-WEBAPP Synology Video Station watchstatus.cgi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36042 | SERVER-WEBAPP Synology Video Station watchstatus.cgi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36043 | SERVER-WEBAPP Synology Video Station watchstatus.cgi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36049 | SERVER-WEBAPP Synology Video Station audiotrack.cgi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36050 | SERVER-WEBAPP Synology Video Station audiotrack.cgi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36051 | SERVER-WEBAPP Synology Video Station audiotrack.cgi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36178 | SERVER-WEBAPP Endian Firewall Proxy chpasswd.cgi command injection attempt (more info ...) | web-application-attack | 2015-5082 | |||
| 36181 | SERVER-WEBAPP Endian Firewall Proxy chpasswd.cgi command injection attempt (more info ...) | web-application-attack | 2015-5082 | |||
| 37427 | SERVER-WEBAPP IP Camera /cgi-bin/admin/servetest command injection attempt (more info ...) | web-application-attack | 2013-2578 | |||
| 37428 | SERVER-WEBAPP IP Camera /cgi-bin/admin/servetest command injection attempt (more info ...) | web-application-attack | 2013-2578 | |||
| 37429 | SERVER-WEBAPP IP Camera /cgi-bin/admin/servetest command injection attempt (more info ...) | web-application-attack | 2013-2578 | |||
| 37430 | SERVER-WEBAPP IP Camera /cgi-bin/admin/servetest command injection attempt (more info ...) | web-application-attack | 2013-2578 | |||
| 37439 | SERVER-WEBAPP Cisco UCS Manager getkvmurl.cgi command injection attempt (more info ...) | web-application-attack | 2015-6435 | URL | ||
| 37440 | SERVER-WEBAPP Cisco UCS Manager getkvmurl.cgi command injection attempt (more info ...) | web-application-attack | 2015-6435 | URL | ||
| 37492 | SERVER-WEBAPP Cisco RV220 platform.cgi SQL injection attempt (more info ...) | web-application-attack | 2015-6319 | URL | ||
| 38269 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_system command injection attempt (more info ...) | attempted-admin | URL | |||
| 39790 | SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi command injection attempt (more info ...) | web-application-attack | 2016-1430 | URL | ||
| 39791 | SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi command injection attempt (more info ...) | web-application-attack | 2016-1430 | URL | ||
| 39792 | SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi command injection attempt (more info ...) | web-application-attack | 2016-1430 | URL | ||
| 39793 | SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi directory traversal attempt (more info ...) | web-application-attack | 2016-1429 | URL | ||
| 39794 | SERVER-WEBAPP Cisco RV180 VPN Router platform.cgi directory traversal attempt (more info ...) | web-application-attack | 2016-1429 | URL | ||
| 39897 | SERVER-WEBAPP Cisco FirePOWER Management Center sajaxintf.cgi command injection attempt (more info ...) | attempted-admin | 2016-1457 | URL | ||
| 39898 | SERVER-WEBAPP Cisco FirePOWER Management Center pjb.cgi privilege escalation attempt (more info ...) | attempted-admin | 2016-1458 | URL | ||
| 39978 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_main command injection attempt (more info ...) | attempted-admin | 2016-5679 | URL | ||
| 39979 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_main command injection attempt (more info ...) | attempted-admin | 2016-5679 | URL | ||
| 39980 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_main command injection attempt (more info ...) | attempted-admin | 2016-5679 | URL | ||
| 39981 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_main stack buffer overflow attempt (more info ...) | attempted-admin | 2016-5680 | URL | ||
| 39982 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_main stack buffer overflow attempt (more info ...) | attempted-admin | 2016-5680 | URL | ||
| 40447 | SERVER-WEBAPP Avtech IP Camera search.cgi command injection attempt (more info ...) | attempted-admin | URL | |||
| 40448 | SERVER-WEBAPP Avtech IP Camera search.cgi command injection attempt (more info ...) | attempted-admin | URL | |||
| 40994 | SERVER-WEBAPP Sony IPELA IP Cameras prima-factory.cgi telnet backdoor access attempt (more info ...) | attempted-admin | URL | |||
| 41032 | SERVER-WEBAPP Trend Micro hotfix_upload.cgi command injection attempt (more info ...) | web-application-attack | 2016-8588 | 91229 | URL | |
| 41504 | SERVER-WEBAPP Netgear passwordrecovered.cgi insecure admin password disclosure attempt (more info ...) | attempted-recon | 2017-5521 | 95457 | URL | |
| 41652 | SERVER-WEBAPP Geutebruck IP Camera testaction.cgi command injection attempt (more info ...) | web-application-attack | 2017-5174 | URL | ||
| 41653 | SERVER-WEBAPP Geutebruck IP Camera testaction.cgi command injection attempt (more info ...) | web-application-attack | 2017-5174 | URL | ||
| 41654 | SERVER-WEBAPP Geutebruck IP Camera testaction.cgi command injection attempt (more info ...) | web-application-attack | 2017-5174 | URL | ||
| 41693 | SERVER-WEBAPP Avtech IP Camera adcommand.cgi command execution attempt (more info ...) | attempted-admin | URL | |||
| 41694 | SERVER-WEBAPP Avtech IP Camera pwdgrp.cgi command injection attempt (more info ...) | attempted-admin | URL | |||
| 41695 | SERVER-WEBAPP Avtech IP Camera pwdgrp.cgi command injection attempt (more info ...) | attempted-admin | URL | |||
| 41696 | SERVER-WEBAPP Avtech IP Camera cloudsetup.cgi command execution attempt (more info ...) | attempted-admin | URL | |||
| 41697 | SERVER-WEBAPP Avtech IP Camera machine.cgi information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 41698 | SERVER-WEBAPP Netgear DGN2200 ping.cgi command injection attempt (more info ...) | web-application-attack | 2017-6077 | URL | ||
| 41699 | SERVER-WEBAPP Netgear DGN2200 ping.cgi command injection attempt (more info ...) | web-application-attack | 2017-6077 | URL | ||
| 41700 | SERVER-WEBAPP Netgear DGN2200 ping.cgi command injection attempt (more info ...) | web-application-attack | 2017-6077 | URL | ||
| 41748 | SERVER-WEBAPP Netgear DGN2200 dnslookup.cgi command injection attempt (more info ...) | web-application-attack | 2017-6334 | |||
| 41749 | SERVER-WEBAPP Netgear DGN2200 dnslookup.cgi command injection attempt (more info ...) | web-application-attack | 2017-6334 | |||
| 41750 | SERVER-WEBAPP Netgear DGN2200 dnslookup.cgi command injection attempt (more info ...) | web-application-attack | 2017-6334 | |||
| 41751 | SERVER-WEBAPP Netgear DGN2200 dnslookup.cgi command injection attempt (more info ...) | web-application-attack | 2017-6334 | |||
| 42048 | SERVER-WEBAPP dnaLIMS sysAdmin.cgi arbitrary command execution attempt (more info ...) | attempted-admin | 2017-6526 | 96823 | URL | |
| 42078 | SERVER-WEBAPP Foscam cgiproxy.fcgi stack buffer overflow attempt (more info ...) | attempted-admin | 2017-2805 | URL | ||
| 42234 | SERVER-WEBAPP QNAP NAS authLogin.cgi command injection attempt (more info ...) | attempted-admin | 2017-6361 | 97059 | URL | |
| 42236 | SERVER-WEBAPP QNAP NAS userConfig.cgi command injection attempt (more info ...) | web-application-attack | 2017-6360 | 97059 | URL | |
| 42237 | SERVER-WEBAPP QNAP NAS userConfig.cgi command injection attempt (more info ...) | web-application-attack | 2017-6360 | 97059 | URL | |
| 42238 | SERVER-WEBAPP QNAP NAS userConfig.cgi command injection attempt (more info ...) | web-application-attack | 2017-6360 | 97059 | URL | |
| 42239 | SERVER-WEBAPP QNAP NAS utilRequest.cgi command injection attempt (more info ...) | web-application-attack | 2017-6359 | 97059 | URL | |
| 42240 | SERVER-WEBAPP QNAP NAS utilRequest.cgi command injection attempt (more info ...) | web-application-attack | 2017-6359 | 97059 | URL | |
| 42241 | SERVER-WEBAPP QNAP NAS utilRequest.cgi command injection attempt (more info ...) | web-application-attack | 2017-6359 | 97059 | URL | |
| 42327 | SERVER-WEBAPP Cpanel cgiemail format string code execution attempt (more info ...) | attempted-user | 2017-5613 | 95870 | URL | |
| 42328 | SERVER-WEBAPP Cpanel cgiemail format string code execution attempt (more info ...) | attempted-user | 2017-5613 | 95870 | URL | |
| 42333 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance admin_sys_time.cgi command injection attempt (more info ...) | web-application-attack | 2016-7547 | 97610 | ||
| 42334 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance admin_sys_time.cgi command injection attempt (more info ...) | web-application-attack | 2016-7547 | 97610 | ||
| 42335 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance admin_sys_time.cgi command injection attempt (more info ...) | web-application-attack | 2016-7547 | 97610 | ||
| 42336 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance logoff.cgi directory traversal attempt (more info ...) | web-application-attack | 2016-7552 | 97599 | ||
| 42382 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance detected_potential_files.cgi command injection attempt (more info ...) | web-application-attack | 2016-8586 | |||
| 42383 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance detected_potential_files.cgi command injection attempt (more info ...) | web-application-attack | 2016-8586 | |||
| 42384 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance detected_potential_files.cgi command injection attempt (more info ...) | web-application-attack | 2016-8586 | |||
| 42407 | SERVER-WEBAPP WePresent WiPG rdfs.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 42408 | SERVER-WEBAPP WePresent WiPG rdfs.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 42409 | SERVER-WEBAPP WePresent WiPG rdfs.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 42431 | SERVER-WEBAPP Foscam IP Video Camera CGIProxy.fcgi query append buffer overflow attempt (more info ...) | web-application-attack | 2017-2831 | URL | ||
| 42955 | SERVER-WEBAPP Trend Micro Threat Discovery Appliance upload.cgi directory traversal attempt (more info ...) | web-application-attack | 2016-8593 | |||
| 44453 | SERVER-WEBAPP D-Link hedwig.cgi NTP service configuration command injection attempt (more info ...) | attempted-recon | URL | |||
| 44454 | SERVER-WEBAPP D-Link hedwig.cgi directory traversal attempt (more info ...) | attempted-recon | URL | |||
| 44490 | SERVER-WEBAPP ZyXEL Router Firmware qos_queue_add.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 44491 | SERVER-WEBAPP ZyXEL Router Firmware qos_queue_add.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 44492 | SERVER-WEBAPP ZyXEL Router Firmware qos_queue_add.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 44494 | SERVER-WEBAPP Faleemi IP Cameras ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 44495 | SERVER-WEBAPP Faleemi IP Cameras ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 44496 | SERVER-WEBAPP Faleemi IP Cameras ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 44614 | SERVER-WEBAPP D-Link soap.cgi service command injection attempt (more info ...) | web-application-attack | 2018-6530 | |||
| 44671 | SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1552 | |||
| 44672 | SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1552 | |||
| 44673 | SERVER-WEBAPP HP OpenView NNM snmpviewer.exe CGI parameter buffer overflow attempt (more info ...) | attempted-user | 2010-1552 | |||
| 45218 | SERVER-WEBAPP Embedthis GoAhead CGI information disclosure attempt (more info ...) | attempted-recon | 2017-17562 | |||
| 45407 | SERVER-WEBAPP Western Digital MyCloud nas_sharing.cgi backdoor account access attempt (more info ...) | web-application-attack | URL | |||
| 45408 | SERVER-WEBAPP Western Digital MyCloud nas_sharing.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 45409 | SERVER-WEBAPP Western Digital MyCloud nas_sharing.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 45410 | SERVER-WEBAPP Western Digital MyCloud nas_sharing.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 45526 | SERVER-WEBAPP AsusWRT vpnupload.cgi unauthenticated NVRAM configuration modification attempt (more info ...) | attempted-admin | 2018-6000 | |||
| 45621 | SERVER-WEBAPP Cisco UCS Central recvbackup.cgi command injection attempt (more info ...) | web-application-attack | 2018-0113 | URL | ||
| 45622 | SERVER-WEBAPP Cisco UCS Central recvbackup.cgi command injection attempt (more info ...) | web-application-attack | 2018-0113 | URL | ||
| 46160 | SERVER-WEBAPP Western Digital MyCloud home_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46161 | SERVER-WEBAPP Western Digital MyCloud home_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46162 | SERVER-WEBAPP Western Digital MyCloud home_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46735 | SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46736 | SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46737 | SERVER-WEBAPP D-Link DSL-2750B routers login.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46758 | SERVER-WEBAPP D-Link DNS-325 ShareCenter photocenter_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46759 | SERVER-WEBAPP D-Link DNS-325 ShareCenter photocenter_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46760 | SERVER-WEBAPP D-Link DNS-325 ShareCenter photocenter_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46799 | SERVER-WEBAPP Western Digital MyCloud snmp_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46800 | SERVER-WEBAPP Western Digital MyCloud snmp_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46801 | SERVER-WEBAPP Western Digital MyCloud snmp_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46814 | SERVER-WEBAPP Western Digital MyCloud login_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46815 | SERVER-WEBAPP Western Digital MyCloud login_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46816 | SERVER-WEBAPP Western Digital MyCloud login_mgr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 46828 | SERVER-WEBAPP D-Link DIR-620 index.cgi command injection attempt (more info ...) | web-application-attack | 2018-6211 | URL | ||
| 46829 | SERVER-WEBAPP D-Link DIR-620 index.cgi command injection attempt (more info ...) | web-application-attack | 2018-6211 | URL | ||
| 47464 | SERVER-WEBAPP CGit cgit_clone_objects function directory traversal attempt (more info ...) | web-application-attack | 2018-14912 | |||
| 47465 | SERVER-WEBAPP CGit cgit_clone_objects function directory traversal attempt (more info ...) | web-application-attack | 2018-14912 | |||
| 47466 | SERVER-WEBAPP CGit cgit_clone_objects function directory traversal attempt (more info ...) | web-application-attack | 2018-14912 | |||
| 48172 | SERVER-WEBAPP D-Link DIR-816 form2systime.cgi command injection attempt (more info ...) | web-application-attack | 2018-17066 | URL | ||
| 48173 | SERVER-WEBAPP D-Link DIR-816 form2systime.cgi command injection attempt (more info ...) | web-application-attack | 2018-17066 | URL | ||
| 48174 | SERVER-WEBAPP D-Link DIR-816 form2systime.cgi command injection attempt (more info ...) | web-application-attack | 2018-17066 | URL | ||
| 48228 | SERVER-WEBAPP Supervene RazDC create_user.cgi command injection attempt (more info ...) | web-application-attack | 2018-15551 | |||
| 48229 | SERVER-WEBAPP Supervene RazDC create_user.cgi command injection attempt (more info ...) | web-application-attack | 2018-15551 | |||
| 48230 | SERVER-WEBAPP Supervene RazDC create_user.cgi command injection attempt (more info ...) | web-application-attack | 2018-15551 | |||
| 48244 | SERVER-WEBAPP Supervene RazDC save_passwd.cgi command injection attempt (more info ...) | web-application-attack | 2018-15549 | |||
| 48245 | SERVER-WEBAPP Supervene RazDC save_passwd.cgi command injection attempt (more info ...) | web-application-attack | 2018-15549 | |||
| 48246 | SERVER-WEBAPP Supervene RazDC save_passwd.cgi command injection attempt (more info ...) | web-application-attack | 2018-15549 | |||
| 48266 | SERVER-WEBAPP Teltonika RUT9XX autologin.cgi command injection attempt (more info ...) | web-application-attack | 2018-17532 | URL | ||
| 48267 | SERVER-WEBAPP Teltonika RUT9XX autologin.cgi command injection attempt (more info ...) | web-application-attack | 2018-17532 | URL | ||
| 48268 | SERVER-WEBAPP Teltonika RUT9XX hotspotlogin.cgi command injection attempt (more info ...) | web-application-attack | 2018-17532 | URL | ||
| 48269 | SERVER-WEBAPP Teltonika RUT9XX hotspotlogin.cgi command injection attempt (more info ...) | web-application-attack | 2018-17532 | URL | ||
| 48270 | SERVER-WEBAPP Teltonika RUT9XX autologin.cgi command injection attempt (more info ...) | web-application-attack | 2018-17532 | URL | ||
| 48271 | SERVER-WEBAPP Teltonika RUT9XX hotspotlogin.cgi command injection attempt (more info ...) | web-application-attack | 2018-17532 | URL | ||
| 48744 | SERVER-WEBAPP TRENDnet TEW-673GRU apply.cgi start_arpping command injection attempt (more info ...) | web-application-attack | 2018-19239 | URL | ||
| 50336 | SERVER-WEBAPP GoAhead IP Camera set_ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 50337 | SERVER-WEBAPP GoAhead IP Camera set_ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 50338 | SERVER-WEBAPP GoAhead IP Camera set_ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 50339 | SERVER-WEBAPP GoAhead IP Camera set_ftp.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 50748 | SERVER-WEBAPP Seowonintech diagnostic.cgi command injection attempt (more info ...) | web-application-attack | 2016-10760 | URL | ||
| 50750 | SERVER-WEBAPP Seowonintech diagnostic.cgi command injection attempt (more info ...) | web-application-attack | 2016-10760 | URL | ||
| 50751 | SERVER-WEBAPP Seowonintech diagnostic.cgi command injection attempt (more info ...) | web-application-attack | 2016-10760 | URL | ||
| 51453 | SERVER-WEBAPP Pulse Secure Connect VPN post-auth hc.cgi buffer overflow attempt (more info ...) | web-application-attack | 2019-11542 | URL | ||
| 54012 | SERVER-WEBAPP ASUS ASUSWRT appGet.cgi command injection attempt (more info ...) | web-application-attack | ||||
| 55823 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt (more info ...) | web-application-attack | ||||
| 55824 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt (more info ...) | web-application-attack | ||||
| 55825 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt (more info ...) | web-application-attack | ||||
| 55827 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt (more info ...) | web-application-attack | 2018-3603 | |||
| 55828 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt (more info ...) | web-application-attack | 2018-3603 | |||
| 55829 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet multiple functions SQL injection attempt (more info ...) | web-application-attack | 2018-3603 | |||
| 58337 | SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt (more info ...) | web-application-attack | 2020-35606 | |||
| 58338 | SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt (more info ...) | web-application-attack | 2020-35606 | |||
| 58339 | SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt (more info ...) | web-application-attack | 2020-35606 | |||
| 58340 | SERVER-WEBAPP Webmin Package Updates update.cgi command injection attempt (more info ...) | web-application-attack | 2020-35606 | |||
| 58471 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt (more info ...) | web-application-attack | ||||
| 58472 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt (more info ...) | web-application-attack | ||||
| 58473 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet SQL injection attempt (more info ...) | web-application-attack | ||||
| 58542 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt (more info ...) | web-application-attack | ||||
| 58543 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt (more info ...) | web-application-attack | ||||
| 58544 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet EmailMessageDetected SQL injection attempt (more info ...) | web-application-attack | ||||
| 58670 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL injection attempt (more info ...) | web-application-attack | ||||
| 58671 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL injection attempt (more info ...) | web-application-attack | ||||
| 58672 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet DLPIncidentStatusChangeResult SQL injection attempt (more info ...) | web-application-attack | ||||
| 58974 | SERVER-WEBAPP Webmin Usermin secret.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 58975 | SERVER-WEBAPP Webmin Usermin secret.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 58976 | SERVER-WEBAPP Webmin Usermin secret.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 58977 | SERVER-WEBAPP Webmin Usermin secret.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 59375 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi directory traversal attempt (more info ...) | web-application-attack | 2018-16232 | |||
| 59376 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi directory traversal attempt (more info ...) | web-application-attack | 2018-16232 | |||
| 59377 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi directory traversal attempt (more info ...) | web-application-attack | 2018-16232 | |||
| 59378 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi command injection attempt (more info ...) | web-application-attack | 2018-16232 | |||
| 59379 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi command injection attempt (more info ...) | web-application-attack | 2018-16232 | |||
| 59380 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi command injection attempt (more info ...) | web-application-attack | 2018-16232 | |||
| 59381 | SERVER-WEBAPP IPFire Firewall Web Interface backup cgi command injection attempt (more info ...) | web-application-attack | 2018-16232 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 803 | SERVER-WEBAPP HyperSeek hsx.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0253 | 2314 | 10602 | |
| 809 | SERVER-WEBAPP whois_raw.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 1999-1063 | 304 | 10306 | URL |
| 810 | SERVER-WEBAPP whois_raw.cgi access (more info ...) | attempted-recon | 1999-1063 | 304 | 10306 | |
| 817 | SERVER-WEBAPP dcboard.cgi invalid user addition attempt (more info ...) | web-application-attack | 2001-0527 | 2728 | 10583 | |
| 818 | SERVER-WEBAPP dcforum.cgi access (more info ...) | attempted-recon | 2001-0527 | 2728 | 10583 | |
| 819 | SERVER-WEBAPP mmstdod.cgi access (more info ...) | attempted-recon | 2001-0021 | 2063 | 10566 | |
| 823 | SERVER-WEBAPP cvsweb.cgi access (more info ...) | attempted-recon | 2000-0670 | 1469 | 10465 | |
| 829 | SERVER-WEBAPP nph-test-cgi access (more info ...) | attempted-recon | 1999-0045 | 686 | 10165 | |
| 835 | SERVER-WEBAPP test-cgi access (more info ...) | attempted-recon | 1999-0070 | 2003 | 10282 | |
| 840 | SERVER-WEBAPP perlshop.cgi access (more info ...) | attempted-recon | 1999-1374 | |||
| 845 | SERVER-WEBAPP AT-admin.cgi access (more info ...) | attempted-recon | 1999-1072 | |||
| 846 | SERVER-WEBAPP bnbform.cgi access (more info ...) | attempted-recon | 1999-0937 | 2147 | ||
| 854 | SERVER-WEBAPP classifieds.cgi access (more info ...) | attempted-recon | 1999-0934 | 2020 | ||
| 856 | SERVER-WEBAPP environ.cgi access (more info ...) | attempted-recon | ||||
| 863 | SERVER-WEBAPP day5datacopier.cgi access (more info ...) | attempted-recon | 1999-1232 | |||
| 864 | SERVER-WEBAPP day5datanotifier.cgi access (more info ...) | attempted-recon | 1999-1232 | |||
| 871 | SERVER-WEBAPP survey.cgi access (more info ...) | attempted-recon | 1999-0936 | 1817 | ||
| 889 | SERVER-WEBAPP ppdscgi.exe access (more info ...) | attempted-recon | 491 | 10187 | URL | |
| 890 | SERVER-WEBAPP sendform.cgi access (more info ...) | attempted-recon | 2002-0710 | 5286 | URL | |
| 897 | SERVER-WEBAPP pals-cgi access (more info ...) | attempted-recon | 2001-0217 | 2372 | 10611 | |
| 898 | SERVER-WEBAPP commerce.cgi access (more info ...) | attempted-recon | 2001-0210 | 2361 | 10612 | |
| 900 | SERVER-WEBAPP webspirs.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0211 | 2362 | 10616 | |
| 901 | SERVER-WEBAPP webspirs.cgi access (more info ...) | attempted-recon | 2001-0211 | 2362 | 10616 | |
| 1051 | FILE-OTHER technote main.cgi file directory traversal attempt (more info ...) | web-application-attack | 2001-0075 | 2156 | 10584 | |
| 1052 | SERVER-WEBAPP technote print.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0075 | 2156 | 10584 | |
| 1053 | SERVER-WEBAPP ads.cgi command execution attempt (more info ...) | web-application-attack | 2001-0025 | 2103 | 11464 | |
| 1093 | SERVER-WEBAPP cached_feed.cgi moreover shopping cart directory traversal (more info ...) | web-application-attack | 2000-0906 | 1762 | ||
| 1149 | SERVER-WEBAPP count.cgi access (more info ...) | web-application-activity | 1999-0021 | 128 | 10049 | |
| 1163 | SERVER-WEBAPP webdist.cgi access (more info ...) | web-application-activity | 1999-0039 | 374 | 10299 | |
| 1172 | SERVER-WEBAPP bigconf.cgi access (more info ...) | web-application-activity | 1999-1550 | 778 | 10027 | |
| 1174 | SERVER-WEBAPP /cgi-bin/jj access (more info ...) | web-application-activity | 1999-0260 | 2002 | 10131 | |
| 1194 | SERVER-WEBAPP sojourn.cgi File attempt (more info ...) | web-application-attack | 2000-0180 | 1052 | 10349 | |
| 1195 | SERVER-WEBAPP sojourn.cgi access (more info ...) | web-application-activity | 2000-0180 | 1052 | 10349 | |
| 1204 | SERVER-WEBAPP ax-admin.cgi access (more info ...) | web-application-activity | ||||
| 1205 | SERVER-WEBAPP axs.cgi access (more info ...) | web-application-activity | ||||
| 1206 | SERVER-WEBAPP cachemgr.cgi access (more info ...) | web-application-activity | 1999-0710 | 2059 | 10034 | |
| 1208 | SERVER-WEBAPP responder.cgi access (more info ...) | web-application-activity | 3155 | |||
| 1211 | SERVER-WEBAPP web-map.cgi access (more info ...) | web-application-activity | ||||
| 1219 | SERVER-WEBAPP dfire.cgi access (more info ...) | web-application-activity | 1999-0913 | 564 | ||
| 1221 | SERVER-WEBAPP Muscat Empower cgi access (more info ...) | web-application-activity | 2001-0224 | 2374 | 10609 | |
| 1222 | SERVER-WEBAPP pals-cgi arbitrary file access attempt (more info ...) | web-application-attack | 2001-0217 | 2372 | 10611 | |
| 1304 | SERVER-WEBAPP txt2html.cgi access (more info ...) | web-application-activity | ||||
| 1305 | SERVER-WEBAPP txt2html.cgi directory traversal attempt (more info ...) | web-application-attack | ||||
| 1307 | SERVER-WEBAPP store.cgi access (more info ...) | web-application-activity | 2001-0305 | 2385 | 10639 | |
| 1308 | SERVER-WEBAPP sendmessage.cgi access (more info ...) | attempted-recon | 2001-1100 | 3673 | ||
| 1392 | SERVER-WEBAPP lastlines.cgi access (more info ...) | attempted-recon | 2001-1206 | 3755 | ||
| 1395 | SERVER-WEBAPP zml.cgi attempt (more info ...) | web-application-activity | 2001-1209 | 3759 | 10830 | |
| 1396 | SERVER-WEBAPP zml.cgi access (more info ...) | web-application-activity | 2001-1209 | 3759 | 10830 | |
| 1405 | SERVER-WEBAPP AHG search.cgi access (more info ...) | web-application-activity | 2002-2113 | 3985 | ||
| 1406 | SERVER-WEBAPP agora.cgi access (more info ...) | web-application-activity | 2002-0215 | 3976 | 10836 | |
| 1410 | SERVER-WEBAPP dcboard.cgi access (more info ...) | attempted-recon | 2001-0527 | 2728 | 10583 | |
| 1453 | SERVER-WEBAPP AT-generated.cgi access (more info ...) | attempted-recon | 1999-1072 | |||
| 1465 | SERVER-WEBAPP auktion.cgi access (more info ...) | web-application-activity | 2001-0212 | 2367 | 10638 | |
| 1466 | SERVER-WEBAPP cgiforum.pl access (more info ...) | web-application-activity | 2000-1171 | 1963 | 10552 | |
| 1467 | SERVER-WEBAPP directorypro.cgi access (more info ...) | web-application-activity | 2001-0780 | 2793 | 10679 | |
| 1468 | SERVER-WEBAPP Web Shopper shopper.cgi attempt (more info ...) | web-application-attack | 2000-0922 | 1776 | 10533 | |
| 1469 | SERVER-WEBAPP Web Shopper shopper.cgi access (more info ...) | attempted-recon | 2000-0922 | 1776 | ||
| 1471 | SERVER-WEBAPP mailnews.cgi access (more info ...) | attempted-recon | 2001-0271 | 2391 | 10641 | |
| 1472 | SERVER-WEBAPP book.cgi access (more info ...) | web-application-activity | 2001-1114 | 3178 | 10721 | |
| 1473 | SERVER-WEBAPP newsdesk.cgi access (more info ...) | attempted-recon | 2001-0232 | 2172 | 10586 | |
| 1476 | SERVER-WEBAPP sdbsearch.cgi access (more info ...) | attempted-recon | 2001-1130 | 1658 | 10720 | |
| 1479 | SERVER-WEBAPP ttawebtop.cgi arbitrary file attempt (more info ...) | web-application-attack | 2001-0805 | 2890 | 10696 | |
| 1480 | SERVER-WEBAPP ttawebtop.cgi access (more info ...) | attempted-recon | 2001-0805 | 2890 | 10696 | |
| 1481 | SERVER-WEBAPP upload.cgi access (more info ...) | attempted-recon | 10290 | |||
| 1488 | SERVER-WEBAPP store.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0305 | 2385 | 10639 | |
| 1494 | SERVER-WEBAPP SIX webboard generate.cgi attempt (more info ...) | web-application-attack | 2001-1115 | 3175 | 10725 | |
| 1495 | SERVER-WEBAPP SIX webboard generate.cgi access (more info ...) | web-application-activity | 2001-1115 | 3175 | 10725 | |
| 1496 | SERVER-WEBAPP spin_client.cgi access (more info ...) | web-application-activity | 10393 | |||
| 1501 | SERVER-WEBAPP a1stats a1disp3.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0561 | 2705 | 10669 | |
| 1502 | SERVER-WEBAPP a1stats a1disp3.cgi access (more info ...) | web-application-activity | 2001-0561 | 2705 | 10669 | |
| 1534 | SERVER-WEBAPP agora.cgi attempt (more info ...) | web-application-attack | 2002-0215 | 3976 | 10836 | |
| 1539 | SERVER-WEBAPP /cgi-bin/ls access (more info ...) | web-application-activity | 2000-0079 | 936 | 10037 | |
| 1542 | SERVER-WEBAPP cgimail access (more info ...) | web-application-activity | 2000-0726 | 1623 | 11721 | |
| 1543 | SERVER-WEBAPP cgiwrap access (more info ...) | web-application-activity | 2001-0987 | 777 | 10041 | |
| 1554 | SERVER-WEBAPP dbman db.cgi access (more info ...) | web-application-activity | 2000-0381 | 1178 | 10403 | |
| 1569 | SERVER-WEBAPP loadpage.cgi directory traversal attempt (more info ...) | web-application-attack | 2000-1092 | 2109 | 10065 | |
| 1570 | SERVER-WEBAPP loadpage.cgi access (more info ...) | web-application-activity | 2000-1092 | 2109 | 10065 | |
| 1571 | SERVER-WEBAPP dcforum.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0437 | 2611 | 10583 | |
| 1572 | SERVER-WEBAPP commerce.cgi arbitrary file access attempt (more info ...) | attempted-recon | 2001-0210 | 2361 | 10612 | |
| 1573 | SERVER-WEBAPP cgiforum.pl attempt (more info ...) | web-application-attack | 2000-1171 | 1963 | 10552 | |
| 1574 | SERVER-WEBAPP directorypro.cgi attempt (more info ...) | web-application-attack | 2001-0780 | 2793 | 10679 | |
| 1587 | SERVER-WEBAPP cgitest.exe access (more info ...) | web-application-activity | 2002-0128 | 3885 | 11131 | |
| 1590 | SERVER-WEBAPP faqmanager.cgi arbitrary file access attempt (more info ...) | web-application-attack | 2002-2033 | 3810 | 10837 | |
| 1591 | SERVER-WEBAPP faqmanager.cgi access (more info ...) | web-application-activity | 2002-2033 | 3810 | 10837 | |
| 1592 | SERVER-WEBAPP /fcgi-bin/echo.exe access (more info ...) | web-application-activity | 10838 | |||
| 1593 | SERVER-WEBAPP FormHandler.cgi external site redirection attempt (more info ...) | web-application-attack | 1999-1050 | 799 | 10075 | |
| 1594 | SERVER-WEBAPP FormHandler.cgi access (more info ...) | web-application-activity | 1999-1050 | 799 | 10075 | |
| 1597 | SERVER-WEBAPP guestbook.cgi access (more info ...) | web-application-activity | 1999-0237 | 10098 | ||
| 1598 | SERVER-WEBAPP Home Free search.cgi directory traversal attempt (more info ...) | web-application-attack | 2000-0054 | 921 | 10101 | |
| 1599 | SERVER-WEBAPP search.cgi access (more info ...) | web-application-activity | 2000-0054 | 921 | ||
| 1607 | SERVER-WEBAPP HyperSeek hsx.cgi access (more info ...) | web-application-activity | 2001-0253 | 2314 | 10602 | |
| 1617 | SERVER-WEBAPP Bugzilla doeditvotes.cgi access (more info ...) | web-application-activity | 2002-0011 | 3800 | ||
| 1628 | SERVER-WEBAPP FormHandler.cgi directory traversal attempt (more info ...) | web-application-attack | 1999-1050 | 799 | 10075 | |
| 1644 | SERVER-WEBAPP test-cgi attempt (more info ...) | web-application-attack | 1999-0070 | 2003 | 10282 | |
| 1645 | SERVER-WEBAPP testcgi access (more info ...) | web-application-activity | 2003-1531 | 7214 | 11610 | |
| 1646 | SERVER-WEBAPP test.cgi access (more info ...) | web-application-activity | ||||
| 1655 | SERVER-WEBAPP pfdispaly.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0270 | 10174 | ||
| 1656 | SERVER-WEBAPP pfdispaly.cgi access (more info ...) | web-application-activity | 1999-0270 | 64 | 10174 | |
| 1657 | SERVER-WEBAPP pagelog.cgi directory traversal attempt (more info ...) | web-application-activity | 2000-0940 | 1864 | 10591 | |
| 1658 | SERVER-WEBAPP pagelog.cgi access (more info ...) | web-application-activity | 2000-0940 | 1864 | 10591 | |
| 1666 | INDICATOR-COMPROMISE index of /cgi-bin/ response (more info ...) | bad-unknown | 10039 | |||
| 1668 | SERVER-WEBAPP /cgi-bin/ access (more info ...) | web-application-attack | ||||
| 1669 | SERVER-WEBAPP /cgi-dos/ access (more info ...) | web-application-attack | ||||
| 1703 | SERVER-WEBAPP auktion.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0212 | 2367 | 10638 | |
| 1709 | SERVER-WEBAPP ad.cgi access (more info ...) | web-application-activity | 2001-0025 | 2103 | 11464 | |
| 1710 | SERVER-WEBAPP bbs_forum.cgi access (more info ...) | web-application-activity | 2001-0123 | 2177 | URL | |
| 1711 | SERVER-WEBAPP bsguest.cgi access (more info ...) | web-application-activity | 2001-0099 | 2159 | ||
| 1712 | SERVER-WEBAPP bslist.cgi access (more info ...) | web-application-activity | 2001-0100 | 2160 | ||
| 1713 | SERVER-WEBAPP cgforum.cgi access (more info ...) | web-application-activity | 2000-1132 | 1951 | ||
| 1715 | SERVER-WEBAPP register.cgi access (more info ...) | web-application-activity | 2001-0076 | 2157 | ||
| 1716 | SERVER-WEBAPP gbook.cgi access (more info ...) | web-application-activity | 2000-1131 | 1940 | ||
| 1717 | SERVER-WEBAPP simplestguest.cgi access (more info ...) | web-application-activity | 2001-0022 | 2106 | ||
| 1719 | SERVER-WEBAPP talkback.cgi directory traversal attempt (more info ...) | web-application-attack | 2001-0420 | 2547 | ||
| 1720 | SERVER-WEBAPP talkback.cgi access (more info ...) | web-application-activity | 2001-0420 | 2547 | ||
| 1723 | SERVER-WEBAPP emumail.cgi NULL attempt (more info ...) | web-application-activity | 2002-1526 | 5824 | ||
| 1724 | SERVER-WEBAPP emumail.cgi access (more info ...) | web-application-activity | 2002-1526 | 5824 | ||
| 1763 | SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (more info ...) | web-application-attack | 2000-0064 | 938 | 10160 | |
| 1764 | SERVER-WEBAPP Nortel Contivity cgiproc DOS attempt (more info ...) | web-application-attack | 2000-0064 | 938 | 10160 | |
| 1765 | SERVER-WEBAPP Nortel Contivity cgiproc access (more info ...) | web-application-activity | 2000-0064 | 938 | 10160 | |
| 1787 | SERVER-WEBAPP csPassword.cgi access (more info ...) | web-application-activity | 2002-0918 | 4889 | ||
| 1788 | SERVER-WEBAPP csPassword password.cgi.tmp access (more info ...) | web-application-activity | 2002-0920 | 4889 | ||
| 1805 | SERVER-WEBAPP Oracle Reports CGI access (more info ...) | web-application-activity | 2002-0947 | 4848 | ||
| 1822 | SERVER-WEBAPP AlienForm alienform.cgi directory traversal attempt (more info ...) | web-application-attack | 2002-0934 | 4983 | 11027 | |
| 1823 | SERVER-WEBAPP AlienForm af.cgi directory traversal attempt (more info ...) | web-application-attack | 2002-0934 | 4983 | 11027 | |
| 1824 | SERVER-WEBAPP AlienForm alienform.cgi access (more info ...) | web-application-activity | 2002-0934 | 4983 | 11027 | |
| 1825 | SERVER-WEBAPP AlienForm af.cgi access (more info ...) | web-application-activity | 2002-0934 | 4983 | 11027 | |
| 1850 | SERVER-WEBAPP way-board.cgi access (more info ...) | web-application-activity | 10610 | |||
| 1862 | SERVER-WEBAPP mrtg.cgi directory traversal attempt (more info ...) | web-application-attack | 2002-0232 | 4017 | 11001 | |
| 1865 | SERVER-WEBAPP webdist.cgi arbitrary command attempt (more info ...) | web-application-attack | 1999-0039 | 374 | 10299 | |
| 1870 | SERVER-WEBAPP siteUserMod.cgi access (more info ...) | web-application-activity | 2000-0117 | 951 | 10253 | |
| 1875 | SERVER-WEBAPP cgicso access (more info ...) | web-application-activity | 2002-1652 | 6141 | 10780 | |
| 1876 | SERVER-WEBAPP nph-publish.cgi access (more info ...) | web-application-activity | 1999-1177 | 10164 | ||
| 1878 | SERVER-WEBAPP sdbsearch.cgi access (more info ...) | web-application-activity | 2000-0868 | 1658 | 10503 | |
| 1879 | SERVER-WEBAPP book.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 2001-1114 | 3178 | 10721 | |
| 1933 | SERVER-WEBAPP cart.cgi access (more info ...) | web-application-activity | 2000-0252 | 1115 | 10368 | |
| 1994 | SERVER-WEBAPP vpasswd.cgi access (more info ...) | web-application-activity | 6038 | 11165 | ||
| 1995 | SERVER-WEBAPP alya.cgi access (more info ...) | web-application-activity | 11118 | |||
| 1996 | SERVER-WEBAPP viralator.cgi access (more info ...) | web-application-activity | 2001-0849 | 3495 | 11107 | |
| 2001 | SERVER-WEBAPP smartsearch.cgi access (more info ...) | web-application-activity | 7133 | |||
| 2051 | SERVER-WEBAPP cached_feed.cgi moreover shopping cart access (more info ...) | web-application-activity | 2000-0906 | 1762 | ||
| 2052 | SERVER-WEBAPP overflow.cgi access (more info ...) | web-application-activity | 2002-1361 | 6326 | 11190 | URL |
| 2053 | SERVER-WEBAPP Bugtraq process_bug.cgi access (more info ...) | web-application-activity | 2002-0008 | 3272 | ||
| 2054 | SERVER-WEBAPP Bugtraq enter_bug.cgi arbitrary command attempt (more info ...) | web-application-attack | 2002-0008 | 3272 | ||
| 2055 | SERVER-WEBAPP Bugtraq enter_bug.cgi access (more info ...) | web-application-activity | 2002-0008 | 3272 | ||
| 2085 | SERVER-WEBAPP parse_xml.cgi access (more info ...) | web-application-activity | 2003-0423 | 6958 | ||
| 2086 | SERVER-WEBAPP streaming server parse_xml.cgi access (more info ...) | web-application-activity | 2003-0423 | 6958 | ||
| 2116 | SERVER-WEBAPP chipcfg.cgi access (more info ...) | web-application-activity | 2001-1341 | 2767 | URL | |
| 2127 | SERVER-WEBAPP ikonboard.cgi access (more info ...) | web-application-activity | 7361 | 11605 | ||
| 2128 | SERVER-WEBAPP swsrv.cgi access (more info ...) | web-application-activity | 2003-0217 | 7510 | 11608 | |
| 2194 | SERVER-WEBAPP CSMailto.cgi access (more info ...) | web-application-activity | 2002-0749 | 6265 | 11748 | |
| 2195 | SERVER-WEBAPP alert.cgi access (more info ...) | web-application-activity | 2002-0346 | 4579 | 11748 | |
| 2196 | SERVER-WEBAPP catgy.cgi access (more info ...) | web-application-activity | 2001-1212 | 4579 | 11748 | |
| 2197 | SERVER-WEBAPP cvsview2.cgi access (more info ...) | web-application-activity | 2003-0153 | 5517 | 11748 | |
| 2198 | SERVER-WEBAPP cvslog.cgi access (more info ...) | web-application-activity | 2003-0153 | 5517 | 11748 | |
| 2199 | SERVER-WEBAPP multidiff.cgi access (more info ...) | web-application-activity | 2003-0153 | 5517 | 11748 | |
| 2200 | SERVER-WEBAPP dnewsweb.cgi access (more info ...) | web-application-activity | 2000-0423 | 4579 | 11748 | |
| 2202 | SERVER-WEBAPP Webmin Directory edit_action.cgi access (more info ...) | web-application-activity | 2001-1196 | 4579 | 11748 | |
| 2203 | SERVER-WEBAPP Leif M. Wright everythingform.cgi access (more info ...) | web-application-activity | 2001-0023 | 4579 | 11748 | |
| 2204 | SERVER-WEBAPP EasyBoard 2000 ezadmin.cgi access (more info ...) | web-application-activity | 2002-0263 | 4579 | 11748 | |
| 2205 | SERVER-WEBAPP EasyBoard 2000 ezboard.cgi access (more info ...) | web-application-activity | 2002-0263 | 4579 | 11748 | |
| 2206 | SERVER-WEBAPP EasyBoard 2000 ezman.cgi access (more info ...) | web-application-activity | 2002-0263 | 4579 | 11748 | |
| 2207 | SERVER-WEBAPP FileSeek fileseek.cgi access (more info ...) | web-application-activity | 2002-0611 | 6784 | 11748 | |
| 2208 | SERVER-WEBAPP Faq-O-Matic fom.cgi access (more info ...) | web-application-activity | 2002-0230 | 4579 | 11748 | |
| 2209 | SERVER-WEBAPP Infonautics getdoc.cgi access (more info ...) | web-application-activity | 2000-0288 | 4579 | 11748 | |
| 2210 | SERVER-WEBAPP Multiple Vendors global.cgi access (more info ...) | web-application-activity | 2000-0952 | 4579 | 11748 | |
| 2211 | SERVER-WEBAPP Lars Ellingsen guestserver.cgi access (more info ...) | web-application-activity | 2001-0180 | 4579 | 11748 | |
| 2212 | SERVER-WEBAPP cgiCentral WebStore imageFolio.cgi access (more info ...) | web-application-activity | 2002-1334 | 6265 | 11748 | |
| 2213 | SERVER-WEBAPP Oatmeal Studios Mail File mailfile.cgi access (more info ...) | web-application-activity | 2000-0977 | 4579 | 11748 | |
| 2214 | SERVER-WEBAPP 3R Soft MailStudio 2000 mailview.cgi access (more info ...) | web-application-activity | 2000-0526 | 4579 | 11748 | |
| 2215 | SERVER-WEBAPP Alabanza Control Panel nsManager.cgi access (more info ...) | web-application-activity | 2000-1023 | 4579 | 11748 | |
| 2216 | SERVER-WEBAPP Ipswitch IMail readmail.cgi access (more info ...) | web-application-activity | 2001-1283 | 4579 | 11748 | |
| 2217 | SERVER-WEBAPP Ipswitch IMail printmail.cgi access (more info ...) | web-application-activity | 2001-1283 | 4579 | 11748 | |
| 2218 | SERVER-WEBAPP Oracle Cobalt RaQ service.cgi access (more info ...) | web-application-activity | 2002-0346 | 4579 | 11748 | |
| 2219 | SERVER-WEBAPP Trend Micro Interscan VirusWall setpasswd.cgi access (more info ...) | web-application-activity | 2001-0133 | 4579 | 11748 | |
| 2220 | SERVER-WEBAPP Leif M. Wright simplestmail.cgi access (more info ...) | web-application-activity | 2001-0022 | 4579 | 11748 | |
| 2221 | SERVER-WEBAPP cgiCentral WebStore ws_mail.cgi access (more info ...) | web-application-activity | 2001-1343 | 4579 | 11748 | |
| 2222 | SERVER-WEBAPP Infinity CGI exploit scanner nph-exploitscanget.cgi access (more info ...) | web-application-activity | 2003-0434 | 7913 | 11740 | |
| 2224 | SERVER-WEBAPP Psunami Bulletin Board psunami.cgi access (more info ...) | web-application-activity | 6607 | 11750 | ||
| 2225 | SERVER-WEBAPP Linksys BEFSR41 gozila.cgi access (more info ...) | web-application-activity | 2002-1236 | 6086 | 11773 | |
| 2237 | SERVER-WEBAPP cgiWebupdate.exe access (more info ...) | web-application-activity | 2001-1150 | 3216 | 11722 | |
| 2242 | SERVER-WEBAPP ddicgi.exe access (more info ...) | web-application-activity | 2000-0826 | 1657 | 11728 | |
| 2243 | SERVER-WEBAPP ndcgi.exe access (more info ...) | web-application-activity | 2001-0922 | 3583 | 11730 | |
| 2277 | SERVER-WEBAPP PeopleSoft PeopleBooks psdoccgi access (more info ...) | web-application-activity | 2003-0627 | 9038 | ||
| 2323 | SERVER-WEBAPP iSoft-Solutions QuickStore shopping cart quickstore.cgi access (more info ...) | web-application-activity | 9282 | 11975 | ||
| 2388 | SERVER-WEBAPP Apple QuickTime streaming server view_broadcast.cgi access (more info ...) | web-application-activity | 2003-0422 | 8257 | ||
| 2396 | SERVER-WEBAPP CCBill whereami.cgi arbitrary command execution attempt (more info ...) | web-application-attack | 8095 | URL | ||
| 2397 | SERVER-WEBAPP CCBill whereami.cgi access (more info ...) | web-application-activity | 8095 | URL | ||
| 2433 | SERVER-WEBAPP MDaemon form2raw.cgi overflow attempt (more info ...) | web-application-attack | 2003-1200 | 9317 | URL | |
| 2568 | SERVER-WEBAPP Emumail emumail.fcgi access (more info ...) | web-application-activity | 2004-2385 | 9861 | 12095 | |
| 3062 | SERVER-WEBAPP NetScreen SA 5000 delhomepage.cgi access (more info ...) | web-application-activity | 2004-0347 | 9791 | ||
| 3468 | SERVER-WEBAPP math_sum.mscgi access (more info ...) | web-application-activity | 10831 | 14182 | ||
| 3638 | SERVER-WEBAPP SoftCart.exe CGI buffer overflow attempt (more info ...) | web-application-attack | 2004-2221 | 10926 | ||
| 4128 | SERVER-WEBAPP 4DWebstar ShellExample.cgi information disclosure (more info ...) | attempted-recon | 2004-0696 | 10721 | URL | |
| 5706 | POLICY-SOCIAL Namazu incoming namazu.cgi access (more info ...) | web-application-activity | URL | |||
| 5764 | PUA-ADWARE Hijacker begin2search outbound connection - fcgi query (more info ...) | misc-activity | URL | |||
| 5945 | PUA-ADWARE Adware weirdontheweb runtime detection - track.cgi request (more info ...) | misc-activity | URL | |||
| 6019 | MALWARE-CNC dsk lite 1.0 variant outbound connection cgi notification (more info ...) | trojan-activity | URL | |||
| 6043 | MALWARE-CNC fear 0.2 variant outbound connection cgi notification (more info ...) | trojan-activity | URL | |||
| 6059 | MALWARE-CNC neurotickat1.3 variant outbound connection cgi notification (more info ...) | trojan-activity | URL | |||
| 7076 | MALWARE-CNC minimo v0.6 variant outbound connection cgi notification (more info ...) | trojan-activity | ||||
| 7148 | MALWARE-TOOLS Hacker-Tool sars notifier runtime detection - cgi notification (more info ...) | misc-activity | URL | |||
| 7524 | PUA-ADWARE Hijacker moneybar outbound connection - cgispy counter (more info ...) | misc-activity | URL | |||
| 7722 | MALWARE-CNC prorat 1.9 cgi notification detection (more info ...) | trojan-activity | URL | |||
| 7742 | MALWARE-CNC nova 1.0 variant outbound connection cgi notification client-to-server (more info ...) | trojan-activity | URL | |||
| 7743 | MALWARE-BACKDOOR nova 1.0 runtime detection - cgi notification server-to-client (more info ...) | trojan-activity | URL | |||
| 13591 | SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (more info ...) | web-application-attack | 2008-1365 | 28020 | URL | |
| 15264 | SERVER-WEBAPP Oracle TimesTen In-Memory Database evtdump CGI module format string exploit attempt (more info ...) | attempted-admin | 2008-5440 | 33177 | ||
| 16922 | MALWARE-CNC URI request for known malicious URI - /cgi-bin/rd.cgi?f=/vercfg.dat?AgentID= (more info ...) | trojan-activity | URL | |||
| 17386 | SERVER-WEBAPP Lighttpd mod_fastcgi Extension CGI Variable Overwriting Vulnerability attempt (more info ...) | attempted-user | 2007-4727 | 25622 | URL | |
| 17605 | SERVER-WEBAPP Trend Micro OfficeScan CGI password decryption buffer overflow attempt (more info ...) | web-application-attack | 2008-1365 | 28020 | URL | |
| 21846 | MALWARE-CNC TDS Sutra - request in.cgi (more info ...) | trojan-activity | URL | |||
| 25394 | MALWARE-CNC URI request for /cgi-bin/nt/th (more info ...) | trojan-activity | URL | |||
| 25395 | MALWARE-CNC URI request for /cgi-bin/nt/sk (more info ...) | trojan-activity | URL | |||
| 25396 | MALWARE-CNC URI request for /cgi-bin/dllhost/ac (more info ...) | trojan-activity | URL | |||
| 25397 | MALWARE-CNC URI request for /cgi-bin/ms/check (more info ...) | trojan-activity | URL | |||
| 25398 | MALWARE-CNC URI request for /cgi-bin/ms/flush (more info ...) | trojan-activity | URL | |||
| 25399 | MALWARE-CNC URI request for /cgi-bin/win/wcx (more info ...) | trojan-activity | URL | |||
| 25400 | MALWARE-CNC URI request for /cgi-bin/win/cab (more info ...) | trojan-activity | URL | |||
| 25503 | MALWARE-CNC Necurs Rootkit sba.cgi (more info ...) | trojan-activity | URL | |||
| 25504 | MALWARE-CNC Necurs Rootkit op.cgi (more info ...) | trojan-activity | URL | |||
| 26274 | SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (more info ...) | attempted-admin | 2009-2288 | |||
| 26276 | SERVER-WEBAPP Linksys E1500/E2500 apply.cgi submit_button page redirection attempt (more info ...) | attempted-admin | ||||
| 26277 | SERVER-WEBAPP Linksys E1500/E2500 apply.cgi submit_button page redirection attempt (more info ...) | attempted-admin | ||||
| 26278 | SERVER-WEBAPP Linksys E1500/E2500 apply.cgi unauthenticated password reset attempt (more info ...) | attempted-admin | 57760 | URL | ||
| 26279 | SERVER-WEBAPP Linksys E1500/E2500 apply.cgi unauthenticated password reset attempt (more info ...) | attempted-admin | 57760 | URL | ||
| 26559 | OS-OTHER DLink IP camera remote command execution vulnerability - access to vulnerable rtpd.cgi (more info ...) | attempted-admin | 2013-1599 | URL | ||
| 28083 | SERVER-WEBAPP Netgear DGN1000B setup.cgi cross site scripting attempt (more info ...) | web-application-attack | 57836 | |||
| 29267 | SERVER-WEBAPP Nagios3 statuswml.cgi remote command execution attempt (more info ...) | attempted-admin | 2009-2288 | |||
| 29374 | SERVER-WEBAPP Nagios process_cgivars off-by-one memory access denial of service attempt (more info ...) | attempted-dos | 2013-7108 | 64363 | URL | |
| 29375 | SERVER-WEBAPP Nagios process_cgivars off-by-one memory access denial of service attempt (more info ...) | attempted-dos | 2013-7108 | 64363 | URL | |
| 31259 | SERVER-WEBAPP Supermicro Intelligent Management Controller url_redirect.cgi directory traversal attempt (more info ...) | attempted-recon | ||||
| 31542 | SERVER-WEBAPP D-Link Multiple Products info.cgi request buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 31588 | SERVER-WEBAPP D-Link Multiple Products hedwig.cgi cookie buffer overflow attempt (more info ...) | attempted-admin | ||||
| 31651 | SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (more info ...) | attempted-admin | 2014-5073 | 69225 | ||
| 31652 | SERVER-WEBAPP VMTurbo Operations Manager vmtadmin.cgi command injection attempt (more info ...) | attempted-admin | 2014-5073 | 69225 | ||
| 31976 | OS-OTHER Bash CGI environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32335 | OS-OTHER Bash CGI environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32336 | OS-OTHER Bash CGI environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 38252 | SERVER-WEBAPP AWStats awstats.cgi remote file include attempt (more info ...) | web-application-attack | 2010-4367 | |||
| 38253 | SERVER-WEBAPP AWStats awstats.cgi remote file include attempt (more info ...) | web-application-attack | 2010-4367 | |||
| 38625 | SERVER-WEBAPP Gemtek CPE7000 sysconf.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 38626 | SERVER-WEBAPP Gemtek CPE7000 sysconf.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 39073 | SERVER-WEBAPP Aruba Networks IAP swarm.cgi command injection attempt (more info ...) | web-application-attack | 2016-2031 | URL | ||
| 39074 | SERVER-WEBAPP Aruba Networks IAP swarm.cgi command injection attempt (more info ...) | web-application-attack | 2016-2031 | URL | ||
| 39075 | SERVER-WEBAPP Aruba Networks IAP swarm.cgi raddb config injection attempt (more info ...) | web-application-attack | 2016-2031 | URL | ||
| 39133 | SERVER-WEBAPP Ubiquiti Networks XM Firmware scr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 39134 | SERVER-WEBAPP Ubiquiti Networks XM Firmware scr.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 39135 | SERVER-WEBAPP Ubiquiti Networks XM Firmware scr.cgi directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 39737 | SERVER-WEBAPP HttpOxy CGI application vulnerability potential man-in-the-middle attempt (more info ...) | web-application-attack | 2016-5388 | URL | ||
| 40349 | SERVER-WEBAPP IPFire proxy.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 40350 | SERVER-WEBAPP IPFire proxy.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 40351 | SERVER-WEBAPP IPFire proxy.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 40352 | SERVER-WEBAPP IPFire proxy.cgi command injection attempt (more info ...) | web-application-attack | URL | |||
| 40815 | SERVER-WEBAPP Netgear ReadyNAS Surveillance cgi_system administrator password reset attempt (more info ...) | attempted-admin | 2016-5676 | 92318 | URL | |
| 42003 | POLICY-OTHER Cisco Mobility Express Access Point radio.cgi access detected (more info ...) | policy-violation | 2017-3831 | URL | ||
| 42049 | SERVER-WEBAPP dnaLIMS viewAppletFsa.cgi directory traversal attempt (more info ...) | web-application-attack | 2017-6528 | 96823 | URL | |
| 42050 | SERVER-WEBAPP dnaLIMS viewAppletFsa.cgi directory traversal attempt (more info ...) | web-application-attack | 2017-6528 | 96823 | URL | |
| 43286 | SERVER-WEBAPP /cgi-bin/sh file access attempt (more info ...) | attempted-recon | ||||
| 44750 | SERVER-WEBAPP ASUS RP-AC52 login.cgi stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 45308 | SERVER-WEBAPP Axis Communications CGI Parser information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 45570 | SERVER-WEBAPP HP Moonshot Provisioning Manager Appliance khuploadfile.cgi directory traversal attempt (more info ...) | attempted-admin | 2017-8977 | URL | ||
| 46080 | SERVER-WEBAPP Linksys E-Series apply.cgi cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 46081 | SERVER-WEBAPP Linksys E-Series apply.cgi cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 46082 | SERVER-WEBAPP Linksys E-Series apply.cgi ping function command injection attempt (more info ...) | web-application-attack | 2013-3307 | |||
| 46083 | SERVER-WEBAPP Linksys E-Series apply.cgi directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46084 | SERVER-WEBAPP Linksys E-Series apply.cgi directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46085 | SERVER-WEBAPP Linksys E-Series apply.cgi ping function command injection attempt (more info ...) | web-application-attack | 2013-3307 | |||
| 46086 | SERVER-WEBAPP Linksys E-Series apply.cgi ping function command injection attempt (more info ...) | web-application-attack | 2013-3307 | |||
| 52067 | SERVER-WEBAPP Squid HTTP Proxy cachemgr.cgi denial of service attempt (more info ...) | attempted-user | 2012-5643 | URL | ||
| 57432 | SERVER-WEBAPP Webmin shell index.cgi module cross site scripting attempt (more info ...) | web-application-attack | 2020-8821 | URL | ||
| 58559 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet ID_HIDDEN_RED_ALERT_TASK_ID SQL injection attempt (more info ...) | web-application-attack | ||||
| 58560 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet ID_HIDDEN_RED_ALERT_TASK_ID SQL injection attempt (more info ...) | web-application-attack | ||||
| 58561 | SERVER-WEBAPP Trend Micro Control Manager CCGIServlet ID_HIDDEN_RED_ALERT_TASK_ID SQL injection attempt (more info ...) | web-application-attack | ||||
| 59237 | SERVER-WEBAPP Multiple products cgi-bin command injection attempt (more info ...) | web-application-attack | 2016-6277 | URL | ||
| 59238 | SERVER-WEBAPP Multiple products cgi-bin command injection attempt (more info ...) | web-application-attack | 2016-6277 | URL | ||
| 59315 | SERVER-WEBAPP IPFire ids cgi OINKCODE command injection attempt (more info ...) | web-application-attack | 2017-9757 | |||
| 59316 | SERVER-WEBAPP IPFire ids cgi OINKCODE command injection attempt (more info ...) | web-application-attack | 2017-9757 | |||
| 59317 | SERVER-WEBAPP IPFire ids cgi OINKCODE command injection attempt (more info ...) | web-application-attack | 2017-9757 | |||
| 59318 | SERVER-WEBAPP IPFire ids cgi OINKCODE command injection attempt (more info ...) | web-application-attack | 2017-9757 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 10010 | SERVER-OTHER Putty Server key exchange buffer overflow attempt (more info ...) | attempted-user | 2002-1359 | |||
| 15329 | SERVER-MAIL Microsoft Exchange MODPROPS memory corruption attempt (more info ...) | attempted-admin | 2006-0027 | 17908 | URL | |
| 32419 | OS-WINDOWS Microsoft Windows SChannel ECDH key exchange heap overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32420 | OS-WINDOWS Microsoft Windows SChannel ECDH key exchange heap overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 32421 | OS-WINDOWS Microsoft Windows SChannel ECDH key exchange heap overflow attempt (more info ...) | attempted-admin | 2014-6321 | URL | ||
| 37371 | SERVER-OTHER OpenSSH insecure roaming key exchange attempt (more info ...) | attempted-user | 2016-0778 | URL | ||
| 49100 | SERVER-OTHER Microsoft Exchange Server NTLM relay attack attempt (more info ...) | attempted-user | 2019-0724 | URL | ||
| 50714 | MALWARE-OTHER Win.Trojan.Trickbot self-signed certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 53380 | SERVER-WEBAPP Microsoft Exchange Control Panel remote code execution attempt (more info ...) | attempted-admin | 2020-0688 | URL | ||
| 53381 | SERVER-WEBAPP Microsoft Exchange Control Panel remote code execution attempt (more info ...) | attempted-admin | 2020-0688 | URL | ||
| 53382 | SERVER-WEBAPP Microsoft Exchange Control Panel static viewstate key use attempt (more info ...) | attempted-admin | 2020-0688 | URL | ||
| 53383 | SERVER-WEBAPP Microsoft Exchange Control Panel remote code execution attempt (more info ...) | attempted-admin | 2020-0688 | URL | ||
| 57233 | SERVER-OTHER Microsoft Exchange Server Unified Messaging arbitrary code execution attempt (more info ...) | attempted-admin | 2021-26857 | URL | ||
| 57234 | SERVER-OTHER Microsoft Exchange Server Unified Messaging arbitrary code execution attempt (more info ...) | attempted-admin | 2021-26857 | URL | ||
| 57241 | SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt (more info ...) | attempted-admin | 2021-26855 | URL | ||
| 57242 | SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt (more info ...) | attempted-admin | 2021-26855 | URL | ||
| 57243 | SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt (more info ...) | attempted-admin | 2021-26855 | URL | ||
| 57244 | SERVER-WEBAPP Microsoft Exchange Server server side request forgery attempt (more info ...) | attempted-admin | 2021-26855 | URL | ||
| 57245 | SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt (more info ...) | attempted-admin | 2021-27065 | URL | ||
| 57246 | SERVER-WEBAPP Microsoft Exchange Server arbitrary file write attempt (more info ...) | attempted-admin | 2021-27065 | URL | ||
| 57251 | SERVER-MAIL Microsoft Exchange Server certificate leak attempt (more info ...) | attempted-admin | 2021-24085 | URL | ||
| 57252 | SERVER-MAIL Microsoft Exchange Server arbitrary file write attempt (more info ...) | attempted-admin | 2021-27065 | URL | ||
| 57253 | SERVER-MAIL Microsoft Exchange Server arbitrary file write attempt (more info ...) | attempted-admin | 2021-27065 | URL | ||
| 57277 | FILE-OTHER Metasploit Gather Exchange post-exploitation tool download attempt (more info ...) | attempted-recon | URL | |||
| 57278 | FILE-OTHER Metasploit Gather Exchange post-exploitation tool download attempt (more info ...) | attempted-recon | URL | |||
| 57382 | SERVER-OTHER Microsoft Exchange Server DLPUtils remote code execution attempt (more info ...) | attempted-admin | 2020-17132 | URL | ||
| 57487 | SERVER-WEBAPP Microsoft Exchange MeetingHandler remote code execution attempt (more info ...) | attempted-admin | 2021-28482 | URL | ||
| 57906 | SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 57907 | SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt (more info ...) | attempted-admin | 2023-21529 | URL | ||
| 57908 | SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 57909 | SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt (more info ...) | attempted-admin | 2021-34523 | URL | ||
| 57983 | SERVER-WEBAPP Microsoft Exchange autodiscover server side request forgery attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 58249 | SERVER-WEBAPP Microsoft Exchange server security feature bypass attempt (more info ...) | attempted-admin | 2021-34523 | URL | ||
| 58637 | SERVER-OTHER Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-user | 2021-42321 | URL | ||
| 58638 | SERVER-OTHER Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-user | 2021-42321 | URL | ||
| 60241 | SERVER-WEBAPP Microsoft Exchange MAPI arbitrary file write attempt (more info ...) | web-application-attack | 2021-26858 | URL | ||
| 60242 | SERVER-WEBAPP Microsoft Exchange MAPI arbitrary file write attempt (more info ...) | web-application-attack | 2021-26858 | URL | ||
| 60244 | SERVER-WEBAPP Microsoft Exchange ProxyToken information disclosure attempt (more info ...) | attempted-user | 2021-33766 | URL | ||
| 60486 | SERVER-WEBAPP Microsoft Exchange Server MailboxExport arbitrary file write attempt (more info ...) | attempted-admin | 2021-31207 | URL | ||
| 60642 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-user | 2022-41082 | URL | ||
| 60670 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60671 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60672 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60673 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60674 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60675 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60676 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60677 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 60678 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 61042 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-admin | 2022-41082 | URL | ||
| 61359 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-user | 2023-21706 | URL | ||
| 61360 | SERVER-WEBAPP Microsoft Exchange Server remote code execution attempt (more info ...) | attempted-user | 2023-21529 | URL | ||
| 61361 | MALWARE-BACKDOOR FoggyWeb Exchange backdoor access attempt (more info ...) | trojan-activity | URL | |||
| 61362 | MALWARE-BACKDOOR FoggyWeb Exchange backdoor access attempt (more info ...) | trojan-activity | URL | |||
| 61933 | SERVER-MAIL Microsoft Exchange Server remote PowerShell session type confusion attempt (more info ...) | attempted-admin | 2023-28310 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 658 | SERVER-MAIL Microsoft Windows Exchange Server 5.5 mime DOS (more info ...) | attempted-dos | 2000-1006 | 1869 | 10558 | URL |
| 3815 | SERVER-MAIL Kinesphere eXchange POP3 mail server overflow attempt (more info ...) | misc-attack | 2004-1945 | 10180 | ||
| 7165 | MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 1 (more info ...) | successful-recon-limited | URL | |||
| 7166 | MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 2 (more info ...) | successful-recon-limited | URL | |||
| 7167 | MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 3 (more info ...) | successful-recon-limited | URL | |||
| 7168 | MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange - flowbit set 4 (more info ...) | successful-recon-limited | URL | |||
| 7169 | MALWARE-OTHER Keylogger ab system spy runtime detection - information exchange (more info ...) | successful-recon-limited | URL | |||
| 12423 | SERVER-MAIL Microsoft Windows Exchange CDO long header name (more info ...) | attempted-admin | 2005-1987 | 15067 | URL | |
| 12619 | SERVER-MAIL Microsoft Windows Exchange ical/vcal malformed property (more info ...) | attempted-admin | 2006-0027 | 17908 | URL | |
| 15301 | SERVER-MAIL Exchange compressed RTF remote code execution attempt (more info ...) | attempted-admin | 2009-0098 | URL | ||
| 15964 | SERVER-MAIL Microsoft Windows Exchange OWA XSS and spoofing attempt (more info ...) | misc-attack | 2004-0203 | 10902 | ||
| 16108 | MALWARE-CNC Win.Trojan.exchanger.gen2 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19091 | SERVER-OTHER OpenSSL ssl3_get_key_exchange use-after-free attempt (more info ...) | attempted-admin | 2010-2939 | 42306 | ||
| 19092 | SERVER-OTHER OpenSSL ssl3_get_key_exchange use-after-free attempt (more info ...) | attempted-admin | 2010-2939 | 42306 | ||
| 21776 | SERVER-MAIL Microsoft Windows Exchange MODPROPS denial of service attempt (more info ...) | attempted-dos | 2007-0039 | 23808 | URL | |
| 32705 | SERVER-MAIL Microsoft Exchange OWA meeting invite XSS attempt (more info ...) | misc-attack | 2014-6326 | URL | ||
| 33807 | SERVER-MAIL Microsoft Exchange OWA X-OWA-CANARY command injection attempt (more info ...) | misc-attack | 2015-1628 | URL | ||
| 33810 | SERVER-OTHER Microsoft Exchange Server custom DLP policy name cross-site scripting attempt (more info ...) | attempted-user | 2015-1629 | URL | ||
| 33811 | SERVER-MAIL Microsoft Exchange UM Management user stored XSS attempt (more info ...) | web-application-attack | 2015-1630 | URL | ||
| 34649 | SERVER-OTHER OpenSSL zero-length ClientKeyExchange message denial of service attempt (more info ...) | attempted-dos | 2015-1787 | 73238 | URL | |
| 34917 | MALWARE-CNC Win.Trojan.Critroni certificate exchange (more info ...) | trojan-activity | URL | |||
| 38378 | MALWARE-CNC Win.Trojan.Dridex certificate exchange (more info ...) | trojan-activity | URL | |||
| 38620 | MALWARE-CNC Win.Trojan.Dridex certificate exchange (more info ...) | trojan-activity | URL | |||
| 38621 | MALWARE-CNC Win.Trojan.Dridex certificate exchange (more info ...) | trojan-activity | URL | |||
| 39163 | MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 39164 | MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 41675 | MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 41676 | MALWARE-CNC Win.Trojan.Dridex self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 44399 | MALWARE-CNC Win.Trojan.Trickbot self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 44400 | MALWARE-CNC Win.Trojan.Trickbot self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 44401 | MALWARE-CNC Win.Trojan.Trickbot self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 44402 | MALWARE-CNC Win.Trojan.Trickbot self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 44591 | MALWARE-CNC Win.Trojan.PandaZeus malicious certificate exchange (more info ...) | trojan-activity | URL | |||
| 44592 | MALWARE-CNC Win.Trojan.PandaZeus self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 46965 | MALWARE-CNC Win.Trojan.Backswap self-signed certificate exchange (more info ...) | trojan-activity | URL | |||
| 49545 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 49546 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 49547 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 49549 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 49550 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 49551 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 49552 | MALWARE-CNC Win.Trojan.IcedID variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 54061 | MALWARE-CNC Win.Trojan.TrickBot variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 56554 | SERVER-OTHER Microsoft Exchange Server 2010 deserialization attempt (more info ...) | attempted-user | 2020-17144 | URL | ||
| 56587 | MALWARE-CNC Win.Backdoor.SSLBeacon variant certificate exchange attempt (more info ...) | trojan-activity | URL | |||
| 59843 | POLICY-OTHER Microsoft Exchange Export-ExchangeCertificate SOAP API call detected (more info ...) | policy-violation | 2020-17083 | URL | ||
| 59844 | POLICY-OTHER Microsoft Exchange New-ExchangeCertificate SOAP API call detected (more info ...) | policy-violation | 2020-17085 | URL | ||
| 59845 | POLICY-OTHER Microsoft Exchange Import-TransportRuleCollection SOAP request detected (more info ...) | policy-violation | 2020-17117 | URL | ||
| 60050 | MALWARE-CNC Win.Rootkit.Daxin HTTP host information exchange attempt (more info ...) | trojan-activity | ||||
| 61736 | POLICY-OTHER Microsoft Exchange Web Services brute force login attempt (more info ...) | policy-violation |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 42354 | SERVER-WEBAPP Squirrelmail sendmail delivery parameter injection attempt (more info ...) | web-application-attack | 2017-7692 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 655 | SERVER-MAIL Sendmail 8.6.9 exploit (more info ...) | attempted-admin | 1999-0204 | 2311 | ||
| 659 | SERVER-MAIL Sendmail expn decode (more info ...) | attempted-recon | 1999-0096 | 10248 | ||
| 662 | SERVER-MAIL Sendmail 5.5.5 exploit (more info ...) | attempted-admin | 1999-0203 | 10258 | ||
| 663 | SERVER-MAIL Sendmail rcpt to command attempt (more info ...) | attempted-admin | 1999-0095 | 1 | ||
| 664 | SERVER-MAIL Sendmail RCPT TO decode attempt (more info ...) | attempted-admin | 1999-0203 | 2308 | ||
| 665 | SERVER-MAIL Sendmail 5.6.5 exploit (more info ...) | attempted-user | 1999-0203 | 2308 | ||
| 667 | SERVER-MAIL Sendmail 8.6.10 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 668 | SERVER-MAIL Sendmail 8.6.10 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 669 | SERVER-MAIL Sendmail 8.6.9 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 670 | SERVER-MAIL Sendmail 8.6.9 exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 671 | SERVER-MAIL Sendmail 8.6.9c exploit (more info ...) | attempted-user | 1999-0204 | 2311 | ||
| 815 | SERVER-WEBAPP websendmail access (more info ...) | attempted-recon | 1999-0196 | 2077 | 10301 | |
| 1526 | SERVER-WEBAPP basilix sendmail.inc access (more info ...) | web-application-activity | 2001-1044 | 2198 | 10601 | |
| 1659 | SERVER-OTHER Adobe Coldfusion sendmail.cfm access (more info ...) | attempted-recon | 2001-0535 | |||
| 2261 | SERVER-MAIL Sendmail SEND FROM prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | 11316 | |
| 2262 | SERVER-MAIL Sendmail SEND FROM prescan too long addresses overflow (more info ...) | misc-attack | 2003-0161 | 7230 | 11499 | |
| 2263 | SERVER-MAIL Sendmail SAML FROM prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2264 | SERVER-MAIL Sendmail SAML FROM prescan too long addresses overflow (more info ...) | misc-attack | 2003-0161 | 7230 | 11499 | |
| 2265 | SERVER-MAIL Sendmail SOML FROM prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2266 | SERVER-MAIL Sendmail SOML FROM prescan too long addresses overflow (more info ...) | misc-attack | 2003-0161 | 7230 | 11499 | |
| 2267 | SERVER-MAIL Sendmail MAIL FROM prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2268 | SERVER-MAIL Sendmail MAIL FROM prescan too long addresses overflow (more info ...) | attempted-admin | 2003-0161 | 7230 | 11499 | |
| 2269 | SERVER-MAIL Sendmail RCPT TO prescan too many addresses overflow (more info ...) | attempted-admin | 2002-1337 | 6991 | ||
| 2270 | SERVER-MAIL Sendmail RCPT TO prescan too long addresses overflow (more info ...) | attempted-admin | 2003-0694 | 7230 | 11499 | |
| 15936 | SERVER-MAIL Sendmail identd command parsing vulnerability (more info ...) | attempted-admin | 1999-0204 | 2311 | ||
| 16057 | SERVER-MAIL Sendmail smtp timeout buffer overflow attempt (more info ...) | attempted-admin | 2006-0058 | 17192 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 20614 | SERVER-MAIL Axigen POP3 server remote format string exploit (more info ...) | attempted-admin | 22603 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 27179 | BROWSER-PLUGINS Oracle document capture EMPOP3Lib ActiveX clsid access attempt (more info ...) | attempted-user | 2010-3591 | 45851 | ||
| 37683 | POLICY-OTHER junk rule to autoenable pop3.stat flowbit (more info ...) | misc-activity |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1842 | PROTOCOL-IMAP login buffer overflow attempt (more info ...) | attempted-user | 2007-3925 | 502 | 10125 | |
| 3007 | PROTOCOL-IMAP command overflow attempt (more info ...) | misc-attack | 2005-3155 | 15753 | 15771 | |
| 3066 | PROTOCOL-IMAP APPEND overflow attempt (more info ...) | misc-attack | 2006-6425 | 21729 | 15867 | |
| 3067 | PROTOCOL-IMAP examine literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3069 | PROTOCOL-IMAP fetch literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3070 | PROTOCOL-IMAP fetch overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3071 | PROTOCOL-IMAP status literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 15491 | 15867 | |
| 3072 | PROTOCOL-IMAP STATUS overflow attempt (more info ...) | misc-attack | 2017-1274 | 15491 | 15867 | |
| 3073 | PROTOCOL-IMAP SUBSCRIBE literal overflow attempt (more info ...) | attempted-admin | 2007-3510 | 26219 | 15867 | |
| 3074 | PROTOCOL-IMAP SUBSCRIBE overflow attempt (more info ...) | attempted-admin | 2007-3510 | 26219 | 15867 | |
| 3075 | PROTOCOL-IMAP unsubscribe literal overflow attempt (more info ...) | misc-attack | 2004-1211 | 11775 | 15867 | |
| 3076 | PROTOCOL-IMAP UNSUBSCRIBE overflow attempt (more info ...) | attempted-admin | 2005-3189 | 15488 | 15867 | |
| 5702 | PROTOCOL-IMAP subscribe directory traversal attempt (more info ...) | attempted-admin | 2007-3510 | 26219 | 15867 | |
| 5704 | PROTOCOL-IMAP SELECT overflow attempt (more info ...) | misc-attack | 2006-1255 | 15006 | ||
| 11004 | PROTOCOL-IMAP CRAM-MD5 authentication request detected (more info ...) | protocol-command-decode | URL | |||
| 13359 | APP-DETECT failed IMAP login attempt - invalid username/password (more info ...) | misc-activity | URL | |||
| 15484 | PROTOCOL-IMAP CRAM-MD5 authentication method buffer overflow attempt (more info ...) | attempted-admin | 2007-1675 | 23172 | ||
| 43067 | PROTOCOL-IMAP IMAP CRAM-MD5 authentication attempt (more info ...) | protocol-command-decode | 2007-1675 | |||
| 48417 | SERVER-WEBAPP PrestaShop PS_SAV_IMAP_URL command injection attempt (more info ...) | attempted-user | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1755 | PROTOCOL-IMAP partial body buffer overflow attempt (more info ...) | misc-attack | 2002-0379 | 4713 | 10966 | |
| 1844 | PROTOCOL-IMAP authenticate overflow attempt (more info ...) | misc-attack | 1999-0042 | 130 | 10292 | |
| 1845 | PROTOCOL-IMAP list literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1902 | PROTOCOL-IMAP lsub literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1903 | PROTOCOL-IMAP rename overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1904 | PROTOCOL-IMAP find overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 1930 | PROTOCOL-IMAP auth literal overflow attempt (more info ...) | misc-attack | 2006-6424 | 21724 | ||
| 1993 | PROTOCOL-IMAP login literal buffer overflow attempt (more info ...) | misc-attack | 2007-0221 | 6298 | 12532 | |
| 2046 | PROTOCOL-IMAP partial body.peek buffer overflow attempt (more info ...) | misc-attack | 2002-0379 | 4713 | 10966 | |
| 2105 | PROTOCOL-IMAP authenticate literal overflow attempt (more info ...) | misc-attack | 2006-6424 | 21724 | 10292 | |
| 2106 | PROTOCOL-IMAP lsub overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | 10374 | |
| 2107 | PROTOCOL-IMAP create buffer overflow attempt (more info ...) | misc-attack | 2003-1470 | 7446 | ||
| 2118 | PROTOCOL-IMAP list overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | 10374 | |
| 2119 | PROTOCOL-IMAP rename literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 2120 | PROTOCOL-IMAP create literal buffer overflow attempt (more info ...) | misc-attack | 2003-1470 | 7446 | ||
| 2273 | PROTOCOL-IMAP login brute force attempt (more info ...) | suspicious-login | URL | |||
| 2330 | PROTOCOL-IMAP auth overflow attempt (more info ...) | misc-attack | 2003-1177 | 8861 | 11910 | |
| 2664 | PROTOCOL-IMAP login format string attempt (more info ...) | attempted-admin | 2004-0777 | 10976 | ||
| 2665 | PROTOCOL-IMAP login literal format string attempt (more info ...) | attempted-admin | 2007-0221 | 10976 | URL | |
| 3008 | PROTOCOL-IMAP delete literal overflow attempt (more info ...) | misc-attack | 2005-1520 | 11675 | 15771 | |
| 3058 | PROTOCOL-IMAP copy literal overflow attempt (more info ...) | misc-attack | 2000-0284 | 1110 | 10374 | |
| 4645 | PROTOCOL-IMAP search format string attempt (more info ...) | attempted-admin | 2005-2878 | 10976 | ||
| 4646 | PROTOCOL-IMAP search literal format string attempt (more info ...) | attempted-admin | 2004-0777 | 10976 | ||
| 5696 | PROTOCOL-IMAP delete directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5697 | PROTOCOL-IMAP examine directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5698 | PROTOCOL-IMAP list directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5699 | PROTOCOL-IMAP lsub directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5700 | PROTOCOL-IMAP rename directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5701 | PROTOCOL-IMAP status directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5703 | PROTOCOL-IMAP unsubscribe directory traversal attempt (more info ...) | misc-attack | 2005-3189 | 15488 | ||
| 5705 | PROTOCOL-IMAP CAPABILITY overflow attempt (more info ...) | misc-attack | 2005-3155 | 15006 | ||
| 10011 | SERVER-MAIL Multiple IMAP servers APPEND command buffer overflow attempt (more info ...) | misc-attack | 2017-1274 | 21723 | ||
| 13663 | SERVER-MAIL Alt-N MDaemon IMAP Server FETCH command buffer overflow attempt (more info ...) | attempted-admin | 2008-1358 | 28245 | URL | |
| 13921 | SERVER-MAIL Altrium Software MERCUR IMAPD NTLMSSP command handling memory corruption attempt (more info ...) | attempted-admin | 2007-1578 | 23058 | URL | |
| 16781 | BROWSER-PLUGINS EasyMail IMAP4 ActiveX function call access (more info ...) | attempted-user | 2007-4607 | 25467 | ||
| 17239 | SERVER-MAIL Multiple IMAP servers CREATE command buffer overflow attempt (more info ...) | attempted-admin | 2017-1274 | 41704 | ||
| 17240 | SERVER-MAIL Multiple IMAP server literal CREATE command buffer overflow attempt (more info ...) | attempted-admin | 2010-2777 | 41704 | ||
| 17503 | SERVER-MAIL MailEnable IMAP Service Invalid Command Buffer Overlow LOGIN (more info ...) | attempted-admin | 21252 | |||
| 24599 | FILE-IDENTIFY Alt-N MDaemon IMAP Server (more info ...) | attempted-admin | 2008-1358 | 28245 | URL | |
| 35933 | SERVER-WEBAPP Qualcomm WorldMail IMAP select directory traversal attempt (more info ...) | web-application-attack | 2005-3189 | 15488 | ||
| 35934 | SERVER-WEBAPP Qualcomm WorldMail IMAP append directory traversal attempt (more info ...) | web-application-attack | 2005-3189 | 15488 | ||
| 37375 | SERVER-MAIL Multiple IMAP servers EXAMINE command buffer overflow attempt (more info ...) | attempted-admin | 2017-1274 | |||
| 37845 | POLICY-OTHER junk rule to autoenable imap.cram_md5 flowbit (more info ...) | misc-activity | ||||
| 46484 | SERVER-MAIL Multiple IMAP servers DELETE command buffer overflow attempt (more info ...) | attempted-admin | 2017-1274 | |||
| 47509 | SERVER-WEBAPP RoundCube WebMail IMAP command injection attempt (more info ...) | attempted-user | 2018-9846 | |||
| 47510 | SERVER-WEBAPP RoundCube WebMail IMAP command injection attempt (more info ...) | attempted-user | 2018-9846 | |||
| 52019 | SERVER-MAIL MailEnable Mail Server IMAP client command buffer overflow attempt (more info ...) | attempted-user | 2004-2501 | |||
| 59573 | PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (more info ...) | attempted-admin | 2019-11500 | |||
| 59782 | PROTOCOL-IMAP Dovecot Pigeonhole string parsing remote code execution attempt (more info ...) | attempted-admin | 2019-11500 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 17224 | SERVER-MAIL McAfee WebShield SMTP bounce message format string attempt (more info ...) | attempted-admin | 2006-0559 | 16742 | ||
| 26802 | MALWARE-OTHER WIN.Worm.Beagle.AZ SMTP propagation detection (more info ...) | trojan-activity | URL | |||
| 39903 | FILE-OFFICE Microsoft Windows RTF file with embedded object package SMTP upload attempt (more info ...) | misc-activity | URL | |||
| 39907 | MALWARE-OTHER Rtf.Dropper.Agent-1404614 SMTP upload attempt (more info ...) | trojan-activity | URL | |||
| 50100 | INDICATOR-COMPROMISE Responder poisoner SMTP attack attempt (more info ...) | misc-attack | URL | |||
| 53431 | SERVER-MAIL OpenSMTPD smtp_mailaddr command injection attempt (more info ...) | attempted-admin | 2020-7247 | |||
| 54122 | SERVER-OTHER OpenSMTPD mta_io remote command injection attempt (more info ...) | attempted-admin | 2020-8794 | URL | ||
| 54388 | SERVER-OTHER OpenSMTPD mta_io remote command injection attempt (more info ...) | attempted-admin | 2020-8794 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 567 | SERVER-MAIL SMTP relaying denied (more info ...) | misc-activity | URL | |||
| 657 | SERVER-MAIL Netmanager chameleon SMTPd buffer overflow attempt (more info ...) | attempted-admin | 1999-0261 | 2387 | ||
| 5790 | MALWARE-OTHER Keylogger pc actmon pro runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 5880 | MALWARE-OTHER Keylogger spyagent runtime detect - smtp delivery (more info ...) | successful-recon-limited | URL | |||
| 6125 | MALWARE-BACKDOOR dkangel runtime detection - smtp (more info ...) | trojan-activity | URL | |||
| 6126 | MALWARE-BACKDOOR dkangel runtime detection - smtp (more info ...) | trojan-activity | URL | |||
| 6207 | MALWARE-OTHER Keylogger winsession runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 6301 | MALWARE-BACKDOOR cia 1.3 runtime detection - smtp notification (more info ...) | trojan-activity | URL | |||
| 6397 | MALWARE-BACKDOOR http rat runtime detection - smtp (more info ...) | trojan-activity | URL | |||
| 6477 | MALWARE-TOOLS Hacker-Tool beee runtime detection - smtp (more info ...) | misc-activity | URL | |||
| 7184 | MALWARE-OTHER Keylogger 007 spy software runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 7551 | MALWARE-OTHER Keylogger ardamax keylogger runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 8544 | MALWARE-OTHER Keylogger nicespy runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 9326 | MALWARE-OTHER netsky.p smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9327 | MALWARE-OTHER netsky.af smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9328 | MALWARE-OTHER zhangpo smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9329 | MALWARE-CNC yarner.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9330 | MALWARE-OTHER mydoom.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9331 | MALWARE-OTHER mydoom.m smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9332 | MALWARE-OTHER mimail.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9333 | MALWARE-OTHER mimail.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9334 | MALWARE-OTHER lovgate.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9335 | MALWARE-OTHER netsky.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9336 | MALWARE-OTHER netsky.t smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9337 | MALWARE-OTHER netsky.x smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9338 | MALWARE-OTHER mydoom.i smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9342 | MALWARE-OTHER paroc.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9343 | MALWARE-OTHER kadra smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9344 | MALWARE-OTHER kindal smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9345 | MALWARE-OTHER kipis.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9348 | MALWARE-OTHER morbex smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9349 | MALWARE-OTHER plemood smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9350 | MALWARE-OTHER mimail.k smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9352 | MALWARE-OTHER lovgate.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9358 | MALWARE-OTHER fizzer smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9359 | MALWARE-OTHER zafi.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9360 | MALWARE-OTHER cult.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9361 | MALWARE-OTHER mimail.l smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9362 | MALWARE-OTHER mimail.m smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9365 | MALWARE-OTHER cult.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9366 | MALWARE-OTHER mimail.s smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9367 | MALWARE-OTHER anset.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9368 | MALWARE-OTHER agist.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9369 | MALWARE-OTHER atak.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9370 | MALWARE-OTHER bagle.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9371 | MALWARE-OTHER bagle.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9372 | MALWARE-OTHER blebla.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9373 | MALWARE-OTHER clepa smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9374 | MALWARE-OTHER creepy.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9375 | MALWARE-OTHER duksten.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9376 | MALWARE-OTHER fishlet.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9377 | MALWARE-OTHER mydoom.g smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9378 | MALWARE-OTHER netsky.q smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9379 | MALWARE-OTHER netsky.s smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9381 | MALWARE-OTHER lara smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9382 | MALWARE-OTHER fearso.c smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9383 | MALWARE-OTHER netsky.y smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9384 | MALWARE-OTHER beglur.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9385 | MALWARE-OTHER collo.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9386 | MALWARE-OTHER bagle.f smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9388 | MALWARE-OTHER mimail.g smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9389 | MALWARE-OTHER bagle.i smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9391 | MALWARE-OTHER mimail.i smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9392 | MALWARE-OTHER bagle.j smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9393 | MALWARE-OTHER bagle.k smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9394 | MALWARE-OTHER bagle.n smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9397 | MALWARE-OTHER neysid smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9398 | MALWARE-OTHER totilix.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9399 | MALWARE-OTHER hanged smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9400 | MALWARE-OTHER abotus smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9403 | MALWARE-OTHER netsky.aa smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9404 | MALWARE-OTHER netsky.ac smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9406 | MALWARE-OTHER lovgate.e smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9408 | MALWARE-OTHER lacrow smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9409 | MALWARE-OTHER atak.b smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9410 | MALWARE-OTHER netsky.z smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9411 | MALWARE-OTHER mimail.f smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9413 | MALWARE-OTHER ganda smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9414 | MALWARE-OTHER lovelorn.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9415 | MALWARE-OTHER plexus.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9416 | MALWARE-OTHER bagle.at smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9417 | MALWARE-OTHER bagle.a smtp propagation detection (more info ...) | trojan-activity | URL | |||
| 9827 | MALWARE-OTHER Keylogger paq keylog runtime detection - smtp (more info ...) | successful-recon-limited | URL | |||
| 10065 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10066 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10067 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10068 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10069 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10070 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10071 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10072 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10073 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10074 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10075 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10076 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10077 | MALWARE-CNC Win.Trojan.Peacomm smtp propagation detection (more info ...) | trojan-activity | ||||
| 10078 | MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10079 | MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10080 | MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10081 | MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10082 | MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10083 | MALWARE-OTHER W32.Nuwar.AY smtp propagation detection (more info ...) | trojan-activity | ||||
| 10088 | MALWARE-OTHER Keylogger beyond Keylogger runtime detection - log sent by smtp (more info ...) | successful-recon-limited | URL | |||
| 10453 | MALWARE-BACKDOOR zalivator 1.4.2 pro runtime detection - smtp notification (more info ...) | trojan-activity | URL | |||
| 11305 | PUA-ADWARE Snoopware childwebguardian outbound connection - send log through smtp (more info ...) | successful-recon-limited | URL | |||
| 13651 | MALWARE-OTHER Keylogger family cyber alert runtime detection - smtp traffic for recorded activities (more info ...) | successful-recon-limited | URL | |||
| 13923 | SERVER-MAIL MailEnable SMTP HELO command denial of service attempt (more info ...) | attempted-dos | 2006-3277 | 18630 | ||
| 16025 | SERVER-MAIL MailEnable SMTP service SPF lookup buffer overflow attempt (more info ...) | attempted-admin | 2006-4616 | 20091 | ||
| 16193 | SERVER-MAIL Novell GroupWise Internet Agent SMTP AUTH LOGIN command buffer overflow attempt (more info ...) | attempted-admin | 2009-1636 | 35065 | ||
| 16201 | SERVER-MAIL Ipswitch Collaboration Suite SMTP format string exploit attempt (more info ...) | attempted-admin | 2005-2931 | 15752 | ||
| 16534 | SERVER-OTHER Windows Server2000/2003/2008 SMTP service DNS MX lookup denial of service attempt (more info ...) | attempted-dos | 2010-0024 | 39308 | URL | |
| 17099 | BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX clsid access (more info ...) | attempted-user | ||||
| 17101 | BROWSER-PLUGINS CommuniCrypt Mail ANSMTP.dll/AOSMTP.dll ActiveX function call access (more info ...) | attempted-user | ||||
| 18765 | SERVER-MAIL Majordomo2 smtp directory traversal attempt (more info ...) | web-application-attack | 2011-0049 | 46127 | ||
| 27725 | OS-MOBILE Android SMSAgent.C outbound SMTP communication (more info ...) | trojan-activity | URL | |||
| 32959 | PROTOCOL-DNS Microsoft SMTP excessive answer records buffer overflow attempt (more info ...) | attempted-user | 2004-0840 | |||
| 33147 | MALWARE-CNC Win.Trojan.Agent variant SMTP reporting attempt (more info ...) | trojan-activity | ||||
| 33148 | MALWARE-CNC Win.Trojan.Agent variant SMTP reporting attempt (more info ...) | trojan-activity | ||||
| 43136 | SERVER-MAIL SysGauge SMTP response buffer overflow (more info ...) | attempted-user | ||||
| 49541 | POLICY-OTHER WordPress Easy WP SMTP plugin log file access attempt (more info ...) | policy-violation | URL | |||
| 49542 | POLICY-OTHER WordPress Easy WP SMTP plugin config settings import attempt (more info ...) | policy-violation | URL | |||
| 49543 | POLICY-OTHER WordPress Easy WP SMTP plugin config settings export attempt (more info ...) | policy-violation | URL | |||
| 56905 | POLICY-OTHER WordPress Easy WP SMTP plugin debug log file access attempt (more info ...) | policy-violation | 2020-35234 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 35198 | SERVER-MSSQL Microsoft SQL Server transcational replication and showxmlplan enabled remote code execution attempt (more info ...) | attempted-user | 2015-1762 | URL | ||
| 35359 | SERVER-WEBAPP Cacti selected_items SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 42424 | POLICY-OTHER MSSQL CLR permission set to unsafe attempt (more info ...) | attempted-admin | URL | |||
| 48170 | SERVER-WEBAPP Joomla Component eXtroForms SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 48171 | SERVER-WEBAPP Joomla Component eXtroForms SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 50101 | INDICATOR-COMPROMISE Responder poisoner MSSQL attack attempt (more info ...) | misc-attack | URL | |||
| 59744 | SERVER-WEBAPP TuziCMS SQL injection attempt (more info ...) | web-application-attack | 2022-23882 | URL | ||
| 59745 | SERVER-WEBAPP TuziCMS SQL injection attempt (more info ...) | web-application-attack | 2022-23882 | URL | ||
| 60171 | SERVER-WEBAPP Moodle LMS SQL injection attempt (more info ...) | web-application-attack | 2022-0332 | |||
| 60172 | SERVER-WEBAPP Moodle LMS SQL injection attempt (more info ...) | web-application-attack | 2022-0332 | |||
| 60173 | SERVER-WEBAPP Moodle LMS SQL injection attempt (more info ...) | web-application-attack | 2022-0332 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 686 | SERVER-MSSQL xp_reg* - registry access (more info ...) | attempted-user | 2002-0642 | 5205 | 10642 | URL |
| 689 | SERVER-MSSQL xp_reg* registry access (more info ...) | attempted-user | 2002-0642 | 5205 | 10642 | URL |
| 695 | SERVER-MSSQL xp_sprintf possible buffer overflow (more info ...) | attempted-user | 1204 | URL | ||
| 704 | SERVER-MSSQL xp_sprintf possible buffer overflow (more info ...) | attempted-user | 2001-0542 | 3733 | URL | |
| 1386 | SERVER-MSSQL raiserror possible buffer overflow (more info ...) | attempted-user | 2001-0542 | 3733 | URL | |
| 8496 | SERVER-MSSQL sp_oacreate unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8497 | SERVER-MSSQL sp_oacreate vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8498 | SERVER-MSSQL sp_oacreate unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8499 | SERVER-MSSQL xp_displayparamstmt unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1081 | 2030 | URL | |
| 8500 | SERVER-MSSQL xp_displayparamstmt unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1081 | 2030 | URL | |
| 8501 | SERVER-MSSQL xp_displayparamstmt vulnerable function attempt (more info ...) | attempted-admin | 2000-1081 | 2030 | URL | |
| 8502 | SERVER-MSSQL xp_enumresultset unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1082 | 2031 | URL | |
| 8503 | SERVER-MSSQL xp_enumresultset unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1082 | 2031 | URL | |
| 8504 | SERVER-MSSQL xp_enumresultset vulnerable function attempt (more info ...) | attempted-admin | 2000-1082 | 2031 | URL | |
| 8505 | SERVER-MSSQL xp_oadestroy unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8506 | SERVER-MSSQL xp_oadestroy unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8507 | SERVER-MSSQL xp_oadestroy vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8508 | SERVER-MSSQL xp_oagetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8509 | SERVER-MSSQL xp_oagetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8510 | SERVER-MSSQL xp_oagetproperty vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8511 | SERVER-MSSQL xp_oamethod unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8512 | SERVER-MSSQL xp_oamethod vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8513 | SERVER-MSSQL xp_oamethod unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8514 | SERVER-MSSQL xp_oasetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8515 | SERVER-MSSQL xp_oasetproperty unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8516 | SERVER-MSSQL xp_oasetproperty vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8517 | SERVER-MSSQL xp_peekqueue unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1085 | 2041 | URL | |
| 8518 | SERVER-MSSQL xp_peekqueue unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1085 | 2041 | URL | |
| 8519 | SERVER-MSSQL xp_peekqueue vulnerable function attempt (more info ...) | attempted-admin | 2000-1085 | 2041 | URL | |
| 8520 | SERVER-MSSQL xp_printstatements unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2041 | URL | |
| 8521 | SERVER-MSSQL xp_printstatements unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2041 | URL | |
| 8522 | SERVER-MSSQL xp_printstatements vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2041 | URL | |
| 8523 | SERVER-MSSQL xp_proxiedmetadata unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1087 | 2024 | URL | |
| 8524 | SERVER-MSSQL xp_proxiedmetadata unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1087 | 2024 | URL | |
| 8525 | SERVER-MSSQL xp_proxiedmetadata vulnerable function attempt (more info ...) | attempted-admin | 2000-1087 | 2024 | URL | |
| 8526 | SERVER-MSSQL xp_SetSQLSecurity unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2043 | URL | |
| 8527 | SERVER-MSSQL xp_SetSQLSecurity unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2043 | URL | |
| 8528 | SERVER-MSSQL xp_SetSQLSecurity vulnerable function attempt (more info ...) | attempted-admin | 2000-1086 | 2043 | URL | |
| 8529 | SERVER-MSSQL xp_showcolv unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1083 | 2038 | URL | |
| 8530 | SERVER-MSSQL xp_showcolv unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1083 | 2038 | URL | |
| 8531 | SERVER-MSSQL xp_showcolv vulnerable function attempt (more info ...) | attempted-admin | 2000-1083 | 2038 | URL | |
| 8532 | SERVER-MSSQL xp_sqlagent_monitor unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8533 | SERVER-MSSQL xp_sqlagent_monitor vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8534 | SERVER-MSSQL xp_sqlagent_monitor unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8535 | SERVER-MSSQL xp_sqlinventory unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8536 | SERVER-MSSQL xp_sqlinventory vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8537 | SERVER-MSSQL xp_sqlinventory unicode vulnerable function attempt (more info ...) | attempted-admin | URL | |||
| 8538 | SERVER-MSSQL xp_updatecolvbm unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1084 | 2039 | URL | |
| 8539 | SERVER-MSSQL xp_updatecolvbm unicode vulnerable function attempt (more info ...) | attempted-admin | 2000-1084 | 2039 | URL | |
| 8540 | SERVER-MSSQL xp_updatecolvbm vulnerable function attempt (more info ...) | attempted-admin | 2000-1084 | 2039 | URL | |
| 11264 | SERVER-MSSQL Microsoft SQL Server 2000 Server hello buffer overflow attempt (more info ...) | attempted-admin | 2002-1123 | 5411 | URL | |
| 12444 | BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX clsid access (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 12446 | BROWSER-PLUGINS Microsoft SQL Server Distributed Management Objects ActiveX function call access (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 13888 | FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (more info ...) | attempted-admin | 2008-0107 | URL | ||
| 13889 | FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (more info ...) | attempted-admin | 2008-0107 | URL | ||
| 13890 | FILE-OTHER Microsoft SQL Server Backup Database File integer overflow attempt (more info ...) | attempted-admin | 2008-0107 | URL | ||
| 13891 | SERVER-MSSQL Memory page overwrite attempt (more info ...) | attempted-admin | 2008-0106 | URL | ||
| 13892 | SERVER-MSSQL Convert function style overwrite (more info ...) | attempted-admin | 2008-0086 | URL | ||
| 14756 | BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 14758 | BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX function call access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 15143 | SERVER-MSSQL sp_replwritetovarbin unicode vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 15144 | SERVER-MSSQL sp_replwritetovarbin vulnerable function attempt (more info ...) | attempted-admin | 2008-5416 | 32710 | URL | |
| 16073 | OS-WINDOWS MS-SQL convert function unicode overflow (more info ...) | attempted-admin | 2008-0086 | URL | ||
| 16208 | SERVER-MSSQL Microsoft SQL Server Distributed Management Objects overflow attempt (more info ...) | attempted-user | 2007-4814 | 25594 | ||
| 17307 | SERVER-MSSQL Microsoft SQL Server INSERT Statement Buffer Overflow attempt (more info ...) | policy-violation | 2008-0106 | |||
| 21084 | SERVER-MSSQL MSSQL CONVERT function buffer overflow attempt (more info ...) | attempted-admin | 2008-0086 | URL | ||
| 21085 | SERVER-MSSQL MSSQL CONVERT function unicode buffer overflow attempt (more info ...) | attempted-admin | 2008-0086 | URL | ||
| 21663 | SERVER-OTHER CA BrightStor Agent for Microsoft SQL overflow attempt (more info ...) | attempted-admin | 2005-1272 | 14453 | ||
| 24355 | SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (more info ...) | web-application-attack | 2012-2552 | URL | ||
| 24356 | SERVER-MSSQL Microsoft SQL Server Reporting Services cross site scripting attempt (more info ...) | attempted-user | 2012-2552 | URL | ||
| 29028 | SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (more info ...) | attempted-dos | 2004-1560 | 11265 | ||
| 29029 | SERVER-MSSQL Microsoft SQL Server TDS packet fragment handling remote denial of service attempt (more info ...) | attempted-dos | 2004-1560 | 11265 | ||
| 32754 | BROWSER-PLUGINS Microsoft SQL Server 2000 Client Components ActiveX clsid access (more info ...) | attempted-user | 2008-4110 | 31129 | ||
| 32768 | SQL PK-CMS SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 34136 | MALWARE-CNC Win.Trojan.Banload variant MSSQL response (more info ...) | trojan-activity | URL | |||
| 39449 | SERVER-MSSQL Microsoft SQL Server sp_addsrvrolemember privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 43074 | INDICATOR-COMPROMISE SysAid mssql potentially malicious new user creation attempt (more info ...) | attempted-admin | 2015-3001 | |||
| 43075 | INDICATOR-COMPROMISE SysAid mssql potentially malicious user permissions creation (more info ...) | attempted-admin | 2015-3001 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3665 | SERVER-MYSQL server greeting (more info ...) | attempted-user | 2004-0627 | 10655 | 12639 | URL |
| 3666 | SERVER-MYSQL server greeting finished (more info ...) | attempted-user | 2004-0627 | 10655 | 12639 | URL |
| 3667 | SERVER-MYSQL protocol 41 client authentication bypass attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3668 | SERVER-MYSQL client authentication bypass attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3669 | SERVER-MYSQL protocol 41 secure client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3670 | SERVER-MYSQL secure client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3671 | SERVER-MYSQL protocol 41 client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 3672 | SERVER-MYSQL client overflow attempt (more info ...) | misc-attack | 2004-0627 | 10655 | 12639 | URL |
| 15951 | SERVER-MYSQL MaxDB Webtool GET command overflow attempt (more info ...) | attempted-user | 2005-0684 | 13368 | ||
| 32533 | SERVER-MYSQL Oracle MySQL Server XPath memory Corruption attempt (more info ...) | denial-of-service | 2014-0384 | |||
| 35890 | SERVER-MYSQL Oracle MySQL XPath number function uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | ||||
| 35891 | SERVER-MYSQL Oracle MySQL XPath number function uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | ||||
| 37077 | SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt (more info ...) | attempted-user | 2015-8562 | URL | ||
| 37078 | SERVER-WEBAPP Joomla JDatabaseDriverMysqli unserialize code execution attempt (more info ...) | attempted-user | 2015-8562 | URL | ||
| 40253 | SERVER-MYSQL Multiple SQL products privilege escalation attempt (more info ...) | attempted-admin | 2016-6662 | |||
| 40254 | SERVER-MYSQL Multiple SQL products privilege escalation attempt (more info ...) | attempted-admin | 2016-6662 | |||
| 45844 | SERVER-MYSQL into dumpfile function attempt (more info ...) | misc-activity | URL | |||
| 45845 | SERVER-MYSQL UDF system access attempt (more info ...) | attempted-user | URL | |||
| 45846 | SERVER-MYSQL UDF function check attempt (more info ...) | misc-activity | URL | |||
| 45847 | SERVER-MYSQL UDF function create attempt (more info ...) | misc-activity | URL | |||
| 45848 | SERVER-MYSQL UDF function drop attempt (more info ...) | misc-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 509 | SERVER-WEBAPP PCCS mysql database admin tool access (more info ...) | web-application-attack | 2000-0707 | 1557 | 10783 | |
| 1527 | SERVER-WEBAPP basilix mysql.class access (more info ...) | web-application-activity | 2001-1044 | 2198 | 10601 | |
| 1775 | SERVER-MYSQL root login attempt (more info ...) | protocol-command-decode | ||||
| 1776 | SERVER-MYSQL show databases attempt (more info ...) | protocol-command-decode | ||||
| 3518 | SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow (more info ...) | web-application-attack | 2005-0111 | 12265 | ||
| 3519 | SERVER-MYSQL MaxDB WebSQL wppassword buffer overflow default port (more info ...) | web-application-attack | 2005-0111 | 12265 | URL | |
| 4649 | SERVER-MYSQL create function buffer overflow attempt (more info ...) | misc-activity | 2005-2558 | 14509 | ||
| 8057 | SERVER-MYSQL Date_Format denial of service attempt (more info ...) | attempted-dos | 2006-3469 | 19032 | URL | |
| 11619 | SERVER-MYSQL MySQL COM_TABLE_DUMP Function Stack Overflow attempt (more info ...) | attempted-admin | 2006-1517 | 17780 | URL | |
| 13357 | SERVER-MYSQL failed Oracle Mysql login attempt (more info ...) | misc-activity | URL | |||
| 13358 | SERVER-MYSQL Oracle Mysql login attempt from unauthorized location (more info ...) | misc-activity | URL | |||
| 13714 | SERVER-MYSQL yaSSL SSLv3 Client Hello Message Cipher Specs Buffer Overflow attempt (more info ...) | attempted-user | 2008-0226 | 27140 | URL | |
| 15442 | SERVER-MYSQL XML Functions ExtractValue Scalar XPath denial of service attempt (more info ...) | attempted-dos | 2009-0819 | 33972 | URL | |
| 15443 | SERVER-MYSQL XML Functions UpdateXML Scalar XPath denial of service attempt (more info ...) | attempted-dos | 2009-0819 | 33972 | URL | |
| 15952 | SERVER-MYSQL create function libc arbitrary code execution attempt (more info ...) | attempted-user | 2005-0709 | 12781 | ||
| 16020 | SERVER-MYSQL login handshake information disclosure attempt (more info ...) | misc-activity | 2006-1516 | 17780 | ||
| 16348 | SERVER-MYSQL database PROCEDURE ANALYSE denial of service attempt - 1 (more info ...) | attempted-dos | 2009-4019 | URL | ||
| 16349 | SERVER-MYSQL database Procedure Analyse denial of service attempt - 2 (more info ...) | attempted-dos | 2009-4019 | URL | ||
| 16385 | SERVER-MYSQL yaSSL library cert parsing stack overflow attempt (more info ...) | attempted-user | 2009-4484 | 37640 | ||
| 17412 | SERVER-MYSQL create function mysql.func arbitrary library injection attempt (more info ...) | attempted-user | 2005-0710 | 12781 | ||
| 18513 | SERVER-MYSQL yaSSL SSL Hello Message Buffer Overflow attempt (more info ...) | attempted-admin | 2008-0226 | URL | ||
| 19000 | SERVER-MYSQL Database CASE NULL argument denial of service attempt (more info ...) | attempted-dos | 2010-3678 | 42596 | ||
| 19001 | SERVER-MYSQL IN NULL argument denial of service attempt (more info ...) | attempted-dos | 2010-3678 | 42596 | ||
| 19093 | SERVER-MYSQL Database unique set column denial of service attempt (more info ...) | attempted-dos | 2010-3677 | 42646 | ||
| 19094 | SERVER-MYSQL Database unique set column denial of service attempt (more info ...) | attempted-dos | 2010-3677 | 42646 | ||
| 20053 | SERVER-MYSQL Database SELECT subquery denial of service attempt (more info ...) | attempted-dos | 2009-4019 | URL | ||
| 24897 | SERVER-MYSQL Oracle MySQL grant file long database name stack overflow attempt (more info ...) | attempted-user | 2012-5611 | 56769 | ||
| 24908 | SERVER-MYSQL Oracle MySQL user enumeration attempt (more info ...) | attempted-recon | 2012-5615 | 56766 | ||
| 24909 | SERVER-MYSQL Oracle MySQL select UpdateXML nested xml elements denial of service attempt (more info ...) | attempted-dos | 2012-5614 | |||
| 24910 | SERVER-MYSQL Oracle MySQL MDL free corrupted pointer heap overflow attempt (more info ...) | attempted-user | 2012-5612 | 56768 | ||
| 26299 | SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26300 | SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26301 | SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26302 | SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26303 | SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26304 | SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26305 | SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26306 | SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26307 | SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26308 | SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26309 | SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26310 | SERVER-MYSQL MySQL/MariaDB Server geometry query linestring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26311 | SERVER-MYSQL MySQL/MariaDB Server geometry query polygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26312 | SERVER-MYSQL MySQL/MariaDB Server geometry query multistring object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 26313 | SERVER-MYSQL MySQL/MariaDB Server geometry query multipolygon object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 31570 | SERVER-MYSQL MySQL/MariaDB mysql.cc buffer overflow attempt (more info ...) | attempted-user | 2014-0001 | 65298 | ||
| 32647 | SERVER-MYSQL Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt (more info ...) | denial-of-service | 2013-1570 | |||
| 32648 | SERVER-MYSQL Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt (more info ...) | denial-of-service | 2013-1570 | |||
| 32649 | SERVER-MYSQL Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt (more info ...) | denial-of-service | 2013-1570 | |||
| 32650 | SERVER-MYSQL Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt (more info ...) | denial-of-service | 2013-1570 | |||
| 32651 | SERVER-MYSQL Oracle MySQL Server InnoDB Memcached plugin resource exhaustion attempt (more info ...) | denial-of-service | 2013-1570 | |||
| 33637 | SERVER-MYSQL MySQL/MariaDB Server geometry query object integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 43391 | SERVER-WEBAPP MySQL Commander remote file include attempt (more info ...) | web-application-attack | 2007-1439 | 22941 | ||
| 43392 | SERVER-WEBAPP MySQL Commander remote file include attempt (more info ...) | web-application-attack | 2007-1439 | 22941 | ||
| 43671 | SQL Oracle MySQL Pluggable Auth denial of service attempt (more info ...) | denial-of-service | 2017-3599 | |||
| 44674 | SERVER-MYSQL MySQL/MariaDB Server geometry query integer overflow attempt (more info ...) | attempted-admin | 2013-1861 | |||
| 48221 | SERVER-OTHER Oracle MySQL uninitialized variable remote code execution attempt (more info ...) | attempted-user | ||||
| 52366 | SERVER-MYSQL yaSSL SSL Hello Message buffer overflow attempt (more info ...) | attempted-admin | 2008-0226 | URL | ||
| 53864 | POLICY-OTHER Cisco Firepower User Agent Service default MySQL credentials detected (more info ...) | policy-violation | 2020-3318 | URL | ||
| 59692 | SERVER-MYSQL Dell OpenManage Network Manager remote code execution attempt (more info ...) | attempted-admin | 2018-15768 | |||
| 59693 | SERVER-MYSQL Dell OpenManage Network Manager remote code execution attempt (more info ...) | attempted-admin | 2018-15768 | |||
| 59694 | SERVER-MYSQL Dell OpenManage Network Manager remote code execution attempt (more info ...) | attempted-admin | 2018-15768 | |||
| 59695 | SERVER-MYSQL Dell OpenManage Network Manager remote code execution attempt (more info ...) | attempted-admin | 2018-15768 | |||
| 60710 | SERVER-MYSQL MySQL client insecure deserialization attempt (more info ...) | attempted-user | 2022-40955 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 12027 | SQL Ingres Database uuid_from_char buffer overflow attempt (more info ...) | attempted-admin | 2007-3338 | 24585 | URL | |
| 13356 | SQL SAP MaxDB shell command injection attempt (more info ...) | attempted-admin | 2008-0244 | 27206 | ||
| 13512 | SQL generic sql exec injection attempt - GET parameter (more info ...) | web-application-attack | URL | |||
| 13513 | SQL generic sql insert injection attempt - GET parameter (more info ...) | web-application-attack | 2012-2998 | URL | ||
| 13990 | SQL union select - possible sql injection attempt - GET parameter (more info ...) | misc-attack | 2020-17506 | 24067 | URL | |
| 14991 | SQL IBM DB2 Universal Database xmlquery buffer overflow attempt (more info ...) | attempted-user | 2008-3854 | 29601 | ||
| 15584 | SQL char and sysobjects - possible sql injection recon attempt (more info ...) | web-application-attack | URL | |||
| 15868 | SQL Borland InterBase username buffer overflow (more info ...) | attempted-user | 2008-2559 | 29302 | ||
| 15874 | SQL union select - possible sql injection attempt - POST parameter (more info ...) | misc-attack | URL | |||
| 15875 | SQL generic sql insert injection attempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 15877 | SQL generic sql exec injection attempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 16049 | SERVER-OTHER GNU Radius SQL accounting format string exploit attempt (more info ...) | attempted-admin | 2006-4181 | 21303 | ||
| 16074 | SQL Suspicious SQL ansi_padding option (more info ...) | policy-violation | 2008-0106 | URL | ||
| 16431 | SQL generic sql with comments injection attempt - GET parameter (more info ...) | web-application-attack | URL | |||
| 16513 | SQL Jive Software Openfire Jabber Server SQL injection attempt (more info ...) | attempted-user | 2008-6510 | 32189 | ||
| 17044 | SQL WinCC DB default password security bypass attempt (more info ...) | attempted-user | 2010-2772 | URL | ||
| 17209 | SQL IBM DB2 DATABASE SERVER SQL REPEAT Buffer Overflow (more info ...) | attempted-admin | 2010-0462 | 37976 | ||
| 19437 | INDICATOR-OBFUSCATION select concat statement - possible sql injection (more info ...) | web-application-attack | URL | |||
| 19438 | SQL url ending in comment characters - possible sql injection attempt (more info ...) | web-application-attack | 2012-2998 | URL | ||
| 19439 | SQL 1 = 1 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 19440 | SQL 1 = 0 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 20628 | SERVER-WEBAPP HP Data Protector FinishedCopy SQL Injection attempt (more info ...) | attempted-user | 2011-3162 | URL | ||
| 20635 | SERVER-WEBAPP HP Data Protector GetPolicies SQL Injection attempt (more info ...) | attempted-user | 2011-3157 | URL | ||
| 21459 | MALWARE-TOOLS Havij advanced SQL injection tool user-agent string (more info ...) | attempted-user | URL | |||
| 21778 | SQL parameter ending in comment characters - possible sql injection attempt - POST (more info ...) | web-application-attack | URL | |||
| 23241 | SERVER-OTHER HP DPNECentral RequestCopy type SQL injection attempt (more info ...) | web-application-attack | 2011-3158 | URL | ||
| 23947 | SQL IBM System Storage DS storage manager profiler sql injection attempt (more info ...) | web-application-attack | 2012-2171 | 54112 | URL | |
| 24172 | SQL use of concat function with select - likely SQL injection (more info ...) | web-application-attack | URL | |||
| 24704 | SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (more info ...) | attempted-admin | 2011-1653 | 47355 | URL | |
| 24705 | SERVER-WEBAPP CA Total Defense management.asmx sql injection attempt (more info ...) | attempted-admin | 2011-1653 | 47355 | URL | |
| 26829 | SQL generic sql update injection attempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 26898 | BROWSER-PLUGINS Java Applet sql.DriverManager fakedriver exploit attempt (more info ...) | attempted-user | 2013-1488 | 58504 | ||
| 26899 | BROWSER-PLUGINS Java Applet sql.DriverManager fakedriver exploit attempt (more info ...) | attempted-user | 2013-1488 | 58504 | ||
| 26900 | BROWSER-PLUGINS Java Applet sql.DriverManager exploit attempt (more info ...) | attempted-user | 2013-1488 | 58504 | ||
| 26901 | BROWSER-PLUGINS Java Applet sql.DriverManager exploit attempt (more info ...) | attempted-user | 2013-1488 | 58504 | ||
| 27287 | SQL 1 = 1 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 27288 | SQL 1 = 1 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 27724 | SQL McAfee ePolicy Orchestrator timing based SQL injection attempt (more info ...) | attempted-admin | 2013-0140 | 59500 | URL | |
| 27796 | SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure POST SQL injection attempt (more info ...) | attempted-admin | 2011-1653 | |||
| 27797 | SERVER-WEBAPP CA Total Defense Suite UNCWS UnassignFunctionalRoles stored procedure SQL injection attempt (more info ...) | attempted-admin | 2011-1653 | |||
| 29584 | SERVER-WEBAPP HP Data Protector LogClientInstallation SQL Injection attempt (more info ...) | attempted-user | 2011-3156 | |||
| 29608 | SERVER-WEBAPP McAfee ePO showRegisteredTypeDetails.do sql injection attempt (more info ...) | attempted-admin | URL | |||
| 29609 | SERVER-WEBAPP McAfee ePO DisplayMSAPropsDetail.do sql injection attempt (more info ...) | attempted-admin | URL | |||
| 30040 | SQL 1 = 1 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 30041 | SQL 1 = 1 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 31300 | SERVER-OTHER Xerox DocuShare SQL injection attempt (more info ...) | attempted-admin | 66922 | |||
| 31664 | SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (more info ...) | attempted-dos | 2013-5508 | 62912 | URL | |
| 31665 | SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (more info ...) | attempted-dos | 2013-5508 | 62912 | URL | |
| 31666 | SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (more info ...) | attempted-dos | 2013-5508 | 62912 | URL | |
| 31667 | SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (more info ...) | attempted-dos | 2013-5508 | 62912 | URL | |
| 32353 | SQL Drupal 7 pre auth SQL injection attempt (more info ...) | web-application-attack | 2014-3704 | URL | ||
| 32761 | SERVER-WEBAPP dBlog CMS m parameter SQL injection attempt (more info ...) | web-application-attack | 62146 | |||
| 34295 | SQL Lblog possible sql injection attempt - GET parameter (more info ...) | misc-attack | 2006-4284 | URL | ||
| 34363 | SERVER-WEBAPP Novell ZENworks Configuration Management GetStoredResult.class SQL injection attempt (more info ...) | web-application-attack | 2015-0780 | 74284 | ||
| 34646 | SERVER-WEBAPP ZOHO ManageEngine OpManager SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 34647 | SERVER-WEBAPP ZOHO ManageEngine OpManager SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 34648 | SERVER-WEBAPP ZOHO ManageEngine OpManager SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 34999 | SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (more info ...) | web-application-attack | 2015-0782 | 72808 | ||
| 35000 | SERVER-WEBAPP Novell ZENworks Configuration Management queryid SQL injection attempt (more info ...) | web-application-attack | 2015-0782 | 72808 | ||
| 35077 | SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (more info ...) | web-application-attack | ||||
| 35078 | SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (more info ...) | web-application-attack | ||||
| 35079 | SERVER-WEBAPP ManageEngine Applications Manager getMGList groupId SQL injection attempt (more info ...) | web-application-attack | ||||
| 35279 | SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (more info ...) | web-application-attack | ||||
| 35280 | SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (more info ...) | web-application-attack | ||||
| 35281 | SERVER-WEBAPP ManageEngine Applications Manager haid SQL injection attempt (more info ...) | web-application-attack | ||||
| 35427 | SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (more info ...) | web-application-attack | ||||
| 35428 | SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (more info ...) | web-application-attack | ||||
| 35429 | SERVER-WEBAPP ManageEngine Applications Manager customerName SQL injection attempt (more info ...) | web-application-attack | ||||
| 35533 | SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (more info ...) | web-application-attack | ||||
| 35534 | SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (more info ...) | web-application-attack | ||||
| 35535 | SERVER-WEBAPP ManageEngine IT360 BSIntegInfoHandler resIds SQL injection attempt (more info ...) | web-application-attack | ||||
| 35540 | SERVER-OTHER EMC AutoStart ftagent SQL injection attempt (more info ...) | attempted-admin | 2015-0538 | 74426 | ||
| 35541 | SERVER-OTHER EMC AutoStart ftagent SQL injection attempt (more info ...) | attempted-admin | 2015-0538 | 74426 | ||
| 35703 | SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (more info ...) | web-application-attack | ||||
| 35819 | SQL union select - possible percent-delimited SQL injection attempt - GET parameter (more info ...) | misc-attack | 2011-1667 | 21227 | URL | |
| 35929 | SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (more info ...) | web-application-attack | ||||
| 35930 | SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (more info ...) | web-application-attack | ||||
| 35931 | SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (more info ...) | web-application-attack | ||||
| 35932 | SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (more info ...) | web-application-attack | ||||
| 36097 | SERVER-WEBAPP ManageEngine OpManager SubmitQuery SQL injection attempt (more info ...) | web-application-attack | 2015-7766 | URL | ||
| 36098 | SERVER-WEBAPP ManageEngine OpManager SubmitQuery SQL injection attempt (more info ...) | web-application-attack | 2015-7766 | URL | ||
| 36099 | SERVER-WEBAPP ManageEngine OpManager SubmitQuery SQL injection attempt (more info ...) | web-application-attack | 2015-7766 | URL | ||
| 36283 | SERVER-WEBAPP ManageEngine OpManager APMAlertOperations servlet SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36284 | SERVER-WEBAPP ManageEngine OpManager APMAlertOperations servlet SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36285 | SERVER-WEBAPP ManageEngine OpManager APMAlertOperations servlet SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 37369 | SERVER-WEBAPP Ipswitch WhatsUp iDroneComAPI SQL injection attempt (more info ...) | attempted-admin | 2015-8261 | |||
| 37443 | SQL use of sleep function with select - likely SQL injection (more info ...) | web-application-attack | URL | |||
| 37547 | SERVER-WEBAPP eClinicalWorks portalUserService.jsp SQL injection attempt (more info ...) | web-application-attack | 2015-4592 | 82296 | ||
| 37687 | SERVER-WEBAPP Oracle e-Business Suite HR_UTIL_DISP_WEB SQL injection attempt (more info ...) | web-application-attack | 2016-0517 | |||
| 38531 | SERVER-WEBAPP WSN Live SQL injection attempt SQL injection attempt (more info ...) | web-application-attack | 2010-4006 | 44593 | ||
| 38993 | SQL use of sleep function in HTTP header - likely SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39268 | SERVER-WEBAPP Joomla PayPlans Extension com_payplans group_id SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39331 | SERVER-WEBAPP SolarWinds SRM Profiler BackupExceptionsServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39332 | SERVER-WEBAPP SolarWinds SRM Profiler BackupExceptionsServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39333 | SERVER-WEBAPP SolarWinds SRM Profiler DuplicateFilesServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39334 | SERVER-WEBAPP SolarWinds SRM Profiler DuplicateFilesServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39335 | SERVER-WEBAPP SolarWinds SRM Profiler ScriptServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39336 | SERVER-WEBAPP SolarWinds SRM Profiler BexDriveUsageSummaryServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39337 | SERVER-WEBAPP SolarWinds SRM Profiler BexDriveUsageSummaryServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39338 | SERVER-WEBAPP SolarWinds SRM Profiler ScriptServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39339 | SERVER-WEBAPP SolarWinds SRM Profiler WindowsEventLogsServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39340 | SERVER-WEBAPP SolarWinds SRM Profiler WindowsEventLogsServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 39474 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler REST API login SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39475 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler algorithm_settings SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39476 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler export_report SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39477 | SERVER-WEBAPP Riverbed SteelCentral NetProfiler port_config SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41029 | SERVER-WEBAPP Nagios Core Configuration Manager SQL injection attempt (more info ...) | web-application-attack | 2013-6875 | |||
| 41112 | SERVER-WEBAPP Dell SonicWall GMS Logs.class SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41113 | SERVER-WEBAPP Dell SonicWall GMS Logs.class SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41114 | SERVER-WEBAPP Dell SonicWall GMS TaskViewServlet.class SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41115 | SERVER-WEBAPP Dell SonicWall GMS TaskViewServlet.class SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41116 | SERVER-WEBAPP Dell SonicWall GMS WorkFlowServlet.class SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41117 | SERVER-WEBAPP Dell SonicWall GMS WorkFlowServlet.class SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41410 | SERVER-WEBAPP McAfee ePolicy Orchestrator data channel SQL injection attempt (more info ...) | attempted-user | 2016-8027 | URL | ||
| 41449 | SQL use of sleep function with and - likely SQL injection (more info ...) | web-application-attack | URL | |||
| 41454 | SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt (more info ...) | web-application-attack | 2017-5154 | 95410 | URL | |
| 41455 | SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt (more info ...) | web-application-attack | 2017-5154 | 95410 | URL | |
| 41488 | SERVER-WEBAPP GitHub Enterprise pre-receive-hooks SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41767 | SERVER-WEBAPP WP_Query plugin SQL injection attempt (more info ...) | web-application-attack | 2017-5611 | 95816 | URL | |
| 41768 | SERVER-WEBAPP WP_Query plugin SQL injection attempt (more info ...) | web-application-attack | 2017-5611 | 95816 | URL | |
| 41769 | SERVER-WEBAPP WP_Query plugin SQL injection attempt (more info ...) | web-application-attack | 2017-5611 | 95816 | URL | |
| 41770 | SERVER-WEBAPP Wordpress NextGEN Gallery SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 41817 | SERVER-WEBAPP generic SQL select statement possible sql injection (more info ...) | web-application-attack | URL | |||
| 42248 | SERVER-WEBAPP ProcessMaker Enterprise eventsAjax SQL injection attempt (more info ...) | web-application-attack | 2016-9048 | URL | ||
| 42249 | SERVER-WEBAPP ProcessMaker Enterprise proxy SQL injection attempt (more info ...) | web-application-attack | 2016-9048 | URL | ||
| 42251 | SERVER-WEBAPP ProcessMaker Enterprise genericAjax SQL injection attempt (more info ...) | web-application-attack | 2016-9048 | URL | ||
| 42848 | SERVER-WEBAPP Symantec Endpoint Protection Manager SQL injection attempt (more info ...) | web-application-attack | 2015-1491 | |||
| 42849 | SERVER-WEBAPP Symantec Endpoint Protection Manager SQL injection attempt (more info ...) | web-application-attack | 2015-1491 | |||
| 42850 | SERVER-WEBAPP Dell SonicWALL Global Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 42851 | SERVER-WEBAPP Dell SonicWALL Global Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 42852 | SERVER-WEBAPP Dell SonicWALL Global Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 42958 | SERVER-WEBAPP Joomla 3.7.0 com_fields view SQL injection attempt (more info ...) | web-application-attack | 2017-8917 | URL | ||
| 42959 | SERVER-WEBAPP Joomla 3.7.0 com_fields view SQL injection attempt (more info ...) | web-application-attack | 2017-8917 | URL | ||
| 43036 | SERVER-WEBAPP ZOHO ManageEngine OpManager OPM_BVNAME SQL injection attempt (more info ...) | web-application-attack | 2014-7868 | URL | ||
| 43037 | SERVER-WEBAPP ZOHO ManageEngine OpManager OPM_BVNAME SQL injection attempt (more info ...) | web-application-attack | 2014-7868 | URL | ||
| 43038 | SERVER-WEBAPP ZOHO ManageEngine OpManager Search query SQL injection attempt (more info ...) | web-application-attack | 2014-7868 | URL | ||
| 43039 | SERVER-WEBAPP ZOHO ManageEngine OpManager Search query SQL injection attempt (more info ...) | web-application-attack | 2014-7868 | URL | ||
| 43040 | SERVER-WEBAPP ZOHO ManageEngine OpManager probeName SQL injection attempt (more info ...) | web-application-attack | 2014-7868 | URL | ||
| 43041 | SERVER-WEBAPP ZOHO ManageEngine OpManager probeName SQL injection attempt (more info ...) | web-application-attack | 2014-7868 | URL | ||
| 43195 | SERVER-WEBAPP SolarWinds SRM Profiler BackupAssociationServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43196 | SERVER-WEBAPP SolarWinds SRM Profiler BackupAssociationServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43197 | SERVER-WEBAPP SolarWinds SRM Profiler FileActionAssignmentServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43198 | SERVER-WEBAPP SolarWinds SRM Profiler FileActionAssignmentServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43199 | SERVER-WEBAPP SolarWinds SRM Profiler HostStorageServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43200 | SERVER-WEBAPP SolarWinds SRM Profiler HostStorageServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43201 | SERVER-WEBAPP SolarWinds SRM Profiler NbuErrorMessageServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43202 | SERVER-WEBAPP SolarWinds SRM Profiler NbuErrorMessageServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43203 | SERVER-WEBAPP SolarWinds SRM Profiler ProcessesServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43204 | SERVER-WEBAPP SolarWinds SRM Profiler ProcessesServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43205 | SERVER-WEBAPP SolarWinds SRM Profiler QuantumMonitorServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43206 | SERVER-WEBAPP SolarWinds SRM Profiler QuantumMonitorServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43207 | SERVER-WEBAPP SolarWinds SRM Profiler UserDefinedFieldConfigServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43208 | SERVER-WEBAPP SolarWinds SRM Profiler UserDefinedFieldConfigServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43209 | SERVER-WEBAPP SolarWinds SRM Profiler XiotechMonitorServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43210 | SERVER-WEBAPP SolarWinds SRM Profiler XiotechMonitorServlet SQL injection attempt (more info ...) | web-application-attack | 2016-4350 | 89557 | URL | |
| 43284 | SERVER-WEBAPP HP Network Automation RedirectServlet SQL injection attempt (more info ...) | web-application-attack | 2017-5810 | 98331 | URL | |
| 43439 | SERVER-WEBAPP GoAutoDial go_get_user_info SQL injection attempt (more info ...) | web-application-attack | 2015-2843 | 74281 | ||
| 43440 | SERVER-WEBAPP GoAutoDial validate_credentials SQL injection attempt (more info ...) | web-application-attack | 2015-2843 | 74281 | ||
| 43441 | SERVER-WEBAPP GoAutoDial validate_credentials SQL injection attempt (more info ...) | web-application-attack | 2015-2843 | 74281 | ||
| 44493 | SERVER-WEBAPP Faleemi IP Cameras ONVIF device_service SQL injection attempt (more info ...) | attempted-admin | 2017-14743 | URL | ||
| 44571 | SERVER-WEBAPP Trend Micro Mobile Security Enterprise web_service.dll SQL injection attempt (more info ...) | web-application-attack | 2017-14078 | 100966 | URL | |
| 44572 | SERVER-WEBAPP Trend Micro Mobile Security Enterprise web_service.dll SQL injection attempt (more info ...) | web-application-attack | 2017-14078 | 100966 | URL | |
| 44573 | SERVER-WEBAPP Trend Micro Mobile Security Enterprise web_service.dll SQL injection attempt (more info ...) | web-application-attack | 2017-14078 | 100966 | URL | |
| 44605 | SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (more info ...) | web-application-attack | ||||
| 44606 | SERVER-WEBAPP Nagios XI Incident Manager SQL injection attempt (more info ...) | web-application-attack | ||||
| 44657 | SERVER-WEBAPP Unitrends Enterprise Backup API SQL injection attempt (more info ...) | web-application-attack | 2017-12478 | URL | ||
| 44722 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning pmclasschooser.xml SQL injection attempt (more info ...) | web-application-attack | 2017-12276 | URL | ||
| 44723 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning pmclasschooser.xml SQL injection attempt (more info ...) | web-application-attack | 2017-12276 | URL | ||
| 44916 | SERVER-WEBAPP ManageEngine Applications Manager GraphicalView.do SQL injection attempt (more info ...) | web-application-attack | 2017-16543 | URL | ||
| 44917 | SERVER-WEBAPP ManageEngine Applications Manager GraphicalView.do SQL injection attempt (more info ...) | web-application-attack | 2017-16543 | URL | ||
| 44918 | SERVER-WEBAPP ManageEngine Applications Manager GraphicalView.do SQL injection attempt (more info ...) | web-application-attack | 2017-16543 | URL | ||
| 44921 | SERVER-WEBAPP ManageEngine Applications Manager manageApplications.do SQL injection attempt (more info ...) | web-application-attack | 2017-16846 | URL | ||
| 44922 | SERVER-WEBAPP ManageEngine Applications Manager manageApplications.do SQL injection attempt (more info ...) | web-application-attack | 2017-16846 | URL | ||
| 45052 | SERVER-WEBAPP Wordpress wpdb prepare sprintf placeholder SQL injection attempt (more info ...) | web-application-attack | 2017-14723 | 100912 | URL | |
| 45075 | SERVER-WEBAPP WordPress Ultimate Form Builder plugin SQL injection attempt (more info ...) | web-application-attack | 2017-15919 | 101604 | URL | |
| 45076 | SERVER-WEBAPP WordPress Ultimate Form Builder plugin SQL injection attempt (more info ...) | web-application-attack | 2017-15919 | 101604 | URL | |
| 45077 | SERVER-WEBAPP WordPress Ultimate Form Builder plugin SQL injection attempt (more info ...) | web-application-attack | 2017-15919 | 101604 | URL | |
| 45112 | SERVER-WEBAPP ManageEngine Applications Manager showresource.do SQL injection attempt (more info ...) | web-application-attack | 2017-16847 | URL | ||
| 45113 | SERVER-WEBAPP ManageEngine Applications Manager showresource.do SQL injection attempt (more info ...) | web-application-attack | 2017-16847 | URL | ||
| 45189 | SERVER-WEBAPP ManageEngine Applications Manager mypage.do SQL injection attempt (more info ...) | web-application-attack | 2017-16849 | URL | ||
| 45190 | SERVER-WEBAPP ManageEngine Applications Manager mypage.do SQL injection attempt (more info ...) | web-application-attack | 2017-16849 | URL | ||
| 45192 | SERVER-WEBAPP ManageEngine Applications Manager showActionProfiles.do SQL injection attempt (more info ...) | web-application-attack | 2017-16850 | URL | ||
| 45193 | SERVER-WEBAPP ManageEngine Applications Manager showActionProfiles.do SQL injection attempt (more info ...) | web-application-attack | 2017-16850 | URL | ||
| 45688 | SERVER-WEBAPP Advantech WebAccess SQL injection attempt (more info ...) | web-application-attack | 2017-16716 | |||
| 46024 | SERVER-WEBAPP multiple vendor calendar application id parameter SQL injection attempt (more info ...) | web-application-attack | 2018-6576 | 437437 | ||
| 46025 | SERVER-WEBAPP multiple vendor calendar application id parameter SQL injection attempt (more info ...) | web-application-attack | 2018-6576 | 437437 | ||
| 46028 | SERVER-WEBAPP Joomla JE PayperVideo extension SQL injection attempt (more info ...) | web-application-attack | 2018-6578 | |||
| 46029 | SERVER-WEBAPP Joomla jextn-classifieds SQL injection attempt (more info ...) | web-application-attack | 2018-6575 | |||
| 46030 | SERVER-WEBAPP Joomla jextn-classifieds SQL injection attempt (more info ...) | web-application-attack | 2018-6575 | |||
| 46041 | SERVER-WEBAPP Joomla Component JMS Music 1.1.1 SQL injection attempt (more info ...) | web-application-attack | 2018-6581 | URL | ||
| 46042 | SERVER-WEBAPP Joomla Component JMS Music 1.1.1 SQL injection attempt (more info ...) | web-application-attack | 2018-6581 | URL | ||
| 46043 | SERVER-WEBAPP Joomla Component JMS Music 1.1.1 SQL injection attempt (more info ...) | web-application-attack | 2018-6581 | URL | ||
| 46044 | SERVER-WEBAPP Joomla Component JMS Music 1.1.1 SQL injection attempt (more info ...) | web-application-attack | 2018-6581 | URL | ||
| 46045 | SERVER-WEBAPP Joomla Component JMS Music 1.1.1 SQL injection attempt (more info ...) | web-application-attack | 2018-6581 | URL | ||
| 46046 | SERVER-WEBAPP Joomla Component JMS Music 1.1.1 SQL injection attempt (more info ...) | web-application-attack | 2018-6581 | URL | ||
| 46062 | SERVER-WEBAPP Joomla JEXTN Membership extension SQL injection attempt (more info ...) | web-application-attack | 2018-6578 | |||
| 46063 | SERVER-WEBAPP Joomla JEXTN Membership extension SQL injection attempt (more info ...) | web-application-attack | 2018-6578 | |||
| 46064 | SERVER-WEBAPP Joomla JEXTN Membership extension SQL injection attempt (more info ...) | web-application-attack | 2018-6578 | |||
| 46087 | SERVER-WEBAPP Joomla JEXTN Reverse Auction extension SQL injection attempt (more info ...) | web-application-attack | 2018-6579 | URL | ||
| 46088 | SERVER-WEBAPP Joomla JEXTN Reverse Auction extension SQL injection attempt (more info ...) | web-application-attack | 2018-6579 | URL | ||
| 46089 | SERVER-WEBAPP Joomla JEXTN Reverse Auction extension SQL injection attempt (more info ...) | web-application-attack | 2018-6579 | URL | ||
| 46132 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 46133 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 46283 | SERVER-WEBAPP Quest NetVault Backup Server NVBUJobCountHistory SQL injection attempt (more info ...) | web-application-attack | 2017-17420 | 102252 | ||
| 46302 | SERVER-WEBAPP Quest NetVault Backup Server NVBUEventHistory SQL injection attempt (more info ...) | web-application-attack | 2017-17412 | 102252 | ||
| 46311 | SERVER-WEBAPP Quest NetVault Backup Server NVBUTransferHistory SQL injection attempt (more info ...) | web-application-attack | 2017-17419 | |||
| 46333 | SERVER-WEBAPP Joomla DT Register SQL injection attempt (more info ...) | web-application-attack | 2018-6584 | |||
| 46334 | SERVER-WEBAPP Joomla DT Register SQL injection attempt (more info ...) | web-application-attack | 2018-6584 | |||
| 46337 | SERVER-WEBAPP Joomla Saxum Picker SQL injection attempt (more info ...) | web-application-attack | 2018-7178 | |||
| 46338 | SERVER-WEBAPP Joomla Saxum Picker SQL injection attempt (more info ...) | web-application-attack | 2018-7178 | |||
| 46379 | SERVER-WEBAPP Afian FileRun SQL injection attempt (more info ...) | web-application-attack | 2018-7735 | URL | ||
| 46380 | SERVER-WEBAPP Afian FileRun SQL injection attempt (more info ...) | web-application-attack | 2018-7735 | URL | ||
| 46449 | SERVER-OTHER PostgreSQL Empty Password authentication bypass attempt (more info ...) | attempted-user | 2017-7546 | |||
| 46489 | SERVER-WEBAPP Quest NetVault Backup Server NVBUBackup SQL injection attempt (more info ...) | web-application-attack | 2017-17657 | |||
| 46773 | SERVER-WEBAPP Nagios XI SQL injection attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46774 | SERVER-WEBAPP NagiosXI SQL injection attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46863 | SERVER-WEBAPP Quest NetVault Backup Server NVBUBackupOptionSet SQL injection attempt (more info ...) | web-application-attack | 2017-17653 | |||
| 46889 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (more info ...) | web-application-attack | 2018-0320 | URL | ||
| 46890 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (more info ...) | web-application-attack | 2018-0320 | URL | ||
| 46891 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (more info ...) | web-application-attack | 2018-0320 | URL | ||
| 46892 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning SQL injection attempt (more info ...) | web-application-attack | 2018-0320 | URL | ||
| 47497 | SERVER-WEBAPP Joomla CheckList extension SQL injection attempt (more info ...) | web-application-attack | 2018-7318 | |||
| 47498 | SERVER-WEBAPP Joomla CheckList extension SQL injection attempt (more info ...) | web-application-attack | 2018-7318 | |||
| 47501 | SERVER-WEBAPP Joomla ProjectLog search SQL injection attempt (more info ...) | web-application-attack | 2018-6024 | |||
| 47502 | SERVER-WEBAPP Joomla ProjectLog search SQL injection attempt (more info ...) | web-application-attack | 2018-6024 | |||
| 47550 | SERVER-WEBAPP Advantech WebAccess SCADA SQL injection attempt (more info ...) | web-application-attack | 2018-5443 | 102781 | URL | |
| 47551 | SERVER-WEBAPP Advantech WebAccess SCADA SQL injection attempt (more info ...) | web-application-attack | 2018-5443 | 102781 | URL | |
| 47552 | SERVER-WEBAPP Epic MyChart SQL injection attempt (more info ...) | web-application-attack | 2016-6272 | |||
| 47553 | SERVER-WEBAPP Epic MyChart SQL injection attempt (more info ...) | web-application-attack | 2016-6272 | |||
| 47554 | SERVER-WEBAPP Epic MyChart SQL injection attempt (more info ...) | web-application-attack | 2016-6272 | |||
| 47555 | SERVER-WEBAPP Epic MyChart SQL injection attempt (more info ...) | web-application-attack | 2016-6272 | |||
| 47576 | SERVER-WEBAPP Cobub Razor channel name SQL injection attempt (more info ...) | web-application-attack | 2018-8057 | |||
| 47577 | SERVER-WEBAPP Cobub Razor channel name SQL injection attempt (more info ...) | web-application-attack | 2018-8057 | |||
| 47579 | SERVER-WEBAPP Joomla Aist id SQL injection attempt (more info ...) | web-application-attack | 2018-5993 | |||
| 47580 | SERVER-WEBAPP Joomla Aist id SQL injection attempt (more info ...) | web-application-attack | 2018-5993 | |||
| 47655 | SERVER-WEBAPP Joomla PostInstall Message SQL injection attempt (more info ...) | web-application-attack | 2018-6376 | |||
| 47788 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6226 | |||
| 47789 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6226 | |||
| 47794 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6229 | |||
| 47795 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6229 | |||
| 47796 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6228 | |||
| 47797 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6228 | |||
| 47799 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6230 | |||
| 47800 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6230 | |||
| 48126 | SERVER-WEBAPP Joomba component Timetable Schedule 3.6.8 SQL injection attempt (more info ...) | web-application-attack | 2018-17394 | URL | ||
| 48161 | SERVER-WEBAPP Joomba component Article Factory Manager SQL injection attempt (more info ...) | web-application-attack | 2018-17380 | URL | ||
| 48177 | SERVER-WEBAPP Advantech WebAccess SQL injection attempt (more info ...) | web-application-attack | 2017-16716 | |||
| 48193 | SERVER-WEBAPP Joomba component AlphaIndex Dictionaries SQL injection attempt (more info ...) | web-application-attack | 2018-17397 | URL | ||
| 48194 | SERVER-WEBAPP Joomba component AlphaIndex Dictionaries SQL injection attempt (more info ...) | web-application-attack | 2018-17397 | URL | ||
| 48195 | SERVER-WEBAPP Joomla Component Collection Factory SQL injection attempt (more info ...) | web-application-attack | 2018-17383 | URL | ||
| 48196 | SERVER-WEBAPP Joomla component Reverse Auction Factory SQL injection attempt (more info ...) | web-application-attack | 2018-17376 | URL | ||
| 48215 | SERVER-WEBAPP Webport SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 48216 | SERVER-WEBAPP Webport SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 48236 | SERVER-WEBAPP Joomla Component Responsive Portfolio SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 48412 | SERVER-WEBAPP ManageEngine Firewall Analyzer setManaged SQL injection attempt (more info ...) | web-application-attack | 2018-17283 | URL | ||
| 48413 | SERVER-WEBAPP ManageEngine Applications Manager editDisplaynames.do SQL injection attempt (more info ...) | web-application-attack | 2018-15168 | URL | ||
| 48414 | SERVER-WEBAPP ManageEngine Applications Manager editDisplaynames.do SQL injection attempt (more info ...) | web-application-attack | 2018-15168 | URL | ||
| 48415 | SERVER-WEBAPP ManageEngine Applications Manager editDisplaynames.do SQL injection attempt (more info ...) | web-application-attack | 2018-15168 | URL | ||
| 48454 | SERVER-WEBAPP Cisco Prime License Manager SQL injection attempt (more info ...) | web-application-attack | 2018-15441 | URL | ||
| 48455 | SERVER-WEBAPP Cisco Prime License Manager SQL injection attempt (more info ...) | web-application-attack | 2018-15441 | URL | ||
| 48785 | SERVER-OTHER SQLite FTS integer overflow attempt (more info ...) | attempted-user | 2018-20346 | |||
| 48786 | SERVER-OTHER SQLite FTS integer overflow attempt (more info ...) | attempted-user | 2018-20346 | |||
| 48900 | SERVER-WEBAPP Trend Micro Control Manager reporting.aspx SQL injection attempt (more info ...) | web-application-attack | 2018-3607 | URL | ||
| 49301 | SERVER-WEBAPP Trend Micro Smart Protection Server SQL injection attempt (more info ...) | web-application-attack | 2018-10350 | |||
| 49302 | SERVER-WEBAPP Trend Micro Smart Protection Server SQL injection attempt (more info ...) | web-application-attack | 2018-10350 | |||
| 49303 | SERVER-WEBAPP Trend Micro Smart Protection Server SQL injection attempt (more info ...) | web-application-attack | 2018-10350 | |||
| 49463 | SERVER-WEBAPP Joomla CW Articles Attachments SQL injection attempt (more info ...) | web-application-attack | 2018-14592 | URL | ||
| 49464 | SERVER-WEBAPP Joomla CW Articles Attachments SQL injection attempt (more info ...) | web-application-attack | 2018-14592 | URL | ||
| 49465 | SERVER-WEBAPP Joomla CW Articles Attachments SQL injection attempt (more info ...) | web-application-attack | 2018-14592 | URL | ||
| 49587 | SERVER-WEBAPP CMSsite 1.0 SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49603 | SERVER-WEBAPP Trend Micro Control Manager SQL injection attempt (more info ...) | web-application-attack | 2018-3606 | |||
| 49604 | SERVER-WEBAPP Trend Micro Control Manager SQL injection attempt (more info ...) | web-application-attack | 2018-3606 | URL | ||
| 49605 | SERVER-WEBAPP Trend Micro Control Manager SQL injection attempt (more info ...) | web-application-attack | 2018-3606 | URL | ||
| 49662 | SERVER-WEBAPP CMSsite 1.0 SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49663 | SERVER-WEBAPP CMSsite 1.0 SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49666 | SQL HTTP URI blind injection attempt (more info ...) | web-application-attack | ||||
| 49847 | SERVER-WEBAPP All in One Video Downloader SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49848 | SERVER-WEBAPP All in One Video Downloader SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49849 | SERVER-WEBAPP All in One Video Downloader SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49984 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2019-1825 | URL | ||
| 49985 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2019-1825 | URL | ||
| 51125 | SERVER-WEBAPP Joomla 3.7.0 com_fields view SQL injection attempt (more info ...) | web-application-attack | 2017-8917 | URL | ||
| 51275 | SERVER-WEBAPP Joomla Saxum Astro Component SQL injection attempt (more info ...) | web-application-attack | 2018-7180 | URL | ||
| 51276 | SERVER-WEBAPP Joomla Saxum Astro Component SQL injection attempt (more info ...) | web-application-attack | 2018-7180 | URL | ||
| 51277 | SERVER-WEBAPP Joomla Saxum Astro Component SQL injection attempt (more info ...) | web-application-attack | 2018-7180 | URL | ||
| 51572 | SERVER-WEBAPP Joomla component Alexandria Book Library SQL injection attempt (more info ...) | web-application-attack | 2018-7312 | |||
| 51573 | SERVER-WEBAPP Joomla component Alexandria Book Library SQL injection attempt (more info ...) | web-application-attack | 2018-7312 | |||
| 51574 | SERVER-WEBAPP Joomla component Alexandria Book Library SQL injection attempt (more info ...) | web-application-attack | 2018-7312 | |||
| 51629 | SERVER-WEBAPP Trend Micro Control Manager reporting.aspx SQL injection attempt (more info ...) | web-application-attack | 2018-3607 | URL | ||
| 51630 | SERVER-WEBAPP Trend Micro Control Manager reporting.aspx SQL injection attempt (more info ...) | web-application-attack | 2018-3606 | URL | ||
| 51687 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12683 | URL | ||
| 51688 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12683 | URL | ||
| 51689 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12684 | URL | ||
| 51690 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12684 | URL | ||
| 51691 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12679 | URL | ||
| 51692 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12679 | URL | ||
| 51693 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12682 | URL | ||
| 51694 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12682 | URL | ||
| 51695 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12681 | URL | ||
| 51696 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12681 | URL | ||
| 51697 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12681 | URL | ||
| 51698 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12681 | URL | ||
| 51699 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12680 | URL | ||
| 51700 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12680 | URL | ||
| 51701 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12680 | URL | ||
| 51702 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12680 | URL | ||
| 51703 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12680 | URL | ||
| 51704 | SERVER-WEBAPP Cisco Firepower Management Center SQL injection attempt (more info ...) | attempted-user | 2019-12680 | URL | ||
| 51808 | SERVER-WEBAPP vBulletin SQL injection attempt (more info ...) | web-application-attack | 2019-17271 | |||
| 51809 | SERVER-WEBAPP vBulletin SQL injection attempt (more info ...) | web-application-attack | 2019-17271 | |||
| 51810 | SERVER-WEBAPP vBulletin SQL injection attempt (more info ...) | web-application-attack | 2019-17271 | |||
| 51811 | SERVER-WEBAPP vBulletin SQL injection attempt (more info ...) | web-application-attack | 2019-17271 | |||
| 51812 | SERVER-WEBAPP vBulletin SQL injection attempt (more info ...) | web-application-attack | 2019-17271 | |||
| 51813 | SERVER-WEBAPP vBulletin SQL injection attempt (more info ...) | web-application-attack | 2019-17271 | |||
| 52043 | SERVER-WEBAPP VEGO Web Forum SQL injection attempt (more info ...) | web-application-attack | 2006-0065 | |||
| 52044 | SERVER-WEBAPP VEGO Web Forum SQL injection attempt (more info ...) | web-application-attack | 2006-0065 | |||
| 52045 | SERVER-WEBAPP VEGO Web Forum SQL injection attempt (more info ...) | web-application-attack | 2006-0065 | |||
| 52271 | SERVER-WEBAPP Joomla Jimtawl id parameter SQL injection attempt (more info ...) | web-application-attack | 2018-17399 | URL | ||
| 52272 | SERVER-WEBAPP Joomla Jimtawl id parameter SQL injection attempt (more info ...) | web-application-attack | 2018-17399 | URL | ||
| 52273 | SERVER-WEBAPP Joomla Jimtawl id parameter SQL injection attempt (more info ...) | web-application-attack | 2018-17399 | URL | ||
| 52543 | SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (more info ...) | web-application-attack | 2019-15984 | URL | ||
| 52544 | SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (more info ...) | web-application-attack | 2019-15984 | URL | ||
| 53169 | POLICY-OTHER PostgreSQL default credential login detected (more info ...) | policy-violation | 2020-3158 | URL | ||
| 53256 | SERVER-WEBAPP SQL Server Reporting Services web application remote code execution attempt (more info ...) | attempted-user | 2020-0618 | URL | ||
| 53480 | SERVER-WEBAPP Cisco SD-WAN vManage SQL injection attempt (more info ...) | web-application-attack | 2019-16012 | URL | ||
| 53481 | SERVER-WEBAPP Cisco SD-WAN vManage SQL injection attempt (more info ...) | web-application-attack | 2019-16012 | URL | ||
| 53857 | SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt (more info ...) | web-application-attack | 2020-5722 | |||
| 53858 | SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt (more info ...) | web-application-attack | 2020-5722 | |||
| 53859 | SERVER-WEBAPP Grandstream UCM6202 series SQL injection attempt (more info ...) | web-application-attack | 2020-5722 | |||
| 53885 | SERVER-WEBAPP Grandstream UCM6200 series SQL injection attempt (more info ...) | web-application-attack | 2020-5722 | URL | ||
| 54558 | SERVER-WEBAPP Park Ticketing Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54559 | SERVER-WEBAPP Park Ticketing Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54565 | SERVER-WEBAPP Park Ticketing Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54566 | SERVER-WEBAPP Park Ticketing Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54567 | SERVER-WEBAPP Park Ticketing Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54569 | SERVER-WEBAPP Barangay Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54570 | SERVER-WEBAPP Barangay Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 54894 | SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (more info ...) | web-application-attack | 2019-15984 | URL | ||
| 54895 | SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (more info ...) | web-application-attack | 2019-15984 | URL | ||
| 55836 | SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt (more info ...) | web-application-attack | 2020-15363 | |||
| 55837 | SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt (more info ...) | web-application-attack | 2020-15363 | |||
| 55838 | SERVER-WEBAPP Wordpress Nexos theme SQL injection attempt (more info ...) | web-application-attack | 2020-15363 | |||
| 56005 | SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt (more info ...) | web-application-attack | 2019-13375 | URL | ||
| 56006 | SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt (more info ...) | web-application-attack | 2019-13375 | URL | ||
| 56007 | SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 SQL injection attempt (more info ...) | web-application-attack | 2019-13375 | URL | ||
| 56523 | SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt (more info ...) | web-application-attack | 2020-10243 | URL | ||
| 56524 | SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt (more info ...) | web-application-attack | 2020-10243 | URL | ||
| 56525 | SERVER-WEBAPP Joomla Core Featured Article SQL injection attempt (more info ...) | web-application-attack | 2020-10243 | URL | ||
| 56947 | SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (more info ...) | web-application-attack | 2021-1247 | URL | ||
| 56954 | SERVER-WEBAPP Cisco Data Center Network Manager SQL injection attempt (more info ...) | web-application-attack | 2021-1248 | URL | ||
| 57412 | SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt (more info ...) | web-application-attack | 2020-27988 | URL | ||
| 57413 | SERVER-WEBAPP Nagios XI do_update_user SQL injection attempt (more info ...) | web-application-attack | 2020-27988 | URL | ||
| 57511 | SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt (more info ...) | web-application-attack | 2012-5861 | |||
| 57512 | SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt (more info ...) | web-application-attack | 2012-5861 | |||
| 57513 | SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt (more info ...) | web-application-attack | 2012-5861 | |||
| 57514 | SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt (more info ...) | web-application-attack | 2012-5861 | |||
| 57515 | SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt (more info ...) | web-application-attack | 2012-5861 | |||
| 57516 | SERVER-WEBAPP Sinapsi eSolar Light Photovoltaic System Monitor SQL injection attempt (more info ...) | web-application-attack | 2012-5861 | |||
| 57523 | SERVER-WEBAPP Cisco Unified Communications Manager SQL injection attempt (more info ...) | web-application-attack | 2021-1365 | URL | ||
| 57524 | SERVER-WEBAPP Cisco Unified Communications Manager SQL injection attempt (more info ...) | web-application-attack | 2021-1365 | URL | ||
| 57525 | SERVER-WEBAPP Cisco Unified Communications Manager SQL injection attempt (more info ...) | web-application-attack | 2021-1365 | URL | ||
| 57954 | SERVER-WEBAPP Velocloud VMware SD-WAN Orchestrator SQL injection attempt (more info ...) | web-application-attack | 2020-3973 | URL | ||
| 58026 | SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt (more info ...) | web-application-attack | 2019-17602 | URL | ||
| 58027 | SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt (more info ...) | web-application-attack | 2019-17602 | URL | ||
| 58028 | SERVER-WEBAPP Zoho ManageEngine OpManager OPMDeviceDetailsServlet SQL injection attempt (more info ...) | web-application-attack | 2019-17602 | URL | ||
| 58072 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise displayName_get SQL injection attempt (more info ...) | web-application-attack | ||||
| 58224 | SERVER-WEBAPP SonicWall SMA100 SQL injection attempt (more info ...) | web-application-attack | 2019-7481 | |||
| 58225 | SERVER-WEBAPP SonicWall SMA100 SQL injection attempt (more info ...) | web-application-attack | 2019-7481 | |||
| 58226 | SERVER-WEBAPP SonicWall SMA100 SQL injection attempt (more info ...) | web-application-attack | 2019-7481 | |||
| 58242 | SERVER-WEBAPP Sophos XG Firewall SQL injection attempt (more info ...) | web-application-attack | 2020-12271 | URL | ||
| 58260 | SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt (more info ...) | web-application-attack | ||||
| 58261 | SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt (more info ...) | web-application-attack | ||||
| 58262 | SERVER-WEBAPP AlienVault Unified Security Management SQL injection attempt (more info ...) | web-application-attack | ||||
| 58320 | SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt (more info ...) | web-application-attack | 2018-10353 | |||
| 58321 | SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt (more info ...) | web-application-attack | 2018-10353 | |||
| 58322 | SERVER-WEBAPP Trend Micro Encryption Email Gateway formChangePass username SQL injection attempt (more info ...) | web-application-attack | 2018-10353 | |||
| 58323 | SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58324 | SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58325 | SERVER-WEBAPP Advantech WebAccess Node Quality ItemGroupIdAry SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58330 | SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58331 | SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58332 | SERVER-WEBAPP Advantech WebAccess Node controlNode bnid SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58353 | SERVER-WEBAPP Advantech WebAccess Node Quality_Reg ItemIdAry SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58362 | SERVER-WEBAPP Advantech WebAccess Node BWSCADASoap ProjectName SQL injection attempt (more info ...) | web-application-attack | 2018-7501 | |||
| 58381 | SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt (more info ...) | web-application-attack | 2018-10352 | |||
| 58382 | SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt (more info ...) | web-application-attack | 2018-10352 | |||
| 58383 | SERVER-WEBAPP Trend Micro Encryption Email Gateway formConfiguration saveValue SQL injection attempt (more info ...) | web-application-attack | 2018-10352 | |||
| 58407 | SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt (more info ...) | web-application-attack | 2021-37350 | |||
| 58408 | SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt (more info ...) | web-application-attack | 2021-37350 | |||
| 58409 | SERVER-WEBAPP Nagios XI bulk modification tool SQL injection attempt (more info ...) | web-application-attack | 2021-37350 | |||
| 58421 | SERVER-WEBAPP BillQuick Web Suite SQL injection attempt (more info ...) | web-application-attack | 2021-42258 | |||
| 58422 | SERVER-WEBAPP BillQuick Web Suite SQL injection attempt (more info ...) | web-application-attack | 2021-42258 | |||
| 58423 | SERVER-WEBAPP BillQuick Web Suite SQL injection attempt (more info ...) | web-application-attack | 2021-42258 | |||
| 58509 | SERVER-WEBAPP Accellion File Transfer Appliance SQL injection attempt (more info ...) | web-application-attack | 2021-27101 | URL | ||
| 58510 | SERVER-WEBAPP EyesOfNetwork SQL injection attempt (more info ...) | web-application-attack | 2020-8656 | |||
| 58511 | SERVER-WEBAPP EyesOfNetwork SQL injection attempt (more info ...) | web-application-attack | 2020-8656 | |||
| 58512 | SERVER-WEBAPP EyesOfNetwork SQL injection attempt (more info ...) | web-application-attack | 2020-8656 | |||
| 58513 | SERVER-WEBAPP Advantech WebAccess updateTemplate SQL injection attempt (more info ...) | web-application-attack | 2017-5154 | URL | ||
| 58709 | SERVER-WEBAPP Trend Micro Email Encryption Gateway SQL injection attempt (more info ...) | web-application-attack | 2018-6229 | |||
| 58843 | SERVER-WEBAPP FUEL CMS col SQL injection attempt (more info ...) | web-application-attack | 2021-38727 | |||
| 58844 | SERVER-WEBAPP FUEL CMS col SQL injection attempt (more info ...) | web-application-attack | 2021-38727 | |||
| 58845 | SERVER-WEBAPP FUEL CMS col SQL injection attempt (more info ...) | web-application-attack | 2021-38727 | |||
| 58847 | SERVER-WEBAPP Trend Micro Encryption Email Gateway requestDomains hidDomains SQL injection attempt (more info ...) | web-application-attack | 2018-10356 | |||
| 58848 | SERVER-WEBAPP Trend Micro Encryption Email Gateway requestDomains hidDomains SQL injection attempt (more info ...) | web-application-attack | 2018-10356 | |||
| 58849 | SERVER-WEBAPP Trend Micro Encryption Email Gateway requestDomains hidDomains SQL injection attempt (more info ...) | web-application-attack | 2018-10356 | |||
| 58855 | SERVER-WEBAPP Trend Micro Encryption Email Gateway register2 Client SQL injection attempt (more info ...) | web-application-attack | 2018-10351 | |||
| 58959 | SERVER-WEBAPP WordPress Core SQL injection attempt (more info ...) | web-application-attack | 2022-21661 | URL | ||
| 59003 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 59080 | SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData Alarms section SQL injection attempt (more info ...) | web-application-attack | 2018-20338 | |||
| 59081 | SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData Alarms section SQL injection attempt (more info ...) | web-application-attack | 2018-20338 | |||
| 59082 | SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData Alarms section SQL injection attempt (more info ...) | web-application-attack | 2018-20338 | |||
| 59090 | SERVER-WEBAPP Zoho ManageEngine OpManager GetGraphData API SQL injection attempt (more info ...) | web-application-attack | 2018-20173 | |||
| 59126 | SERVER-WEBAPP Advantech iView UserServlet SQL injection attempt (more info ...) | web-application-attack | 2021-22658 | |||
| 59127 | SERVER-WEBAPP Advantech iView UserServlet SQL injection attempt (more info ...) | web-application-attack | 2021-22658 | |||
| 59128 | SERVER-WEBAPP Advantech iView UserServlet SQL injection attempt (more info ...) | web-application-attack | 2021-22658 | |||
| 59326 | SERVER-WEBAPP rConfig compliance policies SQL injection attempt (more info ...) | web-application-attack | 2020-10547 | |||
| 59327 | SERVER-WEBAPP rConfig compliance policies SQL injection attempt (more info ...) | web-application-attack | 2020-10547 | |||
| 59328 | SERVER-WEBAPP rConfig compliance policies SQL injection attempt (more info ...) | web-application-attack | 2020-10547 | |||
| 59329 | SERVER-WEBAPP rConfig snippets SQL injection attempt (more info ...) | web-application-attack | 2020-10549 | |||
| 59330 | SERVER-WEBAPP rConfig snippets SQL injection attempt (more info ...) | web-application-attack | 2020-10549 | |||
| 59331 | SERVER-WEBAPP rConfig snippets SQL injection attempt (more info ...) | web-application-attack | 2020-10549 | |||
| 59339 | SERVER-WEBAPP Trend Micro Control Manager AdHocQuery_Processor GetProductCategory SQL injection attempt (more info ...) | web-application-attack | 2018-3602 | |||
| 59340 | SERVER-WEBAPP Trend Micro Control Manager AdHocQuery_Processor GetProductCategory SQL injection attempt (more info ...) | web-application-attack | 2018-3602 | |||
| 59341 | SERVER-WEBAPP Trend Micro Control Manager AdHocQuery_Processor GetProductCategory SQL injection attempt (more info ...) | web-application-attack | 2018-3602 | |||
| 59358 | SERVER-WEBAPP Zoho ManageEngine Applications Manager AlertRes_Mtrgrp jsp sid SQL injection attempt (more info ...) | web-application-attack | 2020-15533 | |||
| 59359 | SERVER-WEBAPP Zoho ManageEngine Applications Manager AlertRes_Mtrgrp jsp sid SQL injection attempt (more info ...) | web-application-attack | 2020-15533 | |||
| 59360 | SERVER-WEBAPP Zoho ManageEngine Applications Manager AlertRes_Mtrgrp jsp sid SQL injection attempt (more info ...) | web-application-attack | 2020-15533 | |||
| 59382 | SERVER-WEBAPP Zoho ManageEngine Applications Manager Popup_SLA SQL injection attempt (more info ...) | web-application-attack | 2019-11448 | |||
| 59383 | SERVER-WEBAPP Zoho ManageEngine Applications Manager Popup_SLA SQL injection attempt (more info ...) | web-application-attack | 2019-11448 | |||
| 59384 | SERVER-WEBAPP Zoho ManageEngine Applications Manager Popup_SLA SQL injection attempt (more info ...) | web-application-attack | 2019-11448 | |||
| 59389 | SERVER-WEBAPP Trend Micro Control Manager GetRuleList SQL injection attempt (more info ...) | web-application-attack | 2018-3604 | |||
| 59390 | SERVER-WEBAPP Trend Micro Control Manager GetRuleList SQL injection attempt (more info ...) | web-application-attack | 2018-3604 | |||
| 59391 | SERVER-WEBAPP Trend Micro Control Manager GetRuleList SQL injection attempt (more info ...) | web-application-attack | 2018-3604 | |||
| 59392 | SERVER-WEBAPP Trend Micro Control Manager GetRuleList SQL injection attempt (more info ...) | web-application-attack | 2018-3604 | |||
| 59402 | SERVER-WEBAPP TimeClock Software 1.01 authenticated time based SQL injection attempt (more info ...) | web-application-attack | ||||
| 59403 | SERVER-WEBAPP TimeClock Software 1.01 authenticated time based SQL injection attempt (more info ...) | web-application-attack | ||||
| 59404 | SERVER-WEBAPP TimeClock Software 1.01 authenticated time based SQL injection attempt (more info ...) | web-application-attack | ||||
| 59436 | SERVER-WEBAPP Advantech WISE-PaaS RMM SQLMgmt qryData SQL injection attempt (more info ...) | web-application-attack | 2019-18229 | |||
| 59609 | SERVER-WEBAPP Exponent CMS eaasController SQL injection attempt (more info ...) | web-application-attack | 2017-7991 | URL | ||
| 59812 | SERVER-WEBAPP Citrix SD-WAN Appliance SQL injection attempt (more info ...) | web-application-attack | 2019-12989 | URL | ||
| 59910 | SERVER-WEBAPP SonicWall Secure Remote Access SQL injection attempt (more info ...) | web-application-attack | 2021-20028 | URL | ||
| 59911 | SERVER-WEBAPP SonicWall Secure Remote Access SQL injection attempt (more info ...) | web-application-attack | 2021-20028 | URL | ||
| 59912 | SERVER-WEBAPP SonicWall Secure Remote Access SQL injection attempt (more info ...) | web-application-attack | 2021-20028 | URL | ||
| 59913 | SERVER-WEBAPP SonicWall Secure Remote Access SQL injection attempt (more info ...) | web-application-attack | 2021-20028 | URL | ||
| 59914 | SERVER-WEBAPP SonicWall Secure Remote Access SQL injection attempt (more info ...) | web-application-attack | 2021-20028 | URL | ||
| 59915 | SERVER-WEBAPP SonicWall Secure Remote Access SQL injection attempt (more info ...) | web-application-attack | 2021-20028 | URL | ||
| 59976 | SERVER-WEBAPP Sonic Wall SRA and SMA appliances SQL injection attempt (more info ...) | web-application-attack | 2019-7484 | |||
| 59977 | SERVER-WEBAPP Sonic Wall SRA and SMA appliances SQL injection attempt (more info ...) | web-application-attack | 2019-7484 | |||
| 59978 | SERVER-WEBAPP Sonic Wall SRA and SMA appliances SQL injection attempt (more info ...) | web-application-attack | 2019-7484 | |||
| 60073 | SERVER-WEBAPP NETGEAR ProSafe SSL VPN SQL injection attempt (more info ...) | web-application-attack | 2022-29383 | |||
| 60074 | SERVER-WEBAPP NETGEAR ProSafe SSL VPN SQL injection attempt (more info ...) | web-application-attack | 2022-29383 | |||
| 60075 | SERVER-WEBAPP NETGEAR ProSafe SSL VPN SQL injection attempt (more info ...) | web-application-attack | 2022-29383 | |||
| 60093 | SERVER-WEBAPP Kaseya VSA SQL injection attempt (more info ...) | web-application-attack | 2021-30117 | |||
| 60094 | SERVER-WEBAPP Kaseya VSA SQL injection attempt (more info ...) | web-application-attack | 2021-30117 | |||
| 60095 | SERVER-WEBAPP Kaseya VSA SQL injection attempt (more info ...) | web-application-attack | 2021-30117 | |||
| 60119 | SERVER-WEBAPP Kaseya VSA ManagedITSync arbitrary SQL command execution attempt (more info ...) | web-application-attack | 2017-18362 | |||
| 60120 | SERVER-WEBAPP Kaseya VSA ManagedITSync arbitrary SQL command execution attempt (more info ...) | web-application-attack | 2017-18362 | |||
| 60165 | SERVER-WEBAPP Zoho ManageEngine NetFlow Analyzer ReportApiHandler compareReport SQL injection attempt (more info ...) | web-application-attack | 2019-12196 | |||
| 60166 | SERVER-WEBAPP Zoho ManageEngine NetFlow Analyzer ReportApiHandler compareReport SQL injection attempt (more info ...) | web-application-attack | 2019-12196 | |||
| 60782 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60783 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60784 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60786 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60789 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60800 | SERVER-WEBAPP Cisco Email Security Appliance SQL injection attempt (more info ...) | web-application-attack | 2022-20867 | URL | ||
| 60840 | SERVER-WEBAPP Joomla J2Store plugin SQL injection attempt (more info ...) | web-application-attack | 2019-9184 | URL | ||
| 60841 | SERVER-WEBAPP Joomla J2Store plugin SQL injection attempt (more info ...) | web-application-attack | 2019-9184 | URL | ||
| 60842 | SERVER-WEBAPP Joomla J2Store plugin SQL injection attempt (more info ...) | web-application-attack | 2019-9184 | URL | ||
| 60896 | SERVER-WEBAPP WordPress Zephyr Project Manager plugin zpm_view_task SQL injection attempt (more info ...) | web-application-attack | 2022-2840 | URL | ||
| 60897 | SERVER-WEBAPP WordPress Zephyr Project Manager plugin zpm_view_task SQL injection attempt (more info ...) | web-application-attack | 2022-2840 | URL | ||
| 60898 | SERVER-WEBAPP WordPress Zephyr Project Manager plugin zpm_view_project SQL injection attempt (more info ...) | web-application-attack | 2022-2840 | URL | ||
| 60899 | SERVER-WEBAPP WordPress Zephyr Project Manager plugin zpm_view_project SQL injection attempt (more info ...) | web-application-attack | 2022-2840 | URL | ||
| 60900 | SERVER-WEBAPP WordPress Zephyr Project Manager plugin zpm_new_task SQL injection attempt (more info ...) | web-application-attack | 2022-2840 | URL | ||
| 60901 | SERVER-WEBAPP WordPress Zephyr Project Manager plugin zpm_new_task SQL injection attempt (more info ...) | web-application-attack | 2022-2840 | URL | ||
| 60907 | SERVER-WEBAPP Sophos XG Firewall SQL injection attempt (more info ...) | web-application-attack | 2020-15504 | URL | ||
| 60908 | SERVER-WEBAPP Sophos XG Firewall SQL injection attempt (more info ...) | web-application-attack | 2020-15504 | URL | ||
| 60909 | SERVER-WEBAPP Sophos XG Firewall SQL injection attempt (more info ...) | web-application-attack | 2020-15504 | URL | ||
| 61106 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61112 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61117 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61118 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61120 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61128 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61130 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61131 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61140 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61142 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61144 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61149 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61151 | SERVER-WEBAPP Fscan scanner SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 61169 | SERVER-WEBAPP Cisco Unified Communications Manager SQL injection attempt (more info ...) | web-application-attack | 2023-20010 | URL | ||
| 61170 | SERVER-WEBAPP Cisco Unified Communications Manager SQL injection attempt (more info ...) | web-application-attack | 2023-20010 | URL | ||
| 61241 | SERVER-WEBAPP Paid Memberships Pro WordPress Plugin SQL injection attempt (more info ...) | web-application-attack | 2023-23488 | |||
| 61242 | SERVER-WEBAPP Paid Memberships Pro WordPress Plugin SQL injection attempt (more info ...) | web-application-attack | 2023-23488 | |||
| 61243 | SERVER-WEBAPP Paid Memberships Pro WordPress Plugin SQL injection attempt (more info ...) | web-application-attack | 2023-23488 | |||
| 61326 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PowerUpSQL download attempt (more info ...) | trojan-activity | URL | |||
| 61327 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PowerUpSQL download attempt (more info ...) | trojan-activity | URL | |||
| 61537 | SERVER-WEBAPP Zoho ManageEngine Password Manager Pro SQL injection attempt (more info ...) | web-application-attack | 2022-43672 | URL | ||
| 61538 | SERVER-WEBAPP Zoho ManageEngine Password Manager Pro SQL injection attempt (more info ...) | web-application-attack | 2022-43672 | URL | ||
| 61540 | SERVER-WEBAPP Rebuild files/list-file SQL injection attempt (more info ...) | web-application-attack | 2023-1610 | URL | ||
| 61541 | SERVER-WEBAPP Rebuild project/tasks/list SQL injection attempt (more info ...) | web-application-attack | 2023-1610 | URL | ||
| 61542 | SERVER-WEBAPP Rebuild files/list-file SQL injection attempt (more info ...) | web-application-attack | 2023-1610 | URL | ||
| 61543 | SERVER-WEBAPP Rebuild files/list-file SQL injection attempt (more info ...) | web-application-attack | 2023-1610 | URL | ||
| 61544 | SERVER-WEBAPP Rebuild project/tasks/list SQL injection attempt (more info ...) | web-application-attack | 2023-1610 | URL | ||
| 61545 | SERVER-WEBAPP Rebuild project/tasks/list SQL injection attempt (more info ...) | web-application-attack | 2023-1610 | URL | ||
| 61868 | FILE-IDENTIFY sqlite3 magic detected (more info ...) | misc-activity | ||||
| 61869 | FILE-IDENTIFY sqlite3 magic detected (more info ...) | misc-activity | ||||
| 62013 | SERVER-WEBAPP MOVEit username sql injection attempt (more info ...) | web-application-attack | 2023-36934 | URL | ||
| 62104 | SERVER-WEBAPP Progress MOVEit Transfer SILCertToUser SQL injection attempt (more info ...) | web-application-attack | 2023-35036 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 673 | SQL sp_start_job - program execution (more info ...) | attempted-user | ||||
| 676 | SQL sp_start_job - program execution (more info ...) | attempted-user | ||||
| 677 | SQL sp_password password change (more info ...) | attempted-user | ||||
| 678 | SQL sp_delete_alert log file deletion (more info ...) | attempted-user | ||||
| 679 | SQL sp_adduser database user creation (more info ...) | attempted-user | ||||
| 681 | SQL xp_cmdshell program execution (more info ...) | attempted-user | 5309 | |||
| 683 | SQL sp_password - password change (more info ...) | attempted-user | ||||
| 684 | SQL sp_delete_alert log file deletion (more info ...) | attempted-user | ||||
| 685 | SQL sp_adduser - database user creation (more info ...) | attempted-user | ||||
| 687 | SQL xp_cmdshell - program execution (more info ...) | attempted-user | 5309 | |||
| 688 | SQL sa login failed (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | |
| 861 | SERVER-WEBAPP w3-msql access (more info ...) | attempted-recon | 2000-0012 | 898 | 10296 | |
| 887 | SERVER-WEBAPP www-sql access (more info ...) | attempted-recon | URL | |||
| 1057 | SQL ftp attempt (more info ...) | web-application-activity | ||||
| 1058 | SQL xp_enumdsn attempt (more info ...) | web-application-attack | ||||
| 1059 | SQL xp_filelist attempt (more info ...) | web-application-attack | ||||
| 1060 | SQL xp_availablemedia attempt (more info ...) | web-application-attack | ||||
| 1061 | SQL xp_cmdshell attempt (more info ...) | web-application-attack | 5309 | |||
| 1069 | SQL xp_regread attempt (more info ...) | web-application-activity | ||||
| 1077 | SQL queryhit.htm access (more info ...) | web-application-activity | 10370 | |||
| 1078 | SQL counter.exe access (more info ...) | web-application-activity | 1999-1030 | 267 | ||
| 1385 | SERVER-WEBAPP mod-plsql administration access (more info ...) | web-application-activity | 2001-1217 | 3727 | 10849 | |
| 1387 | SQL raiserror possible buffer overflow (more info ...) | attempted-user | 2001-0542 | 3733 | 11217 | |
| 1759 | SQL xp_cmdshell program execution 445 (more info ...) | attempted-user | 5309 | |||
| 2063 | SERVER-WEBAPP Demarc SQL injection attempt (more info ...) | web-application-activity | 2002-0539 | 4520 | ||
| 2701 | SERVER-WEBAPP Oracle iSQLPlus sid overflow attempt (more info ...) | web-application-attack | 2004-1371 | 10871 | URL | |
| 2702 | SERVER-WEBAPP Oracle iSQLPlus username overflow attempt (more info ...) | web-application-attack | 2004-1371 | 10871 | URL | |
| 2703 | SERVER-WEBAPP Oracle iSQLPlus login.uix username overflow attempt (more info ...) | web-application-attack | 2004-1371 | 10871 | URL | |
| 2704 | SERVER-WEBAPP Oracle 10g iSQLPlus login.unix connectID overflow attempt (more info ...) | web-application-attack | 2004-1371 | 10871 | URL | |
| 3152 | SQL sa brute force failed login attempt (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | URL |
| 3273 | SQL sa brute force failed login unicode attempt (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | URL |
| 3542 | SQL SA brute force login attempt (more info ...) | suspicious-login | 2000-1209 | 4797 | 10673 | URL |
| 4984 | SQL sa brute force failed login unicode attempt (more info ...) | unsuccessful-user | 2000-1209 | 4797 | 10673 | URL |
| 7207 | SERVER-ORACLE DBMS_EXPORT_EXTENSION SQL injection attempt (more info ...) | attempted-user | 2006-3702 | 19054 | ||
| 8059 | SERVER-ORACLE SYS.KUPW-WORKER sql injection attempt (more info ...) | attempted-admin | 2006-3698 | 19054 | URL | |
| 8494 | SQL formatmessage possible buffer overflow (more info ...) | attempted-admin | 2001-0542 | 3733 | ||
| 8495 | SQL formatmessage possible buffer overflow (more info ...) | attempted-admin | 2001-0542 | 3733 | ||
| 8713 | SERVER-WEBAPP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 8714 | SERVER-WEBAPP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 8715 | SERVER-WEBAPP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 8716 | SERVER-WEBAPP cacti graph_image SQL injection attempt (more info ...) | web-application-attack | 2005-2148 | 14129 | ||
| 11193 | SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 11194 | SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 11204 | SERVER-ORACLE Oracle Database DBMS_AQADM_SYS package GRANT_TYPE_ACCESS procedure SQL injection attempt (more info ...) | attempted-admin | 2009-0977 | 34461 | URL | |
| 11616 | SERVER-WEBAPP Symantec Sygate Policy Manager SQL injection (more info ...) | attempted-admin | 2006-0522 | 16452 | ||
| 11685 | SERVER-WEBAPP Oracle iSQL Plus cross site scripting attempt (more info ...) | web-application-attack | 2004-2115 | 9484 | ||
| 12009 | SQL Firebird SQL Fbserver buffer overflow attempt (more info ...) | attempted-user | 2007-3181 | |||
| 13366 | SERVER-ORACLE Oracle database SYS.LT.FINDRICSET SQL injection attempt (more info ...) | attempted-admin | 2007-5511 | 26098 | URL | |
| 13551 | SERVER-ORACLE Oracle XDB.XDB_PITRIG_PKG sql injection attempt (more info ...) | attempted-admin | 2008-0339 | 27229 | URL | |
| 13553 | SERVER-OTHER Sybase SQL Anywhere Mobilink username string buffer overflow (more info ...) | attempted-admin | 2008-0912 | 27914 | URL | |
| 13554 | SERVER-OTHER Sybase SQL Anywhere Mobilink version string buffer overflow (more info ...) | attempted-admin | 2008-0912 | 27914 | URL | |
| 13555 | SERVER-OTHER Sybase SQL Anywhere Mobilink remoteID string buffer overflow (more info ...) | attempted-admin | 2008-0912 | 27914 | URL | |
| 13791 | INDICATOR-OBFUSCATION oversized cast statement - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 13928 | SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (more info ...) | web-application-attack | 2008-2991 | 30137 | URL | |
| 13929 | SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (more info ...) | web-application-attack | 2008-2991 | 30137 | URL | |
| 13987 | INDICATOR-OBFUSCATION oversized convert statement - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 13988 | INDICATOR-OBFUSCATION large number of calls to ascii function - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 13991 | SQL xp_regaddmultistring attempt (more info ...) | web-application-activity | ||||
| 13992 | SQL xp_regdeletevalue attempt (more info ...) | web-application-activity | ||||
| 13993 | SQL xp_regenumkeys attempt (more info ...) | web-application-activity | ||||
| 13994 | SQL xp_regenumvalues attempt (more info ...) | web-application-activity | ||||
| 13995 | SQL xp_regremovemultistring attempt (more info ...) | web-application-activity | ||||
| 13996 | SQL xp_servicecontrol attempt (more info ...) | web-application-activity | ||||
| 13997 | SQL xp_loginconfig attempt (more info ...) | web-application-activity | ||||
| 13998 | SQL xp_terminate_process attempt (more info ...) | web-application-activity | ||||
| 15319 | NETBIOS SMB /sql/query create tree attempt (more info ...) | protocol-command-decode | ||||
| 15321 | NETBIOS SMB /sql/query create tree attempt (more info ...) | protocol-command-decode | ||||
| 15322 | NETBIOS SMB /sql/query unicode create tree attempt (more info ...) | protocol-command-decode | ||||
| 15323 | NETBIOS SMB /sql/query andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15324 | NETBIOS SMB /sql/query unicode andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15325 | NETBIOS SMB /sql/query andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15326 | NETBIOS SMB /sql/query unicode andx create tree attempt (more info ...) | protocol-command-decode | ||||
| 15515 | SERVER-ORACLE Oracle Database Server RollbackWorkspace SQL injection attempt (more info ...) | attempted-admin | 2009-0978 | 34461 | URL | |
| 15722 | SERVER-ORACLE Oracle database server Workspace Manager multiple SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15723 | SERVER-ORACLE Oracle database server CompressWorkspaceTree SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15724 | SERVER-ORACLE Oracle database server MergeWorkspace SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15725 | SERVER-ORACLE Oracle database server RemoveWorkspace SQL injection attempt (more info ...) | attempted-admin | 2008-3982 | 31683 | URL | |
| 15876 | SQL generic sql update injection attempt - POST parameter (more info ...) | web-application-attack | URL | |||
| 15896 | SERVER-OTHER Firebird SQL op_connect_request denial of service attempt (more info ...) | attempted-dos | 2009-2620 | 35842 | ||
| 16159 | BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 1 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16161 | BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 2 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16163 | BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 3 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16165 | BROWSER-PLUGINS Microsoft Office Excel Add-in for SQL Analysis Services 4 ActiveX clsid access (more info ...) | attempted-user | 2009-2493 | URL | ||
| 16189 | SERVER-ORACLE Database REPCAT_RPC.VALIDATE_REMOTE_RC SQL injection attempt (more info ...) | attempted-admin | 2009-1021 | 35685 | URL | |
| 16290 | SERVER-ORACLE Oracle database server CREATE_TABLES SQL injection attempt (more info ...) | attempted-admin | 2009-1991 | 36748 | URL | |
| 16364 | SERVER-OTHER IBM DB2 database server SQLSTT denial of service attempt (more info ...) | denial-of-service | 2009-0173 | |||
| 16393 | SERVER-OTHER PostgreSQL bit substring buffer overflow attempt (more info ...) | attempted-admin | 2010-0442 | 37973 | ||
| 16524 | PROTOCOL-FTP ProFTPD username sql injection attempt (more info ...) | attempted-admin | 2009-0542 | 33722 | URL | |
| 16722 | SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure SQL injection attempt (more info ...) | attempted-user | 2010-0870 | 39422 | ||
| 16723 | SERVER-ORACLE Oracle Database Server DBMS_CDC_PUBLISH.ALTER_CHANGE_SOURCE procedure SQL injection attempt (more info ...) | attempted-user | 2010-0870 | 39422 | ||
| 17270 | SERVER-ORACLE DBMS_METADATA Package SQL Injection attempt (more info ...) | attempted-user | 2005-1197 | |||
| 17449 | SERVER-WEBAPP Novell ZENworks patch management SQL injection attempt (more info ...) | web-application-attack | 2005-3315 | 15220 | ||
| 17590 | SERVER-ORACLE DBMS_ASSERT.simple_sql_name double quote SQL injection attempt (more info ...) | misc-attack | 19203 | |||
| 18426 | FILE-OTHER Adobe Acrobat Reader plugin sqlite.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18431 | FILE-PDF Adobe Acrobat Reader plugin sqlite.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18556 | SERVER-WEBAPP Symantec IM manager IMAdminReportTrendFormRun.asp sql injection attempt (more info ...) | attempted-user | 2010-0112 | 44299 | URL | |
| 18955 | SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (more info ...) | web-application-attack | 2010-0112 | 44299 | ||
| 18956 | SERVER-WEBAPP Symantec IM Manager LoggedInUsers.lgx definition file multiple SQL injections attempt (more info ...) | web-application-attack | 2010-0112 | 44299 | ||
| 19142 | SERVER-WEBAPP Symantec IM Manager IMAdminScheduleReport.asp SQL injection attempt (more info ...) | web-application-attack | 2010-0112 | 44299 | ||
| 19201 | SQL waitfor delay function - possible SQL injection attempt (more info ...) | web-application-attack | 2012-2998 | URL | ||
| 19202 | SQL declare varchar - possible SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 19476 | MALWARE-CNC Exploit.Win32.SqlShell.r variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19599 | SERVER-ORACLE Warehouse builder WE_OLAP_AW_REMOVE_SOLVE_ID SQL Injection attempt (more info ...) | attempted-admin | 2011-0799 | 44260 | ||
| 19600 | SERVER-ORACLE Warehouse builder WE_OLAP_AW_SET_SOLVE_ID SQL Injection attempt (more info ...) | attempted-admin | 2011-0799 | 44260 | ||
| 19779 | INDICATOR-SCAN sqlmap SQL injection scan attempt (more info ...) | web-application-activity | URL | |||
| 19810 | SERVER-OTHER CA Total Defense Suite UNCWS deleteReportTemplate SQL injection attempt (more info ...) | attempted-admin | 2011-1655 | |||
| 20047 | SQL 1 = 1 - possible sql injection attempt (more info ...) | web-application-attack | URL | |||
| 20615 | SERVER-WEBAPP Wordcircle SQL injection attempt (more info ...) | web-application-activity | 2006-0205 | 16227 | ||
| 20623 | SERVER-WEBAPP Venom Board SQL injection attempt (more info ...) | web-application-activity | 2006-0160 | 16176 | ||
| 20624 | SERVER-WEBAPP Venom Board SQL injection attempt (more info ...) | web-application-activity | 2006-0160 | 16176 | ||
| 20625 | SERVER-WEBAPP Venom Board SQL injection attempt (more info ...) | web-application-activity | 2006-0160 | 16176 | ||
| 20832 | SERVER-WEBAPP Symantec IM Manager administrator interface SQL injection attempt (more info ...) | web-application-attack | 2011-0553 | 49738 | URL | |
| 21121 | INDICATOR-COMPROMISE WSO web shell interactive SQL display (more info ...) | trojan-activity | URL | |||
| 21132 | INDICATOR-COMPROMISE Mulcishell web shell sql interaction page (more info ...) | trojan-activity | URL | |||
| 21271 | SERVER-WEBAPP Devellion CubeCart searchStr parameter SQL injection (more info ...) | web-application-attack | URL | |||
| 21377 | SERVER-WEBAPP Cisco Unified Communications Manager sql injection attempt (more info ...) | web-application-attack | 2011-1610 | URL | ||
| 21395 | SERVER-ORACLE 10g iSQLPlus service heap overflow attempt (more info ...) | attempted-user | 2004-1371 | 10871 | ||
| 21396 | SERVER-ORACLE 10g iSQLPlus service heap overflow attempt (more info ...) | attempted-user | 2004-1371 | 10871 | ||
| 21777 | SQL waitfor delay function in POST - possible SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 21779 | SQL parameter ending in encoded comment characters - possible sql injection attempt - POST (more info ...) | web-application-attack | URL | |||
| 21780 | INDICATOR-OBFUSCATION encoded waitfor delay function in POST - possible sql injection attempt (more info ...) | misc-attack | URL | |||
| 21781 | INDICATOR-OBFUSCATION encoded union select function in POST - possible sql injection attempt (more info ...) | misc-attack | URL | |||
| 21788 | SQL or kic = kic - known SQL injection routine (more info ...) | web-application-attack | ||||
| 21789 | SQL or kic = kic - known SQL injection routine (more info ...) | web-application-attack | ||||
| 23213 | SQL Ruby on rails SQL injection attempt (more info ...) | web-application-attack | 2012-2695 | |||
| 23216 | SERVER-WEBAPP Ruby on Rails SQL injection attempt (more info ...) | web-application-attack | 2012-2661 | |||
| 23393 | SQL IBM SolidDB initial banner (more info ...) | misc-activity | ||||
| 24421 | PROTOCOL-SCADA Sinapsi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 24422 | PROTOCOL-SCADA Sinapsi SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 24423 | PROTOCOL-SCADA Sinapsi SQL hard coded user login attempt (more info ...) | web-application-attack | URL | |||
| 24424 | PROTOCOL-SCADA Sinapsi SQL hard coded user login attempt (more info ...) | web-application-attack | URL | |||
| 24629 | SERVER-WEBAPP Oracle Fusion Middleware WebCenter selectedLocale parameter sql injection attempt (more info ...) | web-application-attack | 2012-3186 | 55984 | URL | |
| 24801 | SERVER-WEBAPP IBM Tivoli Provisioning Manager Express asset.getmimetype sql injection attempt (more info ...) | attempted-user | 2012-0199 | URL | ||
| 25285 | SERVER-OTHER Ruby on Rails authlogic session cookie SQL injection attempt (more info ...) | web-application-attack | 2012-6496 | URL | ||
| 25783 | INDICATOR-OBFUSCATION large number of calls to char function - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 26075 | MALWARE-CNC Bancos variant outbound connection SQL query POST data (more info ...) | trojan-activity | URL | |||
| 26586 | SERVER-OTHER PostgreSQL database name command line injection attempt (more info ...) | attempted-user | 2013-1899 | URL | ||
| 26925 | SQL generic convert injection attempt - GET parameter (more info ...) | web-application-attack | URL | |||
| 27285 | SERVER-WEBAPP Gazi Download Portal down_indir.asp SQL injection attempt (more info ...) | web-application-attack | 2007-2810 | 23714 | ||
| 27286 | SERVER-WEBAPP DuWare DuClassmate default.asp iCity sql injection attempt (more info ...) | web-application-attack | 2006-6355 | URL | ||
| 27681 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27682 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27683 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27684 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27685 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27686 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27687 | SERVER-WEBAPP ASPMForum SQL injection attempt (more info ...) | web-application-attack | 2006-6270 | 21113 | ||
| 27723 | SQL McAfee ePolicy Orchestrator timing based SQL injection attempt (more info ...) | attempted-admin | 2013-0140 | 59500 | URL | |
| 27748 | SERVER-WEBAPP Outfront Spooky Login register.asp SQL injection attempt (more info ...) | web-application-attack | 2006-6861 | 21822 | URL | |
| 27749 | SERVER-WEBAPP Outfront Spooky Login a_register.asp SQL injection attempt (more info ...) | web-application-attack | 2006-6861 | 21822 | URL | |
| 27753 | SERVER-WEBAPP Click N Print Coupons coupon_detail.asp SQL injection attempt (more info ...) | web-application-attack | 2006-6859 | 21824 | URL | |
| 28098 | SERVER-OTHER CA Total Defense Suite UNCWS reGenerateReports/DeleteReports SQL injection attempt (more info ...) | attempted-admin | 2011-1655 | |||
| 28099 | SERVER-OTHER CA Total Defense Suite UNCWS reGenerateReports/DeleteReports SQL injection attempt (more info ...) | attempted-admin | 2011-1655 | |||
| 28100 | SERVER-OTHER CA Total Defense Suite UNCWS deleteReportFilter SQL injection attempt (more info ...) | attempted-admin | 2011-1655 | |||
| 28101 | SERVER-OTHER CA Total Defense Suite UNCWS reGenerateReports/DeleteReports SQL injection attempt (more info ...) | attempted-admin | 2011-1655 | |||
| 28102 | SERVER-OTHER CA Total Defense Suite UNCWS ReportFilterID/reportTemplateID SQL injection attempt (more info ...) | attempted-admin | 2011-1655 | |||
| 28278 | SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (more info ...) | attempted-admin | 2012-0199 | URL | ||
| 28299 | SERVER-WEBAPP WHMCS SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 28344 | INDICATOR-OBFUSCATION large number of calls to chr function - possible sql injection obfuscation (more info ...) | web-application-attack | URL | |||
| 28446 | MALWARE-CNC Win.Trojan.Symmi variant SQL check-in (more info ...) | trojan-activity | URL | |||
| 28555 | MALWARE-OTHER SQL Slammer worm propagation attempt inbound (more info ...) | trojan-activity | 2002-0649 | 5311 | ||
| 28908 | SERVER-OTHER Nagios core config manager tfpassword sql injection attempt (more info ...) | web-application-attack | 2013-6875 | URL | ||
| 29018 | SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin getReport SQL injection attempt (more info ...) | attempted-admin | 2013-4839 | 63477 | URL | |
| 29756 | SERVER-WEBAPP IBM Tivoli Provisioning Manager express user.updateUserValue sql injection attempt (more info ...) | attempted-admin | 2012-0199 | URL | ||
| 29878 | MALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection (more info ...) | trojan-activity | URL | |||
| 29879 | MALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection (more info ...) | trojan-activity | URL | |||
| 29880 | MALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection (more info ...) | trojan-activity | URL | |||
| 29881 | MALWARE-CNC Win.Trojan.Dexter CasinoLoader SQL injection (more info ...) | trojan-activity | URL | |||
| 30343 | SERVER-WEBAPP Joomla weblinks-categories SQL injection attempt (more info ...) | web-application-attack | 65410 | URL | ||
| 31067 | SERVER-WEBAPP Advantech WebAccess ChartThemeConfig SQL injection attempt (more info ...) | attempted-admin | 2014-0763 | 66740 | URL | |
| 31636 | SERVER-WEBAPP Parallels Plesk Panel HTTP_AUTH_LOGIN SQL injection attempt (more info ...) | web-application-attack | 2012-1557 | 52267 | URL | |
| 31728 | SERVER-WEBAPP ManageEngine Desktop Central LinkViewFetchServlet SQL injection attempt (more info ...) | web-application-attack | 2014-3996 | 69305 | ||
| 31729 | SERVER-WEBAPP ManageEngine Password Manager MetadataServlet SQL injection attempt (more info ...) | web-application-attack | 2014-3997 | 69303 | ||
| 32115 | SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (more info ...) | attempted-dos | 2014-3382 | URL | ||
| 32116 | SERVER-OTHER Cisco ASA SQLNet inspection engine denial of service attempt (more info ...) | attempted-dos | 2014-3382 | URL | ||
| 32323 | SERVER-WEBAPP WordPress Custom Contact Forms plugin SQL export attempt (more info ...) | attempted-recon | ||||
| 32324 | SERVER-WEBAPP WordPress Custom Contact Forms plugin arbitrary SQL execution attempt (more info ...) | attempted-admin | ||||
| 32737 | SERVER-OTHER Lianja SQL Server db_netserver Buffer Overflow attempt (more info ...) | attempted-user | 2013-3563 | |||
| 33651 | SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (more info ...) | web-application-attack | 2014-9566 | |||
| 33652 | SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (more info ...) | web-application-attack | 2014-9566 | |||
| 33653 | SERVER-WEBAPP Solarwinds Orion AccountManagement SQL injection attempt (more info ...) | web-application-attack | 2014-9566 | |||
| 33657 | SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (more info ...) | web-application-attack | 2015-1605 | 72697 | ||
| 33658 | SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (more info ...) | web-application-attack | 2015-1605 | 72697 | ||
| 33659 | SERVER-WEBAPP Dell ScriptLogic Asset Manager SQL injection attempt (more info ...) | web-application-attack | 2015-1605 | 72697 | ||
| 34472 | SERVER-WEBAPP Symantec Critical System Protection SQL injection attempt (more info ...) | attempted-admin | 2014-7289 | 72092 | ||
| 34800 | SERVER-ORACLE 10g iSQLPlus service heap overflow attempt (more info ...) | attempted-user | 2004-1371 | 10871 | ||
| 34801 | SERVER-ORACLE 10g iSQLPlus service heap overflow attempt (more info ...) | attempted-user | 2004-1371 | 10871 | ||
| 35354 | SERVER-WEBAPP Cacti graphs local_graph_id SQL injection attempt (more info ...) | web-application-attack | 2015-4634 | 75984 | ||
| 35385 | MALWARE-CNC Win.Trojan.MSIL-Pwsfcbk SQL connection (more info ...) | trojan-activity | URL | |||
| 35701 | SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (more info ...) | web-application-attack | ||||
| 35702 | SERVER-WEBAPP ManageEngine OpManager agentKey SQL injection attempt (more info ...) | web-application-attack | ||||
| 35887 | POLICY-OTHER SCADA Engine BACnet OPC Server untrusted SQL query execution attempt (more info ...) | policy-violation | ||||
| 36061 | SERVER-OTHER SAP SQL Anywhere .NET malformed integer buffer overflow attempt (more info ...) | attempted-user | 2014-9264 | URL | ||
| 36615 | SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (more info ...) | web-application-attack | 2015-7858 | 77295 | ||
| 36616 | SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (more info ...) | web-application-attack | 2015-7858 | 77295 | ||
| 36617 | SERVER-WEBAPP Joomla com_contenthistory module SQL injection attempt (more info ...) | web-application-attack | 2015-7858 | 77295 | ||
| 36655 | SERVER-WEBAPP Joomla com_realestatemanager module SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36656 | SERVER-WEBAPP Joomla com_realestatemanager module SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36657 | SERVER-WEBAPP Joomla com_realestatemanager module SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 36915 | POLICY-OTHER ManageEngine EventLog Analyzer runQuery.do insecure SQL query attempt (more info ...) | policy-violation | 2015-7387 | 76866 | ||
| 37096 | SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (more info ...) | web-application-attack | 2007-4128 | 25146 | ||
| 37097 | SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (more info ...) | web-application-attack | 2007-4128 | 25146 | ||
| 37098 | SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (more info ...) | web-application-attack | 2007-4128 | 25146 | ||
| 37099 | SERVER-WEBAPP Joomla Component com_gmaps SQL injection attempt (more info ...) | web-application-attack | 2007-4128 | 25146 | ||
| 37133 | SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (more info ...) | web-application-attack | 2014-4960 | 68676 | ||
| 37134 | SERVER-WEBAPP Joomla com_youtubegallery module SQL injection attempt (more info ...) | web-application-attack | 2014-4960 | 68676 | ||
| 37148 | SERVER-WEBAPP WordPress Gallery Objects Plugin viewid SQL injection attempt (more info ...) | web-application-attack | 2014-5201 | 68791 | ||
| 37643 | SQL Oracle e-Business Suite ORACLESSWA SQL injection attempt (more info ...) | web-application-attack | 2016-0589 | |||
| 37648 | SQL Oracle e-Business Suite JTF_BISUTILITY_PUB SQL injection attempt (more info ...) | web-application-attack | 2016-0515 | |||
| 38398 | SERVER-WEBAPP DotCMS UserAjax.getUsersList.dwr SQL injection attempt (more info ...) | web-application-attack | 2016-3688 | |||
| 38499 | MALWARE-OTHER samsam sqlsrvtmg1.exe file load attempt (more info ...) | trojan-activity | ||||
| 38502 | MALWARE-OTHER samsam sqlsrvtmg1.exe file load attempt (more info ...) | trojan-activity | ||||
| 38720 | SERVER-WEBAPP Wordpress Simple Ads Manager SQL injection attempt (more info ...) | web-application-attack | 2015-2824 | 73698 | ||
| 38721 | SERVER-WEBAPP Wordpress Simple Ads Manager SQL injection attempt (more info ...) | web-application-attack | 2015-2824 | 73698 | ||
| 38722 | SERVER-WEBAPP Wordpress Simple Ads Manager SQL injection attempt (more info ...) | web-application-attack | 2015-2824 | 73698 | ||
| 38723 | SERVER-WEBAPP Wordpress Simple Ads Manager SQL injection attempt (more info ...) | web-application-attack | 2015-2824 | 73698 | ||
| 38925 | SERVER-WEBAPP Dell SonicWall Scrutinizer deleteTab SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 38926 | SERVER-WEBAPP Dell SonicWall Scrutinizer deleteTab SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 38927 | SERVER-WEBAPP Dell SonicWall Scrutinizer setSkin SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 38928 | SERVER-WEBAPP Dell SonicWall Scrutinizer setSkin SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 38929 | SERVER-WEBAPP Dell SonicWall Scrutinizer user_id SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 38930 | SERVER-WEBAPP Dell SonicWall Scrutinizer user_id SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 38979 | SERVER-WEBAPP Dell SonicWall Scrutinizer methodDetail SQL injection attempt (more info ...) | web-application-attack | 2014-4977 | 68495 | ||
| 39027 | SERVER-WEBAPP ManageEngine Applications Manager downTimeScheduler.do SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39060 | SERVER-WEBAPP SAP NetWeaver UDDISecurityImplBean SQL injection attempt (more info ...) | web-application-attack | 2016-2386 | URL | ||
| 39388 | SERVER-WEBAPP ICSCADA SQL injection attempt (more info ...) | web-application-attack | ||||
| 39389 | SERVER-WEBAPP Wintr SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39390 | SERVER-WEBAPP IntegraXOR SQL injection attempt (more info ...) | web-application-attack | 2016-2301 | |||
| 39435 | SERVER-WEBAPP Advantech SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39436 | SERVER-WEBAPP Soitec Smart Energy SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39437 | SERVER-WEBAPP Advantech SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 39460 | SERVER-WEBAPP Oracle E-Business Suite SQL injection attempt (more info ...) | web-application-attack | 2007-2126 | 23532 | ||
| 39461 | SERVER-WEBAPP Oracle E-Business Suite SQL injection attempt (more info ...) | web-application-attack | 2007-2126 | 23532 | ||
| 39462 | SERVER-WEBAPP Oracle E-Business Suite SQL injection attempt (more info ...) | web-application-attack | 2007-2126 | 23532 | ||
| 40313 | SQL PostgreSQL potential remote code execution attempt (more info ...) | misc-activity | URL | |||
| 40462 | SERVER-WEBAPP Magento Cms_Wysiwyg SQL injection attempt (more info ...) | web-application-attack | 2015-1397 | |||
| 40463 | SERVER-WEBAPP Magento Cms_Wysiwyg SQL injection attempt (more info ...) | web-application-attack | 2015-1397 | |||
| 40464 | SERVER-WEBAPP Magento Cms_Wysiwyg SQL injection attempt (more info ...) | web-application-attack | 2015-1397 | |||
| 41637 | INDICATOR-COMPROMISE Writable SQL directories discovery attempt (more info ...) | attempted-recon | URL | |||
| 41915 | POLICY-OTHER Carel PlantVisorPRO insecure SQL query transmission (more info ...) | web-application-attack | URL | |||
| 41916 | SERVER-WEBAPP Carel PlantVisorPRO malicious sql query attempt - DBCommander (more info ...) | web-application-attack | URL | |||
| 41918 | SERVER-WEBAPP Carel PlantVisorPRO malicious sql query attempt - RCmdComm (more info ...) | web-application-attack | URL | |||
| 41919 | SERVER-WEBAPP Carel PlantVisorPRO malicious sql query attempt - RCmdComm2 (more info ...) | web-application-attack | URL | |||
| 42976 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42977 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42978 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42979 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42980 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42981 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42982 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42983 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42984 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42985 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42986 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42987 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42988 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42989 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42990 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42991 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 42992 | SERVER-ORACLE Oracle Database Server SYS.KUPV SQL injection attempt (more info ...) | attempted-admin | 2006-0586 | 16287 | ||
| 43073 | SQL SysAid potential default credential login attempt (more info ...) | default-login-attempt | 2015-3001 | URL | ||
| 43503 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43504 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43505 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43506 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43507 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43508 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43509 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43510 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43511 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43512 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43513 | SERVER-WEBAPP Cisco Prime Infrastructure SQL injection attempt (more info ...) | web-application-attack | 2017-6698 | |||
| 43581 | SERVER-OTHER Oracle DBMS AUTH_ALTER_SESSION SQL injection attempt (more info ...) | attempted-admin | 2006-0547 | 84088 | URL | |
| 43733 | SERVER-WEBAPP Sophos XG Firewall Controller filter SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 43734 | SERVER-WEBAPP Sophos XG Firewall Controller filter SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 45832 | SERVER-WEBAPP Cisco Unified Communications Manager appuserFindList.do SQL injection attempt (more info ...) | web-application-attack | 2018-0120 | 102958 | URL | |
| 45833 | SERVER-WEBAPP Cisco Unified Communications Manager appuserFindList.do SQL injection attempt (more info ...) | web-application-attack | 2018-0120 | 102958 | URL | |
| 46462 | SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (more info ...) | web-application-attack | 2008-2991 | 30137 | URL | |
| 46463 | SERVER-WEBAPP Adobe RoboHelp rx SQL injection attempt (more info ...) | web-application-attack | 2008-2991 | 30137 | URL | |
| 46866 | SERVER-WEBAPP TYPO3 news module SQL injection attempt (more info ...) | web-application-attack | 2017-7581 | URL | ||
| 46998 | MALWARE-CNC Win.Trojan.MnuBot variant outbound SQL connection (more info ...) | trojan-activity | URL | |||
| 47467 | SERVER-WEBAPP Redaxo CMS addon SQL injection attempt (more info ...) | web-application-attack | ||||
| 47468 | SERVER-WEBAPP Redaxo CMS addon SQL injection attempt (more info ...) | web-application-attack | ||||
| 47469 | SERVER-WEBAPP Redaxo CMS addon SQL injection attempt (more info ...) | web-application-attack | ||||
| 47675 | SERVER-WEBAPP Cogent DataHub SQL injection attempt (more info ...) | web-application-attack | ||||
| 47676 | SERVER-WEBAPP Cogent DataHub SQL injection attempt (more info ...) | web-application-attack | ||||
| 47771 | SERVER-WEBAPP ClipBucket vote_channel SQL injection attempt (more info ...) | web-application-attack | 2018-7666 | |||
| 47772 | SERVER-WEBAPP ClipBucket commonAjax SQL injection attempt (more info ...) | web-application-attack | 2018-7666 | |||
| 47858 | SERVER-WEBAPP Joomla CW Tags Searchtext SQL injection attempt (more info ...) | web-application-attack | 2018-7313 | URL | ||
| 47859 | SERVER-WEBAPP Joomla CW Tags Searchtext SQL injection attempt (more info ...) | web-application-attack | 2018-7313 | URL | ||
| 48165 | SERVER-WEBAPP Joomla Component Swap Factory SQL injection attempt (more info ...) | web-application-attack | 2018-17384 | URL | ||
| 48166 | SERVER-WEBAPP Joomla Component Swap Factory SQL injection attempt (more info ...) | web-application-attack | 2018-17384 | URL | ||
| 49405 | SERVER-WEBAPP Advantech WebAccess 8.3.2 Dashboard SQL injection attempt (more info ...) | web-application-attack | 2017-16716 | |||
| 49406 | SERVER-WEBAPP Advantech WebAccess 8.3.2 Dashboard SQL injection attempt (more info ...) | web-application-attack | 2017-16716 | |||
| 49407 | SERVER-WEBAPP Advantech WebAccess 8.3.2 Dashboard SQL injection attempt (more info ...) | web-application-attack | 2017-16716 | |||
| 49413 | SERVER-WEBAPP Samsung Integrated Management System Data Management Server SQL injection attempt (more info ...) | web-application-attack | 2010-4284 | |||
| 49414 | SERVER-WEBAPP Samsung Integrated Management System Data Management Server SQL injection attempt (more info ...) | web-application-attack | 2010-4284 | |||
| 49415 | SERVER-WEBAPP Samsung Integrated Management System Data Management Server SQL injection attempt (more info ...) | web-application-attack | 2010-4284 | |||
| 49524 | SERVER-WEBAPP TPLink TD W8151N SQL injection attempt (more info ...) | web-application-attack | ||||
| 49525 | SERVER-WEBAPP TPLink TD W8151N SQL injection attempt (more info ...) | web-application-attack | ||||
| 49526 | SERVER-WEBAPP TPLink TD W8151N SQL injection attempt (more info ...) | web-application-attack | ||||
| 49819 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49820 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49821 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49822 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49823 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49824 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49825 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49826 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49827 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49828 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49829 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49830 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49831 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49832 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49833 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49834 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49835 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 49836 | SERVER-WEBAPP DoD IT Solutions Homey BnB script SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 50709 | SERVER-WEBAPP WordPress Rencontre plugin SQL injection attempt (more info ...) | web-application-attack | 2019-13413 | |||
| 50710 | SERVER-WEBAPP WordPress Rencontre plugin SQL injection attempt (more info ...) | web-application-attack | 2019-13413 | |||
| 50711 | SERVER-WEBAPP WordPress Rencontre plugin SQL injection attempt (more info ...) | web-application-attack | 2019-13413 | |||
| 51046 | SERVER-OTHER PostgreSQL interval stack buffer overflow attempt (more info ...) | attempted-user | 2014-0063 | URL | ||
| 51071 | SERVER-WEBAPP revolutionProducts FlexBB flexbb_lang_id cookie parameter SQL injection attempt (more info ...) | web-application-attack | 2007-1729 | 23161 | ||
| 51246 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51247 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51248 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51249 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51250 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51251 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51252 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51253 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51254 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51255 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51256 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51257 | SERVER-WEBAPP OpenEMR SQL injection attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 52038 | SERVER-OTHER PostgreSQL SCRAM authentication stack buffer overflow attempt (more info ...) | attempted-user | 2019-10164 | URL | ||
| 56002 | SERVER-WEBAPP D-Link Central WiFi Manager CMW 100 SQL injection attempt (more info ...) | web-application-attack | 2019-13373 | URL | ||
| 59070 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise SQL injection attempt (more info ...) | web-application-attack | ||||
| 59280 | SERVER-WEBAPP Medical Center Portal Management System SQL injection attempt (more info ...) | web-application-attack | ||||
| 59311 | SERVER-WEBAPP NagiosQL txtSearch cross site scripting attempt (more info ...) | attempted-user | 2013-6039 | |||
| 59312 | SERVER-WEBAPP NagiosQL txtSearch cross site scripting attempt (more info ...) | attempted-user | 2013-6039 | |||
| 59342 | SERVER-WEBAPP Multi Restaurant Table Reservation System 1.0 table_id unauthenticated SQL injection attempt (more info ...) | web-application-attack | 2020-29284 | URL | ||
| 59343 | SERVER-WEBAPP Multi Restaurant Table Reservation System 1.0 table_id unauthenticated SQL injection attempt (more info ...) | web-application-attack | 2020-29284 | URL | ||
| 59344 | SERVER-WEBAPP Multi Restaurant Table Reservation System 1.0 table_id unauthenticated SQL injection attempt (more info ...) | web-application-attack | 2020-29284 | URL | ||
| 59570 | SERVER-OTHER Trend Micro Control Manager TVCSCommander SQL injection attempt (more info ...) | attempted-user | 2017-11383 | |||
| 59571 | SERVER-OTHER Trend Micro Control Manager mdHandlerLicenseManager SQL injection attempt (more info ...) | attempted-user | 2017-11384 | |||
| 59572 | SERVER-OTHER Trend Micro Control Manager cmdHandlerStatusMonitor SQL injection attempt (more info ...) | attempted-user | 2017-11385 | |||
| 59574 | SERVER-ORACLE Oracle Warehouse Builder WB_RT_AUDIT_SHADOW_TABLE SQL injection attempt (more info ...) | attempted-user | 2011-0799 | |||
| 59608 | SERVER-WEBAPP Exponent CMS eaasController SQL injection attempt (more info ...) | web-application-attack | 2017-7991 | URL | ||
| 59626 | SERVER-OTHER PostgreSQL database SET ROLE security bypass attempt (more info ...) | attempted-user | 2014-0060 | |||
| 59627 | SERVER-OTHER PostgreSQL database SET ROLE security bypass attempt (more info ...) | attempted-user | 2014-0060 | |||
| 59636 | SERVER-OTHER PostgreSQL database geo_ops path_in integer overflow attempt (more info ...) | attempted-user | 2014-0064 | |||
| 59680 | SERVER-WEBAPP Online Learning Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 59681 | SERVER-WEBAPP Online Learning Management System SQL injection attempt (more info ...) | web-application-attack | URL | |||
| 60484 | SERVER-WEBAPP Django trunc SQL injection attempt (more info ...) | web-application-attack | 2022-34265 | |||
| 60485 | SERVER-WEBAPP Django extract SQL injection attempt (more info ...) | web-application-attack | 2022-34265 | |||
| 60785 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60787 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60788 | SERVER-WEBAPP GLPI Project external token SQL injection attempt (more info ...) | web-application-attack | 2022-35947 | |||
| 60848 | SERVER-WEBAPP Chimera Web Portal SQL injection attempt (more info ...) | web-application-attack | 2006-0137 | |||
| 60849 | SERVER-WEBAPP Chimera Web Portal SQL injection attempt (more info ...) | web-application-attack | 2006-0137 | |||
| 60850 | SERVER-WEBAPP Chimera Web Portal SQL injection attempt (more info ...) | web-application-attack | 2006-0137 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 10603 | OS-WINDOWS DCERPC NCACN-IP-TCP dns R_DnssrvUpdateRecord2 overflow attempt (more info ...) | attempted-admin | 2007-1748 | 23470 | URL | |
| 16029 | OS-WINDOWS Microsoft Windows DNS client ATMA buffer overrun attempt (more info ...) | attempted-admin | 2006-3441 | 19404 | ||
| 16030 | OS-WINDOWS Microsoft Windows DNS client TXT buffer overrun attempt (more info ...) | attempted-admin | 2006-3441 | 19404 | ||
| 19677 | OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (more info ...) | attempted-admin | 2011-1966 | URL | ||
| 23040 | PROTOCOL-DNS Multiple vendor DNS message decompression denial of service attempt (more info ...) | attempted-dos | 2007-1030 | 22606 | URL | |
| 23950 | OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (more info ...) | attempted-admin | 2011-1966 | URL | ||
| 23951 | OS-WINDOWS Microsoft Windows DNS NAPTR remote unauthenticated code execution vulnerability attempt (more info ...) | attempted-admin | 2011-1966 | URL | ||
| 26286 | APP-DETECT Absolute Software Computrace outbound connection - search.dnssearch.org (more info ...) | misc-activity | URL | |||
| 26803 | MALWARE-OTHER DNS data exfiltration attempt (more info ...) | policy-violation | URL | |||
| 27984 | APP-DETECT DNS request for Dynamic Internet Technology domain dfgvx.com (more info ...) | misc-activity | URL | |||
| 27985 | APP-DETECT DNS request for Dynamic Internet Technology domain hjuyv.com (more info ...) | misc-activity | URL | |||
| 27986 | APP-DETECT DNS request for Dynamic Internet Technology domain rfvcd.com (more info ...) | misc-activity | URL | |||
| 27987 | APP-DETECT DNS request for Dynamic Internet Technology domain vfrtg.com (more info ...) | misc-activity | URL | |||
| 27988 | APP-DETECT DNS request for Dynamic Internet Technology domain dongtaiwang.com (more info ...) | misc-activity | URL | |||
| 27989 | APP-DETECT DNS request for Dynamic Internet Technology domain mjuyh.com (more info ...) | misc-activity | URL | |||
| 27990 | APP-DETECT DNS request for Dynamic Internet Technology domain umikl.com (more info ...) | misc-activity | URL | |||
| 27991 | APP-DETECT DNS request for Dynamic Internet Technology domain ziyouforever.com (more info ...) | misc-activity | URL | |||
| 27992 | APP-DETECT DNS response for Dynamic Internet Technology domain ziyouforever.com (more info ...) | misc-activity | URL | |||
| 27993 | APP-DETECT DNS request for Dynamic Internet Technology domain xcder.com (more info ...) | misc-activity | URL | |||
| 27994 | APP-DETECT DNS request for Dynamic Internet Technology domain dit-inc.us (more info ...) | misc-activity | URL | |||
| 27995 | APP-DETECT DNS request for Dynamic Internet Technology domain ewsxz.com (more info ...) | misc-activity | URL | |||
| 27996 | APP-DETECT DNS request for Dynamic Internet Technology domain nbgtr.com (more info ...) | misc-activity | URL | |||
| 27997 | APP-DETECT DNS request for Dynamic Internet Technology domain dongtaiwang.net (more info ...) | misc-activity | URL | |||
| 27998 | APP-DETECT DNS request for Dynamic Internet Technology domain washingtonchinareview.org (more info ...) | misc-activity | URL | |||
| 28039 | INDICATOR-COMPROMISE Suspicious .pw dns query (more info ...) | misc-activity | ||||
| 28284 | INDICATOR-COMPROMISE Suspicious .nl.ai dns query (more info ...) | trojan-activity | ||||
| 28556 | PROTOCOL-DNS DNS query amplification attempt (more info ...) | attempted-dos | URL | |||
| 28557 | PROTOCOL-DNS Malformed DNS query with HTTP content (more info ...) | misc-activity | URL | |||
| 30272 | MALWARE-OTHER Unix.Trojan.Onimiki redirected client DNS request (more info ...) | trojan-activity | URL | |||
| 30273 | MALWARE-OTHER Unix.Trojan.Onimiki DNS compromised server response (more info ...) | trojan-activity | URL | |||
| 31984 | OS-OTHER Cisco IOS mDNS malformed rrlength denial of service attempt (more info ...) | attempted-dos | 2014-3357 | URL | ||
| 35942 | PROTOCOL-DNS ISC BIND TKEY query processing denial of service attempt (more info ...) | attempted-dos | 2015-5477 | URL | ||
| 35943 | PROTOCOL-DNS ISC BIND TKEY query processing denial of service attempt (more info ...) | attempted-dos | 2015-5477 | URL | ||
| 37015 | PROTOCOL-DNS DNS DNAME query detected - possible attack attempt (more info ...) | attempted-admin | 2015-6125 | URL | ||
| 37730 | PROTOCOL-DNS glibc getaddrinfo A record stack buffer overflow attempt (more info ...) | attempted-user | 2015-7547 | URL | ||
| 37731 | PROTOCOL-DNS glibc getaddrinfo AAAA record stack buffer overflow attempt (more info ...) | attempted-user | 2015-7547 | URL | ||
| 39192 | SERVER-WEBAPP D-Link router unauthorised DNS change attempt (more info ...) | attempted-admin | URL | |||
| 39742 | SERVER-WEBAPP Dell SonicWall GMS set_dns XMLRPC method command injection attempt (more info ...) | web-application-attack | URL | |||
| 39926 | MALWARE-OTHER pisloader DNS drive command response attempt (more info ...) | trojan-activity | URL | |||
| 39927 | MALWARE-OTHER pisloader DNS list command response attempt (more info ...) | trojan-activity | URL | |||
| 39928 | MALWARE-OTHER pisloader DNS open command response attempt (more info ...) | trojan-activity | URL | |||
| 39929 | MALWARE-OTHER pisloader DNS sinfo command response attempt (more info ...) | trojan-activity | URL | |||
| 39946 | PROTOCOL-DNS PowerDNS TKEY query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39947 | PROTOCOL-DNS PowerDNS TKEY query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39948 | PROTOCOL-DNS PowerDNS TCP TKEY query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39949 | PROTOCOL-DNS PowerDNS TCP TKEY query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39950 | PROTOCOL-DNS PowerDNS TCP TSIG query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39951 | PROTOCOL-DNS PowerDNS TCP TSIG query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39952 | PROTOCOL-DNS PowerDNS TSIG query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 39953 | PROTOCOL-DNS PowerDNS TSIG query denial of service attempt (more info ...) | attempted-dos | 2015-5311 | 77522 | URL | |
| 40257 | SERVER-WEBAPP Cisco Cloud Services Platform dnslookup command injection attempt (more info ...) | attempted-admin | 2016-6374 | URL | ||
| 40344 | PROTOCOL-DNS ISC BIND isc__buffer_add assertion failure denial of service attempt (more info ...) | attempted-dos | 2016-2776 | URL | ||
| 40579 | SERVER-OTHER ISC BIND 9 DNS query overly long name denial of service attempt (more info ...) | attempted-dos | 2016-2848 | |||
| 42785 | INDICATOR-SCAN DNS version.bind string information disclosure attempt (more info ...) | attempted-recon | 2017-0171 | URL | ||
| 43308 | BROWSER-PLUGINS MagnetoSoft DNS ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43309 | BROWSER-PLUGINS MagnetoSoft DNS ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43316 | BROWSER-PLUGINS MagnetoSoft DNS ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43317 | BROWSER-PLUGINS MagnetoSoft DNS ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43687 | INDICATOR-COMPROMISE Suspicious .top dns query (more info ...) | misc-activity | URL | |||
| 44037 | INDICATOR-COMPROMISE DNS request for known malware sinkhole domain iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com - WannaCry (more info ...) | trojan-activity | URL | |||
| 44076 | INDICATOR-COMPROMISE Suspicious .trade dns query (more info ...) | misc-activity | ||||
| 44477 | SERVER-OTHER dnsmasq dhcp6_maybe_relay stack buffer overflow attempt (more info ...) | attempted-admin | 2017-14493 | URL | ||
| 44478 | PROTOCOL-DNS dnsmasq add_pseudoheader memory leak attempt (more info ...) | attempted-dos | 2017-14495 | URL | ||
| 44480 | SERVER-OTHER dnsmasq Relay-forw information leak attempt (more info ...) | attempted-recon | 2017-14494 | |||
| 46400 | SERVER-WEBAPP D-Link DNS-343 Mail_Test command injection attempt (more info ...) | web-application-attack | URL | |||
| 46401 | SERVER-WEBAPP D-Link DNS-343 Mail_Test command injection attempt (more info ...) | web-application-attack | URL | |||
| 46402 | SERVER-WEBAPP D-Link DNS-343 Mail_Test command injection attempt (more info ...) | web-application-attack | URL | |||
| 47809 | PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0672 attack attempt (more info ...) | attempted-user | 2018-4003 | URL | ||
| 47811 | PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0671 attack attempt (more info ...) | attempted-dos | 2020-6072 | URL | ||
| 47842 | PROTOCOL-DNS TRUFFLEHUNTER TALOS-2018-0681 attack attempt (more info ...) | attempted-admin | 2018-4011 | URL | ||
| 47881 | PROTOCOL-DNS dnsmasq add_pseudoheader memory leak attempt (more info ...) | attempted-dos | 2017-14495 | URL | ||
| 48353 | SERVER-WEBAPP Quest DR Series Disk Backup DnsService.pm command injection attempt (more info ...) | web-application-attack | 2018-11183 | URL | ||
| 48647 | INDICATOR-COMPROMISE suspicious .bbs tcp dns query (more info ...) | misc-activity | ||||
| 48648 | INDICATOR-COMPROMISE suspicious .bbs dns query (more info ...) | misc-activity | ||||
| 48649 | INDICATOR-COMPROMISE suspicious .chan tcp dns query (more info ...) | misc-activity | ||||
| 48650 | INDICATOR-COMPROMISE suspicious .chan dns query (more info ...) | misc-activity | ||||
| 48651 | INDICATOR-COMPROMISE suspicious .cyb tcp dns query (more info ...) | misc-activity | ||||
| 48652 | INDICATOR-COMPROMISE suspicious .cyb dns query (more info ...) | misc-activity | ||||
| 48653 | INDICATOR-COMPROMISE suspicious .dyn tcp dns query (more info ...) | misc-activity | ||||
| 48654 | INDICATOR-COMPROMISE suspicious .dyn dns query (more info ...) | misc-activity | ||||
| 48655 | INDICATOR-COMPROMISE suspicious .geek tcp dns query (more info ...) | misc-activity | ||||
| 48656 | INDICATOR-COMPROMISE suspicious .geek dns query (more info ...) | misc-activity | ||||
| 48657 | INDICATOR-COMPROMISE suspicious .gopher tcp dns query (more info ...) | misc-activity | ||||
| 48658 | INDICATOR-COMPROMISE suspicious .gopher dns query (more info ...) | misc-activity | ||||
| 48659 | INDICATOR-COMPROMISE suspicious .indy tcp dns query (more info ...) | misc-activity | ||||
| 48660 | INDICATOR-COMPROMISE suspicious .indy dns query (more info ...) | misc-activity | ||||
| 48661 | INDICATOR-COMPROMISE suspicious .libre tcp dns query (more info ...) | misc-activity | ||||
| 48662 | INDICATOR-COMPROMISE suspicious .libre dns query (more info ...) | misc-activity | ||||
| 48663 | INDICATOR-COMPROMISE suspicious .neo tcp dns query (more info ...) | misc-activity | ||||
| 48664 | INDICATOR-COMPROMISE suspicious .neo dns query (more info ...) | misc-activity | ||||
| 48665 | INDICATOR-COMPROMISE suspicious .null tcp dns query (more info ...) | misc-activity | ||||
| 48667 | INDICATOR-COMPROMISE suspicious .o tcp dns A query (more info ...) | misc-activity | ||||
| 48668 | INDICATOR-COMPROMISE suspicious .o dns A query (more info ...) | misc-activity | ||||
| 48669 | INDICATOR-COMPROMISE suspicious .oss tcp dns query (more info ...) | misc-activity | ||||
| 48670 | INDICATOR-COMPROMISE suspicious .oss dns query (more info ...) | misc-activity | ||||
| 48671 | INDICATOR-COMPROMISE suspicious .oz tcp dns A query (more info ...) | misc-activity | ||||
| 48672 | INDICATOR-COMPROMISE suspicious .oz dns A query (more info ...) | misc-activity | ||||
| 48673 | INDICATOR-COMPROMISE suspicious .parody tcp dns query (more info ...) | misc-activity | ||||
| 48674 | INDICATOR-COMPROMISE suspicious .parody dns query (more info ...) | misc-activity | ||||
| 48675 | INDICATOR-COMPROMISE suspicious .pirate tcp dns query (more info ...) | misc-activity | ||||
| 48676 | INDICATOR-COMPROMISE suspicious .pirate dns query (more info ...) | misc-activity | ||||
| 48677 | INDICATOR-COMPROMISE suspicious .free tcp dns query (more info ...) | misc-activity | ||||
| 48678 | INDICATOR-COMPROMISE suspicious .free dns query (more info ...) | misc-activity | ||||
| 48679 | INDICATOR-COMPROMISE suspicious .bazar tcp dns query (more info ...) | misc-activity | ||||
| 48680 | INDICATOR-COMPROMISE suspicious .bazar dns query (more info ...) | misc-activity | ||||
| 48681 | INDICATOR-COMPROMISE suspicious .coin tcp dns query (more info ...) | misc-activity | ||||
| 48682 | INDICATOR-COMPROMISE suspicious .coin dns query (more info ...) | misc-activity | ||||
| 48683 | INDICATOR-COMPROMISE suspicious .emc tcp dns query (more info ...) | misc-activity | ||||
| 48684 | INDICATOR-COMPROMISE suspicious .emc dns query (more info ...) | misc-activity | ||||
| 48685 | INDICATOR-COMPROMISE suspicious .lib tcp dns query (more info ...) | misc-activity | ||||
| 48686 | INDICATOR-COMPROMISE suspicious .lib dns query (more info ...) | misc-activity | ||||
| 48687 | INDICATOR-COMPROMISE suspicious .fur tcp dns query (more info ...) | misc-activity | ||||
| 48688 | INDICATOR-COMPROMISE suspicious .fur dns query (more info ...) | misc-activity | ||||
| 48713 | INDICATOR-COMPROMISE suspicious .glue dns query (more info ...) | misc-activity | ||||
| 48714 | INDICATOR-COMPROMISE suspicious .glue tcp dns query (more info ...) | misc-activity | ||||
| 48829 | INDICATOR-COMPROMISE suspicious .o tcp dns AAAA query (more info ...) | misc-activity | ||||
| 48830 | INDICATOR-COMPROMISE suspicious .o tcp dns TXT query (more info ...) | misc-activity | ||||
| 48831 | INDICATOR-COMPROMISE suspicious .o dns AAAA query (more info ...) | misc-activity | ||||
| 48832 | INDICATOR-COMPROMISE suspicious .o dns TXT query (more info ...) | misc-activity | ||||
| 48833 | INDICATOR-COMPROMISE suspicious .oz tcp dns AAAA query (more info ...) | misc-activity | ||||
| 48834 | INDICATOR-COMPROMISE suspicious .oz tcp dns TXT query (more info ...) | misc-activity | ||||
| 48835 | INDICATOR-COMPROMISE suspicious .oz dns AAAA query (more info ...) | misc-activity | ||||
| 48836 | INDICATOR-COMPROMISE suspicious .oz dns TXT query (more info ...) | misc-activity | ||||
| 50348 | MALWARE-OTHER Win.Trojan.DNSpionage variant download attempt (more info ...) | attempted-user | URL | |||
| 50349 | MALWARE-OTHER Win.Trojan.DNSpionage variant download attempt (more info ...) | attempted-user | URL | |||
| 50350 | MALWARE-OTHER Win.Trojan.DNSpionage variant download attempt (more info ...) | attempted-user | URL | |||
| 50353 | MALWARE-OTHER Win.Trojan.DNSpionage variant download attempt (more info ...) | attempted-user | URL | |||
| 50616 | MALWARE-OTHER Html.Phishing.Necurs DNS compromise attempt (more info ...) | trojan-activity | URL | |||
| 50617 | MALWARE-OTHER Html.Phishing.Necurs DNS compromise attempt (more info ...) | trojan-activity | URL | |||
| 50618 | MALWARE-OTHER Html.Phishing.Necurs DNS compromise attempt (more info ...) | trojan-activity | URL | |||
| 51534 | MALWARE-BACKDOOR DNS request for open LocalXpose reverse proxy backdoor domain ANY.loclx.io (more info ...) | trojan-activity | URL | |||
| 51712 | INDICATOR-COMPROMISE Win.Trojan.NanoCore DNS request for known malware domain bsbs.duckdns.org (more info ...) | trojan-activity | URL | |||
| 52242 | SERVER-WEBAPP D-Link DNS-320 ShareCenter command injection attempt (more info ...) | web-application-attack | 2019-16057 | URL | ||
| 52243 | SERVER-WEBAPP D-Link DNS-320 ShareCenter command injection attempt (more info ...) | web-application-attack | 2019-16057 | URL | ||
| 53867 | PROTOCOL-DNS Cisco ASA and FTD IPv6 DNS request stack buffer overflow attempt (more info ...) | attempted-admin | 2020-3191 | URL | ||
| 53972 | MALWARE-OTHER Cobalt Strike beacon.dll DNS download attempt (more info ...) | trojan-activity | URL | |||
| 53975 | INDICATOR-COMPROMISE Cobalt Strike multiple large DNS TXT query responses (more info ...) | trojan-activity | URL | |||
| 53985 | INDICATOR-COMPROMISE msiexec.exe command execution over DNS attempt (more info ...) | trojan-activity | URL | |||
| 54518 | SERVER-OTHER Microsoft Windows DNS server remote integer overflow attempt (more info ...) | attempted-user | 2021-26897 | URL | ||
| 54575 | SERVER-OTHER Microsoft Windows DNS server remote integer overflow attempt (more info ...) | attempted-user | 2020-1350 | URL | ||
| 54576 | SERVER-OTHER Microsoft Windows DNS server remote integer overflow attempt (more info ...) | attempted-user | 2020-1350 | URL | ||
| 54577 | SERVER-OTHER Microsoft Windows DNS server remote integer overflow attempt (more info ...) | attempted-user | 2020-1350 | URL | ||
| 54735 | OS-WINDOWS Microsoft Windows DNS Resolver local privilege escalation attempt (more info ...) | attempted-admin | 2020-1584 | URL | ||
| 54736 | OS-WINDOWS Microsoft Windows DNS Resolver local privilege escalation attempt (more info ...) | attempted-admin | 2020-1584 | URL | ||
| 54827 | MALWARE-TOOLS dnscat dns tunneling detected (more info ...) | trojan-activity | URL | |||
| 55206 | SERVER-OTHER Active Directory LDAP addRequest crafted dnsRecord information leak attempt (more info ...) | attempted-user | 2020-0856 | URL | ||
| 55822 | PROTOCOL-DNS Cisco IOS XE Umbrella Connector denial of service attempt (more info ...) | attempted-dos | 2020-3510 | URL | ||
| 55993 | PROTOCOL-ICMP Microsoft Windows IPv6 DNSSL option record denial of service attempt (more info ...) | attempted-dos | 2020-16899 | URL | ||
| 56569 | MALWARE-TOOLS Win.Trojan.MemscraperDNS variant download attempt (more info ...) | trojan-activity | URL | |||
| 57123 | SERVER-OTHER Microsoft Windows DNS server remote code execution attempt (more info ...) | attempted-user | 2021-24078 | URL | ||
| 57274 | OS-WINDOWS Microsoft Windows DNS Server out of bounds read attempt (more info ...) | attempted-user | 2021-26877 | URL | ||
| 57329 | SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt (more info ...) | web-application-attack | 2020-25506 | URL | ||
| 57330 | SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt (more info ...) | web-application-attack | 2020-25506 | URL | ||
| 57331 | SERVER-WEBAPP D-Link DNS-320 Firewall command injection attempt (more info ...) | web-application-attack | 2020-25506 | URL | ||
| 57350 | SERVER-OTHER invalid multicast DNS name length response attempt (more info ...) | attempted-user | 2021-1439 | URL | ||
| 59564 | PROTOCOL-DNS Cisco IOS XE mDNS denial of service attempt (more info ...) | attempted-dos | 2022-20682 | URL | ||
| 59565 | PROTOCOL-DNS Cisco IOS XE mDNS denial of service attempt (more info ...) | attempted-dos | 2022-20682 | URL | ||
| 59955 | MALWARE-OTHER Unix.Backdoor.Dnscat2 variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59956 | MALWARE-OTHER Unix.Backdoor.Dnscat2 variant binary download attempt (more info ...) | trojan-activity | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1261 | SERVER-OTHER AIX pdnsd overflow (more info ...) | attempted-user | 1999-0745 | 590 | ||
| 1739 | SERVER-WEBAPP DNSTools administrator authentication bypass attempt (more info ...) | web-application-attack | 2002-0613 | 4617 | ||
| 1740 | SERVER-WEBAPP DNSTools authentication bypass attempt (more info ...) | web-application-attack | 2002-0613 | 4617 | ||
| 1741 | SERVER-WEBAPP DNSTools access (more info ...) | web-application-activity | 2002-0613 | 4617 | ||
| 3154 | PROTOCOL-DNS UDP inverse query overflow (more info ...) | attempted-admin | 1999-0009 | 134 | ||
| 12357 | SERVER-OTHER Apple mDNSresponder excessive HTTP headers (more info ...) | attempted-admin | 2007-3744 | 25159 | ||
| 13900 | APP-DETECT Apple iTunes server multicast DNS response (more info ...) | misc-activity | URL | |||
| 15327 | PROTOCOL-DNS libspf2 DNS TXT record parsing buffer overflow attempt (more info ...) | attempted-user | 2008-2469 | 31881 | ||
| 15734 | PROTOCOL-DNS BIND named 9 dynamic update message remote dos attempt (more info ...) | attempted-dos | 2009-0696 | URL | ||
| 15963 | OS-LINUX Red Hat Enterprise Linux DNS resolver buffer overflow attempt (more info ...) | attempted-admin | 2002-0029 | 6186 | ||
| 15988 | OS-WINDOWS Microsoft ISA Server DNS spoofing attempt (more info ...) | misc-attack | 2004-0892 | 11605 | ||
| 16206 | OS-WINDOWS Microsoft Windows DNS server spoofing attempt (more info ...) | misc-attack | 2008-1447 | 25919 | URL | |
| 16443 | POLICY-SOCIAL deny Gmail chat DNS request (more info ...) | policy-violation | ||||
| 16612 | BROWSER-FIREFOX Mozilla Firefox oversized SOCKS5 DNS reply memory corruption attempt (more info ...) | attempted-user | 2009-2470 | 35925 | ||
| 16693 | MALWARE-CNC Torpig bot sinkhole server DNS lookup (more info ...) | trojan-activity | URL | |||
| 17294 | OS-WINDOWS Microsoft Windows NAT Helper DNS query denial of service attempt (more info ...) | attempted-dos | 2006-5614 | 20804 | ||
| 17483 | PROTOCOL-DNS squid proxy dns A record response denial of service attempt (more info ...) | attempted-dos | 2005-0446 | 12551 | ||
| 17484 | PROTOCOL-DNS squid proxy dns PTR record response denial of service attempt (more info ...) | attempted-dos | 2005-0446 | 12551 | ||
| 17485 | PROTOCOL-DNS Symantec Gateway products DNS cache poisoning attempt (more info ...) | misc-attack | 2005-0817 | |||
| 17495 | SERVER-OTHER Squid proxy DNS response spoofing attempt (more info ...) | attempted-dos | 2005-1519 | 13592 | ||
| 17680 | SERVER-OTHER ISC BIND DNSSEC Validation Multiple RRsets DoS (more info ...) | attempted-dos | 2007-0494 | 22231 | ||
| 17696 | PROTOCOL-DNS Microsoft Windows DNS Server ANY query cache weakness (more info ...) | misc-activity | 2009-0234 | URL | ||
| 19125 | PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (more info ...) | denial-of-service | 2011-1910 | |||
| 19187 | PROTOCOL-DNS TMG Firewall Client long host entry exploit attempt (more info ...) | attempted-user | 2011-1889 | URL | ||
| 19471 | POLICY-OTHER dnstunnel v0.5 outbound traffic detected (more info ...) | policy-violation | URL | |||
| 20095 | INDICATOR-COMPROMISE IRC dns request on non-standard port (more info ...) | trojan-activity | ||||
| 21354 | PROTOCOL-DNS dns query - storing query and txid (more info ...) | misc-activity | 2010-1690 | URL | ||
| 21421 | PROTOCOL-DNS ISC BIND DNSSEC authority response record overflow attempt (more info ...) | denial-of-service | 2011-1910 | |||
| 21544 | MALWARE-CNC Possible host infection - excessive DNS queries for .eu (more info ...) | trojan-activity | ||||
| 21545 | MALWARE-CNC Possible host infection - excessive DNS queries for .ru (more info ...) | trojan-activity | ||||
| 21546 | MALWARE-CNC Possible host infection - excessive DNS queries for .cn (more info ...) | trojan-activity | ||||
| 21817 | PROTOCOL-DNS excessive queries of type ANY - potential DoS (more info ...) | attempted-dos | URL | |||
| 23368 | PROTOCOL-DNS Tftpd32 DNS server denial of service attempt (more info ...) | denial-of-service | ||||
| 23608 | PROTOCOL-DNS dns zone transfer with zero-length rdata attempt (more info ...) | attempted-dos | 2012-1667 | URL | ||
| 24304 | PROTOCOL-DNS dead alive6 DNS attempt (more info ...) | misc-activity | URL | |||
| 25080 | APP-DETECT Apple Messages push.apple.com DNS TXT request attempt (more info ...) | policy-violation | URL | |||
| 25081 | APP-DETECT Apple Messages courier.push.apple.com DNS TXT request attempt (more info ...) | policy-violation | URL | |||
| 25333 | PROTOCOL-DNS Exim DKIM decoding buffer overflow attempt (more info ...) | attempted-admin | 2012-5671 | |||
| 25983 | INDICATOR-OBFUSCATION DNS tunneling attempt (more info ...) | policy-violation | URL | |||
| 26266 | MALWARE-CNC Win.Trojan.Zeus v3 DGA DNS query detected (more info ...) | trojan-activity | ||||
| 26267 | MALWARE-CNC Win.Trojan.Zeus v3 DGA DNS query detected (more info ...) | trojan-activity | ||||
| 26268 | MALWARE-CNC Win.Trojan.Zeus v3 DGA DNS query detected (more info ...) | trojan-activity | ||||
| 26269 | MALWARE-CNC Win.Trojan.Zeus v3 DGA DNS query detected (more info ...) | trojan-activity | ||||
| 26270 | MALWARE-CNC Win.Trojan.Zeus v3 DGA DNS query detected (more info ...) | trojan-activity | ||||
| 26271 | MALWARE-CNC Win.Trojan.Zeus v3 DGA DNS query detected (more info ...) | trojan-activity | ||||
| 26324 | PROTOCOL-DNS ISC BIND NAPTR record regular expression handling denial of service attempt (more info ...) | attempted-dos | 2013-2266 | URL | ||
| 26353 | INDICATOR-COMPROMISE IP address check to dyndns.org detected (more info ...) | misc-activity | ||||
| 26397 | INDICATOR-COMPROMISE IP address check to myip.dnsomatic.com detected (more info ...) | misc-activity | ||||
| 26427 | PROTOCOL-DNS ISC libdns client NAPTR record regular expression handling denial of service attempt (more info ...) | attempted-dos | 2013-2266 | URL | ||
| 26740 | MALWARE-CNC Win.Trojan.BlackRev cnc dns command (more info ...) | trojan-activity | URL | |||
| 27046 | APP-DETECT iodine dns tunneling handshake server ACK (more info ...) | policy-violation | URL | |||
| 27536 | APP-DETECT TCP over DNS response attempt (more info ...) | policy-violation | URL | |||
| 27540 | APP-DETECT OzymanDNS dns tunneling up attempt (more info ...) | policy-violation | URL | |||
| 27541 | APP-DETECT OzymanDNS dns tunneling down attempt (more info ...) | policy-violation | URL | |||
| 27666 | SERVER-OTHER ISC BIND 9 DNS rdata length handling remote denial of service attempt (more info ...) | denial-of-service | 2013-4854 | 61479 | URL | |
| 27700 | APP-DETECT NSTX DNS tunnel outbound connection attempt (more info ...) | policy-violation | ||||
| 27721 | INDICATOR-COMPROMISE Suspicious .su dns query (more info ...) | trojan-activity | ||||
| 27737 | MALWARE-CNC DNS suspicious .c0m.li dns query (more info ...) | trojan-activity | ||||
| 27930 | APP-DETECT DNS request for Splashtop domain splashtop.com (more info ...) | misc-activity | URL | |||
| 27931 | APP-DETECT DNS request for Splashtop domain splashtop.net (more info ...) | misc-activity | URL | |||
| 27932 | APP-DETECT DNS request for Splashtop domain devicevm.com (more info ...) | misc-activity | URL | |||
| 27938 | PROTOCOL-DNS IPv6 host name enumeration (more info ...) | attempted-recon | URL | |||
| 28070 | APP-DETECT DNS request for potential malware SafeGuard to domain 360safe.com (more info ...) | trojan-activity | URL | |||
| 28190 | INDICATOR-COMPROMISE Suspicious .cc dns query (more info ...) | trojan-activity | ||||
| 29381 | APP-DETECT VPN Over DNS outbound traffic attempt (more info ...) | policy-violation | URL | |||
| 29382 | APP-DETECT VPN Over DNS application download attempt (more info ...) | policy-violation | URL | |||
| 29383 | APP-DETECT VPN Over DNS application download attempt (more info ...) | policy-violation | URL | |||
| 29935 | PROTOCOL-DNS ISC libdns client NAPTR record regular expression handling denial of service attempt (more info ...) | attempted-dos | 2013-2266 | URL | ||
| 30853 | APP-DETECT DNS request for known bitcoin domain bitseed.xf2.org (more info ...) | policy-violation | ||||
| 30854 | APP-DETECT DNS request for known bitcoin domain dnsseed.btcltcftc.com (more info ...) | policy-violation | ||||
| 30855 | APP-DETECT DNS request for known bitcoin domain dnsseed.fc.altcointech.net (more info ...) | policy-violation | ||||
| 30856 | APP-DETECT DNS request for known bitcoin domain dnsseed.feathercoin.com (more info ...) | policy-violation | ||||
| 30857 | APP-DETECT DNS request for known bitcoin domain dnsseed.koin-project.com (more info ...) | policy-violation | ||||
| 30858 | APP-DETECT DNS request for known bitcoin domain dnsseed.litecoinpool.org (more info ...) | policy-violation | ||||
| 30859 | APP-DETECT DNS request for known bitcoin domain dnsseed.litecointools.com (more info ...) | policy-violation | ||||
| 30860 | APP-DETECT DNS request for known bitcoin domain dnsseed.ltc.xurious.com (more info ...) | policy-violation | ||||
| 30861 | APP-DETECT DNS request for known bitcoin domain dnsseed.ppc.altcointech.net (more info ...) | policy-violation | ||||
| 30862 | APP-DETECT DNS request for known bitcoin domain dnsseed.xpm.altcointech.net (more info ...) | policy-violation | ||||
| 30863 | APP-DETECT DNS request for known bitcoin domain dvcstable01.dvcnode.org (more info ...) | policy-violation | ||||
| 30864 | APP-DETECT DNS request for known bitcoin domain dvcstable02.dvcnode.org (more info ...) | policy-violation | ||||
| 30865 | APP-DETECT DNS request for known bitcoin domain seed.bitcoinstats.com (more info ...) | policy-violation | ||||
| 30866 | APP-DETECT DNS request for known bitcoin domain seed.dglibrary.org (more info ...) | policy-violation | ||||
| 30867 | APP-DETECT DNS request for known bitcoin domain seed.dogechain.info (more info ...) | policy-violation | ||||
| 30868 | APP-DETECT DNS request for known bitcoin domain seed.dogecoin.com (more info ...) | policy-violation | ||||
| 30869 | APP-DETECT DNS request for known bitcoin domain seed.mophides.com (more info ...) | policy-violation | ||||
| 30870 | APP-DETECT DNS request for known bitcoin domain seed.ppcoin.net (more info ...) | policy-violation | ||||
| 30871 | APP-DETECT DNS request for known bitcoin domain seed1.metiscoininvest.info (more info ...) | policy-violation | ||||
| 30872 | APP-DETECT DNS request for known bitcoin domain seed1.net.terracoin.org (more info ...) | policy-violation | ||||
| 30873 | APP-DETECT DNS request for known bitcoin domain seed1.qrkcoin.org (more info ...) | policy-violation | ||||
| 30874 | APP-DETECT DNS request for known bitcoin domain seed2.net.terracoin.org (more info ...) | policy-violation | ||||
| 30875 | APP-DETECT DNS request for known bitcoin domain tnseed.ppcoin.net (more info ...) | policy-violation | ||||
| 31982 | SERVER-OTHER Cisco IOS mdns memory leak (more info ...) | attempted-dos | 2014-3358 | URL | ||
| 32312 | MALWARE-CNC FrameworkPOS data exfiltration through DNS - beacon message (more info ...) | trojan-activity | URL | |||
| 32865 | APP-DETECT I2P DNS request attempt (more info ...) | trojan-activity | URL | |||
| 33522 | MALWARE-CNC User-Agent known malicious user-agent - DNS Changer (more info ...) | trojan-activity | URL | |||
| 33523 | MALWARE-CNC Win.Trojan.DNSChanger variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33524 | MALWARE-CNC Win.Trojan.DNSChanger variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33928 | SERVER-OTHER Cisco IOS mDNS denial of service attempt (more info ...) | attempted-dos | 2014-3357 | 70132 | URL | |
| 33929 | SERVER-OTHER Cisco IOS mDNS denial of service attempt (more info ...) | attempted-dos | 2014-3357 | 70132 | URL | |
| 34051 | PROTOCOL-DNS Cisco ASA memory exhaustion denial of service attempt (more info ...) | attempted-dos | 2015-0676 | URL | ||
| 34496 | APP-DETECT Your-Freedom DNS tunneling query attempt (more info ...) | misc-activity | URL | |||
| 34497 | APP-DETECT Your-Freedom DNS tunneling query response attempt (more info ...) | misc-activity | URL | |||
| 36055 | PROTOCOL-DNS ISC BIND DNSSEC response unsupported DNSKEY cryptographic algorithm attempt (more info ...) | attempted-dos | 2015-5722 | URL | ||
| 36130 | PROTOCOL-DNS ISC BIND zero length OPENPGPKEY rdata response attempt (more info ...) | attempted-dos | 2015-5986 | URL | ||
| 36379 | POLICY-OTHER dnstunnel v0.5 outbound traffic detected (more info ...) | policy-violation | URL | |||
| 37062 | APP-DETECT 12P DNS request attempt (more info ...) | misc-activity | URL | |||
| 37343 | SERVER-WEBAPP D-Link DNS-326 check_login command injection attempt (more info ...) | web-application-attack | URL | |||
| 37891 | INDICATOR-OBFUSCATION DNS tunneling attempt (more info ...) | policy-violation | URL | |||
| 37892 | INDICATOR-OBFUSCATION DNS tunneling attempt (more info ...) | policy-violation | URL | |||
| 38281 | PROTOCOL-DNS ISC BIND totext_in_apl denial of service attempt (more info ...) | attempted-dos | 2015-8704 | 81329 | URL | |
| 38282 | PROTOCOL-DNS ISC BIND totext_in_apl denial of service attempt (more info ...) | attempted-dos | 2015-8704 | 81329 | URL | |
| 38283 | PROTOCOL-DNS ISC BIND totext_in_apl denial of service attempt (more info ...) | attempted-dos | 2015-8704 | 81329 | URL | |
| 38284 | PROTOCOL-DNS ISC BIND totext_in_apl denial of service attempt (more info ...) | attempted-dos | 2015-8704 | 81329 | URL | |
| 38457 | POLICY-OTHER Suspicious typo squatting DNS query to .om TLD attempt (more info ...) | policy-violation | URL | |||
| 38590 | SERVER-OTHER Cisco Wireless LAN Controller mDNS denial of service attempt (more info ...) | attempted-dos | URL | |||
| 39866 | INDICATOR-COMPROMISE Suspicious .ml dns query (more info ...) | misc-activity | URL | |||
| 39867 | INDICATOR-COMPROMISE Suspicious .tk dns query (more info ...) | misc-activity | URL | |||
| 40362 | PROTOCOL-DNS ISC BIND DNS duplicate cookie denial of service attempt (more info ...) | attempted-dos | 2016-2088 | URL | ||
| 40610 | INDICATOR-COMPROMISE DNS response points to sinkholed domain (more info ...) | trojan-activity | URL | |||
| 41083 | MALWARE-CNC DNS suspicious .bit dns query (more info ...) | trojan-activity | ||||
| 41755 | INDICATOR-COMPROMISE d-link sharecenter dns-320 denial of service attempt (more info ...) | web-application-attack | URL | |||
| 41756 | INDICATOR-COMPROMISE d-link sharecenter dns-320 denial of service attempt (more info ...) | web-application-attack | URL | |||
| 41757 | INDICATOR-COMPROMISE d-link sharecenter dns-320 denial of service attempt (more info ...) | web-application-attack | URL | |||
| 41758 | INDICATOR-COMPROMISE d-link sharecenter dns-320 denial of service attempt (more info ...) | web-application-attack | URL | |||
| 41787 | MALWARE-CNC Win.Trojan.PowerMacro TCP DNS query response (more info ...) | trojan-activity | URL | |||
| 41788 | MALWARE-CNC Win.Trojan.PowerMacro DNS query response (more info ...) | trojan-activity | URL | |||
| 41789 | MALWARE-CNC Win.Trojan.PowerMacro DNS query response (more info ...) | trojan-activity | URL | |||
| 41852 | PROTOCOL-DNS PowerDNS name compression pointer loop denial of service attempt (more info ...) | attempted-dos | 2015-1868 | 74306 | URL | |
| 41903 | PROTOCOL-DNS PowerDNS name compression pointer loop denial of service attempt (more info ...) | attempted-dos | 2015-1868 | 74306 | URL | |
| 41904 | PROTOCOL-DNS PowerDNS name compression pointer loop denial of service attempt (more info ...) | attempted-dos | 2015-1868 | 74306 | URL | |
| 41905 | PROTOCOL-DNS PowerDNS name compression pointer loop denial of service attempt (more info ...) | attempted-dos | 2015-1868 | 74306 | URL | |
| 42458 | PROTOCOL-DNS ISC BIND unexpected DNAME CNAME ordering denial of service attempt (more info ...) | attempted-dos | 2017-3137 | URL | ||
| 42841 | MALWARE-CNC DNS suspicious .bit tcp dns query (more info ...) | trojan-activity | ||||
| 42966 | SERVER-WEBAPP Java URLDNS Library unauthorized serialized object attempt (more info ...) | attempted-admin | URL | |||
| 43053 | SERVER-SAMBA Samba LDAP modify dnsRecord buffer overflow attempt (more info ...) | attempted-user | 2016-2123 | |||
| 44077 | INDICATOR-COMPROMISE Suspicious .win dns query (more info ...) | misc-activity | ||||
| 44320 | SERVER-OTHER Symantec Firewalls DNS response denial of service attempt (more info ...) | denial-of-service | 2004-0445 | |||
| 44379 | PROTOCOL-DNS Cisco IOS ipnat_dns_shift_data integer underflow attempt (more info ...) | attempted-dos | 2014-2111 | 66470 | URL | |
| 44418 | SERVER-OTHER Tipping Point IPS reverse DNS lookup format string exploit attempt (more info ...) | denial-of-service | URL | |||
| 44479 | PROTOCOL-DNS dnsmasq overly large DNS query denial of service attempt (more info ...) | attempted-dos | 2017-13704 | URL | ||
| 44481 | SERVER-OTHER dnsmasq IPv6 heap overflow attempt (more info ...) | attempted-admin | 2017-14492 | |||
| 44595 | MALWARE-CNC Win.Trojan.DNSMessenger outbound connection (more info ...) | trojan-activity | URL | |||
| 44628 | OS-WINDOWS Attempted DNSSEC NSEC3 buffer overflow attempt (more info ...) | attempted-user | 2017-11779 | URL | ||
| 44629 | OS-WINDOWS Attempted DNSSEC NSEC3 buffer overflow attempt (more info ...) | attempted-user | 2017-11779 | URL | ||
| 44630 | OS-WINDOWS Attempted DNSSEC NSEC3 buffer overflow attempt (more info ...) | attempted-user | 2017-11779 | URL | ||
| 44797 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44798 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44799 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44800 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44801 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44802 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44803 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44804 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44805 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44806 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44807 | MALWARE-CNC Win.Trojan.Shadowpad DNS TXT encrypted outbound connection (more info ...) | trojan-activity | URL | |||
| 44879 | SERVER-OTHER ISC BIND 9 DNS rdata length handling remote denial of service attempt (more info ...) | denial-of-service | 2013-4854 | 61479 | URL | |
| 45325 | SERVER-WEBAPP Dahua DVR DDNS configuration download attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45906 | MALWARE-CNC CobaltStrike DNS Beacon outbound A record (more info ...) | trojan-activity | URL | |||
| 45907 | MALWARE-CNC Cobalt Strike DNS beacon outbound TXT record (more info ...) | trojan-activity | URL | |||
| 45908 | MALWARE-CNC Cobalt Strike DNS beacon inbound TXT record (more info ...) | trojan-activity | URL | |||
| 46409 | OS-WINDOWS Attempted DNS overflow (more info ...) | denial-of-service | 2017-11779 | URL | ||
| 46613 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46614 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46615 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46616 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46617 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46618 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46619 | OS-LINUX Linux systemd DNS resolver denial of service attempt (more info ...) | denial-of-service | 2017-15908 | |||
| 46848 | INDICATOR-COMPROMISE Possible Samba internal DNS forged response (more info ...) | denial-of-service | 2014-0239 | |||
| 46935 | OS-WINDOWS Microsoft Windows DNSAPI remote code execution attempt (more info ...) | attempted-admin | 2018-8225 | URL | ||
| 47639 | INDICATOR-OBFUSCATION DNS TXT response record tunneling (more info ...) | misc-activity | URL | |||
| 47640 | SERVER-WEBAPP SSL certificate with null issuer rdnSequence fields detected (more info ...) | misc-activity | ||||
| 48444 | MALWARE-CNC Win.Malware.DNSpionage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48445 | MALWARE-CNC Win.Malware.DNSpionage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48666 | INDICATOR-COMPROMISE suspicious .null dns query (more info ...) | misc-activity | ||||
| 49411 | MALWARE-CNC Win.Trojan.FrameworkPoS anti-debugging long dns query attempt (more info ...) | trojan-activity | ||||
| 50761 | MALWARE-CNC Win.Trojan.Helminth outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50762 | MALWARE-CNC Win.Trojan.Helminth outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50763 | MALWARE-CNC Win.Trojan.Helminth outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50764 | MALWARE-CNC Win.Trojan.Helminth outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50765 | MALWARE-CNC Win.Trojan.ISMAgent outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50766 | MALWARE-CNC Win.Trojan.ALMA_Dash outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50767 | MALWARE-CNC Win.Trojan.ALMA_Dot outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50768 | MALWARE-CNC Win.Trojan.BONDUPDATER outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 50769 | MALWARE-CNC Win.Trojan.QUADAGENT outbound DNS tunnel (more info ...) | trojan-activity | URL | |||
| 51000 | PROTOCOL-DNS PowerDNS Recursor query denial of service attempt (more info ...) | attempted-dos | 2018-16855 | URL | ||
| 51126 | SERVER-OTHER ISC Bind libdns EDNS option handling denial of service attempt (more info ...) | denial-of-service | 2014-3859 | |||
| 51485 | SERVER-OTHER Squid proxy DNS CNAME record response denial of service attempt (more info ...) | denial-of-service | 2011-4096 | URL | ||
| 52338 | SERVER-OTHER ISC BIND DNS root DNAME query response denial of service attempt (more info ...) | denial-of-service | URL | |||
| 52524 | PROTOCOL-DNS dnsmasq crafted OPT record denial of service attempt (more info ...) | attempted-dos | 2017-13704 | URL | ||
| 53046 | PROTOCOL-DNS TRUFFLEHUNTER TALOS-2020-1001 attack attempt (more info ...) | attempted-dos | 2020-6078 | URL | ||
| 53593 | MALWARE-OTHER Unix.Tool.Dnsamp-7647492-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53594 | MALWARE-OTHER Unix.Tool.Dnsamp-7647492-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55832 | SERVER-OTHER Cisco IOS XE mDNS denial of service attempt (more info ...) | attempted-dos | 2020-3359 | URL | ||
| 56592 | MALWARE-CNC Cobalt Strike DNS beacon inbound TXT record (more info ...) | trojan-activity | URL | |||
| 56593 | MALWARE-CNC Cobalt Strike DNS beacon inbound TXT record (more info ...) | trojan-activity | URL | |||
| 57381 | PROTOCOL-DNS Dnsmasq extract_name buffer overflow attempt (more info ...) | attempted-user | 2020-25687 | URL | ||
| 57383 | PROTOCOL-DNS dnsmasq sort_rrset buffer overflow attempt (more info ...) | attempted-user | 2020-25681 | URL | ||
| 57460 | SERVER-OTHER dnsmasq PX record response heap overflow attempt (more info ...) | attempted-user | 2020-25683 | URL | ||
| 57579 | PROTOCOL-DNS ISC BIND OPT record text format handling denial of service attempt (more info ...) | attempted-dos | 2015-8705 | URL | ||
| 57744 | SERVER-OTHER TippingPoint web interface reverse DNS lookup cross site scripting attempt (more info ...) | attempted-user | ||||
| 57878 | PROTOCOL-DNS Microsoft Threat Management Gateway heap buffer overflow attempt (more info ...) | attempted-user | 2011-1889 | 48181 | URL | |
| 57953 | PROTOCOL-DNS ISC BIND RRSIG response processing denial of service attempt (more info ...) | attempted-dos | 2016-1286 | URL | ||
| 59104 | PROTOCOL-DNS Dnsmasq PX extract_name buffer overflow attempt (more info ...) | attempted-user | 2020-25682 | URL | ||
| 59579 | PROTOCOL-DNS Microsoft DNS server denial of service attempt (more info ...) | attempted-dos | 2012-0006 | URL | ||
| 59600 | PROTOCOL-DNS Systemd resolved dns_packet_new buffer overflow attempt (more info ...) | attempted-user | 2017-9445 | URL | ||
| 59639 | SERVER-OTHER Samba AD DC dns denial of service attempt (more info ...) | attempted-dos | 2018-1140 | |||
| 59707 | PROTOCOL-DNS GNU C library glibc getanswer_r DNS buffer overflow attempt (more info ...) | attempted-dos | 2015-1781 | |||
| 59708 | PROTOCOL-DNS ISC BIND query response missing RRSIG denial of service attempt (more info ...) | attempted-dos | 2016-9444 | |||
| 59709 | PROTOCOL-DNS ISC BIND RRSIG response without relevant RR denial of service attempt (more info ...) | attempted-dos | 2016-9147 | |||
| 59725 | PROTOCOL-DNS BIND DNS64 and RPZ query processing denial of service attempt (more info ...) | attempted-dos | 2017-3135 | |||
| 59746 | PROTOCOL-DNS ISC BIND TKEY response denial of service attempt (more info ...) | attempted-dos | 2016-9131 | |||
| 59800 | SERVER-OTHER Bind9 server response self-signed certificate denial of service attempt (more info ...) | attempted-dos | 2015-4620 | URL | ||
| 59974 | MALWARE-CNC Unix.Backdoor.Dnscat2 variant DNS tunneling outbound communication (more info ...) | trojan-activity | URL | |||
| 60601 | SERVER-OTHER Nginx resolver DNS Response out of bounds write (more info ...) | attempted-user | 2021-23017 | |||
| 60881 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Dynamic DNS cross site scripting attempt (more info ...) | attempted-user | 2013-5223 | URL | ||
| 60882 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Dynamic DNS cross site scripting attempt (more info ...) | attempted-user | 2013-5223 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3818 | PROTOCOL-TFTP PUT transfer mode overflow attempt (more info ...) | attempted-admin | 2006-6183 | 21301 | ||
| 9621 | PROTOCOL-TFTP 3COM server transport mode buffer overflow attempt (more info ...) | attempted-admin | 2006-6183 | 21301 | ||
| 13927 | PROTOCOL-TFTP Open TFTP Server log generation buffer overflow attempt (more info ...) | attempted-admin | 2008-2161 | 29111 | ||
| 19014 | PROTOCOL-TFTP HP Intelligent Management Center TFTP server MODE remote code execution attempt - RRQ (more info ...) | attempted-admin | 2011-1851 | 47789 | ||
| 21255 | MALWARE-OTHER known malicious FTP login banner - 0wns j0 (more info ...) | trojan-activity | URL | |||
| 21256 | MALWARE-OTHER known malicious FTP quit banner - Goodbye happy r00ting (more info ...) | trojan-activity | URL | |||
| 29096 | MALWARE-TOOLS Browser Password Decryptor - Password List sent via FTP (more info ...) | trojan-activity | URL | |||
| 31711 | INDICATOR-COMPROMISE Keylog string over FTP detected (more info ...) | string-detect | URL | |||
| 31830 | POLICY-OTHER QLogic Switch 5600/5800 default ftp login attempt (more info ...) | default-login-attempt | URL | |||
| 31831 | POLICY-OTHER QLogic Switch 5600/5800 default ftp login attempt (more info ...) | default-login-attempt | URL | |||
| 33062 | FILE-OTHER BulletProof FTP Client BPS file buffer overflow attempt (more info ...) | attempted-user | 2008-5753 | URL | ||
| 33063 | FILE-OTHER BulletProof FTP Client BPS file buffer overflow attempt (more info ...) | attempted-user | 2008-5753 | URL | ||
| 33070 | BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0603 | 69151 | ||
| 33071 | BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0603 | 69151 | ||
| 33072 | BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0603 | 69151 | ||
| 33073 | BROWSER-PLUGINS Attachmate Reflection FTP Client ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0603 | 69151 | ||
| 33212 | PUA-ADWARE SoftPulse variant HTTP response attempt (more info ...) | trojan-activity | URL | |||
| 34225 | PROTOCOL-FTP ProFTPD mod_copy remote code execution attempt (more info ...) | attempted-admin | 2015-3306 | 74238 | ||
| 40908 | SERVER-OTHER Foscam C1 backdoor account ftp login attempt (more info ...) | attempted-user | 2016-8731 | URL | ||
| 40909 | SERVER-OTHER Foscam C1 backdoor account ftp login attempt (more info ...) | attempted-user | 2016-8731 | URL | ||
| 41793 | INDICATOR-SCAN Cisco Smart Install Protocol scan TFTP response (more info ...) | attempted-recon | URL | |||
| 42787 | POLICY-OTHER Schneider Electric hardcoded FTP login attempt (more info ...) | attempted-admin | ||||
| 42862 | PROTOCOL-FTP FTP server directory traversal attempt (more info ...) | attempted-admin | 2022-41328 | 96944 | ||
| 45460 | PROTOCOL-FTP Multiple products FTP Client buffer overflow attempt (more info ...) | attempted-user | 2017-15222 | URL | ||
| 45461 | PROTOCOL-FTP Multiple products FTP Client buffer overflow attempt (more info ...) | attempted-user | 2017-15222 | 101602 | URL | |
| 47564 | PROTOCOL-TFTP NetGain Systems Enterprise Manager TFTP directory traversal attempt (more info ...) | attempted-admin | 2017-16597 | |||
| 49241 | PROTOCOL-TFTP Read Request directory traversal attempt (more info ...) | attempted-recon | 2019-1681 | URL | ||
| 49987 | SERVER-WEBAPP Cisco Prime Infrastructure arbitrary file upload to tftpRoot attempt (more info ...) | attempted-admin | 2019-1823 | URL | ||
| 50747 | PROTOCOL-TFTP TRUFFLEHUNTER TALOS-2019-0851 attack attempt (more info ...) | attempted-recon | URL | |||
| 53565 | PROTOCOL-TFTP TRUFFLEHUNTER TALOS-2020-1029 attack attempt (more info ...) | attempted-dos | 2020-6097 | URL | ||
| 57395 | SERVER-WEBAPP Cisco Unified Communications Products FTP command injection attempt (more info ...) | attempted-admin | 2021-1362 | URL | ||
| 57397 | SERVER-WEBAPP Cisco Unified Communications Products FTP command injection attempt (more info ...) | attempted-admin | 2021-1362 | URL | ||
| 57914 | SERVER-OTHER Serv-U Secure FTP unauthorized user creation attempt (more info ...) | attempted-user | 2021-35211 | URL | ||
| 57915 | SERVER-OTHER Serv-U Secure FTP unauthorized user creation attempt (more info ...) | attempted-user | 2021-35211 | URL | ||
| 58042 | SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt (more info ...) | attempted-user | 2019-13182 | |||
| 58043 | SERVER-WEBAPP Serv-U FTP Server stored cross site scripting attempt (more info ...) | attempted-user | 2019-13182 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 144 | PROTOCOL-FTP ADMw0rm ftp login attempt (more info ...) | suspicious-login | ||||
| 157 | MALWARE-BACKDOOR BackConstruction 2.1 Client FTP Open Request (more info ...) | misc-activity | ||||
| 158 | MALWARE-BACKDOOR BackConstruction 2.1 Server FTP Open Reply (more info ...) | misc-activity | ||||
| 308 | SERVER-OTHER NextFTP client overflow (more info ...) | attempted-user | 1999-0671 | 572 | ||
| 334 | PROTOCOL-FTP .forward (more info ...) | suspicious-filename-detect | ||||
| 335 | PROTOCOL-FTP .rhosts (more info ...) | suspicious-filename-detect | ||||
| 336 | PROTOCOL-FTP CWD ~root attempt (more info ...) | bad-unknown | 1999-0082 | |||
| 337 | PROTOCOL-FTP CEL overflow attempt (more info ...) | attempted-admin | 1999-0789 | 679 | 10009 | |
| 353 | PROTOCOL-FTP adm scan (more info ...) | suspicious-login | ||||
| 354 | PROTOCOL-FTP iss scan (more info ...) | suspicious-login | ||||
| 355 | PROTOCOL-FTP pass wh00t (more info ...) | suspicious-login | ||||
| 356 | PROTOCOL-FTP passwd retrieval attempt (more info ...) | suspicious-filename-detect | ||||
| 357 | PROTOCOL-FTP piss scan (more info ...) | suspicious-login | URL | |||
| 358 | PROTOCOL-FTP saint scan (more info ...) | suspicious-login | ||||
| 359 | PROTOCOL-FTP satan scan (more info ...) | suspicious-login | ||||
| 360 | PROTOCOL-FTP serv-u directory traversal (more info ...) | bad-unknown | 2001-0054 | 2052 | 10565 | |
| 361 | PROTOCOL-FTP SITE EXEC attempt (more info ...) | bad-unknown | 1999-0955 | 2241 | ||
| 362 | PROTOCOL-FTP tar parameters (more info ...) | bad-unknown | 1999-0997 | 2240 | ||
| 489 | PROTOCOL-FTP no password (more info ...) | unknown | ||||
| 491 | PROTOCOL-FTP Bad login (more info ...) | bad-unknown | ||||
| 543 | INDICATOR-COMPROMISE FTP 'STOR 1MB' possible warez site (more info ...) | misc-activity | ||||
| 544 | INDICATOR-COMPROMISE FTP 'RETR 1MB' possible warez site (more info ...) | misc-activity | ||||
| 545 | INDICATOR-COMPROMISE FTP 'CWD / ' possible warez site (more info ...) | misc-activity | ||||
| 546 | INDICATOR-COMPROMISE FTP 'CWD ' possible warez site (more info ...) | misc-activity | ||||
| 547 | INDICATOR-COMPROMISE FTP 'MKD ' possible warez site (more info ...) | misc-activity | ||||
| 548 | INDICATOR-COMPROMISE FTP 'MKD .' possible warez site (more info ...) | misc-activity | ||||
| 554 | INDICATOR-COMPROMISE FTP 'MKD / ' possible warez site (more info ...) | misc-activity | ||||
| 1068 | SERVER-WEBAPP tftp attempt (more info ...) | web-application-activity | ||||
| 1107 | SERVER-WEBAPP ftp.pl access (more info ...) | web-application-activity | 2000-0674 | 1471 | 10467 | |
| 1229 | PROTOCOL-FTP CWD ... (more info ...) | bad-unknown | 9237 | |||
| 1230 | SERVER-WEBAPP VirusWall FtpSave access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10733 | |
| 1234 | SERVER-WEBAPP VirusWall FtpSaveCSP access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10733 | |
| 1235 | SERVER-WEBAPP VirusWall FtpSaveCVP access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10733 | |
| 1289 | PROTOCOL-TFTP GET Admin.dll (more info ...) | successful-admin | URL | |||
| 1379 | PROTOCOL-FTP STAT overflow attempt (more info ...) | attempted-admin | 2011-0762 | 8542 | URL | |
| 1441 | PROTOCOL-TFTP GET nc.exe (more info ...) | successful-admin | ||||
| 1442 | PROTOCOL-TFTP GET shadow (more info ...) | successful-admin | ||||
| 1443 | PROTOCOL-TFTP GET passwd (more info ...) | successful-admin | 2021-1437 | URL | ||
| 1445 | INDICATOR-COMPROMISE FTP file_id.diz access possible warez site (more info ...) | suspicious-filename-detect | ||||
| 1529 | PROTOCOL-FTP SITE overflow attempt (more info ...) | attempted-admin | 2001-0770 | |||
| 1562 | PROTOCOL-FTP SITE CHOWN overflow attempt (more info ...) | attempted-admin | 2001-0065 | 2120 | 10579 | |
| 1612 | SERVER-WEBAPP ftp.pl attempt (more info ...) | web-application-attack | 2000-0674 | 1471 | 10467 | |
| 1621 | PROTOCOL-FTP CMD overflow attempt (more info ...) | attempted-admin | ||||
| 1622 | PROTOCOL-FTP RNFR ././ attempt (more info ...) | misc-attack | 1999-0081 | |||
| 1623 | PROTOCOL-FTP invalid MODE (more info ...) | protocol-command-decode | URL | |||
| 1624 | PROTOCOL-FTP PWD overflow attempt (more info ...) | protocol-command-decode | ||||
| 1625 | PROTOCOL-FTP SYST overflow attempt (more info ...) | protocol-command-decode | URL | |||
| 1662 | SERVER-WEBAPP /~ftp access (more info ...) | attempted-recon | ||||
| 1670 | SERVER-WEBAPP /home/ftp access (more info ...) | web-application-activity | 11032 | |||
| 1672 | PROTOCOL-FTP CWD ~ attempt (more info ...) | denial-of-service | 2001-0421 | 9215 | ||
| 1734 | PROTOCOL-FTP USER overflow attempt (more info ...) | attempted-admin | 2005-3683 | 8376 | ||
| 1777 | PROTOCOL-FTP EXPLOIT STAT asterisk dos attempt (more info ...) | attempted-dos | 2002-0073 | 4482 | 10934 | URL |
| 1778 | PROTOCOL-FTP EXPLOIT STAT ? dos attempt (more info ...) | attempted-dos | 2002-0073 | 4482 | 10934 | URL |
| 1864 | PROTOCOL-FTP SITE NEWER attempt (more info ...) | attempted-dos | 1999-0880 | 10319 | ||
| 1888 | PROTOCOL-FTP SITE CPWD overflow attempt (more info ...) | misc-attack | 2002-0826 | 5427 | ||
| 1919 | PROTOCOL-FTP CWD overflow attempt (more info ...) | attempted-admin | 2002-0405 | 7950 | ||
| 1920 | PROTOCOL-FTP SITE NEWER overflow attempt (more info ...) | attempted-admin | 1999-0800 | 229 | ||
| 1921 | PROTOCOL-FTP SITE ZIPCHK overflow attempt (more info ...) | attempted-admin | 2000-0040 | |||
| 1927 | PROTOCOL-FTP authorized_keys (more info ...) | suspicious-filename-detect | ||||
| 1928 | PROTOCOL-FTP shadow retrieval attempt (more info ...) | suspicious-filename-detect | ||||
| 1941 | PROTOCOL-TFTP GET filename overflow attempt (more info ...) | attempted-admin | 2009-2958 | 5328 | 18264 | |
| 1942 | PROTOCOL-FTP RMDIR overflow attempt (more info ...) | attempted-admin | 819 | |||
| 1971 | PROTOCOL-FTP SITE EXEC format string attempt (more info ...) | bad-unknown | 2000-0573 | 1505 | ||
| 1972 | PROTOCOL-FTP PASS overflow attempt (more info ...) | attempted-admin | 2006-6576 | 9285 | ||
| 1973 | PROTOCOL-FTP MKD overflow attempt (more info ...) | attempted-admin | 2010-0625 | 9872 | 12108 | URL |
| 1974 | PROTOCOL-FTP REST overflow attempt (more info ...) | attempted-admin | 2001-0826 | 2972 | 11755 | |
| 1976 | PROTOCOL-FTP RMD overflow attempt (more info ...) | attempted-admin | 2010-0625 | 39041 | ||
| 1992 | PROTOCOL-FTP LIST directory traversal attempt (more info ...) | protocol-command-decode | 2002-1054 | 2618 | 11112 | |
| 2125 | PROTOCOL-FTP CWD Root directory traversal attempt (more info ...) | protocol-command-decode | 2003-0392 | 7674 | 11677 | |
| 2178 | PROTOCOL-FTP USER format string attempt (more info ...) | misc-attack | 2004-0277 | 9800 | 11687 | |
| 2179 | PROTOCOL-FTP PASS format string attempt (more info ...) | misc-attack | 2007-1195 | 9800 | 10490 | |
| 2272 | PROTOCOL-FTP LIST integer overflow attempt (more info ...) | misc-attack | 2003-0854 | 8875 | 11912 | |
| 2332 | PROTOCOL-FTP MKD format string attempt (more info ...) | misc-attack | 9262 | |||
| 2333 | PROTOCOL-FTP RENAME format string attempt (more info ...) | misc-attack | 9262 | |||
| 2334 | PROTOCOL-FTP Yak! FTP server default account login attempt (more info ...) | suspicious-login | 9072 | URL | ||
| 2335 | PROTOCOL-FTP RMD / attempt (more info ...) | attempted-dos | 9159 | |||
| 2337 | PROTOCOL-TFTP PUT filename overflow attempt (more info ...) | attempted-admin | 2009-2958 | 8505 | 18264 | |
| 2338 | PROTOCOL-FTP LIST buffer overflow attempt (more info ...) | misc-attack | 2009-0351 | 9675 | URL | |
| 2340 | PROTOCOL-FTP SITE CHMOD overflow attempt (more info ...) | attempted-admin | 1999-0838 | 9675 | 12037 | |
| 2343 | PROTOCOL-FTP STOR overflow attempt (more info ...) | attempted-admin | 2000-0133 | 8668 | URL | |
| 2344 | PROTOCOL-FTP XCWD overflow attempt (more info ...) | attempted-admin | 2004-2728 | 8704 | ||
| 2373 | PROTOCOL-FTP XMKD overflow attempt (more info ...) | attempted-admin | 2001-1021 | 7909 | ||
| 2374 | PROTOCOL-FTP NLST overflow attempt (more info ...) | attempted-admin | 2009-3023 | 7909 | URL | |
| 2389 | PROTOCOL-FTP RNTO overflow attempt (more info ...) | attempted-admin | 2005-3683 | 8315 | ||
| 2390 | PROTOCOL-FTP STOU overflow attempt (more info ...) | attempted-admin | 2003-0466 | 8315 | ||
| 2391 | PROTOCOL-FTP APPE overflow attempt (more info ...) | attempted-admin | 2003-0772 | 8542 | ||
| 2392 | PROTOCOL-FTP RETR overflow attempt (more info ...) | attempted-admin | 2005-3683 | 8315 | ||
| 2416 | PROTOCOL-FTP invalid MDTM command attempt (more info ...) | attempted-admin | 2004-0330 | 9751 | ||
| 2417 | PROTOCOL-FTP format string attempt (more info ...) | string-detect | 2009-4769 | 9800 | ||
| 2449 | PROTOCOL-FTP ALLO overflow attempt (more info ...) | attempted-admin | 2004-1883 | 9953 | 14598 | |
| 2546 | PROTOCOL-FTP MDTM overflow attempt (more info ...) | attempted-admin | 2004-0330 | 9751 | 12080 | |
| 2574 | PROTOCOL-FTP RETR format string attempt (more info ...) | attempted-admin | 2004-1883 | 9800 | ||
| 3077 | PROTOCOL-FTP RNFR overflow attempt (more info ...) | attempted-admin | 14339 | |||
| 3441 | PROTOCOL-FTP PORT bounce attempt (more info ...) | misc-attack | 1999-0017 | 126 | 10081 | |
| 3460 | PROTOCOL-FTP REST with numeric argument (more info ...) | attempted-recon | 7825 | |||
| 3523 | PROTOCOL-FTP SITE INDEX format string attempt (more info ...) | bad-unknown | 2000-0573 | 1387 | ||
| 3526 | SERVER-ORACLE XDB FTP UNLOCK overflow attempt (more info ...) | attempted-admin | 2003-0727 | 8375 | ||
| 3532 | SERVER-ORACLE ftp password buffer overflow attempt (more info ...) | attempted-user | 2003-0727 | 8375 | ||
| 3630 | SERVER-ORACLE ftp TEST command buffer overflow attempt (more info ...) | misc-attack | 2003-0727 | 8375 | ||
| 3631 | SERVER-ORACLE ftp user name buffer overflow attempt (more info ...) | attempted-user | 2003-0727 | 8375 | ||
| 3817 | PROTOCOL-TFTP GET transfer mode overflow attempt (more info ...) | attempted-admin | 2005-1812 | 13821 | ||
| 5881 | MALWARE-OTHER Keylogger spyagent runtime detect - ftp delivery (more info ...) | successful-recon-limited | URL | |||
| 6142 | MALWARE-BACKDOOR hellzaddiction v1.0e runtime detection - ftp open (more info ...) | trojan-activity | URL | |||
| 6208 | MALWARE-OTHER Keylogger winsession runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 6288 | MALWARE-BACKDOOR fictional daemon 4.4 runtime detection - ftp (more info ...) | trojan-activity | URL | |||
| 6319 | MALWARE-BACKDOOR evilftp runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7185 | MALWARE-OTHER Keylogger 007 spy software runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 7504 | MALWARE-OTHER Keylogger actualspy runtime detection - ftp-data (more info ...) | successful-recon-limited | URL | |||
| 7762 | MALWARE-CNC analftp 0.1 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 7934 | BROWSER-PLUGINS Microsoft Internet Explorer ftp Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 8415 | PROTOCOL-FTP SIZE overflow attempt (more info ...) | attempted-admin | 2006-4318 | 19617 | ||
| 8479 | PROTOCOL-FTP HELP overflow attempt (more info ...) | attempted-admin | 2001-0826 | 2972 | ||
| 8480 | PROTOCOL-FTP PORT overflow attempt (more info ...) | attempted-admin | 2006-2226 | 18711 | ||
| 8481 | PROTOCOL-FTP Microsoft NLST * dos attempt (more info ...) | attempted-dos | 2001-0334 | 2717 | URL | |
| 8707 | PROTOCOL-FTP WZD-FTPD SITE arbitrary command execution attempt (more info ...) | attempted-admin | 2005-3081 | 14935 | ||
| 9341 | MALWARE-OTHER sasser open ftp command shell (more info ...) | trojan-activity | URL | |||
| 9402 | MALWARE-OTHER welchia tftp propagation detection (more info ...) | trojan-activity | URL | |||
| 9638 | PROTOCOL-TFTP PUT Microsoft RIS filename overwrite attempt (more info ...) | policy-violation | 2006-5584 | URL | ||
| 9792 | PROTOCOL-FTP PASV overflow attempt (more info ...) | attempted-admin | URL | |||
| 9828 | MALWARE-OTHER Keylogger paq keylog runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 10089 | MALWARE-OTHER Keylogger beyond Keylogger runtime detection - log sent by ftp (more info ...) | successful-recon-limited | URL | |||
| 10135 | SERVER-OTHER Squid proxy FTP denial of service attempt (more info ...) | denial-of-service | 2007-0247 | 22079 | ||
| 10188 | PROTOCOL-FTP Ipswitch Ws_ftp XMD5 overflow attempt (more info ...) | attempted-admin | 2006-5000 | 20076 | ||
| 10444 | MALWARE-BACKDOOR acidbattery 1.0 runtime detection - open ftp serice (more info ...) | trojan-activity | URL | |||
| 12076 | SERVER-OTHER Ipswitch WS_FTP log server long unicode string (more info ...) | denial-of-service | 2007-3823 | URL | ||
| 12237 | MALWARE-BACKDOOR theef 2.10 runtime detection - ftp (more info ...) | trojan-activity | ||||
| 12238 | MALWARE-BACKDOOR theef 2.10 runtime detection - ftp (more info ...) | trojan-activity | URL | |||
| 12379 | MALWARE-OTHER Keylogger PaqKeylogger 5.1 runtime detection - ftp (more info ...) | successful-recon-limited | URL | |||
| 13360 | APP-DETECT FTP 530 Login failed response (more info ...) | misc-activity | URL | |||
| 13925 | PROTOCOL-FTP Computer Associates eTrust Secure Content Manager PASV stack overflow attempt (more info ...) | attempted-user | 2008-2541 | 29528 | ||
| 14743 | PROTOCOL-FTP RNTO directory traversal attempt (more info ...) | suspicious-filename-detect | 2008-4501 | 31563 | ||
| 14778 | BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX clsid access (more info ...) | attempted-user | 2008-4652 | 31814 | ||
| 14780 | BROWSER-PLUGINS Dart Communications PowerTCP FTP ActiveX function call access (more info ...) | attempted-user | 2008-4652 | 31814 | ||
| 15159 | BROWSER-PLUGINS Evans FTP ActiveX clsid access (more info ...) | attempted-user | 32814 | |||
| 15161 | BROWSER-PLUGINS Evans FTP ActiveX function call access (more info ...) | attempted-user | 32814 | |||
| 15368 | BROWSER-PLUGINS FathFTP ActiveX clsid access (more info ...) | attempted-user | 33842 | |||
| 15370 | BROWSER-PLUGINS FathFTP ActiveX function call access (more info ...) | attempted-user | 33842 | |||
| 15932 | PROTOCOL-FTP LIST globbing denial of service attack (more info ...) | attempted-dos | 2009-2521 | URL | ||
| 16077 | SERVER-OTHER Tripwire format string vulnerability ftp exploit attempt (more info ...) | attempted-admin | 2004-0536 | 10454 | ||
| 16357 | PROTOCOL-FTP multiple extension code execution attempt (more info ...) | web-application-attack | 2009-4444 | |||
| 16363 | FILE-EXECUTABLE potentially executable file upload via FTP (more info ...) | policy-violation | URL | |||
| 16697 | PROTOCOL-FTP httpdx USER null byte denial of service (more info ...) | attempted-dos | URL | |||
| 16698 | PROTOCOL-FTP httpdx PASS null byte denial of service (more info ...) | attempted-dos | URL | |||
| 16795 | BROWSER-CHROME Google Chrome FTP handling out-of-bounds array index denial of service attempt (more info ...) | attempted-dos | 39183 | |||
| 16806 | MALWARE-CNC Win.Trojan.Qakbot.E - FTP upload seclog (more info ...) | trojan-activity | URL | |||
| 16807 | MALWARE-CNC Win.Trojan.Qakbot.E - FTP Upload ps_dump (more info ...) | trojan-activity | URL | |||
| 17059 | PROTOCOL-FTP Vermillion 1.31 vftpd port command memory corruption (more info ...) | misc-attack | URL | |||
| 17329 | PROTOCOL-FTP EPRT overflow attempt (more info ...) | attempted-admin | 2005-4459 | 15998 | ||
| 17367 | BROWSER-IE Microsoft Internet Explorer FTP response parsing memory corruption attempt (more info ...) | web-application-attack | 2007-0217 | 22489 | ||
| 17446 | BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (more info ...) | misc-activity | 2004-1376 | |||
| 17518 | PROTOCOL-FTP FlashGet PWD command stack buffer overflow attempt (more info ...) | attempted-user | 2008-4321 | 30685 | ||
| 17521 | SERVER-OTHER GoodTech SSH Server SFTP processing buffer overflow attempt (more info ...) | attempted-user | 2008-4726 | 31879 | ||
| 17712 | OS-WINDOWS TFTP PUT Microsoft RIS filename overwrite attempt (more info ...) | policy-violation | 2006-5584 | URL | ||
| 18181 | PROTOCOL-FTP ProFTPd 1.3.3c backdoor activity (more info ...) | trojan-activity | URL | |||
| 18182 | PROTOCOL-FTP ProFTPd 1.3.3c backdoor help access attempt (more info ...) | trojan-activity | URL | |||
| 18300 | BROWSER-IE Microsoft Internet Explorer FTP command injection attempt (more info ...) | attempted-user | 2004-1166 | 11826 | URL | |
| 18326 | PROTOCOL-FTP ProFTPD mod_site_misc module directory traversal attempt (more info ...) | attempted-user | 2010-3867 | 44562 | ||
| 18575 | PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (more info ...) | attempted-user | 2008-2541 | 29528 | ||
| 18580 | PROTOCOL-FTP ACCT overflow attempt (more info ...) | attempted-admin | URL | |||
| 18588 | PROTOCOL-FTP Ipswitch Ws_ftp XCRC overflow attempt (more info ...) | attempted-admin | 2006-4847 | 20076 | ||
| 18598 | SERVER-OTHER GoodTech SSH Server SFTP Processing Buffer Overflow (more info ...) | attempted-user | 2008-4726 | 31879 | ||
| 18933 | SERVER-OTHER SolarWinds TFTP Server Read request denial of service attempt (more info ...) | attempted-dos | 2010-2115 | 40333 | ||
| 19415 | MALWARE-CNC vsFTPd 2.3.4 backdoor connection (more info ...) | trojan-activity | 48539 | |||
| 19761 | MALWARE-CNC Win.Trojan.Ftpharvxqq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21445 | SERVER-OTHER vsFTPd denial of service attempt (more info ...) | attempted-dos | 2004-2259 | |||
| 23055 | PROTOCOL-FTP Multiple Products FTP MKD buffer overflow attempt (more info ...) | attempted-admin | 2010-0625 | 9872 | 12108 | URL |
| 26179 | SERVER-WEBAPP TP-Link http/tftp backdoor initiation attempt (more info ...) | policy-violation | URL | |||
| 26471 | PROTOCOL-FTP VanDyke AbsoluteFTP LIST command stack buffer overflow attempt (more info ...) | attempted-user | 2011-5164 | 50614 | ||
| 26745 | MALWARE-CNC Win.Trojan.BlackRev cnc ftp command (more info ...) | trojan-activity | URL | |||
| 27269 | SERVER-OTHER GuildFTPd CWD command heap overflow attempt (more info ...) | attempted-admin | 2008-4572 | 31729 | ||
| 27270 | SERVER-OTHER GuildFTPd LIST command heap overflow attempt (more info ...) | attempted-admin | 2008-4572 | 31729 | ||
| 28216 | MALWARE-CNC known malware FTP login (more info ...) | trojan-activity | URL | |||
| 28551 | MALWARE-CNC Win.Trojan.NXI ftp username connection (more info ...) | trojan-activity | URL | |||
| 28560 | MALWARE-CNC Win.Trojan.Plugx FTP keepalive outbound connection (more info ...) | trojan-activity | URL | |||
| 28991 | MALWARE-CNC Win.Trojan.Qakbot FTP data exfiltration (more info ...) | trojan-activity | URL | |||
| 29095 | MALWARE-CNC Win.Trojan.Fotip FTP file upload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29420 | MALWARE-CNC Win.Trojan.Reedum BlackPoS outbound FTP connection (more info ...) | trojan-activity | URL | |||
| 29421 | MALWARE-CNC Win.Trojan.Reedum BlackPoS outbound FTP connection (more info ...) | trojan-activity | URL | |||
| 30055 | MALWARE-CNC Win.Trojan.Deventiz CWD system information disclosure via FTP (more info ...) | trojan-activity | URL | |||
| 30058 | MALWARE-CNC Win.Trojan.Bogoclak outbound FTP connection information disclosure (more info ...) | trojan-activity | URL | |||
| 30098 | MALWARE-CNC Win.Trojan.Reedum BlackPoS outbound FTP file timestamp (more info ...) | trojan-activity | URL | |||
| 30945 | MALWARE-CNC Win.Worm.Winiga FTP login attempt (more info ...) | trojan-activity | URL | |||
| 31063 | MALWARE-CNC Win.Trojan.Expone FTP login attempt (more info ...) | trojan-activity | URL | |||
| 31128 | PROTOCOL-FTP CoreFTP FTP Server TYPE command denial of service attempt (more info ...) | attempted-dos | 67613 | |||
| 31564 | MALWARE-CNC Win.Trojan.CosmicDuke FTP data exfiltration (more info ...) | trojan-activity | URL | |||
| 31717 | MALWARE-CNC Win.Trojan.SoftPulse variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31742 | SERVER-WEBAPP Wing FTP Server admin interface remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 32523 | BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (more info ...) | attempted-user | 2014-8517 | 70792 | ||
| 32524 | BROWSER-OTHER FreeBSD tnftp fetch_url client side command injection attempt (more info ...) | attempted-user | 2014-8517 | 70792 | ||
| 32525 | BROWSER-OTHER FreeBSD tnftp client detected (more info ...) | protocol-command-decode | ||||
| 32637 | PROTOCOL-TFTP UDP large packet use after free attempt (more info ...) | attempted-user | 2018-8476 | URL | ||
| 32672 | SERVER-OTHER Cisco ios ftp proxy overflow attempt (more info ...) | attempted-user | 2005-2841 | |||
| 33170 | BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (more info ...) | attempted-user | 2014-0603 | URL | ||
| 33171 | BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0603 | URL | ||
| 33172 | BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (more info ...) | attempted-user | 2014-0603 | URL | ||
| 33173 | BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX clsid access attempt (more info ...) | attempted-user | 2014-0603 | URL | ||
| 33174 | BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (more info ...) | attempted-user | 2014-0603 | URL | ||
| 33175 | BROWSER-PLUGINS Attachmate Reflection FTP Client Memory Corruption ActiveX function call access attempt (more info ...) | attempted-user | 2014-0603 | URL | ||
| 35336 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35337 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35338 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35339 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35340 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35341 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35342 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 35343 | PROTOCOL-TFTP Cisco IOS TFTP server denial of service attempt (more info ...) | attempted-dos | 2015-0681 | URL | ||
| 37934 | PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (more info ...) | attempted-user | 2008-2541 | 29528 | ||
| 37951 | BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (more info ...) | misc-activity | 2004-1376 | |||
| 37952 | BROWSER-IE Microsoft Internet Explorer FTP client directory traversal attempt (more info ...) | misc-activity | 2004-1376 | |||
| 38385 | MALWARE-CNC Win.Trojan.FTPKeyLogger outbound connection (more info ...) | trojan-activity | URL | |||
| 38386 | MALWARE-CNC Win.Trojan.FTPKeyLogger outbound connection (more info ...) | trojan-activity | URL | |||
| 38387 | MALWARE-CNC Win.Trojan.FTPKeyLogger outbound connection (more info ...) | trojan-activity | URL | |||
| 38388 | MALWARE-CNC Win.Trojan.FTPKeyLogger geolocation check (more info ...) | trojan-activity | URL | |||
| 39378 | PROTOCOL-FTP PUT overflow attempt (more info ...) | attempted-admin | URL | |||
| 39450 | PROTOCOL-TFTP Firmware upgrade request (more info ...) | bad-unknown | ||||
| 39451 | PROTOCOL-TFTP Comtrol RocketLinx switch reboot request (more info ...) | bad-unknown | ||||
| 39452 | PROTOCOL-TFTP Comtrol RocketLinx factory reset request (more info ...) | bad-unknown | ||||
| 40355 | PROTOCOL-FTP z/OS FTP Job Entry Subsystem JCL execution attempt (more info ...) | policy-violation | URL | |||
| 41854 | BROWSER-WEBKIT Apple Safari FTP URL cross-domain restriction bypass attempt (more info ...) | misc-activity | 2015-1126 | 73977 | ||
| 41855 | BROWSER-WEBKIT Apple Safari FTP URL cross-domain restriction bypass attempt (more info ...) | misc-activity | 2015-1126 | 73977 | ||
| 41906 | POLICY-OTHER HTTP redirect to FTP server attempt (more info ...) | attempted-user | 2016-4971 | 91530 | URL | |
| 43106 | PROTOCOL-SCADA Optima PLC APIFTP denial of service attempt (more info ...) | attempted-dos | 2012-5049 | |||
| 43123 | INDICATOR-COMPROMISE OptoMMP FTP Password read or write attempt (more info ...) | attempted-admin | URL | |||
| 43124 | INDICATOR-COMPROMISE OptoMMP FTP Username read or write attempt (more info ...) | attempted-admin | URL | |||
| 43125 | INDICATOR-COMPROMISE OptoMMP FTP Password read or write attempt (more info ...) | attempted-admin | URL | |||
| 43126 | INDICATOR-COMPROMISE OptoMMP FTP Username read or write attempt (more info ...) | attempted-admin | URL | |||
| 43239 | PROTOCOL-FTP WS-FTP REST command overly large file creation attempt (more info ...) | attempted-dos | 2004-1848 | 9953 | ||
| 43290 | SERVER-WEBAPP /ws_ftp.log file access attempt (more info ...) | attempted-recon | ||||
| 43384 | INDICATOR-COMPROMISE Wing FTP Server potentially malicious admin user creation attempt (more info ...) | attempted-admin | URL | |||
| 43385 | INDICATOR-COMPROMISE Wing FTP Server potentially malicious admin user creation attempt (more info ...) | attempted-admin | URL | |||
| 43574 | SERVER-WEBAPP Wing FTP Server command injection attempt (more info ...) | web-application-attack | 2015-4107 | 75043 | URL | |
| 43663 | SERVER-OTHER WSFTP IpSwitch custom SITE command execution attempt (more info ...) | attempted-admin | 2004-1885 | |||
| 43753 | SERVER-OTHER Sami FTP RETR denial of service attempt (more info ...) | denial-of-service | 2008-5105 | |||
| 43987 | SERVER-OTHER Konqueror KDE ftp iframe denial of service attempt (more info ...) | attempted-admin | 2007-1308 | |||
| 43988 | SERVER-OTHER Konqueror KDE ftp iframe denial of service attempt (more info ...) | attempted-admin | 2007-1308 | |||
| 44633 | SERVER-OTHER Colorado FTP Server directory traversal attempt (more info ...) | attempted-user | URL | |||
| 45188 | SERVER-OTHER ElectraSoft 32bit FTP PASV reply stack buffer overflow attempt (more info ...) | attempted-user | 2009-1675 | 34838 | ||
| 45591 | PROTOCOL-FTP LabF nfsAxe FTP Client buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 45612 | PROTOCOL-TFTP WRITE long filename attempt (more info ...) | misc-activity | ||||
| 45828 | PROTOCOL-FTP Computer Associates eTrust Secure Content Manager LIST stack overflow attempt (more info ...) | attempted-user | 2008-2541 | |||
| 46271 | MALWARE-CNC Win.Trojan.Sanny malware variant FTP login (more info ...) | trojan-activity | URL | |||
| 46272 | MALWARE-CNC Win.Trojan.Sanny malware variant FTP login (more info ...) | trojan-activity | URL | |||
| 46791 | SERVER-WEBAPP Ruby Net FTP library command injection attempt (more info ...) | web-application-attack | 2017-17405 | 102204 | URL | |
| 47402 | INDICATOR-OBFUSCATION FTP file upload over non-standard port attempt (more info ...) | misc-activity | URL | |||
| 49426 | PROTOCOL-FTP GP-Pro EX HMI WinGP Runtime Arbitrary File Disclosure attempt (more info ...) | attempted-user | URL | |||
| 51646 | SERVER-OTHER Cisco IOS XE FTP Application Layer Gateway denial of service attempt (more info ...) | attempted-dos | 2019-12655 | URL | ||
| 53689 | MALWARE-CNC Win.Malware.PoetRat malware variant FTP login (more info ...) | trojan-activity | URL | |||
| 54644 | MALWARE-CNC Win.Trojan.Hackbit outbound ftp connection attempt (more info ...) | trojan-activity | URL | |||
| 57207 | FILE-OTHER SolarWinds Serv-U FTP Server admin profile download attempt (more info ...) | attempted-admin | 2021-25276 | URL | ||
| 57208 | FILE-OTHER SolarWinds Serv-U FTP Server admin profile download attempt (more info ...) | attempted-admin | 2021-25276 | URL | ||
| 59527 | PROTOCOL-FTP uftpd handle_PORT buffer overflow attempt (more info ...) | attempted-user | 2020-5204 | URL | ||
| 59690 | PROTOCOL-FTP Attachmate Reflection FTP client buffer overflow attempt (more info ...) | attempted-user | 2014-5211 | |||
| 61798 | SERVER-WEBAPP NETGEAR Nighthawk RAX30 router TFTP command injection attempt (more info ...) | attempted-user | 2023-27367 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 57048 | SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt (more info ...) | web-application-attack | 2020-16846 | |||
| 57049 | SERVER-WEBAPP SaltStack Salt API SSH Client command injection attempt (more info ...) | web-application-attack | 2020-16846 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1326 | INDICATOR-SHELLCODE ssh CRC32 overflow NOOP (more info ...) | shellcode-detect | 2001-0572 | 2347 | ||
| 1638 | INDICATOR-SCAN SSH Version map attempt (more info ...) | network-scan | URL | |||
| 1810 | SERVER-OTHER successful gobbles ssh exploit GOBBLE (more info ...) | successful-admin | 2002-0640 | 5093 | ||
| 1811 | SERVER-OTHER successful gobbles ssh exploit uname (more info ...) | misc-attack | 2002-0640 | 5093 | 11031 | |
| 1812 | SERVER-OTHER gobbles SSH exploit attempt (more info ...) | misc-attack | 2002-0639 | 5093 | 11031 | |
| 1838 | SERVER-OTHER SSH server banner overflow (more info ...) | misc-attack | 2002-1059 | 5287 | 15822 | |
| 13586 | APP-DETECT SSH server detected on non-standard port (more info ...) | protocol-command-decode | URL | |||
| 13814 | MALWARE-CNC passhax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16680 | APP-DETECT Tandberg VCS SSH default key (more info ...) | misc-activity | 2009-4510 | URL | ||
| 19559 | INDICATOR-SCAN SSH brute force login attempt (more info ...) | misc-activity | 2022-20854 | URL | ||
| 30337 | SERVER-OTHER Cisco Catalyst SSH protocol mismatch denial of service attempt (more info ...) | attempted-dos | 2117 | URL | ||
| 31708 | SERVER-OTHER Cougar-LG SSH key path access attempt (more info ...) | attempted-recon | 2014-3929 | URL | ||
| 31747 | SERVER-WEBAPP Gitlab ssh key upload command injection attempt (more info ...) | attempted-admin | 2013-4490 | 63513 | ||
| 37017 | SERVER-OTHER Redis SSH authorized keys file overwrite attempt (more info ...) | misc-activity | URL | |||
| 37356 | MALWARE-CNC Win.Trojan.BlackEnergy DropBear SSH public key (more info ...) | trojan-activity | URL | |||
| 37357 | MALWARE-CNC Win.Trojan.BlackEnergy DropBear SSH server password authentication (more info ...) | trojan-activity | URL | |||
| 40189 | POLICY-OTHER SSH weak 3DES cipher suite use attempt (more info ...) | policy-violation | 2016-2183 | 92630 | ||
| 40190 | POLICY-OTHER SSH weak blowfish cipher suite use attempt (more info ...) | policy-violation | 2016-2183 | 92630 | ||
| 45974 | MALWARE-CNC Suspected Unix.Malware.GoScanSSH outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 58070 | SERVER-WEBAPP Nagios XI Web SSH Terminal sshterm cross site scripting attempt (more info ...) | attempted-user | 2021-25299 | |||
| 58071 | SERVER-WEBAPP Nagios XI Web SSH Terminal sshterm cross site scripting attempt (more info ...) | attempted-user | 2021-25299 | |||
| 61546 | SERVER-OTHER OpenSSH deprecated client version string expiration (more info ...) | not-suspicious | 2023-25136 | URL | ||
| 61547 | SERVER-OTHER OpenSSH deprecated client string remote code execution attempt (more info ...) | attempted-user | 2023-25136 | URL | ||
| 61548 | SERVER-OTHER OpenSSH deprecated WinSCP version detected (more info ...) | not-suspicious | 2023-25136 | URL | ||
| 61549 | SERVER-OTHER OpenSSH deprecated PuTTY version detected (more info ...) | not-suspicious | 2023-25136 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3084 | SERVER-OTHER Veritas backup overflow attempt (more info ...) | attempted-admin | 2004-1172 | 11974 | ||
| 3453 | SERVER-OTHER Arkeia client backup system info probe (more info ...) | attempted-recon | 2005-0491 | 12594 | ||
| 3454 | SERVER-OTHER Arkeia client backup generic info probe (more info ...) | attempted-recon | 2005-0491 | 12594 | ||
| 3457 | SERVER-OTHER Arkeia backup client type 77 overflow attempt (more info ...) | attempted-user | 2005-0491 | 12594 | 17158 | |
| 3458 | SERVER-OTHER Arkeia backup client type 84 overflow attempt (more info ...) | attempted-user | 2005-0491 | 12594 | ||
| 4126 | SERVER-OTHER Veritas Backup Exec root connection attempt using default password hash (more info ...) | suspicious-login | 2005-2611 | 14551 | URL | |
| 10130 | POLICY-OTHER VERITAS NetBackup system - execution function call access (more info ...) | misc-activity | 2006-6822 | 21565 | ||
| 12078 | SERVER-OTHER CA BrightStor ARCserve LGServer heap buffer overflow (more info ...) | attempted-admin | 2007-0449 | 22340 | ||
| 12079 | SERVER-OTHER CA BrightStor ARCserve LGServer stack buffer overflow attempt (more info ...) | attempted-admin | 2007-0449 | 22342 | ||
| 12667 | SERVER-OTHER CA BrightStor ARCServer malicious fileupload attempt (more info ...) | attempted-admin | 2007-5005 | 24348 | ||
| 12784 | SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12785 | SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 12786 | SERVER-OTHER CA ARCserve LGServer stack buffer overflow attempt (more info ...) | attempted-admin | 2007-3216 | 24348 | ||
| 14768 | SERVER-OTHER Symantec Veritas Storage Scheduler Service NULL Session auth bypass attempt (more info ...) | attempted-user | 2008-3703 | 30596 | ||
| 14773 | SERVER-OTHER CA ARCserve LGServer handshake buffer overflow attempt (more info ...) | attempted-admin | 2008-3175 | 30472 | ||
| 17045 | SERVER-OTHER CA ARCserve Backup for Laptops and Desktops LGServer handshake buffer overflow attempt (more info ...) | attempted-admin | 2008-3175 | 30472 | ||
| 17046 | SERVER-OTHER CA ARCserve Backup for Laptops and Desktops LGServer handshake buffer overflow attempt (more info ...) | attempted-admin | 2008-3175 | 30472 | ||
| 17706 | SERVER-OTHER Veritas NetBackup java user interface service format string attack attempt (more info ...) | attempted-admin | 2005-2715 | 15079 | ||
| 18285 | SERVER-OTHER BrightStor ARCserve backup tape engine buffer overflow attempt (more info ...) | attempted-admin | 2006-6076 | 21221 | ||
| 18291 | SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 77 Attempt (more info ...) | attempted-user | 2005-0491 | 12594 | ||
| 18292 | SERVER-OTHER Arkeia Network Backup Client Buffer Overflow Type 84 Attempt (more info ...) | attempted-user | 2005-0491 | 12594 | ||
| 18555 | SERVER-OTHER VERITAS NetBackup java authentication service format string exploit attempt (more info ...) | attempted-user | 2005-2715 | 15079 | URL | |
| 23096 | SERVER-OTHER VERITAS NetBackup java authentication service format string exploit attempt (more info ...) | attempted-user | 2005-2715 | 15079 | URL | |
| 29585 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 3 buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 29586 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 29587 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 6 buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 29588 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 29589 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type 7 buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 29590 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 29591 | SERVER-OTHER Symantec Veritas Enterprise Administrator service vxsvc type A buffer overflow attempt (more info ...) | attempted-admin | 2011-0547 | 49014 | ||
| 34878 | SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (more info ...) | web-application-attack | 2015-4068 | 74845 | ||
| 34879 | SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (more info ...) | web-application-attack | 2015-4068 | 74845 | ||
| 34880 | SERVER-WEBAPP Arcserve Unified Data Protection export servlet directory traversal attempt (more info ...) | web-application-attack | 2015-4068 | 74845 | ||
| 34881 | SERVER-WEBAPP Arcserve Unified Data Protection reportFileServlet directory traversal attempt (more info ...) | web-application-attack | 2015-4068 | 74845 | ||
| 34882 | SERVER-WEBAPP Arcserve Unified Data Protection reportFileServlet directory traversal attempt (more info ...) | web-application-attack | 2015-4068 | 74845 | ||
| 34883 | SERVER-WEBAPP Arcserve Unified Data Protection reportFileServlet directory traversal attempt (more info ...) | web-application-attack | 2015-4068 | 74845 | ||
| 36877 | NETBIOS DCERPC BrightStor ARCserve corrupt user-supplied memory location attempt (more info ...) | protocol-command-decode | 2006-6917 | URL | ||
| 40837 | SERVER-WEBAPP Veritas NetBackup Appliance getLicense command injection attempt (more info ...) | web-application-attack | 2016-7399 | 94384 | URL | |
| 40838 | SERVER-WEBAPP Veritas NetBackup Appliance getLicense command injection attempt (more info ...) | web-application-attack | 2016-7399 | 94384 | URL | |
| 43055 | SERVER-OTHER Veritas Netbackup bprd remote code execution attempt (more info ...) | attempted-user | 2017-8856 | URL | ||
| 44700 | SERVER-OTHER Veritas Backup Exec Agent use after free attempt (more info ...) | attempted-admin | 2017-8895 | 98386 | URL | |
| 44701 | SERVER-OTHER Veritas Backup Exec Agent use after free attempt (more info ...) | attempted-admin | 2017-8895 | 98386 | URL | |
| 61629 | SERVER-WEBAPP Veritas Backup Exec Agent command execution attempt (more info ...) | attempted-admin | 2021-27878 | URL | ||
| 61630 | SERVER-WEBAPP Veritas Backup Exec Agent command execution attempt (more info ...) | attempted-admin | 2021-27878 | URL | ||
| 61631 | SERVER-WEBAPP Veritas Backup Exec Agent directory traversal attempt (more info ...) | attempted-user | 2021-27876 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3474 | SERVER-OTHER ARCserve backup TCP slot info msg client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3475 | SERVER-OTHER ARCserve backup TCP slot info msg client domain overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3476 | SERVER-OTHER ARCserve backup TCP product info msg 0x9b client domain overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3477 | SERVER-OTHER ARCserve backup TCP product info msg 0x9b client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3479 | SERVER-OTHER ARCserve backup TCP product info msg 0x9c client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3480 | SERVER-OTHER ARCserve backup UDP slot info msg client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3481 | SERVER-OTHER ARCserve backup UDP slot info msg client domain overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3482 | SERVER-OTHER ARCserve backup UDP product info msg 0x9b client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3483 | SERVER-OTHER ARCserve backup UDP product info msg 0x9b client domain overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3484 | SERVER-OTHER ARCserve backup UDP product info msg 0x9c client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3485 | SERVER-OTHER ARCserve backup UDP product info msg 0x9c client domain overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3530 | SERVER-OTHER ARCserve backup UDP msg 0x99 client name overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3531 | SERVER-OTHER ARCserve backup UDP msg 0x99 client domain overflow (more info ...) | attempted-admin | 2005-2535 | 12536 | ||
| 3658 | SERVER-OTHER ARCserve universal backup agent option 1000 little endian buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3659 | SERVER-OTHER ARCserve universal backup agent option 1000 buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3660 | SERVER-OTHER ARCserve universal backup agent option 00 little endian buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3661 | SERVER-OTHER ARCserve universal backup agent option 00 buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3662 | SERVER-OTHER ARCserve universal backup agent option 03 little endian buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3663 | SERVER-OTHER ARCserve universal backup agent option 03 buffer overflow attempt (more info ...) | attempted-admin | 2005-1018 | 13102 | 18041 | |
| 3695 | SERVER-OTHER Veritas Backup Agent password overflow attempt (more info ...) | attempted-admin | 2005-0773 | 14022 | ||
| 3696 | SERVER-OTHER Veritas Backup Agent DoS attempt (more info ...) | attempted-dos | 2005-0772 | 14201 | ||
| 6010 | SERVER-OTHER VERITAS NetBackup vnetd connection attempt (more info ...) | protocol-command-decode | ||||
| 6011 | SERVER-OTHER VERITAS NetBackup vnetd buffer overflow attempt (more info ...) | attempted-admin | 2006-0991 | 17264 | ||
| 6404 | SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (more info ...) | protocol-command-decode | ||||
| 6405 | SERVER-OTHER Veritas NetBackup Volume Manager overflow attempt (more info ...) | attempted-admin | 2006-0989 | 17264 | ||
| 10132 | PROTOCOL-RPC portmap BrightStor ARCserve denial of service attempt (more info ...) | attempted-dos | 2007-0816 | 22365 | ||
| 10133 | PROTOCOL-RPC portmap BrightStor ARCserve denial of service attempt (more info ...) | attempted-dos | 2007-0816 | 22365 | ||
| 10483 | PROTOCOL-RPC portmap CA BrightStor ARCserve udp request (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 10484 | PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 191 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 10485 | PROTOCOL-RPC portmap CA BrightStor ARCserve udp procedure 191 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 12904 | SERVER-OTHER Veritas NetBackup vmd shared library buffer overflow attempt (more info ...) | attempted-admin | 2005-3116 | 15353 | ||
| 13552 | SERVER-OTHER Symantec VERITAS Storage Foundation Suite buffer overflow attempt (more info ...) | attempted-admin | 2008-0638 | 25778 | URL | |
| 13716 | PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 232 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 13717 | PROTOCOL-RPC portmap CA BrightStor ARCserve udp procedure 232 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 13800 | SERVER-OTHER ARCServe LGServer service data overflow attempt (more info ...) | attempted-admin | 2008-1328 | 28616 | ||
| 13805 | PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 234 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 13806 | PROTOCOL-RPC portmap CA BrightStor ARCserve udp procedure 234 attempt (more info ...) | rpc-portmap-decode | 2007-1785 | 23209 | ||
| 13846 | SERVER-OTHER Veritas Backup Agent password overflow attempt (more info ...) | attempted-admin | 2005-0773 | |||
| 14741 | SERVER-OTHER Symantec Veritas Foundation Service NULL service authentication attempt (more info ...) | attempted-admin | 2007-2279 | |||
| 16071 | SERVER-OTHER CA ARCServe Backup Discovery Service denial of service attempt (more info ...) | attempted-dos | 2008-1979 | 28927 | URL | |
| 17520 | SERVER-OTHER CA ARCserve Backup DB Engine Denial of Service (more info ...) | protocol-command-decode | 2008-4399 | 31684 | ||
| 17643 | SERVER-OTHER CA BrightStor ARCServe logger servie null-pointer dereference attempt (more info ...) | attempted-admin | 2007-2772 | |||
| 19890 | NETBIOS DCERPC NCACN-IP-TCP CA Arcserve Backup directory traversal attempt (more info ...) | attempted-admin | 2008-4397 | 31684 | ||
| 23409 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23410 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23411 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23412 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23413 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23414 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23415 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23416 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23417 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23418 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23419 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23420 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23421 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23422 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23423 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23424 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23425 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23426 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23427 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23428 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23429 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23430 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23431 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 23432 | BROWSER-PLUGINS Veritas Storage Exec ActiveX clsid access attempt (more info ...) | attempted-user | 2005-2996 | 14801 | ||
| 24639 | PROTOCOL-RPC portmap CA BrightStor ARCserve tcp procedure 122 invalid function call attempt (more info ...) | attempted-admin | 2012-2971 | URL | ||
| 28093 | SERVER-WEBAPP Western Digital Arkeia Appliance directory traversal attempt (more info ...) | attempted-admin | 62444 | |||
| 34944 | POLICY-OTHER Arcserve Unified Data Protection Management credential disclosure attempt (more info ...) | policy-violation | 2015-4069 | 74838 | URL | |
| 37546 | SERVER-OTHER Veritas NetBackup Volume Manager connection attempt (more info ...) | protocol-command-decode | ||||
| 38350 | SERVER-OTHER Veritas NetBackup Volume Manager overflow attempt (more info ...) | attempted-admin | 2006-0989 | 17264 | ||
| 43544 | SERVER-WEBAPP CA ArcServe information disclosure attempt (more info ...) | attempted-user | 2011-3011 | |||
| 57532 | POLICY-OTHER Arcserve Unified Data Protection Management credential disclosure attempt (more info ...) | policy-violation | 2015-4069 | 74838 | URL | |
| 59518 | SERVER-OTHER ArcServe D2D getNews XXE attempt (more info ...) | attempted-user | 2020-27868 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 16712 | SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - GET (more info ...) | attempted-user | 2009-4181 | 37343 | ||
| 16713 | SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflow attempt - POST (more info ...) | attempted-user | 2009-4181 | 37343 | ||
| 18759 | SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - POST (more info ...) | attempted-user | 2011-0262 | 45762 | ||
| 18760 | SERVER-WEBAPP HP OpenView Network Node Manager ovwebsnmpsrv.exe displayWidth buffer overflow attempt - GET (more info ...) | attempted-user | 2011-0262 | 45762 | ||
| 18998 | SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (more info ...) | attempted-admin | 2011-0261 | 45762 | ||
| 26336 | SERVER-OTHER HP LeftHand Virtual SAN hydra snmp request buffer overflow attempt (more info ...) | attempted-admin | 2012-3284 | URL | ||
| 31373 | SERVER-WEBAPP HP OpenView NNM ovwebsnmpsrv.exe command line argument buffer overflow attempt (more info ...) | attempted-admin | 2011-0261 | 45762 | ||
| 36053 | SERVER-WEBAPP Silver Peak VXOA snmp JSON interface command injection attempt (more info ...) | attempted-admin | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 569 | PROTOCOL-RPC snmpXdmi overflow attempt TCP (more info ...) | attempted-admin | 2001-0236 | 2417 | 10659 | URL |
| 593 | PROTOCOL-RPC portmap snmpXdmi request TCP (more info ...) | rpc-portmap-decode | 2001-0236 | 2417 | 10659 | URL |
| 1279 | PROTOCOL-RPC portmap snmpXdmi request UDP (more info ...) | rpc-portmap-decode | 2001-0236 | 2417 | 10659 | URL |
| 2045 | PROTOCOL-RPC snmpXdmi overflow attempt UDP (more info ...) | attempted-admin | 2001-0236 | 2417 | 10659 | URL |
| 13773 | OS-LINUX linux kernel snmp nat netfilter memory corruption attempt (more info ...) | attempted-dos | 2008-1673 | 18081 | URL | |
| 26980 | SERVER-OTHER RealNetworks Helix snmp master agent denial of service attempt (more info ...) | attempted-dos | 2012-1923 | 52929 | ||
| 36493 | SERVER-OTHER Squid snmphandleUDP off-by-one buffer overflow attempt (more info ...) | attempted-dos | 2014-6270 | 69686 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 12424 | PROTOCOL-RPC MIT Kerberos kadmind rpc RPCSEC_GSS buffer overflow attempt (more info ...) | attempted-admin | 2007-3999 | 25534 | URL | |
| 17741 | SERVER-OTHER MIT Kerberos ASN.1 asn1_decode_generaltime uninitialized pointer reference attempt (more info ...) | attempted-admin | 2009-0846 | 34409 | ||
| 27906 | SERVER-OTHER MIT Kerberos KDC prep_reprocess_req null pointer dereference attempt (more info ...) | attempted-admin | 2013-1416 | URL | ||
| 31874 | OS-WINDOWS Microsoft Windows Active Directory kerberos encryption type downgrade attempt (more info ...) | attempted-user | URL | |||
| 33053 | OS-WINDOWS Microsoft RADIUS Server invalid access-request username denial of service attempt (more info ...) | attempted-dos | 2016-0050 | URL | ||
| 34971 | SERVER-OTHER MIT Kerberos KDC as-req sname null pointer dereference attempt (more info ...) | attempted-dos | 2013-1418 | 63555 | URL | |
| 34972 | SERVER-OTHER MIT Kerberos KDC as-req sname null pointer dereference attempt (more info ...) | attempted-dos | 2013-1418 | 63555 | URL | |
| 35118 | OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (more info ...) | attempted-admin | 2014-6324 | 70958 | URL | |
| 36596 | OS-WINDOWS Microsoft Windows Kerberos privilege escalation attempt (more info ...) | attempted-admin | 2014-6324 | 70958 | URL | |
| 44085 | SERVER-OTHER FreeRADIUS invalid WiMAX VSA length out of bounds write attempt (more info ...) | attempted-admin | 2017-10979 | 99901 | ||
| 44293 | SERVER-OTHER FreeRADIUS data2vp_wimax out of bounds write attempt (more info ...) | attempted-admin | 2017-10984 | 99876 | URL | |
| 56581 | MALWARE-TOOLS GhostPack Rubeus kerberos request attempt (more info ...) | trojan-activity | URL | |||
| 56582 | MALWARE-TOOLS GhostPack Rubeus kerberos request attempt (more info ...) | trojan-activity | URL | |||
| 56583 | MALWARE-TOOLS GhostPack Rubeus kerberos request attempt (more info ...) | trojan-activity | URL | |||
| 56584 | MALWARE-TOOLS GhostPack Rubeus kerberos request attempt (more info ...) | trojan-activity | URL | |||
| 59144 | SERVER-OTHER Cisco Identity Services Engine RADIUS denial of service attempt (more info ...) | attempted-dos | 2022-20756 | URL | ||
| 60377 | OS-WINDOWS Microsoft Windows Kerberos elevation of privilege attempt (more info ...) | attempted-admin | 2022-35756 | URL | ||
| 60378 | OS-WINDOWS Microsoft Windows Kerberos elevation of privilege attempt (more info ...) | attempted-admin | 2022-35756 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 2578 | SERVER-OTHER kerberos principal name overflow UDP (more info ...) | attempted-admin | 2003-0072 | 11512 | URL | |
| 2579 | SERVER-OTHER kerberos principal name overflow TCP (more info ...) | attempted-admin | 2003-0072 | 11512 | URL | |
| 3538 | SERVER-OTHER RADIUS registration MSID overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 3539 | SERVER-OTHER RADIUS MSID overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 3540 | SERVER-OTHER RADIUS registration vendor ATTR_TYPE_STR overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 3541 | SERVER-OTHER RADIUS ATTR_TYPE_STR overflow attempt (more info ...) | attempted-admin | 2005-0699 | 12759 | 19120 | |
| 10464 | PROTOCOL-TELNET kerberos login environment variable authentication bypass attempt (more info ...) | attempted-admin | 2007-0956 | URL | ||
| 12046 | PROTOCOL-RPC MIT Kerberos kadmind RPC Library unix authentication buffer overflow attempt (more info ...) | attempted-admin | 2007-2443 | 24657 | URL | |
| 12075 | PROTOCOL-RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | 2007-2442 | 24655 | URL | |
| 12708 | PROTOCOL-RPC MIT Kerberos kadmind auth buffer overflow attempt (more info ...) | rpc-portmap-decode | 2007-2443 | 24657 | URL | |
| 13223 | PROTOCOL-RPC MIT Kerberos kadmind rpc library uninitialized pointer arbitrary code execution attempt (more info ...) | attempted-admin | 2007-2442 | 24655 | URL | |
| 15169 | POLICY-SOCIAL XBOX Live Kerberos authentication request (more info ...) | policy-violation | URL | |||
| 16207 | SERVER-WEBAPP MIT Kerberos V% KAdminD klog_vsyslog server overflow attempt (more info ...) | attempted-user | 2007-0957 | 23285 | URL | |
| 16209 | SERVER-OTHER FreeRADIUS RADIUS server rad_decode remote denial of service attempt (more info ...) | attempted-dos | 2009-3111 | 36263 | ||
| 16394 | OS-WINDOWS Active Directory Kerberos referral TGT renewal DoS attempt (more info ...) | attempted-dos | 2010-0035 | URL | ||
| 17243 | SERVER-OTHER MIT Kerberos V5 krb5_recvauth double free attempt (more info ...) | attempted-admin | 2005-1689 | 14239 | URL | |
| 17273 | SERVER-OTHER MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (more info ...) | attempted-admin | 2005-1174 | URL | ||
| 17274 | SERVER-OTHER MIT Kerberos V5 KDC krb5_unparse_name overflow attempt (more info ...) | attempted-admin | 2005-1175 | URL | ||
| 18414 | OS-WINDOWS Microsoft Windows Kerberos auth downgrade to DES MITM attempt (more info ...) | attempted-user | 2011-0091 | URL | ||
| 18533 | SERVER-OTHER MIT Kerberos KDC authentication denial of service attempt (more info ...) | attempted-dos | 2010-0283 | 38260 | URL | |
| 18534 | SERVER-OTHER MIT Kerberos KDC authentication denial of service attempt (more info ...) | attempted-dos | 2010-0283 | 38260 | URL | |
| 18901 | SERVER-OTHER MIT Kerberos KDC Ticket validation double free memory corruption attempt (more info ...) | attempted-admin | 2010-1320 | 39599 | URL | |
| 24360 | OS-WINDOWS Microsoft Windows SMB Kerberos NULL session denial of service attempt (more info ...) | attempted-dos | 2012-2551 | URL | ||
| 26759 | SERVER-OTHER MIT Kerberos libkdb_ldap principal name handling denial of service attempt (more info ...) | attempted-dos | 2011-0282 | 46271 | URL | |
| 26769 | SERVER-OTHER MIT Kerberos kpasswd process_chpw_request denial of service attempt (more info ...) | attempted-dos | 2011-0285 | 47310 | URL | |
| 27193 | SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2011-0283 | URL | ||
| 27194 | SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2011-0283 | URL | ||
| 27195 | SERVER-OTHER Kerberos KDC null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2011-0283 | URL | ||
| 31764 | SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (more info ...) | attempted-dos | 2009-3295 | 37486 | URL | |
| 31765 | SERVER-OTHER MIT Kerberos KDC TGS request cross-realm referral null pointer dereference denial of service attempt (more info ...) | attempted-dos | 2009-3295 | 37486 | URL | |
| 34709 | SERVER-OTHER MIT Kerberos 5 krb5_read_message denial of service attempt (more info ...) | attempted-dos | 2014-5355 | URL | ||
| 36815 | SERVER-OTHER MIT Kerberos 5 SPNEGO incoming token detected (more info ...) | protocol-command-decode | 2014-4344 | URL | ||
| 36816 | SERVER-OTHER MIT Kerberos 5 IAKERB outbound token detected (more info ...) | protocol-command-decode | 2014-4344 | URL | ||
| 42466 | SERVER-OTHER WinRadius long password denial of service attempt (more info ...) | misc-activity | 2012-3816 | |||
| 45187 | SERVER-OTHER WinRadius long password denial of service attempt (more info ...) | misc-activity | 2012-3816 | |||
| 51085 | SERVER-OTHER FreeRadius malformed service type field denial of service attempt (more info ...) | denial-of-service | 2004-0938 | |||
| 51228 | SERVER-OTHER FreeRADIUS DHCP string options integer underflow attempt (more info ...) | denial-of-service | 2017-10986 | |||
| 51231 | SERVER-OTHER FreeRADIUS DHCP string options integer underflow attempt (more info ...) | denial-of-service | 2017-10986 | |||
| 51232 | SERVER-OTHER FreeRADIUS DHCP string options integer underflow attempt (more info ...) | denial-of-service | 2017-10986 | |||
| 51233 | SERVER-OTHER FreeRADIUS DHCP string options integer underflow attempt (more info ...) | denial-of-service | 2017-10986 | |||
| 52384 | SERVER-OTHER MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth version string denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52385 | SERVER-OTHER MIT Kerberos 5 krb5_read_message klogin protocol bad sendauth or app version length denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52386 | SERVER-OTHER MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version length denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52387 | SERVER-OTHER MIT Kerberos 5 krb5_read_message kprop protocol bad sendauth version length denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52388 | SERVER-OTHER MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad sendauth version string denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52389 | SERVER-OTHER MIT Kerberos 5 krb5_read_message klogin ksh kprop protocols bad app version string denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52391 | SERVER-OTHER MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 52392 | SERVER-OTHER MIT Kerberos 5 krb5_read_message ksh protocol bad sendauth version length denial of service attempt (more info ...) | attempted-dos | 2014-5355 | |||
| 59485 | SERVER-OTHER MIT Kerberos null pointer dereference attempt (more info ...) | attempted-dos | 2016-3119 | |||
| 59615 | SERVER-OTHER Kerberos cross-realm referrals KDC NULL pointer dereference attempt (more info ...) | attempted-dos | 2013-1417 | |||
| 59616 | SERVER-OTHER Kerberos cross-realm referrals KDC NULL pointer dereference attempt (more info ...) | attempted-dos | 2013-1417 | |||
| 59640 | SERVER-OTHER Kerberos 5 build_principal_va denial of service attempt (more info ...) | attempted-dos | 2015-2697 | |||
| 59641 | SERVER-OTHER Kerberos 5 build_principal_va denial of service attempt (more info ...) | attempted-dos | 2015-2697 | |||
| 59747 | SERVER-OTHER MIT Kerberos Modify Principal null principal denial of service attempt (more info ...) | attempted-dos | 2015-8630 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 15971 | SERVER-OTHER CVS Argumentx command double free attempt (more info ...) | attempted-admin | 2004-0416 | 10499 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1552 | SERVER-WEBAPP cvsweb version access (more info ...) | web-application-activity | 2000-0670 | 10465 | ||
| 2008 | INDICATOR-COMPROMISE CVS invalid user authentication response (more info ...) | misc-attack | ||||
| 2009 | INDICATOR-COMPROMISE CVS invalid repository response (more info ...) | misc-attack | ||||
| 2010 | INDICATOR-COMPROMISE CVS double free exploit attempt response (more info ...) | misc-attack | 2003-0015 | 6650 | 11385 | |
| 2011 | INDICATOR-COMPROMISE CVS invalid directory response (more info ...) | misc-attack | 2003-0015 | 6650 | 11385 | |
| 2012 | INDICATOR-COMPROMISE CVS missing cvsroot response (more info ...) | misc-attack | ||||
| 2013 | INDICATOR-COMPROMISE CVS invalid module response (more info ...) | misc-attack | ||||
| 2317 | INDICATOR-COMPROMISE CVS non-relative path error response (more info ...) | misc-attack | 2003-0977 | 9178 | 11947 | |
| 2318 | SERVER-OTHER CVS non-relative path access attempt (more info ...) | misc-attack | 2003-0977 | 9178 | 11947 | |
| 2583 | SERVER-OTHER CVS Max-dotdot integer overflow attempt (more info ...) | misc-attack | 2004-0417 | 10499 | ||
| 3651 | SERVER-OTHER CVS rsh annotate revision overflow attempt (more info ...) | attempted-dos | 2005-0753 | 13217 | 18097 | URL |
| 3652 | SERVER-OTHER CVS pserver annotate revision overflow attempt (more info ...) | attempted-dos | 2005-0753 | 13217 | 18097 | URL |
| 13614 | SERVER-OTHER CVS Argument overflow attempt (more info ...) | attempted-admin | 2004-0396 | |||
| 13615 | SERVER-OTHER CVS Argument overflow attempt (more info ...) | attempted-admin | 2004-0396 | |||
| 13616 | SERVER-OTHER CVS Argument overflow (more info ...) | attempted-admin | 2004-0396 | |||
| 20060 | SERVER-OTHER CVS annotate command buffer overflow attempt (more info ...) | attempted-dos | 2005-0573 | 13217 | ||
| 23402 | SERVER-WEBAPP CVS remote file information disclosure attempt (more info ...) | attempted-recon | 2004-0788 | 10955 |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 7098 | MALWARE-BACKDOOR remote hack 1.5 runtime detection - get password (more info ...) | trojan-activity | URL | |||
| 8445 | FILE-OFFICE Microsoft Windows RTF file with embedded object package download attempt (more info ...) | misc-activity | 2006-4692 | URL | ||
| 10407 | SERVER-OTHER Helix Server LoadTestPassword buffer overflow attempt (more info ...) | attempted-admin | 2006-6026 | 23068 | ||
| 11835 | FILE-IDENTIFY Visio file magic detected (more info ...) | policy-violation | URL | |||
| 12283 | FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (more info ...) | misc-activity | URL | |||
| 13473 | FILE-IDENTIFY Microsoft Office Publisher file download request (more info ...) | misc-activity | URL | |||
| 15118 | BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX clsid access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15120 | BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX function call access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15294 | FILE-IDENTIFY Microsoft Office Visio file download request (more info ...) | misc-activity | ||||
| 15463 | FILE-IDENTIFY Microsoft Office Excel file download request (more info ...) | misc-activity | URL | |||
| 15586 | FILE-IDENTIFY Microsoft Office PowerPoint file download request (more info ...) | misc-activity | URL | |||
| 15587 | FILE-IDENTIFY Microsoft Office Word file download request (more info ...) | misc-activity | URL | |||
| 15975 | FILE-IMAGE OpenOffice TIFF file in little endian format parsing integer overflow attempt (more info ...) | attempted-user | 2007-2834 | 25690 | ||
| 15976 | FILE-IMAGE OpenOffice TIFF file in big endian format parsing integer overflow attempt (more info ...) | attempted-user | 2007-2834 | 25690 | ||
| 16216 | SERVER-OTHER IBM Tivoli Provisioning Manager long URI request buffer overflow attempt (more info ...) | attempted-user | 2008-0401 | 27387 | ||
| 16654 | FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (more info ...) | attempted-user | 2012-1886 | URL | ||
| 17295 | SERVER-WEBAPP Trend Micro OfficeScan Console authentication buffer overflow attempt (more info ...) | attempted-admin | 2007-3455 | 24935 | ||
| 17665 | FILE-OFFICE OpenOffice Word document table parsing multiple heap based buffer overflow attempt (more info ...) | attempted-user | 2009-0201 | 36200 | ||
| 18066 | FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (more info ...) | attempted-user | 2010-2573 | URL | ||
| 18067 | FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (more info ...) | attempted-user | 2010-3333 | URL | ||
| 18200 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2012-2524 | URL | ||
| 18310 | FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (more info ...) | attempted-user | 2010-3333 | URL | ||
| 18481 | SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - password parameter (more info ...) | attempted-admin | 2009-4176 | 37330 | URL | |
| 18516 | FILE-IDENTIFY Microsoft Office Word file download request (more info ...) | misc-activity | ||||
| 18546 | FILE-OFFICE Microsoft Office Word with embedded Flash file transfer (more info ...) | attempted-user | 2011-0611 | URL | ||
| 18581 | SERVER-OTHER IBM Tivoli Provisioning Manager long URI request buffer overflow attempt (more info ...) | attempted-user | 2008-0401 | 27387 | ||
| 18582 | SERVER-OTHER IBM Tivoli Provisioning Manager long URI request buffer overflow attempt (more info ...) | attempted-user | 2008-0401 | 27387 | ||
| 18680 | FILE-OFFICE Microsoft Office RTF malformed pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 18702 | FILE-OFFICE Microsoft Office RTF malformed pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 18703 | FILE-OFFICE Microsoft Office RTF malformed pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 18704 | FILE-OFFICE Microsoft Office RTF malformed second pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 18705 | FILE-OFFICE Microsoft Office RTF malformed second pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 18706 | FILE-OFFICE Microsoft Office RTF malformed second pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 19156 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2012-2524 | URL | ||
| 19166 | FILE-IDENTIFY Microsoft Office Excel file magic detected (more info ...) | misc-activity | ||||
| 19208 | SERVER-OTHER Citrix Provisioning Services streamprocess.exe buffer overflow attempt (more info ...) | attempted-user | 45914 | URL | ||
| 20723 | FILE-IDENTIFY Microsoft Office Word docx file download request (more info ...) | misc-activity | URL | |||
| 20792 | FILE-IDENTIFY Microsoft Office Excel file attachment detected (more info ...) | misc-activity | ||||
| 20793 | FILE-IDENTIFY Microsoft Office Excel file attachment detected (more info ...) | misc-activity | ||||
| 20795 | FILE-IDENTIFY Microsoft Office Word file attachment detected (more info ...) | misc-activity | ||||
| 20796 | FILE-IDENTIFY Microsoft Office Word file attachment detected (more info ...) | misc-activity | ||||
| 20854 | FILE-IDENTIFY Microsoft Office Visio file attachment detected (more info ...) | misc-activity | ||||
| 20855 | FILE-IDENTIFY Microsoft Office Visio file attachment detected (more info ...) | misc-activity | ||||
| 20880 | FILE-OFFICE Microsoft DirectShow Line 21 decoder exploit attempt (more info ...) | attempted-user | 2012-0004 | URL | ||
| 20982 | FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (more info ...) | misc-activity | ||||
| 20983 | FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (more info ...) | misc-activity | ||||
| 20986 | FILE-IDENTIFY Microsoft Office Word docx file attachment detected (more info ...) | misc-activity | ||||
| 20987 | FILE-IDENTIFY Microsoft Office Word docx file attachment detected (more info ...) | misc-activity | ||||
| 21011 | FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (more info ...) | misc-activity | ||||
| 21291 | FILE-OFFICE Microsoft Office Visio invalid row option attempt (more info ...) | attempted-user | 2012-0138 | URL | ||
| 21293 | FILE-OFFICE Microsoft Office Visio corrupted compressed data memory corruption attempt (more info ...) | attempted-user | 2012-0137 | URL | ||
| 21301 | FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (more info ...) | attempted-user | 2012-0019 | URL | ||
| 21302 | FILE-OFFICE Microsoft Office Visio TAG_OLEChunk code execution attempt (more info ...) | attempted-user | 2012-0020 | URL | ||
| 21307 | FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (more info ...) | attempted-user | 2012-0136 | URL | ||
| 21699 | FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (more info ...) | misc-activity | ||||
| 21700 | FILE-IDENTIFY Microsoft Office Excel xlw file attachment detected (more info ...) | misc-activity | ||||
| 21764 | FILE-OFFICE Microsoft Office Word unicode parsing buffer overflow attempt (more info ...) | attempted-user | 2004-0963 | URL | ||
| 21794 | FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (more info ...) | attempted-user | 2012-0177 | URL | ||
| 21797 | FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21798 | FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21799 | FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21800 | FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21801 | FILE-OFFICE MSCOMCTL ActiveX control deserialization arbitrary code execution attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21884 | FILE-IDENTIFY Microsoft Office Publisher file attachment detected (more info ...) | misc-activity | ||||
| 21885 | FILE-IDENTIFY Microsoft Office Publisher file attachment detected (more info ...) | misc-activity | ||||
| 21896 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21897 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21898 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21899 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21900 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21901 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21902 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21903 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21904 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21905 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21906 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 21935 | FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (more info ...) | attempted-user | 2012-0177 | URL | ||
| 21937 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 22076 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0141 | URL | ||
| 22077 | FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (more info ...) | attempted-user | 2012-0142 | 53373 | URL | |
| 22082 | FILE-IDENTIFY Microsoft Office PowerPoint pptx file download request (more info ...) | misc-activity | URL | |||
| 22083 | FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (more info ...) | misc-activity | ||||
| 22084 | FILE-IDENTIFY Microsoft Office PowerPoint pptx file attachment detected (more info ...) | misc-activity | ||||
| 22085 | FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (more info ...) | attempted-user | 2012-0165 | URL | ||
| 22086 | FILE-OFFICE Microsoft Office GDI+ incorrect index validation of malformed EMF image attempt (more info ...) | attempted-user | 2012-0165 | URL | ||
| 22089 | FILE-OFFICE Microsoft RTF improper listoverride nesting attempt (more info ...) | attempted-user | 2012-0183 | URL | ||
| 22091 | FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (more info ...) | attempted-user | 2012-0184 | URL | ||
| 22092 | FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 22093 | FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 22094 | FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 22101 | FILE-OFFICE Microsoft Office RTF malformed pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 22102 | FILE-OFFICE Microsoft Office RTF malformed pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 23009 | FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (more info ...) | attempted-user | 2012-0184 | URL | ||
| 23059 | FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (more info ...) | attempted-user | 2012-0019 | URL | ||
| 23102 | POLICY-OTHER Seagate BlackArmor administrator password reset attempt (more info ...) | attempted-admin | 2012-2568 | URL | ||
| 23305 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 23330 | PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (more info ...) | attempted-user | 2011-3322 | 49480 | ||
| 23697 | FILE-IDENTIFY Microsoft Office Excel xlw file magic detected (more info ...) | misc-activity | URL | |||
| 23712 | FILE-IDENTIFY Microsoft Office Excel file magic detected (more info ...) | misc-activity | ||||
| 23714 | FILE-IDENTIFY Microsoft Office Publisher file magic detected (more info ...) | misc-activity | 2006-0001 | URL | ||
| 23751 | FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (more info ...) | misc-activity | ||||
| 23753 | FILE-IDENTIFY Visio file magic detected (more info ...) | policy-violation | URL | |||
| 23842 | FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (more info ...) | attempted-user | 2012-1888 | URL | ||
| 23843 | FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (more info ...) | attempted-user | 2012-1888 | URL | ||
| 23956 | FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (more info ...) | attempted-user | 2012-1888 | URL | ||
| 23957 | FILE-OFFICE Microsoft Office Visio DXF file text overflow attempt (more info ...) | attempted-user | 2012-1888 | URL | ||
| 23989 | FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (more info ...) | attempted-user | 2012-0167 | |||
| 23992 | FILE-OFFICE Microsoft Office EMF image EMFPlusPointF record memory corruption attempt (more info ...) | attempted-user | 2012-0167 | |||
| 24004 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (more info ...) | misc-activity | ||||
| 24005 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (more info ...) | misc-activity | ||||
| 24006 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (more info ...) | attempted-user | 2013-1313 | URL | ||
| 24351 | FILE-OFFICE Microsoft Works 9 use-after-free attempt (more info ...) | attempted-user | 2012-2550 | URL | ||
| 24352 | FILE-OFFICE Microsoft Works 9 use-after-free attempt (more info ...) | attempted-user | 2012-2550 | URL | ||
| 24353 | FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (more info ...) | attempted-user | 2012-2528 | URL | ||
| 24354 | FILE-OFFICE Microsoft Office Word RTF malformed listid attempt (more info ...) | attempted-user | 2012-2528 | URL | ||
| 24357 | FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (more info ...) | attempted-user | 2012-0182 | URL | ||
| 24358 | FILE-OFFICE Microsoft Office Word rgfc value overflow attempt (more info ...) | attempted-user | 2012-0182 | URL | ||
| 24512 | SERVER-OTHER Citrix Provisioning Services opcode buffer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24513 | SERVER-OTHER Citrix Provisioning Services opcode buffer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24520 | SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (more info ...) | attempted-admin | 2012-3811 | 54225 | URL | |
| 24587 | FILE-OFFICE Microsoft Works Word document use after free attempt (more info ...) | attempted-user | 2012-2550 | |||
| 24588 | FILE-OFFICE Microsoft Works Word document use after free attempt (more info ...) | attempted-user | 2012-2550 | |||
| 24657 | FILE-OFFICE Microsoft Office Excel Publisher record heap buffer overflow attempt (more info ...) | attempted-user | 2012-1886 | URL | ||
| 24658 | FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (more info ...) | attempted-user | 2012-1885 | URL | ||
| 24659 | FILE-OFFICE Microsoft Office Excel SERIES record code execution attempt (more info ...) | attempted-user | 2012-1885 | URL | ||
| 24673 | FILE-OFFICE Microsoft Office Excel SST record invalid length memory corruption attempt (more info ...) | attempted-user | 2012-1887 | 56430 | URL | |
| 24741 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24742 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24743 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24744 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24745 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24746 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24747 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24748 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24749 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24750 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24751 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24752 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24753 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24754 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24755 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24756 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24757 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24758 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24759 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24760 | SERVER-OTHER Citrix Provisioning Services multiple opcode integer overflow attempt (more info ...) | attempted-user | 49803 | |||
| 24823 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2012-2524 | URL | ||
| 24964 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 24965 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 24966 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 24967 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 24968 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 24969 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 24970 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 25293 | FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 25294 | FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 25295 | FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 25296 | FILE-OFFICE Microsoft Office Excel IPMT record buffer overflow attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 25366 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0143 | 53374 | URL | |
| 25367 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0143 | 53374 | URL | |
| 25393 | FILE-OFFICE Microsoft Office RTF malformed pfragments field (more info ...) | attempted-user | 2010-3333 | 44652 | URL | |
| 26059 | FILE-IDENTIFY Microsoft Office PowerPoint file magic detected (more info ...) | misc-activity | ||||
| 26060 | FILE-IDENTIFY Microsoft Office PowerPoint file download request (more info ...) | misc-activity | ||||
| 26061 | FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (more info ...) | misc-activity | ||||
| 26062 | FILE-IDENTIFY Microsoft Office PowerPoint file attachment detected (more info ...) | misc-activity | ||||
| 26063 | FILE-IDENTIFY Microsoft Office Word docm file download request (more info ...) | misc-activity | URL | |||
| 26064 | FILE-IDENTIFY Microsoft Office Word docm file attachment detected (more info ...) | misc-activity | ||||
| 26065 | FILE-IDENTIFY Microsoft Office Word docm file attachment detected (more info ...) | misc-activity | ||||
| 26083 | FILE-IDENTIFY Microsoft Office Excel file download request (more info ...) | misc-activity | ||||
| 26084 | FILE-IDENTIFY Microsoft Office Excel file attachment detected (more info ...) | misc-activity | ||||
| 26085 | FILE-IDENTIFY Microsoft Office Excel file attachment detected (more info ...) | misc-activity | ||||
| 26163 | FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (more info ...) | attempted-user | 2013-0079 | URL | ||
| 26164 | FILE-OFFICE Microsoft Office Visio TAG_xxxSheet code execution attempt (more info ...) | attempted-user | 2013-0079 | URL | ||
| 26973 | FILE-OFFICE Microsoft Office Visio TAG_xxxSect code execution attempt (more info ...) | attempted-user | 2012-0019 | URL | ||
| 27249 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0141 | URL | ||
| 27820 | FILE-OFFICE Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation attempt (more info ...) | attempted-user | 2013-1315 | URL | ||
| 27821 | FILE-OFFICE Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation attempt (more info ...) | attempted-user | 2013-1315 | URL | ||
| 27823 | SERVER-WEBAPP Microsoft Office SharePoint malicious serialized viewstate evaluation attempt (more info ...) | attempted-admin | 2013-1330 | URL | ||
| 27824 | FILE-OFFICE Microsoft Office Excel invalid external defined names read AV attempt (more info ...) | attempted-user | 2013-3158 | URL | ||
| 27825 | FILE-OFFICE Microsoft Office Excel invalid external defined names read AV attempt (more info ...) | attempted-user | 2013-3158 | URL | ||
| 27850 | FILE-OFFICE Microsoft Office SDTI signed integer underflow attempt (more info ...) | attempted-user | 2013-3848 | URL | ||
| 27851 | FILE-OFFICE Microsoft Office SDTI signed integer underflow attempt (more info ...) | attempted-user | 2013-3848 | URL | ||
| 27852 | FILE-OFFICE Microsoft Office Word invalid number of cells memory corruption attempt (more info ...) | attempted-user | 2013-3852 | URL | ||
| 27853 | FILE-OFFICE Microsoft Office Word invalid number of cells memory corruption attempt (more info ...) | attempted-user | 2013-3852 | URL | ||
| 27854 | FILE-OFFICE Microsoft Office Word document invalid cell count memory corruption attempt (more info ...) | attempted-user | 2013-3856 | URL | ||
| 27855 | FILE-OFFICE Microsoft Office Word document invalid cell count memory corruption attempt (more info ...) | attempted-user | 2013-3856 | URL | ||
| 27856 | FILE-OFFICE Microsoft Office Word document invalid cell count memory corruption attempt (more info ...) | attempted-user | 2013-3854 | URL | ||
| 27857 | FILE-OFFICE Microsoft Office Word document invalid cell count memory corruption attempt (more info ...) | attempted-user | 2013-3854 | URL | ||
| 27858 | FILE-OFFICE Microsoft Office Word malformed OCXINFO element EoP attempt (more info ...) | attempted-user | 2013-3850 | URL | ||
| 27859 | FILE-OFFICE Microsoft Office Word malformed OCXINFO element EoP attempt (more info ...) | attempted-user | 2013-3850 | URL | ||
| 27862 | SERVER-WEBAPP Avaya IP Office Customer Call Reporter invalid file upload attempt (more info ...) | attempted-admin | 2012-3811 | 54225 | URL | |
| 27945 | FILE-OFFICE Microsoft Office Excel ObjectLink invalid wLinkVar2 value attempt (more info ...) | attempted-user | 2012-0142 | 53373 | URL | |
| 28205 | FILE-OFFICE Microsoft Office Word 2003 macro byte opcode large data structure arbitrary code execution attempt (more info ...) | attempted-user | 2013-3891 | URL | ||
| 28206 | FILE-OFFICE Microsoft Office Word 2003 macro byte opcode large data structure arbitrary code execution attempt (more info ...) | attempted-user | 2013-3891 | URL | ||
| 28331 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28332 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28333 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28334 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28335 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28336 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28337 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28338 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28339 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28340 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28341 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28342 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28343 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 28464 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28465 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28466 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28467 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28468 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28469 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28470 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28471 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28472 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28473 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28497 | FILE-IDENTIFY WordPerfect file magic detected (more info ...) | misc-activity | URL | |||
| 28498 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1325 | URL | ||
| 28499 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1325 | URL | ||
| 28502 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1324 | URL | ||
| 28503 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1324 | URL | ||
| 28521 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 28525 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28526 | FILE-OFFICE Microsoft Office GDI library TIFF handling integer overflow attempt (more info ...) | attempted-user | 2013-3906 | 63530 | URL | |
| 28544 | FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 28545 | FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 28546 | FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 29326 | FILE-OFFICE Microsoft Office Excel SERIES record sdtY memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 29327 | FILE-OFFICE Microsoft Office Excel SERIES record SerAuxTrend sdtX memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 29328 | FILE-OFFICE Microsoft Office Excel SERIES record SerAuxErrBar sdtX memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 29346 | SERVER-WEBAPP Avaya IP Office Customer Call Reporter cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 29515 | PROTOCOL-SCADA ScadaTec Procyon Core server password overflow attempt (more info ...) | attempted-user | 2011-3322 | 49480 | ||
| 29522 | SERVER-WEBAPP Alcatel-Lucent OmniPCX Office remote code execution attempt (more info ...) | attempted-user | 2008-1331 | 25758 | ||
| 29723 | FILE-OFFICE Microsoft Office Word invalid sprmPNumRM record (more info ...) | attempted-admin | 2014-0258 | URL | ||
| 29724 | FILE-OFFICE Microsoft Office Word invalid sprmPNumRM record (more info ...) | attempted-admin | 2014-0258 | URL | ||
| 29725 | FILE-OFFICE Microsoft Office Word invalid sprmPNumRM record (more info ...) | attempted-admin | 2014-0258 | URL | ||
| 29726 | FILE-OFFICE Microsoft Office Word invalid sprmPNumRM record (more info ...) | attempted-admin | 2014-0258 | URL | ||
| 30153 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30154 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30155 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30156 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30157 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30158 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30159 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30160 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via MIME HTML document attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30161 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via malicious MSComctlLib object attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30163 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via malicious MSComctlLib object attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30164 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via malicious MSComctlLib xls object attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30165 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via malicious toolbar and author attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30166 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via malicious toolbar and author attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30769 | SERVER-OTHER Wordpress linenity theme LFI attempt (more info ...) | attempted-admin | 66921 | |||
| 31341 | SERVER-WEBAPP Supermicro Intelligent Management Controller password file disclosure attempt (more info ...) | attempted-recon | URL | |||
| 31342 | SERVER-WEBAPP Supermicro Intelligent Management Controller password file disclosure attempt (more info ...) | attempted-recon | URL | |||
| 31534 | FILE-OFFICE Microsoft Access memory corruption attempt (more info ...) | attempted-user | 2013-3155 | URL | ||
| 31535 | FILE-OFFICE Microsoft Access memory corruption attempt (more info ...) | attempted-user | 2013-3155 | URL | ||
| 31536 | FILE-OFFICE Microsoft Access memory corruption attempt (more info ...) | attempted-user | 2013-3155 | URL | ||
| 31537 | FILE-OFFICE Microsoft Access memory corruption attempt (more info ...) | attempted-user | 2013-3155 | URL | ||
| 31926 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 31927 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32063 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2012-2524 | URL | ||
| 32147 | FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 32148 | FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 32186 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 32187 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 32313 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 32314 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 32315 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 32316 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 32432 | FILE-OFFICE Microsoft Office Word lcbPlcffndTxt out-of-bounds attempt (more info ...) | attempted-user | 2014-6334 | URL | ||
| 32433 | FILE-OFFICE Microsoft Office Word fcPlfguidUim out-of-bounds attempt (more info ...) | attempted-user | 2014-6334 | URL | ||
| 32434 | FILE-OFFICE Microsoft Office Word lcbPlcffndTxt out-of-bounds attempt (more info ...) | attempted-user | 2014-6334 | URL | ||
| 32435 | FILE-OFFICE Microsoft Office Word fcPlfguidUim out-of-bounds attempt (more info ...) | attempted-user | 2014-6334 | URL | ||
| 32477 | FILE-OFFICE Microsoft Office Word bOffset value overflow attempt (more info ...) | attempted-user | 2014-6335 | URL | ||
| 32643 | FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (more info ...) | attempted-user | 2012-0177 | URL | ||
| 32644 | FILE-OFFICE Microsoft Works 9 and Word 12 converter heap overflow attempt (more info ...) | attempted-user | 2012-0177 | URL | ||
| 32683 | FILE-OFFICE Microsoft Office Excel blip image use after free attempt (more info ...) | attempted-user | 2014-6360 | URL | ||
| 32684 | FILE-OFFICE Microsoft Office Excel blip image use after free attempt (more info ...) | attempted-user | 2014-6360 | URL | ||
| 32687 | FILE-OFFICE Microsoft Office use after free (more info ...) | attempted-user | 2014-6364 | URL | ||
| 32688 | FILE-OFFICE Microsoft Office use after free (more info ...) | attempted-user | 2014-6364 | URL | ||
| 32707 | FILE-OFFICE Microsoft Office RTF object use after free attempt (more info ...) | attempted-user | 2014-6357 | URL | ||
| 32708 | FILE-OFFICE Microsoft Office RTF object use after free attempt (more info ...) | attempted-user | 2014-6357 | URL | ||
| 32711 | FILE-OFFICE Microsoft Office Word array index out-of-bounds attempt (more info ...) | attempted-user | 2014-6356 | URL | ||
| 32712 | FILE-OFFICE Microsoft Office Word array index out-of-bounds attempt (more info ...) | attempted-user | 2014-6356 | URL | ||
| 32718 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2014-6361 | URL | ||
| 32719 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2014-6361 | URL | ||
| 32857 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32858 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32859 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32860 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32861 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32862 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32863 | FILE-OFFICE Microsoft Windows common controls MSCOMCTL.OCX buffer overflow attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 32888 | INDICATOR-COMPROMISE Potential Redirect from Compromised WordPress site to Fedex - Spammed Malware Download attempt (more info ...) | trojan-activity | URL | |||
| 32962 | SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (more info ...) | attempted-admin | 2014-8741 | 71623 | URL | |
| 32963 | SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (more info ...) | attempted-admin | 2014-8741 | 71623 | URL | |
| 32964 | SERVER-WEBAPP Lexmark MarkVision Enterprise GfdFileUploadServlet directory traversal attempt (more info ...) | attempted-admin | 2014-8741 | 71623 | URL | |
| 33275 | SERVER-WEBAPP WordPress pingback gethostbyname heap buffer overflow attempt (more info ...) | web-application-attack | 2015-0235 | 72325 | URL | |
| 33350 | FILE-OFFICE Microsoft Office Word wwlib use after free attempt (more info ...) | attempted-user | 2015-0064 | URL | ||
| 33351 | FILE-OFFICE Microsoft Office Word wwlib use after free attempt (more info ...) | attempted-user | 2015-0064 | URL | ||
| 33362 | FILE-OFFICE Microsoft Office Excel remote exploit attempt (more info ...) | attempted-user | 2015-0063 | URL | ||
| 33587 | FILE-OFFICE Microsoft RTF improper listoverride nesting attempt (more info ...) | attempted-user | 2012-0183 | URL | ||
| 33705 | FILE-OTHER Microsoft Office RTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2015-0086 | URL | ||
| 33706 | FILE-OTHER Microsoft Office RTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2015-0086 | URL | ||
| 33715 | FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (more info ...) | attempted-user | 2015-0085 | URL | ||
| 33716 | FILE-OFFICE Microsoft Office Word incorrect schema property remote code execution attempt (more info ...) | attempted-user | 2015-0085 | URL | ||
| 33826 | SERVER-SAMBA Samba smbd _netr_ServerPasswordSet deprecated vulnerable function access attempt (more info ...) | policy-violation | 2015-0240 | 72711 | URL | |
| 33934 | SERVER-WEBAPP Wordpress WP Marketplace plugin directory traversal attempt (more info ...) | attempted-recon | 2014-9014 | |||
| 33935 | SERVER-WEBAPP Wordpress WP Marketplace plugin privilege escalation attempt (more info ...) | attempted-admin | 2014-9013 | |||
| 33986 | POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (more info ...) | policy-violation | 2015-2560 | |||
| 34024 | POLICY-OTHER ManageEngine Desktop Central insecure admin password reset attempt (more info ...) | policy-violation | 2015-2560 | |||
| 34055 | SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2014-9375 | 72726 | ||
| 34056 | SERVER-WEBAPP Lexmark Markvision Enterprise LibraryFileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2014-9375 | 72726 | ||
| 34062 | FILE-OFFICE Microsoft Office Word document memory corruption attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 34063 | FILE-OFFICE Microsoft Office Word document memory corruption attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 34066 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | 74011 | URL | |
| 34067 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | 74011 | URL | |
| 34086 | FILE-OFFICE Microsoft Office RTF double-free remote code execution attempt (more info ...) | attempted-user | 2015-1651 | URL | ||
| 34087 | FILE-OFFICE Microsoft Office RTF double-free remote code execution attempt (more info ...) | attempted-user | 2015-1651 | URL | ||
| 34093 | FILE-OFFICE Microsoft Office RTF out-of-bounds array access remote code execution attempt (more info ...) | attempted-user | 2015-1649 | URL | ||
| 34094 | FILE-OFFICE Microsoft Office RTF out-of-bounds array access remote code execution attempt (more info ...) | attempted-user | 2015-1649 | URL | ||
| 34428 | FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (more info ...) | denial-of-service | 2015-1682 | URL | ||
| 34429 | FILE-OFFICE Microsoft Office Word incorrect ptCount element denial of service attempt (more info ...) | denial-of-service | 2015-1682 | URL | ||
| 34737 | FILE-OFFICE Microsoft Office Word WordPerfect converter ForeignToRtf32 use after free attempt (more info ...) | attempted-user | 2015-1759 | URL | ||
| 34738 | FILE-OFFICE Microsoft Office Word WordPerfect converter ForeignToRtf32 use after free attempt (more info ...) | attempted-user | 2015-1759 | URL | ||
| 34739 | FILE-OFFICE Microsoft Office Word WordPerfect converter EnumFontFamProc use after free attempt (more info ...) | attempted-user | 2015-1760 | URL | ||
| 34740 | FILE-OFFICE Microsoft Office Word WordPerfect converter EnumFontFamProc use after free attempt (more info ...) | attempted-user | 2015-1760 | URL | ||
| 34743 | FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (more info ...) | attempted-user | 2015-1770 | URL | ||
| 34744 | FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (more info ...) | attempted-user | 2015-1770 | URL | ||
| 35018 | FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 35019 | FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 35020 | FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 35021 | FILE-OFFICE Microsoft Office Word nested tblStylePr element use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 35137 | FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (more info ...) | attempted-user | 2015-2376 | URL | ||
| 35138 | FILE-OFFICE Microsoft Office Excel out of bounds memory access attempt (more info ...) | attempted-user | 2015-2376 | URL | ||
| 35141 | FILE-OFFICE Microsoft Office Excel malformed workbook record remote code execution attempt (more info ...) | attempted-user | 2015-2415 | URL | ||
| 35142 | FILE-OFFICE Microsoft Office Excel malformed workbook record remote code execution attempt (more info ...) | attempted-user | 2015-2415 | URL | ||
| 35176 | FILE-OFFICE Microsoft Office Excel c legend remote code execution attempt (more info ...) | attempted-user | 2015-2377 | URL | ||
| 35177 | FILE-OFFICE Microsoft Office Excel c legend remote code execution attempt (more info ...) | attempted-user | 2015-2377 | URL | ||
| 35190 | FILE-OFFICE Microsoft Office Word sprmPItap heap corruption attempt (more info ...) | attempted-user | 2019-1201 | URL | ||
| 35191 | FILE-OFFICE Microsoft Office Word sprmPItap heap corruption attempt (more info ...) | attempted-user | 2019-1201 | URL | ||
| 35201 | FILE-OFFICE Microsoft Office Word OCX use after free attempt (more info ...) | attempted-user | 2015-2380 | URL | ||
| 35202 | FILE-OFFICE Microsoft Office Word OCX use after free attempt (more info ...) | attempted-user | 2015-2380 | URL | ||
| 35325 | FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (more info ...) | trojan-activity | 2015-2424 | URL | ||
| 35326 | FILE-OFFICE Microsoft Office Word RTF Control.TaskSymbol.1 heap corruption attempt - Win.Trojan.Sofacy (more info ...) | trojan-activity | 2015-2424 | URL | ||
| 35347 | SERVER-WEBAPP Cisco Unified MeetingPlace password change policy bypass attempt (more info ...) | policy-violation | 2015-4262 | URL | ||
| 35497 | FILE-OFFICE Microsoft Office Word Document invalid directory entry use after free attempt (more info ...) | attempted-user | 2015-2431 | URL | ||
| 35498 | FILE-OFFICE Microsoft Office Word Document invalid directory entry use after free attempt (more info ...) | attempted-user | 2015-2431 | URL | ||
| 35501 | FILE-OFFICE Microsoft Office Word wwlib.dll corrupt fcPlcfFldMom out of bounds read attempt (more info ...) | attempted-user | 2015-2477 | 76192 | URL | |
| 35502 | FILE-OFFICE Microsoft Office Word wwlib.dll corrupt fcPlcfFldMom out of bounds read attempt (more info ...) | attempted-user | 2015-2477 | 76192 | URL | |
| 35503 | FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (more info ...) | attempted-user | 2015-1642 | URL | ||
| 35504 | FILE-OFFICE Microsoft Office Word incomplete ActiveX control use-after-free attempt (more info ...) | attempted-user | 2015-1642 | URL | ||
| 35505 | FILE-OFFICE Microsoft Office Word mso.dll use-after-free attempt (more info ...) | attempted-user | 2015-2468 | URL | ||
| 35506 | FILE-OFFICE Microsoft Office Word mso.dll use-after-free attempt (more info ...) | attempted-user | 2015-2468 | URL | ||
| 35509 | FILE-OFFICE Microsoft Office Word wwlib.dll out of bounds read attempt (more info ...) | attempted-user | 2015-2469 | URL | ||
| 35510 | FILE-OFFICE Microsoft Office Word wwlib.dll out of bounds read attempt (more info ...) | attempted-user | 2015-2469 | URL | ||
| 35511 | FILE-OFFICE Microsoft Office Word msptls.dll integer underflow attempt (more info ...) | attempted-user | 2015-2470 | URL | ||
| 35512 | FILE-OFFICE Microsoft Office Word msptls.dll integer underflow attempt (more info ...) | attempted-user | 2015-2470 | URL | ||
| 35521 | FILE-OFFICE Microsoft Office Word malformed document file use after free attempt (more info ...) | attempted-admin | 2015-2467 | URL | ||
| 35522 | FILE-OFFICE Microsoft Office Word malformed document file use after free attempt (more info ...) | attempted-admin | 2015-2467 | URL | ||
| 35832 | FILE-OTHER Hangul Word Processor malicious tab count memory corruption attempt (more info ...) | attempted-user | 2017-2819 | URL | ||
| 35833 | FILE-OTHER Hangul Word Processor malicious tab count memory corruption attempt (more info ...) | attempted-user | 2017-2819 | URL | ||
| 35996 | FILE-OFFICE Microsoft Office Excel OLESS directory entry type confusion remote code execution attempt (more info ...) | attempted-user | 2015-2521 | URL | ||
| 35997 | FILE-OFFICE Microsoft Office Excel OLESS directory entry type confusion remote code execution attempt (more info ...) | attempted-user | 2015-2521 | URL | ||
| 36000 | FILE-OFFICE Microsoft Office Excel malformed XF record use after free attempt (more info ...) | attempted-user | 2015-2523 | URL | ||
| 36001 | FILE-OFFICE Microsoft Office Excel malformed XF record use after free attempt (more info ...) | attempted-user | 2015-2523 | URL | ||
| 36002 | FILE-OFFICE Microsoft Office Excel bad file pointer memory corruption attempt (more info ...) | attempted-user | 2015-2520 | URL | ||
| 36003 | FILE-OFFICE Microsoft Office Excel bad file pointer memory corruption attempt (more info ...) | attempted-user | 2015-2520 | URL | ||
| 36026 | FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (more info ...) | attempted-user | 2015-2545 | URL | ||
| 36027 | FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (more info ...) | attempted-user | 2015-2545 | URL | ||
| 36147 | FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (more info ...) | attempted-user | 2014-6352 | URL | ||
| 36148 | FILE-OFFICE Microsoft Windows OLE Packer Remote Code Execution attempt (more info ...) | attempted-user | 2014-6352 | URL | ||
| 36203 | FILE-OFFICE Microsoft Office Word wwlib.dll corrupt fcPlcfFldMom uninitialized memory access attempt (more info ...) | attempted-user | 2015-2477 | 76192 | URL | |
| 36204 | FILE-OFFICE Microsoft Office Word wwlib.dll corrupt fcPlcfFldMom uninitialized memory access attempt (more info ...) | attempted-user | 2015-2477 | 76192 | URL | |
| 36244 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | 74011 | URL | |
| 36245 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | 74011 | URL | |
| 36427 | FILE-OFFICE Microsoft Visio lmetaclasscount buffer overflow attempt (more info ...) | attempted-user | 2015-2557 | URL | ||
| 36428 | FILE-OFFICE Microsoft Visio lmetaclasscount buffer overflow attempt (more info ...) | attempted-user | 2015-2557 | URL | ||
| 36429 | FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (more info ...) | attempted-user | 2015-2555 | URL | ||
| 36430 | FILE-OFFICE Microsoft Office Excel malformed binary format use after free attempt (more info ...) | attempted-user | 2015-2555 | URL | ||
| 36441 | FILE-OTHER Visual Basic scripting engine Filter argument mishandling attempt (more info ...) | attempted-user | 2015-6055 | URL | ||
| 36442 | FILE-OTHER Visual Basic scripting engine Filter argument mishandling attempt (more info ...) | attempted-user | 2015-6055 | URL | ||
| 36498 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1324 | URL | ||
| 36499 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1324 | URL | ||
| 36500 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1324 | URL | ||
| 36501 | FILE-OTHER Microsoft Word WordPerfect CSTYL border element stack overflow attempt (more info ...) | attempted-user | 2013-1324 | URL | ||
| 36707 | FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (more info ...) | attempted-user | 2015-6093 | URL | ||
| 36708 | FILE-OFFICE Microsoft Office malformed odttf integer overflow attempt (more info ...) | attempted-user | 2015-6093 | URL | ||
| 36714 | FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (more info ...) | attempted-user | 2015-6094 | URL | ||
| 36715 | FILE-OFFICE Microsoft Office Excel slicer style use-after-free attempt (more info ...) | attempted-user | 2015-6094 | URL | ||
| 36716 | FILE-OFFICE Microsoft Office Word PmwdFromDoc use after free attempt (more info ...) | attempted-user | 2015-6092 | URL | ||
| 36717 | FILE-OFFICE Microsoft Office Word PmwdFromDoc use after free attempt (more info ...) | attempted-user | 2015-6092 | URL | ||
| 36720 | FILE-OFFICE Microsoft Office Word CoCreateInstance elevation of privilege attempt (more info ...) | attempted-user | 2015-2503 | URL | ||
| 36721 | FILE-OFFICE Microsoft Office Word CoCreateInstance elevation of privilege attempt (more info ...) | attempted-user | 2015-2503 | URL | ||
| 36740 | FILE-OFFICE Microsoft Office Word FGetCpFlowDr memory corruption attempt (more info ...) | attempted-user | 2015-6091 | URL | ||
| 36741 | FILE-OFFICE Microsoft Office Word FGetCpFlowDr memory corruption attempt (more info ...) | attempted-user | 2015-6091 | URL | ||
| 36751 | FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (more info ...) | attempted-user | 2016-0136 | URL | ||
| 36752 | FILE-OFFICE Microsoft Office Excel MdCallBack out of bounds read attempt (more info ...) | attempted-user | 2016-0136 | URL | ||
| 36888 | FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0031 | URL | ||
| 36924 | FILE-OFFICE Microsoft Office Excel MSO reference count use after free attempt (more info ...) | attempted-user | 2015-6040 | URL | ||
| 36925 | FILE-OFFICE Microsoft Office Excel MSO reference count use after free attempt (more info ...) | attempted-user | 2015-6040 | URL | ||
| 36930 | FILE-OFFICE Microsoft Office request for wuaext.dll over SMB attempt (more info ...) | attempted-user | 2015-6133 | URL | ||
| 36931 | FILE-OFFICE Microsoft Office wuaext.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6133 | URL | ||
| 36934 | FILE-OFFICE Microsoft Office Word pointer release validation use after free attempt (more info ...) | attempted-user | 2015-6118 | URL | ||
| 36935 | FILE-OFFICE Microsoft Office Word pointer release validation use after free attempt (more info ...) | attempted-user | 2015-6118 | URL | ||
| 36958 | FILE-OFFICE Microsoft Office Excel StyleXF invalid icvXF out of bounds read attempt (more info ...) | attempted-user | 2015-6122 | URL | ||
| 36959 | FILE-OFFICE Microsoft Office Excel StyleXF invalid icvXF out of bounds read attempt (more info ...) | attempted-user | 2015-6122 | URL | ||
| 36960 | FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (more info ...) | attempted-user | 2015-6124 | URL | ||
| 36961 | FILE-OFFICE Microsoft Office Word XML parsing use after free attempt (more info ...) | attempted-user | 2015-6124 | URL | ||
| 36964 | FILE-OFFICE Microsoft Office Word gdiplus integer overflow attempt (more info ...) | attempted-user | 2015-6107 | URL | ||
| 36965 | FILE-OFFICE Microsoft Office Word gdiplus integer overflow attempt (more info ...) | attempted-user | 2015-6107 | URL | ||
| 36966 | FILE-OFFICE Microsoft Office Word OGL module out of bounds read attempt (more info ...) | attempted-user | 2015-6106 | URL | ||
| 36967 | FILE-OFFICE Microsoft Office Word OGL module out of bounds read attempt (more info ...) | attempted-user | 2015-6106 | URL | ||
| 36974 | FILE-OFFICE Microsoft Office Excel out of bounds read attempt (more info ...) | attempted-user | 2015-6177 | URL | ||
| 36975 | FILE-OFFICE Microsoft Office Excel out of bounds read attempt (more info ...) | attempted-user | 2015-6177 | URL | ||
| 36993 | FILE-OFFICE Microsoft Office request for mqrt.dll over SMB attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 36994 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 36995 | FILE-OFFICE Microsoft Office request for spframe.dll over SMB attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 36996 | FILE-OFFICE Microsoft Office spframe.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 36999 | FILE-OFFICE Microsoft Office elsext.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6128 | URL | ||
| 37000 | FILE-OFFICE Microsoft Office nwdblib.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6128 | URL | ||
| 37001 | FILE-OFFICE Microsoft Office request for elsext.dll over SMB attempt (more info ...) | attempted-user | 2015-6128 | URL | ||
| 37002 | FILE-OFFICE Microsoft Office request for nwdblib.dll over SMB attempt (more info ...) | attempted-user | 2015-6128 | URL | ||
| 37011 | FILE-OFFICE Microsoft Office Outlook embedded OLE object sandbox bypass attempt (more info ...) | attempted-user | 2015-6172 | URL | ||
| 37013 | FILE-OFFICE Microsoft Office Outlook embedded OLE object sandbox bypass attempt (more info ...) | attempted-user | 2015-6172 | URL | ||
| 37018 | SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (more info ...) | attempted-user | 2015-5714 | |||
| 37019 | SERVER-WEBAPP wordpress kses bypass cross site scripting attempt (more info ...) | attempted-user | 2015-5714 | |||
| 37120 | FILE-OFFICE Microsoft Office Outlook embedded OLE object sandbox bypass attempt (more info ...) | attempted-user | 2015-6172 | URL | ||
| 37243 | INDICATOR-COMPROMISE download of a Office document with embedded PowerShell (more info ...) | trojan-activity | URL | |||
| 37244 | INDICATOR-COMPROMISE download of a Office document with embedded PowerShell (more info ...) | trojan-activity | URL | |||
| 37259 | FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (more info ...) | attempted-user | 2016-0035 | URL | ||
| 37260 | FILE-OFFICE Microsoft Office Excel mso20win32client use after free attempt (more info ...) | attempted-user | 2016-0035 | URL | ||
| 37261 | FILE-OFFICE Microsoft Office request for mfplat.dll over SMB attempt (more info ...) | attempted-user | 2016-0016 | URL | ||
| 37262 | FILE-OFFICE Microsoft Office mfplat.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0016 | URL | ||
| 37263 | FILE-OFFICE Microsoft Office request for api-ms-win-core-winrt-l1-1-0.dll over SMB attempt (more info ...) | attempted-user | 2016-0018 | URL | ||
| 37264 | FILE-OFFICE Microsoft Office api-ms-win-core-winrt-l1-1-0.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0018 | URL | ||
| 37265 | FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (more info ...) | attempted-user | 2016-0008 | URL | ||
| 37266 | FILE-OFFICE Microsoft Office metafile conversion out of bounds read attempt (more info ...) | attempted-user | 2016-0008 | URL | ||
| 37274 | FILE-OFFICE Microsoft Office RTF parser heap overflow attempt (more info ...) | attempted-user | 2016-0010 | URL | ||
| 37358 | SERVER-WEBAPP Cisco Identity Services Engine default password authentication attempt (more info ...) | attempted-admin | 2015-6323 | URL | ||
| 37409 | FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (more info ...) | attempted-user | 2015-1770 | URL | ||
| 37410 | FILE-OFFICE Microsoft Office Word ActiveX object uninitialized memory access attempt (more info ...) | attempted-user | 2015-1770 | URL | ||
| 37555 | FILE-OFFICE Microsoft Office msdaora.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0041 | URL | ||
| 37557 | FILE-OFFICE Microsoft Office request for msdaora.dll over SMB attempt (more info ...) | attempted-user | 2016-0041 | URL | ||
| 37558 | FILE-OFFICE Microsoft Office request for phoneinfo.dll over SMB attempt (more info ...) | attempted-user | 2016-0041 | URL | ||
| 37559 | FILE-OFFICE Microsoft Office Word rtf file ffdefres integer underflow attempt (more info ...) | attempted-user | 2016-0053 | URL | ||
| 37560 | FILE-OFFICE Microsoft Office Word rtf file ffdefres integer underflow attempt (more info ...) | attempted-user | 2016-0053 | URL | ||
| 37561 | FILE-OFFICE Microsoft Office Word missing dpinfo structure integer overflow attempt (more info ...) | attempted-user | 2016-0022 | URL | ||
| 37563 | FILE-OFFICE Microsoft Office Word missing dpinfo structure integer overflow attempt (more info ...) | attempted-user | 2016-0022 | URL | ||
| 37564 | FILE-OFFICE Microsoft Office Word missing dpinfo structure integer overflow attempt (more info ...) | attempted-user | 2016-0022 | URL | ||
| 37579 | FILE-OFFICE Microsoft Powerpoint shape object null pointer dereference attempt (more info ...) | attempted-user | 2016-0055 | URL | ||
| 37580 | FILE-OFFICE Microsoft Powerpoint shape object null pointer dereference attempt (more info ...) | attempted-user | 2016-0055 | URL | ||
| 37588 | FILE-OFFICE Microsoft Office Word BCSRuntime.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0042 | URL | ||
| 37589 | FILE-OFFICE Microsoft Office Word OLMAPI32.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0042 | URL | ||
| 37590 | FILE-OFFICE Microsoft Office Word request for BCSRuntime.dll over SMB attempt (more info ...) | attempted-user | 2016-0042 | URL | ||
| 37591 | FILE-OFFICE Microsoft Office Word request for OLMAPI32.dll over SMB attempt (more info ...) | attempted-user | 2016-0042 | URL | ||
| 37592 | FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (more info ...) | attempted-user | 2016-0054 | URL | ||
| 37593 | FILE-OFFICE Microsoft Office Excel formula length heap corruption attempt (more info ...) | attempted-user | 2016-0054 | URL | ||
| 37598 | FILE-OFFICE Microsoft Office Word external document access use-after-free attempt (more info ...) | attempted-user | 2016-0056 | URL | ||
| 37599 | FILE-OFFICE Microsoft Office Word external document access use-after-free attempt (more info ...) | attempted-user | 2016-0056 | URL | ||
| 37600 | FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (more info ...) | attempted-user | 2016-0056 | URL | ||
| 37601 | FILE-OFFICE Microsoft Powerpoint shape objects null pointer dereference memory corruption attempt (more info ...) | attempted-user | 2016-0056 | URL | ||
| 37606 | FILE-OFFICE Microsoft Office Word rtf file bitmap width integer overflow attempt (more info ...) | attempted-user | 2016-0052 | URL | ||
| 37607 | FILE-OFFICE Microsoft Office Word rtf file bitmap width integer overflow attempt (more info ...) | attempted-user | 2016-0052 | URL | ||
| 37700 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37701 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37702 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37703 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37704 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37705 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37706 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37707 | FILE-OFFICE Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37726 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37727 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37824 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37825 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 37975 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37976 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37977 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37978 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37979 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37980 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 37981 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37982 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 37983 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37984 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 37985 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37986 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37987 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 37988 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37989 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37990 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37991 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 37992 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37993 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | 56839 | URL | |
| 37994 | FILE-OFFICE Microsoft Office dpnet.dll DirectPlay CFixedPool-Get clsid access (more info ...) | attempted-dos | 2012-1537 | URL | ||
| 38100 | FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (more info ...) | attempted-user | 2016-0134 | URL | ||
| 38101 | FILE-OFFICE Microsoft Office Word wwlib.dll invalid pointer read attempt (more info ...) | attempted-user | 2016-0134 | URL | ||
| 38111 | FILE-OFFICE Microsoft Office Word bitmap stream parsing remote code execution attempt (more info ...) | attempted-user | 2016-0092 | URL | ||
| 38126 | FILE-OFFICE Microsoft Office Word ipdesign.dll ActiveX object access attempt (more info ...) | attempted-user | 2016-0021 | URL | ||
| 38127 | FILE-OFFICE Microsoft Office Word ipdesign.dll ActiveX object access attempt (more info ...) | attempted-user | 2016-0021 | URL | ||
| 38128 | FILE-OFFICE Microsoft Office Word ipdesign.dll ActiveX object access attempt (more info ...) | attempted-user | 2016-0021 | URL | ||
| 38129 | FILE-OFFICE Microsoft Office Word ipdesign.dll ActiveX object access attempt (more info ...) | attempted-user | 2016-0021 | URL | ||
| 38471 | FILE-OFFICE Microsoft Office Excel sheet object use after free attempt (more info ...) | attempted-user | 2016-0139 | URL | ||
| 38472 | FILE-OFFICE Microsoft Office Excel sheet object use after free attempt (more info ...) | attempted-user | 2016-0139 | URL | ||
| 38481 | FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (more info ...) | attempted-user | 2016-0122 | URL | ||
| 38482 | FILE-OFFICE Microsoft Office Excel msxml6 ParseElementN use after free attempt (more info ...) | attempted-user | 2016-0122 | URL | ||
| 38489 | FILE-OFFICE Microsoft Office Word OleRegEnumVerbs object icon memory corruption attempt (more info ...) | attempted-user | 2016-0153 | URL | ||
| 38490 | FILE-OFFICE Microsoft Office Word OleRegEnumVerbs object icon memory corruption attempt (more info ...) | attempted-user | 2016-0153 | URL | ||
| 38495 | FILE-OFFICE Microsoft Office Word out of bound read exception attempt (more info ...) | attempted-user | 2016-0127 | URL | ||
| 38496 | FILE-OFFICE Microsoft Office Word out of bound read exception attempt (more info ...) | attempted-user | 2016-0127 | URL | ||
| 38580 | FILE-OFFICE RFT document malformed header (more info ...) | attempted-user | 2015-1641 | URL | ||
| 38581 | FILE-OFFICE RFT document malformed header (more info ...) | attempted-user | 2015-1641 | URL | ||
| 38639 | FILE-OFFICE Microsoft Office document with auto-start VBA macro detected (more info ...) | attempted-user | ||||
| 38640 | FILE-OFFICE Microsoft Office document with auto-start VBA macro detected (more info ...) | attempted-user | ||||
| 38742 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-6352 | URL | ||
| 38782 | FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-0126 | URL | ||
| 38783 | FILE-OFFICE Microsoft Office Word TTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-0126 | URL | ||
| 38811 | FILE-OFFICE Microsoft Office wwlib out of bounds memory access attempt (more info ...) | attempted-recon | 2016-0183 | URL | ||
| 38812 | FILE-OFFICE Microsoft Office wwlib out of bounds memory access attempt (more info ...) | attempted-recon | 2016-0183 | URL | ||
| 38813 | FILE-OFFICE Microsoft Office wwlib out of bounds memory access attempt (more info ...) | attempted-recon | 2016-0183 | URL | ||
| 38814 | FILE-OFFICE Microsoft Office wwlib out of bounds memory access attempt (more info ...) | attempted-recon | 2016-0183 | URL | ||
| 38815 | FILE-OFFICE Microsoft Office wwlib out of bounds memory access attempt (more info ...) | attempted-recon | 2016-0183 | URL | ||
| 38862 | FILE-IDENTIFY Hancom Hangul Office Document file download request (more info ...) | misc-activity | ||||
| 38863 | FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (more info ...) | misc-activity | ||||
| 38864 | FILE-IDENTIFY Hancom Hangul Office Document file attachment detected (more info ...) | misc-activity | ||||
| 38865 | FILE-IDENTIFY Hancom Hangul Office Document file magic detected (more info ...) | misc-activity | ||||
| 38866 | FILE-IDENTIFY Hancom Hangul Office Document file magic detected (more info ...) | misc-activity | ||||
| 38868 | FILE-OTHER Hancom Hangul Office HShow integer-based heap buffer overflow attempt (more info ...) | attempted-user | 2016-4298 | URL | ||
| 38869 | FILE-OTHER Hancom Hangul Office HShow integer-based heap buffer overflow attempt (more info ...) | attempted-user | 2016-4298 | URL | ||
| 39036 | FILE-OFFICE RTF file with embedded OLE object itself embedding a Flash file (more info ...) | policy-violation | URL | |||
| 39037 | FILE-OFFICE RTF file with embedded OLE object itself embedding a Flash file (more info ...) | policy-violation | URL | |||
| 39148 | FILE-OFFICE Document Foundation LibreOffice RTF stylesheet use after free attempt (more info ...) | attempted-user | 2016-4324 | URL | ||
| 39149 | FILE-OFFICE Document Foundation LibreOffice RTF stylesheet use after free attempt (more info ...) | attempted-user | 2016-4324 | URL | ||
| 39203 | FILE-OFFICE Microsoft Office Word wwlib.dll out of bounds read attempt (more info ...) | attempted-user | 2016-3234 | URL | ||
| 39204 | FILE-OFFICE Microsoft Office Word wwlib.dll out of bounds read attempt (more info ...) | attempted-user | 2016-3234 | URL | ||
| 39221 | FILE-OFFICE Microsoft Office Word mso.dll subcomponent use after free attempt (more info ...) | attempted-user | 2016-0025 | URL | ||
| 39222 | FILE-OFFICE Microsoft Office Word mso.dll subcomponent use after free attempt (more info ...) | attempted-user | 2016-0025 | URL | ||
| 39223 | FILE-OFFICE Microsoft Office Excel malformed XLS out of bounds memory read attempt (more info ...) | attempted-user | 2016-3233 | URL | ||
| 39224 | FILE-OFFICE Microsoft Office Excel malformed XLS out of bounds memory read attempt (more info ...) | attempted-user | 2016-3233 | URL | ||
| 39349 | SERVER-WEBAPP Wordpress Mobile Detector Plugin remote file upload attempt (more info ...) | web-application-attack | URL | |||
| 39350 | SERVER-WEBAPP Wordpress Mobile Detector Plugin remote file upload attempt (more info ...) | web-application-attack | URL | |||
| 39417 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39418 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39419 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39420 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39421 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39422 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39423 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39424 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39425 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39426 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39427 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39428 | FILE-OFFICE Symantec multiple product Dec2SS PowerPoint file buffer overflow attempt (more info ...) | attempted-user | 2016-2209 | URL | ||
| 39503 | FILE-OFFICE Microsoft Office Word wwlib out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-3281 | URL | ||
| 39504 | FILE-OFFICE Microsoft Office Word wwlib out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-3281 | URL | ||
| 39518 | FILE-OFFICE Microsoft Office Word wwlib out of bounds memory access attempt (more info ...) | attempted-user | 2016-3280 | URL | ||
| 39519 | FILE-OFFICE Microsoft Office Word wwlib out of bounds memory access attempt (more info ...) | attempted-user | 2016-3280 | URL | ||
| 39520 | FILE-OFFICE Microsoft Office Word unsupported XML schema out of bounds read attempt (more info ...) | attempted-user | 2016-3282 | URL | ||
| 39521 | FILE-OFFICE Microsoft Office Word unsupported XML schema out of bounds read attempt (more info ...) | attempted-user | 2016-3282 | URL | ||
| 39522 | FILE-OFFICE Microsoft Office Word unsupported XML schema out of bounds read attempt (more info ...) | attempted-user | 2016-3282 | URL | ||
| 39523 | FILE-OFFICE Microsoft Office Word unsupported XML schema out of bounds read attempt (more info ...) | attempted-user | 2016-3282 | URL | ||
| 39524 | FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (more info ...) | attempted-dos | 2016-3284 | URL | ||
| 39525 | FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (more info ...) | attempted-dos | 2016-3284 | URL | ||
| 39526 | FILE-OFFICE RTF document incorrect file magic attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 39527 | FILE-OFFICE RTF document incorrect file magic attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 39528 | FILE-OFFICE Microsoft Office RTF WRAssembly ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 39529 | FILE-OFFICE Microsoft Office RTF WRAssembly ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 39817 | FILE-OFFICE Microsoft Office Word sprmSDyaTop memory leak attempt (more info ...) | attempted-user | 2016-3316 | URL | ||
| 39831 | FILE-OFFICE Microsoft Office Word wwlib out of bounds read attempt (more info ...) | attempted-recon | 2016-3317 | URL | ||
| 39832 | FILE-OFFICE Microsoft Office Word wwlib out of bounds read attempt (more info ...) | attempted-recon | 2016-3317 | URL | ||
| 39835 | FILE-OFFICE Microsoft Office Word malformed jpeg memory corruption attempt (more info ...) | attempted-admin | 2016-3318 | URL | ||
| 39836 | FILE-OFFICE Microsoft Office Word malformed jpeg memory corruption attempt (more info ...) | attempted-admin | 2016-3318 | URL | ||
| 39837 | FILE-OFFICE Microsoft Office mso.dll out of bounds memory access attempt (more info ...) | attempted-user | 2016-3313 | URL | ||
| 39838 | FILE-OFFICE Microsoft Office mso.dll out of bounds memory access attempt (more info ...) | attempted-user | 2016-3313 | URL | ||
| 39868 | FILE-OFFICE LexMark Perceptive Document Filters msofbtCLSID stack buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 39869 | FILE-OFFICE LexMark Perceptive Document Filters msofbtCLSID stack buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 39871 | FILE-OFFICE LexMark Perceptive Document Filters wSectorShift heap buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 39872 | FILE-OFFICE LexMark Perceptive Document Filters wSectorShift heap buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 39881 | INDICATOR-COMPROMISE Meteocontrol WEBlog config containing passwords download attempt (more info ...) | web-application-attack | 2016-2296 | |||
| 39925 | SERVER-WEBAPP WordPress pingback gethostbyname heap buffer overflow attempt (more info ...) | web-application-attack | 2015-0235 | 72325 | URL | |
| 40075 | FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (more info ...) | attempted-user | 2016-3365 | URL | ||
| 40076 | FILE-OFFICE Microsoft Office Excel LPenHelper out of bounds write attempt (more info ...) | attempted-user | 2016-3365 | URL | ||
| 40079 | FILE-OFFICE Microsoft Office Visio visdlgu.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-3364 | URL | ||
| 40080 | FILE-OFFICE Microsoft Office Visio request for visdlgu.dll over SMB attempt (more info ...) | attempted-user | 2016-3364 | URL | ||
| 40082 | FILE-OFFICE Microsoft Office Excel Ordinal43 out of bounds read attempt (more info ...) | attempted-user | 2016-3363 | URL | ||
| 40083 | FILE-OFFICE Microsoft Office Excel Ordinal43 out of bounds read attempt (more info ...) | attempted-user | 2016-3363 | URL | ||
| 40102 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3358 | URL | ||
| 40103 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3358 | URL | ||
| 40104 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3358 | URL | ||
| 40105 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3358 | URL | ||
| 40106 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3359 | URL | ||
| 40107 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3359 | URL | ||
| 40116 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3362 | URL | ||
| 40117 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3362 | URL | ||
| 40118 | FILE-IDENTIFY Microsoft Excel XLSB file download request (more info ...) | misc-activity | ||||
| 40119 | FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (more info ...) | misc-activity | ||||
| 40120 | FILE-IDENTIFY Microsoft Excel XLSB file attachment detected (more info ...) | misc-activity | ||||
| 40121 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3381 | URL | ||
| 40122 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-admin | 2016-3381 | URL | ||
| 40143 | FILE-OFFICE Microsoft PowerPoint bogus JPEG marker length heap buffer overflow (more info ...) | attempted-user | 2016-3357 | URL | ||
| 40147 | FILE-OFFICE Microsoft Office PowerPoint ppcore invalid pointer reference attempt (more info ...) | attempted-user | 2016-3360 | URL | ||
| 40148 | FILE-OFFICE Microsoft Office PowerPoint ppcore invalid pointer reference attempt (more info ...) | attempted-user | 2016-3360 | URL | ||
| 40281 | FILE-OFFICE Microsoft Office Wordpad font conversion buffer overflow attempt (more info ...) | attempted-admin | 2004-0901 | |||
| 40282 | FILE-OFFICE Microsoft Office Wordpad font conversion buffer overflow attempt (more info ...) | attempted-admin | 2004-0901 | |||
| 40287 | SERVER-OTHER Cisco prime collaboration provisioning web framework access control bypass attempt (more info ...) | attempted-admin | 2015-4307 | URL | ||
| 40368 | FILE-OFFICE Microsoft Office Word RTF file parsing buffer overflow attempt (more info ...) | attempted-user | 2016-7193 | URL | ||
| 40369 | FILE-OFFICE Microsoft Office Word RTF file parsing buffer overflow attempt (more info ...) | attempted-user | 2016-7193 | URL | ||
| 40459 | FILE-OFFICE Microsoft Office Excel malicious cce value following a PtgMemFunc token (more info ...) | attempted-user | 2013-1315 | URL | ||
| 40460 | FILE-OFFICE Microsoft Office Excel malicious cce value following a PtgMemFunc token (more info ...) | attempted-user | 2013-1315 | URL | ||
| 40490 | FILE-OFFICE JustSystems Ichitaro Word Processor malformed PersistDirectory memory corruption attempt (more info ...) | attempted-user | 2017-2791 | URL | ||
| 40491 | FILE-OFFICE JustSystems Ichitaro Word Processor malformed PersistDirectory memory corruption attempt (more info ...) | attempted-user | 2017-2791 | URL | ||
| 40575 | FILE-PDF Adobe Acrobat Reader XFA excelGroup memory corruption attempt (more info ...) | attempted-user | 2016-6950 | URL | ||
| 40576 | FILE-PDF Adobe Acrobat Reader XFA excelGroup memory corruption attempt (more info ...) | attempted-user | 2016-6950 | URL | ||
| 40620 | FILE-OFFICE Microsoft Office RTF WRAssembly CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40621 | FILE-OFFICE Microsoft Office RTF WRLoader ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40622 | FILE-OFFICE Microsoft Office RTF WRLoader CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40623 | FILE-OFFICE Microsoft Office RTF hex encoded WRLoader ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40624 | FILE-OFFICE Microsoft Office RTF hex encoded wrLoader ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40625 | FILE-OFFICE Microsoft Office RTF WRAssembly CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40626 | FILE-OFFICE Microsoft Office RTF WRLoader ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40627 | FILE-OFFICE Microsoft Office RTF WRLoader CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40628 | FILE-OFFICE Microsoft Office RTF hex encoded WRAsembly ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40629 | FILE-OFFICE Microsoft Office RTF hex encoded WRAssembly ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40630 | FILE-OFFICE Microsoft Office RTF hex encoded WRLoader ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40631 | FILE-OFFICE Microsoft Office RTF hex encoded wrLoader ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40632 | FILE-OFFICE Microsoft Office RTF hex encoded WRAssembly CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40633 | FILE-OFFICE Microsoft Office RTF hex encoded WRLoader CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40634 | FILE-OFFICE Microsoft Office RTF hex encoded WRAssembly CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40635 | FILE-OFFICE Microsoft Office RTF hex encoded WRLoader CLSID ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 40667 | FILE-OFFICE Microsoft Office Word PrcData out of bounds read attempt (more info ...) | attempted-user | 2016-7232 | URL | ||
| 40668 | FILE-OFFICE Microsoft Office Word PrcData out of bounds read attempt (more info ...) | attempted-user | 2016-7232 | URL | ||
| 40673 | FILE-OFFICE Microsoft Office Word wwlib out of bounds read attempt (more info ...) | attempted-user | 2016-7235 | URL | ||
| 40674 | FILE-OFFICE Microsoft Office Word wwlib out of bounds read attempt (more info ...) | attempted-user | 2016-7235 | URL | ||
| 40679 | FILE-OFFICE Microsoft Office Word wwlib out of bounds read attempt (more info ...) | attempted-user | 2016-7233 | URL | ||
| 40680 | FILE-OFFICE Microsoft Office Word wwlib out of bounds read attempt (more info ...) | attempted-user | 2016-7233 | URL | ||
| 40681 | FILE-OFFICE Microsoft PowerPoint ntdll out of bounds read attempt (more info ...) | attempted-user | 2016-7230 | URL | ||
| 40682 | FILE-OFFICE Microsoft PowerPoint ntdll out of bounds read attempt (more info ...) | attempted-user | 2016-7230 | URL | ||
| 40701 | FILE-OFFICE Microsoft Office Word out of bounds memory read attempt (more info ...) | attempted-admin | 2016-7234 | URL | ||
| 40702 | FILE-OFFICE Microsoft Office Word out of bounds memory read attempt (more info ...) | attempted-admin | 2016-7234 | URL | ||
| 40711 | FILE-OFFICE Microsoft Office 2016 arbitrary pointer dereference vulnerability attempt (more info ...) | attempted-user | 2016-7228 | URL | ||
| 40712 | FILE-OFFICE Microsoft Office 2016 arbitrary pointer dereference vulnerability attempt (more info ...) | attempted-user | 2016-7228 | URL | ||
| 40717 | FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (more info ...) | attempted-user | 2016-7236 | URL | ||
| 40718 | FILE-OFFICE Microsoft Office Excel LPenHelper use after free attempt (more info ...) | attempted-user | 2016-7236 | URL | ||
| 40719 | FILE-OFFICE Microsoft Office Excel SST record use after free attempt (more info ...) | attempted-user | 2016-7213 | URL | ||
| 40720 | FILE-OFFICE Microsoft Office Excel SST record use after free attempt (more info ...) | attempted-user | 2016-7213 | URL | ||
| 40723 | FILE-OFFICE Microsoft Office Excel Viewer remote code execution attempt (more info ...) | attempted-user | 2016-7231 | URL | ||
| 40724 | FILE-OFFICE Microsoft Office Excel Viewer remote code execution attempt (more info ...) | attempted-user | 2016-7231 | URL | ||
| 40725 | FILE-OFFICE Microsoft Office Excel invalid signed integer attempt (more info ...) | attempted-user | 2016-7229 | URL | ||
| 40726 | FILE-OFFICE Microsoft Office Excel invalid signed integer attempt (more info ...) | attempted-user | 2016-7229 | URL | ||
| 40727 | FILE-OTHER Microsoft Office RTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2015-0086 | URL | ||
| 40728 | FILE-OTHER Microsoft Office RTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2015-0086 | URL | ||
| 40883 | SERVER-WEBAPP WordPress XMLRPC pingback ddos attempt (more info ...) | web-application-attack | 2013-0235 | URL | ||
| 40917 | FILE-PDF Iceni Argus PDF uninitialized WordStyle color length code overflow attempt (more info ...) | attempted-user | 2016-8385 | URL | ||
| 40918 | FILE-PDF Iceni Argus PDF uninitialized WordStyle color length code overflow attempt (more info ...) | attempted-user | 2016-8385 | URL | ||
| 40927 | FILE-OFFICE AntennaHouse HTMLFilter Doc_SetSummary remote code execution attempt (more info ...) | attempted-user | 2016-8382 | URL | ||
| 40928 | FILE-OFFICE AntennaHouse HTMLFilter Doc_SetSummary remote code execution attempt (more info ...) | attempted-user | 2016-8382 | URL | ||
| 40929 | FILE-OFFICE AntennaHouse HTMLFilter GetFontTable remote code execution attempt (more info ...) | attempted-user | 2016-8383 | URL | ||
| 40930 | FILE-OFFICE AntennaHouse HTMLFilter GetFontTable remote code execution attempt (more info ...) | attempted-user | 2016-8383 | URL | ||
| 40931 | FILE-OFFICE AntennaHouse HTMLFilter DHFSummary remote code execution attempt (more info ...) | attempted-user | 2016-8384 | URL | ||
| 40932 | FILE-OFFICE AntennaHouse HTMLFilter DHFSummary remote code execution attempt (more info ...) | attempted-user | 2016-8384 | URL | ||
| 40938 | FILE-OFFICE Microsoft Office PowerPoint OpenType font overly large instructionLength out of bounds read attempt (more info ...) | attempted-user | 2016-7276 | URL | ||
| 40939 | FILE-OFFICE Microsoft Office PowerPoint OpenType font overly large instructionLength out of bounds read attempt (more info ...) | attempted-user | 2016-7276 | URL | ||
| 40945 | FILE-OFFICE Microsoft Office Excel CrtMlFrt record out of bounds read attempt (more info ...) | attempted-user | 2016-7264 | URL | ||
| 40951 | FILE-OFFICE Microsoft Office Word XST structure out of bounds read attempt (more info ...) | attempted-user | 2016-7268 | URL | ||
| 40952 | FILE-OFFICE Microsoft Office Word XST structure out of bounds read attempt (more info ...) | attempted-user | 2016-7268 | URL | ||
| 40957 | FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (more info ...) | attempted-user | 2016-7265 | URL | ||
| 40958 | FILE-OFFICE Microsoft Office Excel security descriptor out of bounds read attempt (more info ...) | attempted-user | 2016-7265 | URL | ||
| 40959 | FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (more info ...) | attempted-user | 2016-7262 | URL | ||
| 40960 | FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (more info ...) | attempted-user | 2016-7262 | URL | ||
| 40962 | FILE-OTHER Microsoft Office OLE DLL side load attempt (more info ...) | attempted-user | 2016-7275 | URL | ||
| 40963 | FILE-OFFICE Microsoft Office Excel type confusion attempt (more info ...) | attempted-user | 2016-7277 | URL | ||
| 40964 | FILE-OFFICE Microsoft Office Excel type confusion attempt (more info ...) | attempted-user | 2016-7277 | URL | ||
| 40965 | FILE-OFFICE Microsoft Office Publisher out of bounds read attempt (more info ...) | attempted-user | 2016-7289 | URL | ||
| 40966 | FILE-OFFICE Microsoft Office Publisher out of bounds read attempt (more info ...) | attempted-user | 2016-7289 | URL | ||
| 40967 | FILE-OFFICE Microsoft Office PowerPoint WMF conversion information disclosure attempt (more info ...) | attempted-user | 2016-7257 | URL | ||
| 40968 | FILE-OFFICE Microsoft Office PowerPoint WMF conversion information disclosure attempt (more info ...) | attempted-user | 2016-7257 | URL | ||
| 40977 | FILE-OFFICE Microsoft Office Excel insecure workbook load via reference to named share attempt (more info ...) | policy-violation | 2016-7267 | URL | ||
| 40978 | FILE-OFFICE Microsoft Office Excel insecure workbook load via reference to named share attempt (more info ...) | policy-violation | 2016-7267 | URL | ||
| 41108 | FILE-OFFICE Oracle Outside In Technology image export use after free attempt (more info ...) | attempted-user | 2017-3293 | URL | ||
| 41109 | FILE-OFFICE Oracle Outside In Technology image export use after free attempt (more info ...) | attempted-user | 2017-3293 | URL | ||
| 41110 | FILE-OFFICE Ichitaro Office JTD Figure handling code execution attempt (more info ...) | attempted-user | 2017-2789 | URL | ||
| 41111 | FILE-OFFICE Ichitaro Office JTD Figure handling code execution attempt (more info ...) | attempted-user | 2017-2789 | URL | ||
| 41140 | FILE-OFFICE Microsoft Office Word Out-of-Bounds Write attempt (more info ...) | attempted-user | 2017-0003 | URL | ||
| 41141 | FILE-OFFICE Microsoft Office Word Out-of-Bounds Write attempt (more info ...) | attempted-user | 2017-0003 | URL | ||
| 41468 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0272 attack attempt (more info ...) | attempted-user | 2017-2778 | URL | ||
| 41469 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0272 attack attempt (more info ...) | attempted-user | 2017-2778 | URL | ||
| 41495 | SERVER-WEBAPP WordPress get_post authentication bypass attempt (more info ...) | web-application-attack | URL | |||
| 41496 | SERVER-WEBAPP WordPress get_post authentication bypass attempt (more info ...) | web-application-attack | URL | |||
| 41497 | SERVER-WEBAPP WordPress get_post authentication bypass attempt (more info ...) | web-application-attack | URL | |||
| 41511 | FILE-OFFICE AntennaHouse HTMLFilter FillRowFormat remote code execution attempt (more info ...) | attempted-user | 2017-2783 | URL | ||
| 41512 | FILE-OFFICE AntennaHouse HTMLFilter FillRowFormat remote code execution attempt (more info ...) | attempted-user | 2017-2783 | URL | ||
| 41543 | FILE-OFFICE AntennaHouse DMC HTMLFilter UnCompressUnicode out of bounds write attempt (more info ...) | attempted-user | 2017-2793 | URL | ||
| 41544 | FILE-OFFICE AntennaHouse DMC HTMLFilter UnCompressUnicode out of bounds write attempt (more info ...) | attempted-user | 2017-2793 | URL | ||
| 41545 | FILE-OFFICE AntennaHouse DMC HTMLFilter iBldDirInfo heap buffer overflow attempt (more info ...) | attempted-user | 2017-2792 | URL | ||
| 41546 | FILE-OFFICE AntennaHouse DMC HTMLFilter iBldDirInfo heap buffer overflow attempt (more info ...) | attempted-user | 2017-2792 | URL | ||
| 41565 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-user | 2017-0020 | URL | ||
| 41566 | FILE-OFFICE Microsoft Office Excel xlsb use-after-free attempt (more info ...) | attempted-user | 2017-0020 | URL | ||
| 41577 | FILE-OFFICE Microsoft Office RTF footnote format use after free attempt (more info ...) | attempted-user | 2017-0019 | URL | ||
| 41578 | FILE-OFFICE Microsoft Office RTF footnote format use after free attempt (more info ...) | attempted-user | 2017-0019 | URL | ||
| 41581 | FILE-OFFICE Microsoft Office Excel malformed CellXF memory corruption attempt (more info ...) | attempted-user | 2017-0027 | URL | ||
| 41582 | FILE-OFFICE Microsoft Office Excel malformed CellXF memory corruption attempt (more info ...) | attempted-user | 2017-0027 | URL | ||
| 41703 | FILE-OFFICE Ichitaro Office Excel TxO record heap buffer overflow attempt (more info ...) | attempted-user | 2017-2795 | URL | ||
| 41704 | FILE-OFFICE Ichitaro Office Excel TxO record heap buffer overflow attempt (more info ...) | attempted-user | 2017-2795 | URL | ||
| 41726 | FILE-OFFICE AntennaHouse DMC HTMLFilter AddSst heap overflow attempt (more info ...) | attempted-user | 2017-2799 | URL | ||
| 41727 | FILE-OFFICE AntennaHouse DMC HTMLFilter AddSst heap overflow attempt (more info ...) | attempted-user | 2017-2799 | URL | ||
| 41728 | FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (more info ...) | attempted-user | 2012-0184 | URL | ||
| 41729 | FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (more info ...) | attempted-user | 2012-0184 | URL | ||
| 41730 | FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (more info ...) | attempted-user | 2012-0184 | URL | ||
| 41731 | FILE-OFFICE Microsoft Office Excel SXLI record integer overrun attempt (more info ...) | attempted-user | 2012-0184 | URL | ||
| 41753 | FILE-OFFICE AntennaHouse DMC GetIndexArray out of bounds write attempt (more info ...) | attempted-user | 2017-2798 | URL | ||
| 41754 | FILE-OFFICE AntennaHouse DMC GetIndexArray out of bounds write attempt (more info ...) | attempted-user | 2017-2798 | URL | ||
| 41760 | FILE-OFFICE AntennaHouse DMC ParseEnvironment heap buffer overflow attempt (more info ...) | attempted-user | 2017-2797 | URL | ||
| 41765 | FILE-OFFICE AntennaHouse DMC DHFSummary stack buffer overflow attempt (more info ...) | attempted-user | 2017-2794 | URL | ||
| 41766 | FILE-OFFICE AntennaHouse DMC DHFSummary stack buffer overflow attempt (more info ...) | attempted-user | 2017-2794 | URL | ||
| 41791 | FILE-OTHER Microsoft Office RTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2015-0086 | URL | ||
| 41792 | FILE-OTHER Microsoft Office RTF out-of-bounds memory access attempt (more info ...) | attempted-user | 2015-0086 | URL | ||
| 41962 | FILE-OFFICE Microsoft Office Word template remote code execution attempt (more info ...) | attempted-user | 2017-0106 | URL | ||
| 41963 | FILE-OFFICE Microsoft Office Word template remote code execution attempt (more info ...) | attempted-user | 2017-0106 | URL | ||
| 41964 | FILE-OFFICE Microsoft Office Word 2010 use-after-free memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-0030 | URL | ||
| 41965 | FILE-OFFICE Microsoft Office Word 2010 use-after-free memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-0030 | URL | ||
| 41976 | FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (more info ...) | attempted-user | 2017-0006 | URL | ||
| 41977 | FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (more info ...) | attempted-user | 2017-0006 | URL | ||
| 41979 | FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (more info ...) | attempted-user | 2017-0052 | URL | ||
| 41980 | FILE-OFFICE Microsoft Office Excel shared strings memory corruption attempt (more info ...) | attempted-user | 2017-0052 | URL | ||
| 41981 | FILE-OFFICE Microsoft Office Word out of bounds read attempt (more info ...) | attempted-user | 2017-0105 | URL | ||
| 41982 | FILE-OFFICE Microsoft Office Word out of bounds read attempt (more info ...) | attempted-user | 2017-0105 | URL | ||
| 42008 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0295 attack attempt (more info ...) | attempted-user | URL | |||
| 42009 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0295 attack attempt (more info ...) | attempted-user | URL | |||
| 42076 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0300 attack attempt (more info ...) | attempted-user | 2019-5030 | URL | ||
| 42077 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0300 attack attempt (more info ...) | attempted-user | 2019-5030 | URL | ||
| 42120 | SERVER-WEBAPP Dahua IP Camera username and password disclosure attempt (more info ...) | attempted-recon | 2017-6343 | 96456 | URL | |
| 42121 | SERVER-WEBAPP Dahua IP Camera username and password disclosure attempt (more info ...) | attempted-recon | 2017-6343 | 96456 | URL | |
| 42138 | FILE-OFFICE Lexmark Perceptive Document Filters malformed XLS information disclosure attempt (more info ...) | attempted-recon | 2017-2806 | URL | ||
| 42144 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0301 attack attempt (more info ...) | attempted-user | URL | |||
| 42145 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0301 attack attempt (more info ...) | attempted-user | URL | |||
| 42161 | FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (more info ...) | attempted-user | 2017-0194 | |||
| 42162 | FILE-OFFICE Microsoft Office Excel out of bounds memory attempt (more info ...) | attempted-user | 2017-0194 | |||
| 42167 | FILE-OFFICE Microsoft Office custom message class security bypass attempt (more info ...) | attempted-user | 2017-0204 | |||
| 42168 | FILE-OFFICE Microsoft Office custom message class security bypass attempt (more info ...) | attempted-user | 2017-0204 | |||
| 42189 | FILE-OFFICE RTF objautlink url moniker file download attempt (more info ...) | misc-activity | 2017-0199 | |||
| 42190 | FILE-OFFICE RTF objautlink url moniker file download attempt (more info ...) | misc-activity | 2017-0199 | |||
| 42198 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 42755 | FILE-OFFICE Microsoft Office Word 2010 Sepx memory corruption attempt (more info ...) | attempted-user | 2017-0243 | |||
| 42756 | FILE-OFFICE Microsoft Office Word 2010 Sepx memory corruption attempt (more info ...) | attempted-user | 2017-0243 | |||
| 42863 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 42864 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 42900 | FILE-OFFICE Microsoft Office EPS restore command use after free attempt (more info ...) | attempted-user | 2017-0261 | URL | ||
| 42901 | FILE-OFFICE Microsoft Office EPS file containing embedded PE (more info ...) | policy-violation | ||||
| 42902 | FILE-OFFICE Microsoft Office EPS restore command use after free attempt (more info ...) | attempted-user | 2017-0261 | URL | ||
| 42903 | FILE-OFFICE Microsoft Office EPS restore command use after free attempt (more info ...) | attempted-user | 2017-0261 | URL | ||
| 42904 | FILE-OFFICE Microsoft Office EPS restore command use after free attempt (more info ...) | attempted-user | 2017-0261 | URL | ||
| 42905 | FILE-OFFICE Microsoft Office EPS file containing embedded PE (more info ...) | policy-violation | ||||
| 43159 | FILE-OFFICE Microsoft Office Word 2016 use after free attempt (more info ...) | attempted-user | 2017-8509 | |||
| 43160 | FILE-OFFICE Microsoft Office Word 2016 use after free attempt (more info ...) | attempted-user | 2017-8509 | |||
| 43171 | FILE-OFFICE Microsoft Office Word malformed jpeg remote code execution attempt (more info ...) | attempted-user | 2017-8510 | |||
| 43172 | FILE-OFFICE Microsoft Office Word malformed jpeg remote code execution attempt (more info ...) | attempted-user | 2017-8510 | |||
| 43179 | FILE-OFFICE Powerpoint mouseover powershell malware download attempt (more info ...) | trojan-activity | URL | |||
| 43180 | FILE-OFFICE Powerpoint mouseover powershell malware download attempt (more info ...) | trojan-activity | URL | |||
| 43802 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 43803 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 43847 | FILE-OFFICE Microsoft Office Access Jet Database Engine integer overflow attempt (more info ...) | attempted-user | 2017-0250 | |||
| 43848 | FILE-OFFICE Microsoft Office Access Jet Database Engine integer overflow attempt (more info ...) | attempted-user | 2017-0250 | |||
| 44030 | FILE-IDENTIFY Microsoft Office PowerPoint ppt file attachment detected file attachment detected (more info ...) | misc-activity | ||||
| 44052 | FILE-OFFICE Microsoft Office Word EPS filter PostScript object use after free attempt (more info ...) | attempted-user | 2015-2545 | URL | ||
| 44092 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0404 attack attempt (more info ...) | attempted-user | 2017-2897 | URL | ||
| 44093 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0404 attack attempt (more info ...) | attempted-user | 2017-2897 | URL | ||
| 44101 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0403 attack attempt (more info ...) | attempted-user | 2017-2896 | URL | ||
| 44102 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0403 attack attempt (more info ...) | attempted-user | 2017-2896 | URL | ||
| 44106 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0417 attack attempt (more info ...) | attempted-user | 2017-2910 | URL | ||
| 44107 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0417 attack attempt (more info ...) | attempted-user | 2017-2910 | URL | ||
| 44163 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0426 attack attempt (more info ...) | attempted-user | 2017-2919 | URL | ||
| 44164 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0426 attack attempt (more info ...) | attempted-user | 2017-2919 | URL | ||
| 44231 | FILE-IDENTIFY Microsoft Office Word doc file attachment detected (more info ...) | misc-activity | ||||
| 44271 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0430 attack attempt (more info ...) | attempted-user | 2017-2923 | URL | ||
| 44272 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0430 attack attempt (more info ...) | attempted-user | 2017-2923 | URL | ||
| 44273 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0431 attack attempt (more info ...) | attempted-user | 2017-2924 | URL | ||
| 44274 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0431 attack attempt (more info ...) | attempted-user | 2017-2924 | URL | ||
| 44275 | FILE-IDENTIFY Microsoft Office Excel file attachment detected (more info ...) | misc-activity | ||||
| 44363 | FILE-OFFICE Microsoft Office RTF hex encoded WRAsembly ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 44364 | FILE-OFFICE Microsoft Office RTF hex encoded WRAssembly ASLR bypass download attempt (more info ...) | attempted-user | 2015-1641 | URL | ||
| 44371 | FILE-OFFICE RTF WSDL file download attempt (more info ...) | attempted-user | 2017-8759 | URL | ||
| 44372 | FILE-OFFICE RTF WSDL file download attempt (more info ...) | attempted-user | 2017-8759 | URL | ||
| 44430 | FILE-OFFICE Fin7 Maldoc campaign exploitation attempt (more info ...) | misc-activity | ||||
| 44431 | FILE-OFFICE Fin7 Maldoc campaign exploitation attempt (more info ...) | misc-activity | ||||
| 44432 | FILE-OFFICE Fin7 Maldoc campaign exploitation attempt (more info ...) | misc-activity | ||||
| 44433 | FILE-OFFICE Fin7 Maldoc campaign exploitation attempt (more info ...) | misc-activity | ||||
| 44518 | FILE-OFFICE Microsoft Graphics remote code execution attempt (more info ...) | attempted-admin | 2017-11762 | URL | ||
| 44519 | FILE-OFFICE Microsoft Graphics remote code execution attempt (more info ...) | attempted-admin | 2017-11762 | URL | ||
| 44520 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0461 attack attempt (more info ...) | attempted-user | 2017-12109 | URL | ||
| 44521 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0461 attack attempt (more info ...) | attempted-user | 2017-12109 | URL | ||
| 44522 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0460 attack attempt (more info ...) | attempted-user | 2017-12108 | URL | ||
| 44523 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0460 attack attempt (more info ...) | attempted-user | 2017-12108 | URL | ||
| 44579 | FILE-OFFICE Microsoft Office dde field code execution attempt (more info ...) | attempted-admin | URL | |||
| 44580 | FILE-OFFICE Microsoft Office dde field code execution attempt (more info ...) | attempted-admin | URL | |||
| 44587 | SERVER-WEBAPP Trend Micro OfficeScan server side request forgery attempt (more info ...) | web-application-attack | URL | |||
| 44588 | SERVER-WEBAPP Trend Micro OfficeScan server side request forgery attempt (more info ...) | web-application-attack | URL | |||
| 44589 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0463 attack attempt (more info ...) | attempted-user | 2017-12111 | URL | ||
| 44590 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0463 attack attempt (more info ...) | attempted-user | 2017-12111 | URL | ||
| 44593 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0462 attack attempt (more info ...) | attempted-user | 2017-12110 | URL | ||
| 44594 | FILE-OFFICE TRUFFLEHUNTER TALOS-2017-0462 attack attempt (more info ...) | attempted-user | 2017-12110 | URL | ||
| 44669 | FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (more info ...) | attempted-user | 2010-0266 | 41446 | URL | |
| 44670 | FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (more info ...) | attempted-user | 2010-0266 | 41446 | URL | |
| 44682 | SERVER-OTHER Novell GroupWise Post Office Agent heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 44683 | SERVER-OTHER Novell GroupWise Post Office Agent heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 44821 | FILE-OFFICE Microsoft Office Excel use after free vulnerability exploit attempt (more info ...) | attempted-user | 2017-11878 | |||
| 44822 | FILE-OFFICE Microsoft Office Excel use after free vulnerability exploit attempt (more info ...) | attempted-user | 2017-11878 | |||
| 44908 | FILE-OTHER KeyView SDK WordPerfect parsing stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 44909 | FILE-OTHER KeyView SDK WordPerfect parsing stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 44989 | FILE-OFFICE Microsoft Office Equation Editor object with automatic execution embedded in RTF attempt (more info ...) | attempted-user | 2018-0802 | URL | ||
| 44990 | FILE-OFFICE Microsoft Office Equation Editor object with automatic execution embedded in RTF attempt (more info ...) | attempted-user | 2018-0802 | URL | ||
| 45066 | SERVER-WEBAPP WordPress Duplicator cross site scripting attempt (more info ...) | attempted-user | 2017-16815 | URL | ||
| 45067 | SERVER-WEBAPP WordPress Duplicator cross site scripting attempt (more info ...) | attempted-user | 2017-16815 | URL | ||
| 45123 | FILE-OFFICE Microsoft Office Excel malformed spreadsheet use-after-free attempt (more info ...) | attempted-admin | 2017-11935 | URL | ||
| 45124 | FILE-OFFICE Microsoft Office Excel malformed spreadsheet use-after-free attempt (more info ...) | attempted-admin | 2017-11935 | URL | ||
| 45133 | FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (more info ...) | attempted-user | 2017-11882 | URL | ||
| 45134 | FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (more info ...) | attempted-user | 2017-11882 | URL | ||
| 45135 | FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (more info ...) | attempted-user | 2017-11882 | URL | ||
| 45214 | FILE-OTHER Microsoft Word DDEauto code execution attempt (more info ...) | attempted-admin | URL | |||
| 45215 | FILE-OTHER Microsoft Word DDEauto code execution attempt (more info ...) | attempted-admin | URL | |||
| 45243 | POLICY-OTHER ZyXEL PK5001Z modem hardcoded admin password telnet login attempt (more info ...) | attempted-admin | 2016-10401 | URL | ||
| 45244 | POLICY-OTHER ZyXEL PK5001Z modem hardcoded root password telnet login attempt (more info ...) | attempted-admin | 2016-10401 | URL | ||
| 45245 | POLICY-OTHER ZyXEL PK5001Z modem hardcoded admin password telnet login attempt (more info ...) | attempted-admin | 2016-10401 | URL | ||
| 45314 | SERVER-WEBAPP Beijing Hanbang Hanbanggaoke IP camera admin password change attempt (more info ...) | attempted-user | 2017-14335 | URL | ||
| 45370 | FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (more info ...) | attempted-user | URL | |||
| 45371 | FILE-OFFICE Microsoft Office Word docx subDocument file include attempt (more info ...) | attempted-user | URL | |||
| 45413 | SERVER-WEBAPP Hikvision IP camera admin authentication attempt (more info ...) | web-application-attack | 2017-7921 | URL | ||
| 45415 | FILE-OFFICE RTF Composite Moniker object creation attempt (more info ...) | attempted-user | 2017-8570 | URL | ||
| 45416 | FILE-OFFICE RTF Composite Moniker object creation attempt (more info ...) | attempted-user | 2017-8570 | URL | ||
| 45466 | FILE-OFFICE Microsoft Office None type objclass RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | |||
| 45467 | FILE-OFFICE Microsoft Office None type objclass RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | |||
| 45511 | FILE-OFFICE Microsoft Office Equation Editor Package objclass RTF evasion attempt (more info ...) | attempted-admin | 2018-0802 | |||
| 45512 | FILE-OFFICE Microsoft Office Equation Editor Package objclass RTF evasion attempt (more info ...) | attempted-admin | 2018-0802 | |||
| 45519 | INDICATOR-COMPROMISE Microsoft Word internal object auto update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 45520 | INDICATOR-COMPROMISE Microsoft Word internal object auto update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 45598 | SERVER-OTHER Wordpress CMS platform denial of service attempt (more info ...) | denial-of-service | 2018-6389 | |||
| 45654 | FILE-OFFICE Microsoft Office remote code execution attempt (more info ...) | attempted-admin | 2018-0841 | URL | ||
| 45655 | FILE-OFFICE Microsoft Office remote code execution attempt (more info ...) | attempted-admin | 2018-0841 | URL | ||
| 45689 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0527 attack attempt (more info ...) | attempted-user | 2018-3844 | URL | ||
| 45690 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0527 attack attempt (more info ...) | attempted-user | 2018-3844 | URL | ||
| 45717 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0528 attack attempt (more info ...) | attempted-user | 2018-3845 | URL | ||
| 45718 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0528 attack attempt (more info ...) | attempted-user | 2018-3845 | URL | ||
| 45750 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0534 attack attempt (more info ...) | attempted-user | 2018-3851 | URL | ||
| 45751 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0534 attack attempt (more info ...) | attempted-user | 2018-3851 | URL | ||
| 45883 | FILE-OFFICE Microsoft Access remote code execution attempt (more info ...) | attempted-user | 2018-0903 | URL | ||
| 45884 | FILE-OFFICE Microsoft Access remote code execution attempt (more info ...) | attempted-user | 2018-0903 | URL | ||
| 45896 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0538 attack attempt (more info ...) | attempted-user | 2018-3855 | URL | ||
| 45897 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0538 attack attempt (more info ...) | attempted-user | 2018-3855 | URL | ||
| 46095 | POLICY-OTHER Cisco IOS XE default one-time password login detected (more info ...) | policy-violation | 2018-0150 | URL | ||
| 46106 | FILE-OFFICE Microsoft Office Equation Editor RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | |||
| 46107 | FILE-OFFICE Microsoft Office Equation Editor RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | |||
| 46178 | FILE-OFFICE Microsoft Office Excel out of bounds read attempt (more info ...) | attempted-user | 2018-1030 | URL | ||
| 46179 | FILE-OFFICE Microsoft Office Excel out of bounds read attempt (more info ...) | attempted-user | 2018-1030 | URL | ||
| 46180 | FILE-OFFICE Microsoft Office Excel use after free remote code execution attempt (more info ...) | attempted-user | 2018-1029 | URL | ||
| 46181 | FILE-OFFICE Microsoft Office Excel use after free remote code execution attempt (more info ...) | attempted-user | 2018-1029 | URL | ||
| 46182 | FILE-OFFICE Microsoft Office Excel graphics remote code execution attempt (more info ...) | attempted-user | 2018-1028 | URL | ||
| 46183 | FILE-OFFICE Microsoft Office Excel graphics remote code execution attempt (more info ...) | attempted-user | 2018-1028 | URL | ||
| 46184 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2018-1026 | URL | ||
| 46185 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2018-1026 | URL | ||
| 46192 | FILE-OFFICE Microsoft Office Excel drawing cell reuse use-after-free attempt (more info ...) | attempted-user | 2018-1011 | URL | ||
| 46193 | FILE-OFFICE Microsoft Office Excel drawing cell reuse use-after-free attempt (more info ...) | attempted-user | 2018-1011 | URL | ||
| 46196 | FILE-OFFICE Microsoft Office Excel named range cell content use-after-free attempt (more info ...) | attempted-user | 2018-0920 | URL | ||
| 46197 | FILE-OFFICE Microsoft Office Excel named range cell content use-after-free attempt (more info ...) | attempted-user | 2018-0920 | URL | ||
| 46208 | FILE-OFFICE Microsoft Office Excel use after free remote code execution attempt (more info ...) | attempted-user | 2018-1027 | URL | ||
| 46209 | FILE-OFFICE Microsoft Office Excel use after free remote code execution attempt (more info ...) | attempted-user | 2018-1027 | URL | ||
| 46266 | FILE-OTHER Microsoft Office Outlook 2003 OLE information disclosure attempt detected (more info ...) | policy-violation | 2018-0950 | URL | ||
| 46267 | FILE-OTHER Microsoft Office Outlook 2003 OLE information disclosure attempt detected (more info ...) | policy-violation | 2018-0950 | URL | ||
| 46552 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2018-8147 | URL | ||
| 46553 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2018-8147 | URL | ||
| 46556 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2018-8148 | URL | ||
| 46557 | FILE-OFFICE Microsoft Office Excel remote code execution attempt (more info ...) | attempted-user | 2018-8148 | URL | ||
| 46558 | FILE-OFFICE Microsoft Office docx heap out of bounds read attempt (more info ...) | attempted-user | 2018-8157 | URL | ||
| 46559 | FILE-OFFICE Microsoft Office docx heap out of bounds read attempt (more info ...) | attempted-user | 2018-8157 | URL | ||
| 46560 | FILE-OFFICE Microsoft Office RTF embedded ole file out of bounds write attempt (more info ...) | attempted-user | 2018-8158 | URL | ||
| 46561 | FILE-OFFICE Microsoft Office RTF embedded ole file out of bounds write attempt (more info ...) | attempted-user | 2018-8158 | URL | ||
| 46632 | SERVER-MAIL Office 365 ATP Safe Links bypass attempt (more info ...) | attempted-user | ||||
| 46633 | SERVER-MAIL Office 365 ATP Safe Links bypass attempt (more info ...) | attempted-user | ||||
| 46756 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0596 attack attempt (more info ...) | attempted-user | 2018-3929 | URL | ||
| 46757 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0596 attack attempt (more info ...) | attempted-user | 2018-3929 | URL | ||
| 46761 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0597 attack attempt (more info ...) | attempted-user | 2018-3930 | URL | ||
| 46762 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0597 attack attempt (more info ...) | attempted-user | 2018-3930 | URL | ||
| 46768 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0598 attack attempt (more info ...) | attempted-user | 2018-3931 | URL | ||
| 46769 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0598 attack attempt (more info ...) | attempted-user | 2018-3931 | URL | ||
| 46843 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0599 attack attempt (more info ...) | attempted-user | 2018-3932 | URL | ||
| 46844 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0599 attack attempt (more info ...) | attempted-user | 2018-3932 | URL | ||
| 46845 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0600 attack attempt (more info ...) | attempted-user | 2018-3933 | URL | ||
| 46846 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0600 attack attempt (more info ...) | attempted-user | 2018-3933 | URL | ||
| 46882 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0603 attack attempt (more info ...) | attempted-user | 2018-3936 | URL | ||
| 46883 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0603 attack attempt (more info ...) | attempted-user | 2018-3936 | URL | ||
| 46893 | SERVER-OTHER Cisco Prime Collaboration Provisioning Java remote method invocation attempt (more info ...) | attempted-admin | 2018-0321 | URL | ||
| 46911 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning potentially unauthenticated administrator password change attempt (more info ...) | attempted-admin | 2018-0318 | URL | ||
| 46914 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning password recovery field reuse attempt (more info ...) | web-application-attack | 2018-0319 | URL | ||
| 46940 | FILE-OFFICE Microsoft Office Word malformed RTF memory corruption attempt (more info ...) | attempted-admin | 2018-8248 | URL | ||
| 46941 | FILE-OFFICE Microsoft Office Word malformed RTF memory corruption attempt (more info ...) | attempted-admin | 2018-8248 | URL | ||
| 46953 | OS-WINDOWS Microsoft OfficeHub object manager namespace privilege escalation attempt (more info ...) | attempted-admin | 2018-8208 | URL | ||
| 46954 | OS-WINDOWS Microsoft OfficeHub object manager namespace privilege escalation attempt (more info ...) | attempted-admin | 2018-8208 | URL | ||
| 47015 | SERVER-WEBAPP Quest DR Series Disk Backup PasswordService.pm command injection attempt (more info ...) | web-application-attack | 2018-11151 | URL | ||
| 47055 | FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (more info ...) | attempted-dos | 2016-3284 | URL | ||
| 47056 | FILE-OFFICE Microsoft Office Excel empty bookViews element denial of service attempt (more info ...) | attempted-dos | 2016-3284 | URL | ||
| 47063 | FILE-OFFICE Microsoft Office Word malformed emf remote code execution attempt (more info ...) | attempted-user | 2017-8510 | |||
| 47175 | FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (more info ...) | attempted-user | 2016-7262 | URL | ||
| 47176 | FILE-OFFICE Microsoft Office Excel ddeService command execution attempt (more info ...) | attempted-user | 2016-7262 | URL | ||
| 47206 | FILE-OFFICE Microsoft Office Word sprmSDyaTop memory leak attempt (more info ...) | attempted-user | 2016-3316 | URL | ||
| 47254 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47255 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47256 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47257 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47258 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47259 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47260 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47261 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47262 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47263 | FILE-OTHER Microsoft Excel malicious CSV code execution attempt (more info ...) | attempted-user | ||||
| 47456 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0646 attack attempt (more info ...) | attempted-user | 2018-3978 | URL | ||
| 47457 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0646 attack attempt (more info ...) | attempted-user | 2018-3978 | URL | ||
| 47482 | FILE-OFFICE Microsoft PowerPoint slide show type confusion attempt (more info ...) | attempted-user | 2018-8376 | URL | ||
| 47483 | FILE-OFFICE Microsoft PowerPoint slide show type confusion attempt (more info ...) | attempted-user | 2018-8376 | URL | ||
| 47495 | FILE-OFFICE Microsoft Office Excel use after free attempt (more info ...) | attempted-user | 2018-8379 | URL | ||
| 47496 | FILE-OFFICE Microsoft Office Excel use after free attempt (more info ...) | attempted-user | 2018-8379 | URL | ||
| 47521 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0652 attack attempt (more info ...) | attempted-user | 2018-3894 | URL | ||
| 47522 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0652 attack attempt (more info ...) | attempted-user | 2018-3894 | URL | ||
| 47523 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0651 attack attempt (more info ...) | attempted-user | 2018-3983 | URL | ||
| 47524 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0651 attack attempt (more info ...) | attempted-user | 2018-3983 | URL | ||
| 47527 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0650 attack attempt (more info ...) | attempted-user | 2018-3982 | URL | ||
| 47528 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0650 attack attempt (more info ...) | attempted-user | 2018-3982 | URL | ||
| 47568 | FILE-OFFICE Adobe Flash Player ActiveX security bypass attempt (more info ...) | attempted-user | 2018-12825 | URL | ||
| 47569 | FILE-OFFICE Adobe Flash Player ActiveX security bypass attempt (more info ...) | attempted-user | 2018-12825 | URL | ||
| 47603 | SERVER-WEBAPP WordPress phar deserialization attempt (more info ...) | attempted-user | ||||
| 47753 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0669 attack attempt (more info ...) | attempted-user | 2018-4001 | URL | ||
| 47754 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0669 attack attempt (more info ...) | attempted-user | 2018-4001 | URL | ||
| 47755 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0667 attack attempt (more info ...) | attempted-user | 2018-3999 | URL | ||
| 47756 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0667 attack attempt (more info ...) | attempted-user | 2018-3999 | URL | ||
| 47757 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (more info ...) | attempted-user | 2018-3998 | URL | ||
| 47758 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (more info ...) | attempted-user | 2018-3998 | URL | ||
| 47759 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (more info ...) | attempted-user | 2018-3998 | URL | ||
| 47760 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0666 attack attempt (more info ...) | attempted-user | 2018-3998 | URL | ||
| 47762 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0668 attack attempt (more info ...) | attempted-user | 2018-4000 | URL | ||
| 47763 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0668 attack attempt (more info ...) | attempted-user | 2018-4000 | URL | ||
| 47946 | FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (more info ...) | attempted-user | 2018-12841 | URL | ||
| 48037 | SERVER-OTHER Cisco Prime Collaboration Provisioning hardcoded LDAP password authentication attempt (more info ...) | attempted-admin | 2018-15389 | URL | ||
| 48378 | FILE-OFFICE Microsoft Office directory entry remote code execution attempt (more info ...) | attempted-user | 2018-8539 | URL | ||
| 48379 | FILE-OFFICE Microsoft Office directory entry remote code execution attempt (more info ...) | attempted-user | 2018-8539 | URL | ||
| 48389 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0711 attack attempt (more info ...) | attempted-user | 2018-4038 | URL | ||
| 48390 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0711 attack attempt (more info ...) | attempted-user | 2018-4038 | URL | ||
| 48391 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0712 attack attempt (more info ...) | attempted-user | 2018-4039 | URL | ||
| 48392 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0712 attack attempt (more info ...) | attempted-user | 2018-4039 | URL | ||
| 48403 | FILE-OFFICE Microsoft Outlook email rules file memory corruption attempt (more info ...) | attempted-user | 2018-8582 | URL | ||
| 48404 | FILE-OFFICE Microsoft Outlook email rules file memory corruption attempt (more info ...) | attempted-user | 2018-8582 | URL | ||
| 48405 | FILE-OFFICE Microsoft Office Outlook rwz file memory corruption attempt (more info ...) | attempted-user | 2018-8587 | URL | ||
| 48406 | FILE-OFFICE Microsoft Office Outlook rwz file memory corruption attempt (more info ...) | attempted-user | 2018-8587 | URL | ||
| 48407 | FILE-OFFICE Microsoft Office Outlook rwz file memory corruption attempt (more info ...) | attempted-user | 2018-8522 | URL | ||
| 48408 | FILE-OFFICE Microsoft Office Outlook rwz file memory corruption attempt (more info ...) | attempted-user | 2018-8522 | URL | ||
| 48416 | SERVER-WEBAPP WordPress wp_delete_attachment directory traversal attempt (more info ...) | web-application-attack | 2018-12895 | 104569 | URL | |
| 48423 | FILE-OFFICE Microsoft Office Word document malicious iframe code injection attempt (more info ...) | attempted-user | ||||
| 48424 | FILE-OFFICE Microsoft Office Word document malicious iframe code injection attempt (more info ...) | attempted-user | ||||
| 48573 | SERVER-WEBAPP WordPress arbitrary file deletion attempt (more info ...) | web-application-attack | URL | |||
| 48601 | FILE-OFFICE Microsoft Office Powerpoint use after free attempt (more info ...) | attempted-user | 2018-8628 | URL | ||
| 48602 | FILE-OFFICE Microsoft Office Powerpoint use after free attempt (more info ...) | attempted-user | 2018-8628 | URL | ||
| 49048 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | URL | ||
| 49049 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | URL | ||
| 49132 | FILE-OFFICE Microsoft Excel information disclosure attempt (more info ...) | attempted-user | 2019-0669 | URL | ||
| 49133 | FILE-OFFICE Microsoft Excel information disclosure attempt (more info ...) | attempted-user | 2019-0669 | URL | ||
| 49209 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0780 attack attempt (more info ...) | attempted-user | 2019-5019 | URL | ||
| 49210 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0780 attack attempt (more info ...) | attempted-user | 2019-5019 | URL | ||
| 49448 | SERVER-WEBAPP WordPress comment cross site request forgery attempt (more info ...) | attempted-user | URL | |||
| 49495 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (more info ...) | misc-activity | ||||
| 49497 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method access (more info ...) | misc-activity | ||||
| 49527 | SERVER-WEBAPP WordPress SocialWarfare deprecated function access attempt (more info ...) | web-application-attack | 2019-9978 | URL | ||
| 49528 | SERVER-WEBAPP WordPress SocialWarfare plugin stored cross site scripting attempt (more info ...) | web-application-attack | 2019-9978 | URL | ||
| 49539 | SERVER-OTHER WordPress wp_user_roles configuration change attempt (more info ...) | web-application-attack | URL | |||
| 49540 | SERVER-OTHER WordPress wp_user_roles configuration change attempt (more info ...) | web-application-attack | URL | |||
| 49645 | SERVER-WEBAPP Wordpress image edit directory traversal attempt (more info ...) | web-application-attack | 2019-8942 | |||
| 49646 | SERVER-WEBAPP Wordpress image edit directory traversal attempt (more info ...) | web-application-attack | 2019-8942 | |||
| 49647 | SERVER-WEBAPP Wordpress image edit directory traversal attempt (more info ...) | web-application-attack | 2019-8942 | |||
| 49700 | FILE-OFFICE Microsoft Powerpoint graphics component remote code execution attempt (more info ...) | attempted-admin | 2019-0822 | URL | ||
| 49701 | FILE-OFFICE Microsoft Powerpoint graphics component remote code execution attempt (more info ...) | attempted-admin | 2019-0822 | URL | ||
| 49727 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49728 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49729 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49730 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49731 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49732 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49733 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49734 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49735 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49736 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49737 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49738 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49739 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49740 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49741 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49742 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49743 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49744 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49745 | FILE-OFFICE Microsoft Office directory traversal attempt (more info ...) | attempted-user | 2019-0801 | URL | ||
| 49776 | FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (more info ...) | attempted-user | 2017-11882 | URL | ||
| 49795 | SERVER-WEBAPP WordPress Yuzo Related Posts plugin cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 49796 | SERVER-WEBAPP WordPress Yuzo Related Posts plugin cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 50086 | FILE-OFFICE Microsoft Windows GDI EMR_POLYTEXTOUTW out-of-bounds read attempt (more info ...) | attempted-user | 2019-0882 | URL | ||
| 50087 | FILE-OFFICE Microsoft Windows GDI EMR_POLYTEXTOUTW out-of-bounds read attempt (more info ...) | attempted-user | 2019-0882 | URL | ||
| 50299 | SERVER-WEBAPP WordPress plugin Convert Plus unauthenticated administrator account creation attempt (more info ...) | web-application-attack | URL | |||
| 50680 | FILE-OFFICE Microsoft Excel information disclosure attempt (more info ...) | attempted-recon | 2019-1112 | URL | ||
| 50681 | FILE-OFFICE Microsoft Excel information disclosure attempt (more info ...) | attempted-recon | 2019-1112 | URL | ||
| 50690 | FILE-OFFICE Microsoft Office Equation Editor RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | URL | ||
| 50691 | FILE-OFFICE Microsoft Office Equation Editor RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | URL | ||
| 50692 | FILE-OFFICE Microsoft Office Equation Editor RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | URL | ||
| 50693 | FILE-OFFICE Microsoft Office Equation Editor RTF evasion attempt (more info ...) | attempted-user | 2018-0802 | URL | ||
| 50694 | MALWARE-OTHER Microsoft Office Equation Editor remote code execution attempt (more info ...) | attempted-user | 2018-0798 | URL | ||
| 50695 | MALWARE-OTHER Microsoft Office Equation Editor remote code execution attempt (more info ...) | attempted-user | 2018-0798 | URL | ||
| 50732 | SERVER-WEBAPP CyberArk Enterprise Password Vault XML external entity injection attempt (more info ...) | web-application-attack | 2019-7442 | |||
| 50733 | SERVER-WEBAPP CyberArk Enterprise Password Vault XML external entity injection attempt (more info ...) | web-application-attack | 2019-7442 | |||
| 50745 | SERVER-WEBAPP Cisco Vision Dynamic Signage Director authentication bypass attempt (more info ...) | attempted-admin | 2019-1917 | URL | ||
| 50772 | SERVER-WEBAPP Schneider Electric quantum modicon ethernet module unauthenticated password change attempt (more info ...) | attempted-admin | 2018-7811 | |||
| 50779 | SERVER-WEBAPP Schneider Electric Quantum modicon ethernet module unauthenticated password reset attempt (more info ...) | attempted-user | 2019-7809 | |||
| 50998 | FILE-OFFICE Microsoft Office Outlook memory corruption attempt (more info ...) | attempted-user | 2019-1199 | URL | ||
| 50999 | FILE-OFFICE Microsoft Office Outlook memory corruption attempt (more info ...) | attempted-user | 2019-1199 | URL | ||
| 51098 | FILE-OTHER LibreOffice macro remote code execution attempt (more info ...) | attempted-user | 2018-16858 | URL | ||
| 51099 | FILE-OTHER LibreOffice macro remote code execution attempt (more info ...) | attempted-user | 2018-16858 | URL | ||
| 51100 | FILE-OTHER LibreOffice macro remote code execution attempt (more info ...) | attempted-user | 2018-16858 | URL | ||
| 51101 | FILE-OTHER LibreOffice macro remote code execution attempt (more info ...) | attempted-user | 2018-16858 | URL | ||
| 51123 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0886 attack attempt (more info ...) | attempted-user | URL | |||
| 51124 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0886 attack attempt (more info ...) | attempted-user | URL | |||
| 51267 | FILE-OFFICE Microsoft Outlook rwz file memory corruption attempt (more info ...) | attempted-user | 2018-8587 | URL | ||
| 51486 | SERVER-WEBAPP Webmin password_change command injection attempt (more info ...) | web-application-attack | 2019-15107 | URL | ||
| 51487 | SERVER-WEBAPP Webmin password_change command injection attempt (more info ...) | web-application-attack | 2019-15107 | URL | ||
| 51488 | SERVER-WEBAPP Webmin password_change command injection attempt (more info ...) | web-application-attack | 2019-15107 | URL | ||
| 51489 | SERVER-WEBAPP Webmin password_change command injection attempt (more info ...) | web-application-attack | 2019-15107 | URL | ||
| 51537 | SERVER-WEBAPP WordPress Print-My-Blog plugin server side request forgery attempt (more info ...) | web-application-attack | 2019-11565 | URL | ||
| 52417 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0968 attack attempt (more info ...) | attempted-user | 2021-40474 | URL | ||
| 52418 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0968 attack attempt (more info ...) | attempted-user | 2021-40474 | URL | ||
| 52481 | INDICATOR-COMPROMISE Microsoft Word internal OLE object update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 52482 | INDICATOR-COMPROMISE Microsoft Word internal OLE object update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 52641 | SERVER-WEBAPP Cisco Smart Software Manager unauthorized password change attempt (more info ...) | attempted-admin | 2019-16029 | URL | ||
| 52642 | SERVER-WEBAPP Cisco Smart Software Manager unauthorized password change attempt (more info ...) | attempted-admin | 2019-16029 | URL | ||
| 53260 | MALWARE-OTHER Win.Trojan.DarkVision RAT download attempt (more info ...) | attempted-user | URL | |||
| 53261 | MALWARE-OTHER Win.Trojan.DarkVision RAT download attempt (more info ...) | attempted-user | URL | |||
| 53268 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1015 attack attempt (more info ...) | attempted-user | URL | |||
| 53269 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1015 attack attempt (more info ...) | attempted-user | URL | |||
| 53487 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1027 attack attempt (more info ...) | attempted-user | URL | |||
| 53488 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1027 attack attempt (more info ...) | attempted-user | URL | |||
| 53650 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1045 attack attempt (more info ...) | attempted-user | URL | |||
| 53651 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1045 attack attempt (more info ...) | attempted-user | URL | |||
| 54596 | SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt (more info ...) | attempted-admin | 2020-13693 | URL | ||
| 54597 | SERVER-WEBAPP WordPress bbPress plugin unauthenticated privilege escalation attempt (more info ...) | attempted-admin | 2020-13693 | URL | ||
| 54617 | SERVER-WEBAPP GeoVision Door Access Control hidden url access attempt (more info ...) | attempted-admin | 2020-3928 | |||
| 55748 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1153 attack attempt (more info ...) | attempted-user | URL | |||
| 55749 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1153 attack attempt (more info ...) | attempted-user | URL | |||
| 55778 | SERVER-WEBAPP Wordpress File Manager plugin elFinder remote code execution attempt (more info ...) | attempted-user | 2020-25213 | |||
| 55797 | SERVER-WEBAPP Wordpress plugin WP Database Reset database reset attempt (more info ...) | web-application-attack | 2020-7048 | |||
| 55834 | SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt (more info ...) | attempted-user | 2020-15364 | |||
| 55835 | SERVER-WEBAPP Wordpress Nexos theme cross site scripting attempt (more info ...) | attempted-user | 2020-15364 | |||
| 56082 | SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt (more info ...) | web-application-attack | URL | |||
| 56083 | SERVER-WEBAPP Wordpress WP Database Backup plug-in command injection attempt (more info ...) | web-application-attack | URL | |||
| 56156 | FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (more info ...) | attempted-user | 2020-16947 | URL | ||
| 56157 | FILE-OFFICE Microsoft Office Outlook email parsing remote code execution attempt (more info ...) | attempted-user | 2020-16947 | URL | ||
| 56209 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1192 attack attempt (more info ...) | attempted-user | 2020-13581 | URL | ||
| 56210 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1192 attack attempt (more info ...) | attempted-user | 2020-13581 | URL | ||
| 56212 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1191 attack attempt (more info ...) | attempted-user | 2020-13580 | URL | ||
| 56213 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1191 attack attempt (more info ...) | attempted-user | 2020-13580 | URL | ||
| 56226 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (more info ...) | attempted-user | 2020-13579 | URL | ||
| 56227 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (more info ...) | attempted-user | 2020-13579 | URL | ||
| 56228 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (more info ...) | attempted-user | 2020-13579 | URL | ||
| 56229 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1190 attack attempt (more info ...) | attempted-user | 2020-13579 | URL | ||
| 56389 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1197 attack attempt (more info ...) | attempted-user | 2020-13586 | URL | ||
| 56390 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1197 attack attempt (more info ...) | attempted-user | 2020-13586 | URL | ||
| 56526 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1210 attack attempt (more info ...) | attempted-user | 2020-28587 | URL | ||
| 56527 | FILE-OFFICE TRUFFLEHUNTER TALOS-2020-1210 attack attempt (more info ...) | attempted-user | 2020-28587 | URL | ||
| 57063 | INDICATOR-COMPROMISE Microsoft Word internal OLE object update attempt (more info ...) | attempted-admin | 2017-0199 | URL | ||
| 57066 | INDICATOR-COMPROMISE Microsoft Word internal OLE object update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 57570 | SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 57571 | SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 57572 | SERVER-WEBAPP WordPRess DZS Video Gallery directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 57573 | SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt (more info ...) | web-application-attack | URL | |||
| 57574 | SERVER-WEBAPP WordPress DZS Video Gallery remote file include attempt (more info ...) | web-application-attack | URL | |||
| 58120 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58121 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58122 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58123 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58124 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58125 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58126 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58127 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58130 | FILE-OFFICE Microsoft MSHTML code execution attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58131 | FILE-OFFICE Microsoft MSHTML code execution attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58132 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58133 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58134 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58135 | FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt (more info ...) | attempted-user | 2021-40444 | URL | ||
| 58366 | FILE-OFFICE TRUFFLEHUNTER TALOS-2021-1386 attack attempt (more info ...) | attempted-user | 2021-21958 | URL | ||
| 58410 | SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt (more info ...) | web-application-attack | 2020-4210 | |||
| 58411 | SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt (more info ...) | web-application-attack | 2020-4210 | |||
| 58412 | SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt (more info ...) | web-application-attack | 2020-4210 | |||
| 58413 | SERVER-WEBAPP IBM Spectrum Protect Plus changeAdministratorPassword command injection attempt (more info ...) | web-application-attack | 2020-4210 | |||
| 58487 | SERVER-WEBAPP WordPress Snap Creek Duplicator and Duplicator Pro plugins directory traversal attempt (more info ...) | web-application-attack | 2020-11738 | |||
| 58555 | SERVER-WEBAPP Hikvision webLanguage command injection vulnerability (more info ...) | attempted-user | 2021-36260 | |||
| 58574 | FILE-OFFICE TRUFFLEHUNTER TALOS-2021-1412 attack attempt (more info ...) | attempted-user | 2021-40399 | URL | ||
| 58575 | FILE-OFFICE TRUFFLEHUNTER TALOS-2021-1412 attack attempt (more info ...) | attempted-user | 2021-40399 | URL | ||
| 59323 | SERVER-WEBAPP Trend Micro Apex One and OfficeScan directory traversal attempt (more info ...) | web-application-attack | 2020-8470 | |||
| 59324 | SERVER-WEBAPP Trend Micro Apex One and OfficeScan directory traversal attempt (more info ...) | web-application-attack | 2020-8470 | |||
| 59325 | SERVER-WEBAPP Trend Micro Apex One and OfficeScan directory traversal attempt (more info ...) | web-application-attack | 2020-8470 | |||
| 59393 | SERVER-WEBAPP HPE Moonshot Provisioning Manager Appliance directory traversal attempt (more info ...) | web-application-attack | 2017-8977 | |||
| 59394 | SERVER-WEBAPP HPE Moonshot Provisioning Manager Appliance directory traversal attempt (more info ...) | web-application-attack | 2017-8977 | |||
| 59395 | SERVER-WEBAPP HPE Moonshot Provisioning Manager Appliance directory traversal attempt (more info ...) | web-application-attack | 2017-8977 | |||
| 59396 | FILE-OFFICE Microsoft Word tblStylePr use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 59397 | FILE-OFFICE Microsoft Word tblStylePr use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 59398 | FILE-OFFICE Microsoft Word tblStylePr use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 59399 | FILE-OFFICE Microsoft Word tblStylePr use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 59400 | FILE-OFFICE Microsoft Word tblStylePr use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 59401 | FILE-OFFICE Microsoft Word tblStylePr use after free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 59432 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance Password command injection attempt (more info ...) | web-application-attack | 2020-8466 | |||
| 59433 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance Password command injection attempt (more info ...) | web-application-attack | 2020-8466 | |||
| 59434 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance Password command injection attempt (more info ...) | web-application-attack | 2020-8466 | |||
| 59435 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance Password command injection attempt (more info ...) | web-application-attack | 2020-8466 | |||
| 59585 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | |||
| 59946 | POLICY-OTHER Sumavision Enhanced Multimedia Router privileged account creation detected (more info ...) | policy-violation | 2020-10181 | URL | ||
| 60035 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1527 attack attempt (more info ...) | attempted-user | 2022-32543 | URL | ||
| 60036 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1527 attack attempt (more info ...) | attempted-user | 2022-32543 | URL | ||
| 60037 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1527 attack attempt (more info ...) | attempted-user | 2022-32543 | URL | ||
| 60038 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1527 attack attempt (more info ...) | attempted-user | 2022-32543 | URL | ||
| 60039 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1533 attack attempt (more info ...) | attempted-user | 2022-29886 | URL | ||
| 60040 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1533 attack attempt (more info ...) | attempted-user | 2022-29886 | URL | ||
| 60041 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1533 attack attempt (more info ...) | attempted-user | 2022-29886 | URL | ||
| 60042 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1533 attack attempt (more info ...) | attempted-user | 2022-29886 | URL | ||
| 60500 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1591 attack attempt (more info ...) | attempted-user | URL | |||
| 60501 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1591 attack attempt (more info ...) | attempted-user | URL | |||
| 60637 | MALWARE-OTHER MultiOS.Backdoor.antSword inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61091 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1684 attack attempt (more info ...) | attempted-user | 2022-45115 | URL | ||
| 61092 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1684 attack attempt (more info ...) | attempted-user | 2022-45115 | URL | ||
| 61163 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1687 attack attempt (more info ...) | attempted-dos | 2023-22291 | URL | ||
| 61164 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1687 attack attempt (more info ...) | attempted-dos | 2023-22291 | URL | ||
| 61393 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1722 attack attempt (more info ...) | attempted-user | 2023-22660 | URL | ||
| 61394 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1722 attack attempt (more info ...) | attempted-user | 2023-22660 | URL | ||
| 61459 | FILE-OFFICE Microsoft Office RTF font table memory corruption attempt (more info ...) | attempted-user | 2023-21716 | URL | ||
| 61460 | FILE-OFFICE Microsoft Office RTF font table memory corruption attempt (more info ...) | attempted-user | 2023-21716 | URL | ||
| 61478 | FILE-OFFICE Microsoft Office Outlook appointment privilege escalation attempt (more info ...) | attempted-user | 2023-23397 | URL | ||
| 61479 | FILE-OFFICE Microsoft Office Outlook appointment privilege escalation attempt (more info ...) | attempted-user | 2023-23397 | URL | ||
| 61503 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1730 attack attempt (more info ...) | attempted-user | URL | |||
| 61504 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1730 attack attempt (more info ...) | attempted-user | URL | |||
| 61505 | FILE-OFFICE Microsoft Office Outlook appointment privilege escalation attempt (more info ...) | attempted-user | 2023-23397 | URL | ||
| 61506 | FILE-OFFICE Microsoft Office Outlook appointment privilege escalation attempt (more info ...) | attempted-user | 2023-23397 | URL | ||
| 61574 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1734 attack attempt (more info ...) | attempted-user | URL | |||
| 61575 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1734 attack attempt (more info ...) | attempted-user | URL | |||
| 61716 | FILE-OFFICE Microsoft Office Outlook remote code execution attempt (more info ...) | attempted-user | 2023-29325 | URL | ||
| 61717 | FILE-OFFICE Microsoft Office Outlook remote code execution attempt (more info ...) | attempted-user | 2023-29325 | URL | ||
| 61781 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1748 attack attempt (more info ...) | attempted-user | 2023-31275 | URL | ||
| 61782 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1748 attack attempt (more info ...) | attempted-user | 2023-31275 | URL | ||
| 61957 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1758 attack attempt (more info ...) | attempted-user | 2023-34366 | URL | ||
| 61958 | FILE-OFFICE TRUFFLEHUNTER TALOS-2023-1758 attack attempt (more info ...) | attempted-user | 2023-34366 | URL | ||
| 62053 | FILE-OFFICE Microsoft Office RTF object remote code execution attempt (more info ...) | attempted-user | 2023-36884 | |||
| 62054 | FILE-OFFICE Microsoft Office RTF object remote code execution attempt (more info ...) | attempted-user | 2023-36884 | |||
| 62121 | SERVER-WEBAPP WooCommerce WordPress elevation of privilege attempt (more info ...) | web-application-attack | 2023-28121 | URL | ||
| 62122 | SERVER-WEBAPP WooCommerce WordPress elevation of privilege attempt (more info ...) | web-application-attack | 2023-28121 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 233 | MALWARE-OTHER Trin00 Attacker to Master default startup password (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 234 | MALWARE-OTHER Trin00 Attacker to Master default password (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 235 | MALWARE-OTHER Trin00 Attacker to Master default mdie password (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 237 | MALWARE-OTHER Trin00 Master to Daemon default password attempt (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 505 | SERVER-OTHER Insecure TIMBUKTU Password (more info ...) | bad-unknown | ||||
| 1098 | SERVER-WEBAPP SmartWin CyberOffice Shopping Cart access (more info ...) | web-application-attack | 2000-0925 | 1734 | ||
| 1192 | SERVER-WEBAPP Trend Micro OfficeScan access (more info ...) | attempted-recon | 1057 | |||
| 1381 | SERVER-WEBAPP Trend Micro OfficeScan attempt (more info ...) | attempted-recon | 1057 | |||
| 1860 | SERVER-WEBAPP Linksys router default password login attempt (more info ...) | default-login-attempt | 10999 | URL | ||
| 2027 | PROTOCOL-RPC yppasswd old password overflow attempt UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2028 | PROTOCOL-RPC yppasswd old password overflow attempt TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2029 | PROTOCOL-RPC yppasswd new password overflow attempt UDP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2030 | PROTOCOL-RPC yppasswd new password overflow attempt TCP (more info ...) | rpc-portmap-decode | 2001-0779 | 2763 | ||
| 2114 | PROTOCOL-SERVICES rexec password overflow attempt (more info ...) | attempted-admin | ||||
| 2230 | SERVER-WEBAPP NetGear router default password login attempt admin/password (more info ...) | default-login-attempt | 11737 | URL | ||
| 2408 | SERVER-WEBAPP Invision Power Board search.pl access (more info ...) | web-application-activity | 2004-0338 | 9766 | ||
| 4150 | BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX function call access (more info ...) | attempted-user | 2001-0538 | 3026 | URL | |
| 4175 | BROWSER-PLUGINS Microsoft Office 2000/2002 Web Components PivotTable ActiveX object access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 4177 | BROWSER-PLUGINS Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4695 | 4453 | URL | |
| 4178 | BROWSER-PLUGINS Microsoft Office 2000 and 2002 Web Components Record Navigation Control ActiveX object access (more info ...) | attempted-user | 2002-0727 | 4449 | URL | |
| 4217 | BROWSER-PLUGINS Microsoft Office Services on the Web Free/Busy ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4218 | BROWSER-PLUGINS Microsoft Microsoft Windows Visual Basic WebClass ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4229 | BROWSER-PLUGINS Microsoft Internet Explorer MSAPP Export Support for Office Access ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 5780 | MALWARE-OTHER Keylogger runtime detection - hwpe word filtered echelon log (more info ...) | successful-recon-limited | URL | |||
| 5782 | MALWARE-OTHER Keylogger runtime detection - hwae word filtered echelon log (more info ...) | successful-recon-limited | URL | |||
| 5892 | PUA-TOOLBARS Trackware wordiq toolbar runtime detection - get link info (more info ...) | successful-recon-limited | URL | |||
| 5893 | PUA-TOOLBARS Trackware wordiq toolbar runtime detection - search keyword (more info ...) | successful-recon-limited | URL | |||
| 5958 | MALWARE-TOOLS Hacker-Tool ghostvoice 1.02 runtime detection - init connection with password requirement (more info ...) | misc-activity | URL | |||
| 5959 | PUA-ADWARE Hijacker raxsearch detection - send search keywords to raxsearch (more info ...) | misc-activity | URL | |||
| 5962 | PUA-ADWARE Hijacker searchfast detection - catch search keyword (more info ...) | misc-activity | URL | |||
| 5992 | MALWARE-CNC User-Agent known malicious user agent - Mirar_KeywordContentHijacker (more info ...) | misc-activity | URL | |||
| 6185 | PUA-ADWARE Adware 180Search assistant runtime detection - reporting keyword (more info ...) | misc-activity | URL | |||
| 6192 | PUA-ADWARE Adware seekmo runtime detection - reporting keyword (more info ...) | misc-activity | URL | |||
| 6278 | PUA-TOOLBARS Trickler navexcel search toolbar runtime detection - activate/update (more info ...) | misc-activity | URL | |||
| 6309 | MALWARE-BACKDOOR net demon runtime detection - initial connection - password request (more info ...) | trojan-activity | URL | |||
| 6310 | MALWARE-BACKDOOR net demon runtime detection - initial connection - password send (more info ...) | trojan-activity | URL | |||
| 6311 | MALWARE-BACKDOOR net demon runtime detection - initial connection - password accepted (more info ...) | trojan-activity | ||||
| 6471 | SERVER-OTHER RealVNC password authentication bypass attempt (more info ...) | attempted-admin | 2006-2369 | 17978 | ||
| 7002 | FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (more info ...) | attempted-user | 2011-0104 | 18500 | URL | |
| 7025 | FILE-OFFICE Microsoft Office Excel url unicode overflow attempt (more info ...) | attempted-user | 2006-3014 | 18583 | URL | |
| 7048 | FILE-OFFICE Microsoft Office Excel object record overflow attempt (more info ...) | attempted-user | 2006-1306 | 18886 | URL | |
| 7087 | MALWARE-BACKDOOR sinique 1.0 runtime detection - initial connection with correct password client-to-server (more info ...) | trojan-activity | URL | |||
| 7088 | MALWARE-BACKDOOR sinique 1.0 runtime detection - initial connection with correct password server-to-client (more info ...) | trojan-activity | URL | |||
| 7089 | MALWARE-BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password -client-to-server (more info ...) | trojan-activity | URL | |||
| 7090 | MALWARE-BACKDOOR sinique 1.0 runtime detection - initial connection with wrong password server-to-client (more info ...) | trojan-activity | URL | |||
| 7197 | FILE-OFFICE Microsoft Office Excel MSO.DLL malformed string parsing single byte buffer over attempt (more info ...) | attempted-user | 2006-1540 | 17252 | URL | |
| 7202 | FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 7205 | FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (more info ...) | attempted-user | 2006-1308 | 18890 | ||
| 7517 | PUA-ADWARE Hijacker chinese keywords outbound connection (more info ...) | misc-activity | URL | |||
| 7616 | MALWARE-BACKDOOR theef 2.0 runtime detection - connection without password (more info ...) | trojan-activity | URL | |||
| 7617 | MALWARE-BACKDOOR theef 2.0 runtime detection - connection request with password - flowbit 1 (more info ...) | trojan-activity | ||||
| 7618 | MALWARE-BACKDOOR theef 2.0 runtime detection - connection request with password - flowbit 2 (more info ...) | trojan-activity | ||||
| 7619 | MALWARE-BACKDOOR theef 2.0 runtime detection - connection request with password (more info ...) | trojan-activity | URL | |||
| 7785 | MALWARE-BACKDOOR forced control uploader runtime detection - connection with password (more info ...) | trojan-activity | ||||
| 7833 | PUA-ADWARE Hijacker navexcel helper outbound connection - search (more info ...) | misc-activity | URL | |||
| 7870 | BROWSER-PLUGINS Microsoft Office Data Source Control 9.0 ActiveX clsid access (more info ...) | attempted-user | 2007-1201 | 28136 | URL | |
| 7874 | BROWSER-PLUGINS Microsoft Office PivotTable 10.0 ActiveX clsid access (more info ...) | attempted-user | 2002-0861 | URL | ||
| 8358 | PUA-ADWARE Hijacker yok supersearch outbound connection - addressbar keyword search hijack (more info ...) | misc-activity | URL | |||
| 8397 | BROWSER-PLUGINS Microsoft Office List 11.0 ActiveX clsid access (more info ...) | attempted-user | ||||
| 8422 | BROWSER-PLUGINS Microsoft Office Outlook View OVCtl ActiveX clsid access (more info ...) | attempted-user | 2017-11774 | 3026 | URL | |
| 8448 | FILE-OFFICE Microsoft Office Excel colinfo XF record overflow attempt (more info ...) | attempted-user | 2006-3875 | URL | ||
| 8708 | SERVER-WEBAPP Wordpress cache_lastpostdate code injection attempt (more info ...) | attempted-admin | 2005-2612 | 14533 | ||
| 8723 | BROWSER-PLUGINS Microsoft Office Data Source Control 11.0 ActiveX clsid access (more info ...) | attempted-user | 2006-3729 | 24462 | URL | |
| 8738 | BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX clsid access (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 8740 | BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX function call access (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 9431 | FILE-OFFICE Microsoft Office Outlook Express NNTP response overflow attempt (more info ...) | attempted-user | 2005-1213 | 13951 | URL | |
| 9645 | PUA-ADWARE Hijacker sogou outbound connection - keyword hijack (more info ...) | misc-activity | URL | |||
| 9841 | SERVER-MAIL Microsoft Office Outlook VEVENT overflow attempt (more info ...) | attempted-user | 2007-0033 | 21931 | URL | |
| 9847 | FILE-OFFICE Microsoft Office Outlook Saved Search download attempt (more info ...) | attempted-user | 2007-0034 | URL | ||
| 10087 | SERVER-OTHER VNC password request buffer overflow attempt (more info ...) | web-application-attack | 2006-1652 | 2305 | ||
| 10123 | PROTOCOL-VOIP PA168 chipset based IP phone default password attempt (more info ...) | attempted-admin | 2007-0528 | 22191 | URL | |
| 10175 | BROWSER-PLUGINS Trend Micro OfficeScan Client ActiveX function call access (more info ...) | attempted-user | 2007-0325 | 22585 | ||
| 10445 | MALWARE-BACKDOOR acidbattery 1.0 runtime detection - get password (more info ...) | trojan-activity | URL | |||
| 11176 | BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX clsid access (more info ...) | attempted-user | 2007-2494 | 33243 | URL | |
| 11178 | BROWSER-PLUGINS Microsoft Office PowerPoint Viewer ActiveX function call access (more info ...) | attempted-user | 2007-2494 | 33243 | URL | |
| 11181 | BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX clsid access (more info ...) | attempted-user | 2007-2495 | 33243 | URL | |
| 11183 | BROWSER-PLUGINS Microsoft Office Excel Viewer ActiveX function call access (more info ...) | attempted-user | 2007-2495 | 33243 | URL | |
| 11186 | SERVER-OTHER CA eTrust key handling dos -- password (more info ...) | denial-of-service | 2007-1005 | 22743 | ||
| 11187 | BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX clsid access (more info ...) | attempted-user | 2007-2496 | 33243 | URL | |
| 11189 | BROWSER-PLUGINS Microsoft Office Word Viewer ActiveX function call access (more info ...) | attempted-user | 2007-2496 | 33243 | URL | |
| 11199 | BROWSER-PLUGINS Microsoft Office Viewer ActiveX clsid access (more info ...) | attempted-user | 2009-0382 | 33283 | URL | |
| 11201 | BROWSER-PLUGINS Microsoft Office Viewer ActiveX function call access (more info ...) | attempted-user | 2009-0382 | 33283 | URL | |
| 11622 | BROWSER-PLUGINS Microsoft Office 2000 OUACTR ActiveX clsid access (more info ...) | attempted-user | 2007-2903 | 24118 | URL | |
| 11660 | BROWSER-PLUGINS EDraw Office Viewer ActiveX clsid access (more info ...) | attempted-user | 2007-3169 | 24230 | URL | |
| 11662 | BROWSER-PLUGINS EDraw Office Viewer ActiveX function call access (more info ...) | attempted-user | 2007-3169 | 24230 | URL | |
| 12070 | FILE-OFFICE Microsoft Office Excel malformed version field (more info ...) | attempted-user | 2007-1756 | 24801 | URL | |
| 12099 | FILE-OFFICE Microsoft Office Excel rtWindow1 record handling arbitrary code execution attempt (more info ...) | attempted-user | 2007-3029 | 22555 | URL | |
| 12184 | FILE-OFFICE Microsoft Office Excel workbook workspace designation handling arbitrary code execution attempt (more info ...) | attempted-user | 2007-3030 | 24803 | URL | |
| 12233 | MALWARE-BACKDOOR theef 2.10 runtime detection - connect with no password (more info ...) | trojan-activity | ||||
| 12234 | MALWARE-BACKDOOR theef 2.10 runtime detection - connect with no password (more info ...) | trojan-activity | URL | |||
| 12235 | MALWARE-BACKDOOR theef 2.10 runtime detection - connect with password (more info ...) | trojan-activity | ||||
| 12236 | MALWARE-BACKDOOR theef 2.10 runtime detection - connect with password (more info ...) | trojan-activity | URL | |||
| 12261 | BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX clsid access (more info ...) | attempted-user | 2007-3041 | URL | ||
| 12263 | BROWSER-PLUGINS Microsoft Visual Basic 6 PDWizard.File ActiveX function call access (more info ...) | attempted-user | 2007-3041 | URL | ||
| 12265 | BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX clsid access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12267 | BROWSER-PLUGINS Microsoft Visual Basic 6 SearchHelper ActiveX function call access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12269 | BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX clsid access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12270 | BROWSER-PLUGINS Microsoft Visual Basic 6 TLIApplication ActiveX function call (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12273 | BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX clsid access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12275 | BROWSER-PLUGINS Microsoft Visual Basic 6 TypeLibInfo ActiveX function call access (more info ...) | attempted-user | 2007-2216 | URL | ||
| 12284 | FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (more info ...) | attempted-user | 2007-3890 | URL | ||
| 12430 | BROWSER-PLUGINS EDraw Office Viewer Component ActiveX clsid access (more info ...) | attempted-user | 2007-4821 | 25892 | ||
| 12432 | BROWSER-PLUGINS EDraw Office Viewer Component ActiveX function call access (more info ...) | attempted-user | 2007-4821 | 25892 | ||
| 12618 | FILE-OTHER Microsoft Visual Basic VBP file reference overflow attempt (more info ...) | attempted-user | 2007-4776 | 25629 | ||
| 12629 | SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (more info ...) | web-application-attack | 2007-2581 | 23832 | URL | |
| 12641 | FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (more info ...) | misc-activity | 2007-3899 | 25906 | URL | |
| 13277 | PUA-ADWARE Adware netword agent runtime detection (more info ...) | misc-activity | URL | |||
| 13325 | BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX clsid access (more info ...) | attempted-user | 2008-4587 | 27279 | ||
| 13327 | BROWSER-PLUGINS Macrovision FLEXnet Connect ActiveX function call access (more info ...) | attempted-user | 2008-4587 | 27279 | ||
| 13466 | FILE-OFFICE Microsoft Works file converter file section length headers memory corruption attempt (more info ...) | attempted-user | 2007-0216 | 27657 | URL | |
| 13469 | FILE-OFFICE Microsoft Word ole stream memory corruption attempt (more info ...) | attempted-user | 2008-0109 | URL | ||
| 13471 | FILE-OFFICE Microsoft Office Publisher invalid pathname overwrite attempt (more info ...) | attempted-user | 2008-0104 | URL | ||
| 13472 | FILE-OFFICE Microsoft Works file converter field length invalid chunk size buffer overflow attempt (more info ...) | attempted-user | 2008-0108 | 27659 | URL | |
| 13556 | PUA-ADWARE Hijacker kword interkey outbound connection - search traffic 1 (more info ...) | misc-activity | URL | |||
| 13557 | PUA-ADWARE Hijacker kword interkey outbound connection - search traffic 2 (more info ...) | misc-activity | URL | |||
| 13558 | PUA-ADWARE Hijacker kword interkey outbound connection - log user info (more info ...) | misc-activity | URL | |||
| 13569 | FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (more info ...) | attempted-user | 2008-0081 | URL | ||
| 13572 | FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (more info ...) | attempted-user | 2008-0118 | 28146 | URL | |
| 13573 | FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (more info ...) | misc-attack | 2008-0110 | URL | ||
| 13580 | BROWSER-PLUGINS Microsoft Office Web Components remote code execution attempt ActiveX clsid access (more info ...) | attempted-user | 2006-4695 | URL | ||
| 13629 | FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 13630 | FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 13633 | FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 13665 | FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (more info ...) | attempted-user | 2008-1090 | URL | ||
| 13790 | FILE-OFFICE Microsoft Word malformed css remote code execution attempt (more info ...) | attempted-user | 2008-1434 | URL | ||
| 13803 | FILE-OFFICE RTF control word overflow attempt (more info ...) | attempted-user | 2008-1091 | URL | ||
| 13895 | SERVER-MAIL Microsoft Office Outlook Web Access invalid CSS escape sequence script execution attempt (more info ...) | misc-attack | 2008-2248 | URL | ||
| 13958 | FILE-OFFICE WordPerfect Graphics file invalid RLE buffer overflow attempt (more info ...) | attempted-user | 2008-3460 | URL | ||
| 14262 | FILE-OFFICE Microsoft Office OneNote iframe caller exploit attempt (more info ...) | web-application-attack | 2008-3007 | URL | ||
| 14610 | SERVER-WEBAPP Joomla invalid token administrative password reset attempt (more info ...) | attempted-admin | 2008-3681 | 30667 | URL | |
| 14642 | FILE-OFFICE Microsoft Office Excel file with embedded ActiveX control (more info ...) | attempted-user | 2008-3477 | URL | ||
| 14765 | BROWSER-PLUGINS Macrovision InstallShield Update Service Agent ActiveX function call (more info ...) | attempted-user | 2008-2470 | 31235 | ||
| 14997 | BROWSER-PLUGINS DjVu MSOffice Converter ActiveX clsid access (more info ...) | attempted-user | 2008-4922 | 31987 | ||
| 15082 | FILE-OFFICE Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (more info ...) | attempted-user | 2008-4028 | 32585 | URL | |
| 15083 | FILE-OFFICE Microsoft Office Word .rtf file double free attempt (more info ...) | attempted-user | 2008-4027 | URL | ||
| 15088 | BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX clsid access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 15090 | BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX function call access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 15092 | BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4252 | URL | ||
| 15094 | BROWSER-PLUGINS Microsoft Windows Visual Basic DataGrid ActiveX function call access (more info ...) | attempted-user | 2008-4252 | URL | ||
| 15096 | BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4253 | URL | ||
| 15098 | BROWSER-PLUGINS Microsoft Windows Visual Basic FlexGrid ActiveX function call access (more info ...) | attempted-user | 2008-4253 | URL | ||
| 15100 | BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX clsid access (more info ...) | attempted-user | 2008-4254 | URL | ||
| 15102 | BROWSER-PLUGINS Microsoft Windows Visual Basic Hierarchical FlexGrid ActiveX function call access (more info ...) | attempted-user | 2008-4254 | URL | ||
| 15104 | FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (more info ...) | attempted-user | 2008-4255 | URL | ||
| 15106 | FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (more info ...) | misc-attack | 2008-4025 | URL | ||
| 15107 | FILE-OFFICE Microsoft Office Word .rtf file stylesheet buffer overflow attempt (more info ...) | attempted-user | 2008-4031 | URL | ||
| 15108 | SERVER-WEBAPP Microsoft Office SharePoint Server elevation of privilege exploit attempt (more info ...) | attempted-admin | 2008-4032 | URL | ||
| 15119 | BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX clsid unicode access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15121 | BROWSER-PLUGINS Microsoft Visual Basic Winsock ActiveX function call unicode access (more info ...) | attempted-user | 2008-4251 | URL | ||
| 15163 | FILE-OFFICE Microsoft Office Visio Object Header Buffer Overflow attempt (more info ...) | attempted-user | 2008-1089 | |||
| 15230 | BROWSER-PLUGINS Microsoft Office Viewer 2 ActiveX clsid access (more info ...) | attempted-user | 2007-2588 | 33245 | URL | |
| 15282 | BROWSER-PLUGINS FlexCell Grid ActiveX clsid access (more info ...) | attempted-user | 2009-0301 | 33453 | ||
| 15298 | FILE-OFFICE Microsoft Visio could allow remote code execution (more info ...) | attempted-user | 2009-0097 | URL | ||
| 15299 | FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (more info ...) | attempted-user | 2009-0096 | 33660 | URL | |
| 15303 | FILE-OFFICE Microsoft Office Visio Malformed IconBitsComponent arbitrary code execution attempt (more info ...) | attempted-user | 2009-0095 | URL | ||
| 15334 | BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX clsid access (more info ...) | attempted-user | 2009-0865 | 33782 | ||
| 15336 | BROWSER-PLUGINS GeoVision LiveX 7000 ActiveX function call access (more info ...) | attempted-user | 2009-0865 | 33782 | ||
| 15338 | BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX clsid access (more info ...) | attempted-user | 2009-0865 | 33782 | ||
| 15340 | BROWSER-PLUGINS GeoVision LiveX 8120 ActiveX function call access (more info ...) | attempted-user | 2009-0865 | 33782 | ||
| 15342 | BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX clsid access (more info ...) | attempted-user | 2009-0865 | 33782 | ||
| 15344 | BROWSER-PLUGINS GeoVision LiveX 8200 ActiveX function call access (more info ...) | attempted-user | 2009-0865 | 33782 | ||
| 15367 | FILE-OFFICE Microsoft Office Outlook web access script injection attempt (more info ...) | attempted-user | 2006-1193 | 18381 | ||
| 15454 | FILE-OFFICE Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt (more info ...) | attempted-user | 2009-0556 | URL | ||
| 15455 | FILE-OFFICE Microsoft Office WordPad and Office Text Converters XST parsing buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 15465 | FILE-OFFICE Microsoft Excel malformed object record remote code execution attempt (more info ...) | attempted-user | 2009-0100 | URL | ||
| 15466 | FILE-OFFICE Microsoft Office WordPad WordPerfect 6.x converter buffer overflow attempt (more info ...) | attempted-user | 2009-0088 | URL | ||
| 15467 | FILE-OFFICE Microsoft Office WordPad and Office Text Converters PlcPcd aCP buffer overflow attempt (more info ...) | attempted-user | 2009-0235 | URL | ||
| 15488 | SERVER-ORACLE Oracle Database Application Express Component APEX password hash disclosure attempt (more info ...) | misc-attack | 2009-0981 | 34461 | URL | |
| 15499 | FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (more info ...) | attempted-user | 2009-1129 | URL | ||
| 15500 | FILE-OFFICE Microsoft Office PowerPoint LinkedSlide memory corruption (more info ...) | attempted-user | 2009-0221 | URL | ||
| 15501 | FILE-OFFICE Microsoft Office PowerPoint ParaBuildAtom memory corruption attempt (more info ...) | attempted-user | 2009-0224 | URL | ||
| 15502 | FILE-OFFICE Microsoft Office PowerPoint DiagramBuildContainer memory corruption attempt (more info ...) | attempted-user | 2009-0224 | URL | ||
| 15503 | FILE-OFFICE Download of PowerPoint 95 file (more info ...) | attempted-user | URL | |||
| 15505 | FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (more info ...) | attempted-user | 2009-1130 | URL | ||
| 15506 | FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (more info ...) | attempted-user | 2009-1131 | URL | ||
| 15524 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 15525 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0565 | URL | ||
| 15526 | FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (more info ...) | attempted-user | 2009-1533 | URL | ||
| 15539 | FILE-OFFICE Microsoft Office Excel Formula record remote code execution attempt (more info ...) | attempted-user | 2009-0560 | 35244 | URL | |
| 15541 | FILE-OFFICE Microsoft Office Excel SST record remote code execution attempt (more info ...) | attempted-user | 2009-3037 | 36042 | URL | |
| 15542 | FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (more info ...) | attempted-user | 2009-1134 | URL | ||
| 15681 | FILE-OFFICE Microsoft Office Publisher 2007 file format arbitrary code execution attempt (more info ...) | attempted-user | 2009-0566 | URL | ||
| 15687 | BROWSER-PLUGINS Microsoft Office Web Components 10 Spreadsheet ActiveX function call access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 15691 | BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 15852 | BROWSER-PLUGINS Microsoft Office Web Components Datasource ActiveX clsid access (more info ...) | attempted-user | 2009-0562 | URL | ||
| 15855 | BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 15858 | BROWSER-PLUGINS Microsoft Office Web Components Spreadsheet ActiveX clsid access (more info ...) | attempted-user | 2009-1534 | URL | ||
| 15913 | OS-WINDOWS Microsoft Windows javascript arguments keyword override rce attempt (more info ...) | attempted-user | 2009-1920 | URL | ||
| 15947 | FILE-OFFICE Microsoft Office Outlook Web Access Cross-Site Scripting attempt (more info ...) | attempted-user | 2005-0563 | 13952 | ||
| 16051 | FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (more info ...) | attempted-user | 2007-1754 | 22702 | URL | |
| 16059 | FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (more info ...) | attempted-user | 2006-0028 | URL | ||
| 16177 | FILE-OFFICE Microsoft Office Word GDI+ Office Art Property Table remote code execution attempt (more info ...) | attempted-user | 2009-2528 | URL | ||
| 16178 | FILE-OFFICE Microsoft Office Excel GDI+ Office Art Property Table remote code execution attempt (more info ...) | attempted-user | 2009-2528 | URL | ||
| 16188 | FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (more info ...) | attempted-user | 2011-1269 | URL | ||
| 16226 | FILE-OFFICE Microsoft Office Excel integer field in row record improper validation remote code execution attempt (more info ...) | attempted-user | 2009-3130 | URL | ||
| 16228 | FILE-OFFICE Microsoft Office Excel malformed StartObject record arbitrary code execution attempt (more info ...) | attempted-admin | 2009-3134 | URL | ||
| 16229 | FILE-OFFICE Microsoft Office Excel oversized ib memory corruption attempt (more info ...) | attempted-user | 2009-3131 | URL | ||
| 16230 | FILE-OFFICE Microsoft Excel oversized ib memory corruption attempt (more info ...) | attempted-user | 2009-3131 | URL | ||
| 16233 | FILE-OFFICE Microsoft Office Excel oversized ptgFuncVar cparams value buffer overflow attempt (more info ...) | attempted-user | 2009-3132 | URL | ||
| 16234 | FILE-OFFICE Microsoft Office Word Document remote code execution attempt (more info ...) | attempted-user | 2016-3283 | URL | ||
| 16235 | FILE-OFFICE Microsoft Office Excel file SXDB record exploit attempt (more info ...) | attempted-user | 2009-3127 | URL | ||
| 16236 | FILE-OFFICE Microsoft Office Excel file SxView record exploit attempt (more info ...) | attempted-user | 2009-3128 | URL | ||
| 16240 | FILE-OFFICE Microsoft Office Excel file Window/Pane record exploit attempt (more info ...) | attempted-user | 2009-3133 | URL | ||
| 16241 | FILE-OFFICE Microsoft Office Excel FeatHdr BIFF record remote code execution attempt (more info ...) | attempted-user | 2009-3129 | URL | ||
| 16314 | FILE-OFFICE Microsoft Windows WordPad and Office text converter integer overflow attempt (more info ...) | attempted-user | 2009-2506 | URL | ||
| 16318 | FILE-OFFICE Microsoft Office Visio invalid ho tag attempt (more info ...) | attempted-user | 2009-0096 | 33660 | URL | |
| 16328 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 16361 | FILE-OFFICE Microsoft Office BMP header biClrUsed integer overflow attempt (more info ...) | attempted-admin | 2009-2518 | 36651 | ||
| 16409 | FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (more info ...) | attempted-user | 2010-0029 | URL | ||
| 16410 | FILE-OFFICE Microsoft Office PowerPoint file LinkedSlide10Atom record parsing heap corruption attempt (more info ...) | attempted-user | 2010-0030 | URL | ||
| 16412 | FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (more info ...) | attempted-user | 2010-0033 | URL | ||
| 16416 | FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (more info ...) | attempted-user | 2010-0243 | URL | ||
| 16421 | FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0032 | URL | ||
| 16428 | FILE-OFFICE Microsoft Office Outlook Express and Windows Mail NNTP handling buffer overflow attempt (more info ...) | attempted-user | 2007-3897 | URL | ||
| 16462 | FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 16463 | FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 16464 | FILE-OFFICE Microsoft Office Excel ContinueFRT12 heap overflow attempt (more info ...) | attempted-user | 2010-0260 | URL | ||
| 16465 | FILE-OFFICE Microsoft Office Excel ContinueFRT12 and MDXSet heap overflow attempt (more info ...) | attempted-user | 2010-0261 | URL | ||
| 16466 | FILE-OFFICE Microsoft Office Excel uninitialized stack variable code execution attempt (more info ...) | attempted-user | 2010-0262 | URL | ||
| 16467 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 16468 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 16469 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 16470 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 16471 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 16535 | FILE-OFFICE Microsoft Office Visio improper attribute code execution attempt (more info ...) | attempted-user | 2010-0254 | URL | ||
| 16536 | FILE-OFFICE Microsoft Office Visio off-by-one in array index code execution attempt (more info ...) | attempted-user | 2010-0256 | URL | ||
| 16542 | FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (more info ...) | attempted-user | 2010-0479 | 39347 | URL | |
| 16553 | FILE-OFFICE Microsoft Office Excel ptg index parsing code execution attempt (more info ...) | attempted-user | 2009-3132 | URL | ||
| 16560 | SERVER-WEBAPP Microsoft Office SharePoint XSS attempt (more info ...) | attempted-user | 2010-0817 | URL | ||
| 16565 | BROWSER-PLUGINS Ultra Shareware Office Control ActiveX clsid access (more info ...) | attempted-user | 2008-3878 | 30861 | ||
| 16586 | FILE-OFFICE Microsoft Office Word Document remote code execution attempt (more info ...) | attempted-user | 2009-3135 | URL | ||
| 16593 | FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (more info ...) | attempted-user | 2010-0815 | 39931 | URL | |
| 16639 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16640 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16641 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (more info ...) | attempted-user | 2010-0822 | URL | ||
| 16643 | FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (more info ...) | attempted-user | 2010-0823 | URL | ||
| 16644 | FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (more info ...) | attempted-user | 2010-0824 | URL | ||
| 16645 | FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | URL | ||
| 16646 | FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | URL | ||
| 16647 | FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 2 (more info ...) | attempted-user | 2010-1247 | URL | ||
| 16648 | FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt - 1 (more info ...) | attempted-user | 2010-1247 | URL | ||
| 16649 | FILE-OFFICE Microsoft Excel HFPicture record stack buffer overflow attempt (more info ...) | attempted-user | 2010-1248 | URL | ||
| 16650 | FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 1 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16651 | FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 2 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16652 | FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 3 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16653 | FILE-OFFICE Microsoft Office Excel ExternName record stack buffer overflow attempt - 4 (more info ...) | attempted-user | 2010-1249 | URL | ||
| 16656 | FILE-OFFICE Microsoft Office Excel BIFF5 ExternSheet record stack overflow attempt (more info ...) | attempted-user | 2010-1252 | URL | ||
| 16657 | FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (more info ...) | attempted-user | 2010-1253 | URL | ||
| 16660 | SERVER-WEBAPP Microsoft Office SharePoint Server 2007 help.aspx denial of service attempt (more info ...) | attempted-dos | 2010-1264 | URL | ||
| 16786 | FILE-OFFICE Microsoft Office Web Components Spreadsheet ActiveX buffer overflow attempt (more info ...) | attempted-user | 2009-1534 | 35992 | ||
| 16800 | FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 17037 | BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (more info ...) | attempted-user | 2010-0814 | URL | ||
| 17038 | FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 1 (more info ...) | attempted-user | 2010-1881 | URL | ||
| 17039 | FILE-OFFICE Microsoft Office Access ACCWIZ library release after free attempt - 2 (more info ...) | attempted-user | 2010-1881 | URL | ||
| 17119 | FILE-OFFICE Microsoft Office Word sprmCMajority SPRM overflow attempt (more info ...) | attempted-user | 2010-1900 | URL | ||
| 17120 | FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (more info ...) | attempted-user | 2010-1901 | URL | ||
| 17121 | FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (more info ...) | attempted-user | 2010-1901 | URL | ||
| 17122 | FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (more info ...) | attempted-user | 2010-1901 | URL | ||
| 17123 | FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (more info ...) | attempted-user | 2010-1902 | URL | ||
| 17124 | FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (more info ...) | attempted-user | 2010-1903 | 42130 | URL | |
| 17134 | FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (more info ...) | attempted-user | 2010-2562 | 42199 | URL | |
| 17227 | FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (more info ...) | attempted-user | 2007-3490 | 24691 | ||
| 17250 | FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (more info ...) | attempted-user | 2010-2563 | 43122 | URL | |
| 17251 | FILE-OFFICE Outlook RTF remote code execution attempt (more info ...) | attempted-admin | 2010-2728 | URL | ||
| 17271 | FILE-OFFICE Microsoft Windows Web View script injection attempt (more info ...) | attempted-user | 2005-1191 | 13248 | ||
| 17284 | FILE-OFFICE Microsoft Office malformed routing slip code execution attempt (more info ...) | attempted-user | 2006-0009 | 17000 | ||
| 17286 | FILE-OTHER Microsoft Visual Basic for Applications document properties overflow attempt (more info ...) | attempted-user | 2006-3649 | 19414 | ||
| 17292 | FILE-OFFICE Microsoft Office PowerPoint malformed data record code execution attempt (more info ...) | attempted-user | 2006-3876 | 20322 | ||
| 17296 | SERVER-WEBAPP Microsoft Office Outlook Web Access XSRF attempt (more info ...) | attempted-user | 2010-3213 | 41462 | URL | |
| 17301 | FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (more info ...) | attempted-user | 2007-1910 | 23380 | ||
| 17304 | FILE-OFFICE Microsoft Works file converter file section header index table stack overflow attempt (more info ...) | attempted-user | 2008-0105 | 27658 | ||
| 17308 | FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 17310 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 17315 | FILE-OFFICE OpenOffice OLE file stream buffer overflow attempt (more info ...) | attempted-user | 2008-0320 | 28819 | ||
| 17318 | FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (more info ...) | attempted-user | 2006-5296 | 20495 | ||
| 17319 | FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (more info ...) | attempted-user | 2006-5296 | 20495 | ||
| 17320 | FILE-OFFICE Microsoft Office PowerPoint MCAtom remote code execution attempt (more info ...) | attempted-user | 2006-5296 | 20495 | ||
| 17344 | INDICATOR-SHELLCODE x86 OS agnostic xor dword decoder (more info ...) | shellcode-detect | ||||
| 17345 | INDICATOR-SHELLCODE x86 OS agnostic dword additive feedback decoder (more info ...) | shellcode-detect | ||||
| 17362 | FILE-OFFICE Microsoft Office Excel IMDATA buffer overflow attempt (more info ...) | attempted-user | 2007-0027 | 21856 | ||
| 17368 | FILE-OFFICE Microsoft Office Word document stream handling code execution attempt (more info ...) | attempted-user | 2007-0870 | 25567 | ||
| 17377 | FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (more info ...) | attempted-user | 2007-1214 | 23780 | ||
| 17383 | FILE-OFFICE Microsoft Office Publisher Object Handler Validation Code Execution attempted (more info ...) | attempted-user | 2008-0119 | 29158 | ||
| 17403 | FILE-OFFICE OpenOffice RTF File parsing heap buffer overflow attempt (more info ...) | attempted-user | 2007-0245 | 24450 | ||
| 17404 | FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 17405 | FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 17406 | FILE-OFFICE Microsoft Office Word Converter XST structure buffer overflow attempt (more info ...) | attempted-user | 2008-4841 | URL | ||
| 17421 | FILE-OFFICE Microsoft OLE automation string manipulation overflow attempt (more info ...) | attempted-user | 2007-2224 | 25282 | ||
| 17488 | FILE-OFFICE Microsoft Office Excel Malformed Range Code Execution attempt (more info ...) | attempted-user | 2005-4131 | 15780 | ||
| 17491 | FILE-OFFICE Microsoft Office Word mso.dll LsCreateLine memory corruption attempt (more info ...) | attempted-user | 2006-3493 | 18905 | ||
| 17492 | FILE-OFFICE Microsoft Office Excel Malformed SELECTION Record Code Execution attempt (more info ...) | attempted-user | 2006-1301 | 18853 | ||
| 17496 | FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (more info ...) | attempted-user | 2006-4694 | 20226 | ||
| 17497 | FILE-OFFICE Microsoft Office PowerPoint malformed NamedShows record code execution attempt (more info ...) | attempted-user | 2006-4694 | 20226 | ||
| 17505 | FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 17506 | FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 17507 | FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 17511 | FILE-OFFICE Microsoft Office Excel malformed Graphic Code Execution (more info ...) | attempted-user | 2006-0030 | 16181 | ||
| 17537 | FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (more info ...) | attempted-user | 15926 | |||
| 17538 | FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (more info ...) | attempted-user | 15926 | |||
| 17539 | FILE-OFFICE Microsoft Office Excel unspecified memory corruption attempt (more info ...) | attempted-user | 15926 | |||
| 17542 | FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (more info ...) | attempted-user | 2007-0031 | 21922 | ||
| 17543 | FILE-OFFICE Microsoft Office Excel Column record handling memory corruption attempt (more info ...) | attempted-user | 2007-0030 | 21925 | ||
| 17550 | FILE-OFFICE Microsoft Office Word Font Parsing Buffer Overflow attempt (more info ...) | attempted-user | 2005-0564 | 14216 | ||
| 17555 | BROWSER-PLUGINS Macrovision InstallShield Update Service ActiveX exploit attempt (more info ...) | attempted-user | 2007-5660 | 31235 | URL | |
| 17560 | FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (more info ...) | attempted-user | 2008-4026 | 32583 | ||
| 17565 | FILE-OFFICE Microsoft Office PowerPoint PP7 File Handling Memory Corruption attempt (more info ...) | attempted-user | 2009-0225 | 34880 | ||
| 17568 | FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (more info ...) | attempted-admin | 2004-0848 | 12480 | ||
| 17574 | FILE-OFFICE Sophos Anti-Virus Visio File Parsing Buffer Overflow attempt (more info ...) | attempted-user | 2005-2768 | 14362 | ||
| 17578 | FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (more info ...) | attempted-user | 2007-0515 | 22225 | ||
| 17591 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 17646 | FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (more info ...) | attempted-user | 2009-0223 | 34834 | ||
| 17649 | FILE-OFFICE Microsoft Office Word array data handling buffer overflow attempt (more info ...) | attempted-user | 2007-0035 | 23804 | ||
| 17655 | FILE-OFFICE Microsoft Office Excel malformed formula parsing code execution attempt (more info ...) | attempted-user | 2008-0115 | 28167 | URL | |
| 17664 | FILE-OFFICE Microsoft Office GIF image descriptor memory corruption attempt (more info ...) | attempted-user | 2007-1071 | 22630 | URL | |
| 17670 | BROWSER-PLUGINS BigAnt Office Manager ActiveX clsid access (more info ...) | attempted-user | 39721 | |||
| 17672 | BROWSER-PLUGINS BigAnt Office Manager ActiveX function call access (more info ...) | attempted-user | 39721 | |||
| 17690 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0565 | URL | ||
| 17691 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0565 | URL | ||
| 17695 | FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (more info ...) | attempted-user | 2009-0220 | 34833 | ||
| 17701 | BROWSER-PLUGINS Office Viewer ActiveX arbitrary command execution attempt (more info ...) | attempted-user | 2007-2588 | 33245 | URL | |
| 17708 | SERVER-OTHER VNC password request URL buffer overflow attempt (more info ...) | web-application-attack | 2006-1652 | 17378 | ||
| 17742 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 17743 | FILE-OFFICE Microsoft Office Word RTF parsing memory corruption attempt (more info ...) | attempted-user | 2008-1091 | 29104 | URL | |
| 17754 | FILE-OFFICE Microsoft Office Word bookmark bound check remote code execution attempt (more info ...) | attempted-user | 2010-3216 | URL | ||
| 17755 | FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (more info ...) | attempted-user | 2010-3219 | URL | ||
| 17756 | FILE-OFFICE Microsoft Office Word XP PLFLSInTableStream heap overflow attempt (more info ...) | attempted-user | 2010-3220 | URL | ||
| 17757 | FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (more info ...) | attempted-user | 2010-3230 | URL | ||
| 17758 | FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (more info ...) | attempted-user | 2010-3231 | 43647 | URL | |
| 17759 | FILE-OFFICE Microsoft Office Excel invalid SerAr object exploit attempt (more info ...) | attempted-user | 2010-3239 | URL | ||
| 17760 | FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (more info ...) | attempted-user | 2010-3240 | 43655 | URL | |
| 17763 | FILE-OFFICE Microsoft Office Excel GhostRw record exploit attempt (more info ...) | attempted-user | 2010-3242 | URL | ||
| 17764 | FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | 43650 | URL | |
| 17770 | FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (more info ...) | attempted-user | 2010-3329 | URL | ||
| 18049 | POLICY-SPAM word.onlinephilbert42f.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18063 | FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (more info ...) | attempted-user | 2010-3334 | URL | ||
| 18065 | FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (more info ...) | attempted-user | 2010-2572 | URL | ||
| 18068 | FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (more info ...) | attempted-user | 2010-3335 | URL | ||
| 18069 | FILE-OFFICE Microsoft Office Art drawing invalid shape identifier attempt (more info ...) | attempted-user | 2010-3336 | URL | ||
| 18070 | FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3337 | URL | ||
| 18071 | FILE-OFFICE Microsoft Office pptimpconv.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3337 | URL | ||
| 18212 | FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (more info ...) | attempted-user | 2010-2569 | URL | ||
| 18213 | FILE-OFFICE Microsoft Office Publisher column and row remote code execution attempt (more info ...) | attempted-user | 2010-2570 | URL | ||
| 18214 | FILE-OFFICE Microsoft Office Publisher 97 conversion remote code execution attempt (more info ...) | attempted-user | 2010-2571 | URL | ||
| 18230 | FILE-OFFICE Microsoft Office Publisher memory corruption attempt (more info ...) | attempted-user | 2010-3954 | URL | ||
| 18231 | FILE-OFFICE Microsoft Office Publisher oversized oti length attempt (more info ...) | attempted-user | 2010-3955 | URL | ||
| 18233 | FILE-OFFICE Microsoft Office Publisher Adobe Font Driver code execution attempt (more info ...) | attempted-user | 2010-3956 | URL | ||
| 18236 | FILE-OFFICE Microsoft Office TIFFIM32.FLT filter memory corruption attempt (more info ...) | attempted-user | 2010-3949 | URL | ||
| 18238 | SERVER-WEBAPP Microsoft Office SharePoint document conversion remote code excution attempt (more info ...) | attempted-admin | 2010-3964 | URL | ||
| 18265 | FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (more info ...) | attempted-user | 2010-3970 | URL | ||
| 18284 | FILE-OFFICE Microsoft Office XP URL Handling Buffer Overflow attempt (more info ...) | attempted-admin | 2004-0848 | 12480 | ||
| 18331 | FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (more info ...) | attempted-user | 2010-1681 | 39836 | ||
| 18345 | MALWARE-CNC User-Agent known malicious user-agent string Macrovision_DM_2.4.15 (more info ...) | trojan-activity | URL | |||
| 18398 | FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (more info ...) | attempted-user | 2010-3970 | URL | ||
| 18399 | FILE-OFFICE Microsoft Office Excel BRAI record remote code execution attempt (more info ...) | attempted-user | 2009-0549 | URL | ||
| 18415 | FILE-OFFICE Microsoft Office Visio deserialization double free attempt (more info ...) | attempted-user | 2011-0092 | URL | ||
| 18416 | FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (more info ...) | attempted-user | 2011-0093 | URL | ||
| 18417 | FILE-OFFICE Microsoft Office Visio ORMinfo classes length overflow attempt (more info ...) | attempted-user | 2011-0093 | URL | ||
| 18514 | FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (more info ...) | attempted-user | 2008-0118 | 28146 | URL | |
| 18515 | FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (more info ...) | attempted-user | 2009-0095 | URL | ||
| 18535 | FILE-OFFICE Microsoft Office Word file sprmTSetBrc processing buffer overflow attempt (more info ...) | attempted-user | 2010-2563 | 38218 | URL | |
| 18536 | FILE-OFFICE OpenOffice.org Microsoft Office Word file processing integer underflow attempt (more info ...) | attempted-user | 2009-3301 | 38218 | ||
| 18537 | FILE-OTHER OpenOffice.org XPM file processing integer overflow attempt (more info ...) | attempted-user | 2009-2949 | 38218 | ||
| 18538 | FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | 43650 | URL | |
| 18541 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 18547 | FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file transfer (more info ...) | attempted-user | ||||
| 18548 | FILE-OFFICE Microsoft Office Excel with embedded Flash file attachment (more info ...) | attempted-user | 2016-3279 | URL | ||
| 18549 | FILE-OFFICE Microsoft Office Word with embedded Flash file attachment (more info ...) | attempted-user | ||||
| 18550 | FILE-OFFICE Microsoft Office PowerPoint with embedded Flash file attachment (more info ...) | attempted-user | ||||
| 18615 | FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (more info ...) | attempted-user | 2009-1533 | URL | ||
| 18616 | FILE-OFFICE Microsoft Works 4.x converter font name buffer overflow attempt (more info ...) | attempted-user | 2009-1533 | URL | ||
| 18630 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 18631 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 18633 | FILE-OFFICE Microsoft Office Excel RealTimeData record memory corruption attempt (more info ...) | attempted-user | 2011-0101 | URL | ||
| 18634 | FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (more info ...) | attempted-user | 2011-0103 | URL | ||
| 18635 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 18636 | FILE-OFFICE Microsoft Office PowerPoint SlideAtom record exploit attempt (more info ...) | attempted-user | 2011-0656 | URL | ||
| 18638 | FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (more info ...) | attempted-user | 2011-0977 | 46227 | URL | |
| 18640 | FILE-OFFICE Microsoft Office Excel malformed SupBook record attempt (more info ...) | attempted-user | 2011-0979 | URL | ||
| 18641 | FILE-OFFICE Microsoft Office Excel OBJ record invalid cmo.ot exploit attempt (more info ...) | attempted-admin | 2011-0980 | URL | ||
| 18642 | FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (more info ...) | attempted-user | 2011-0028 | 47236 | URL | |
| 18643 | FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (more info ...) | attempted-user | 2011-0028 | 47236 | URL | |
| 18676 | FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (more info ...) | attempted-user | 2011-0105 | URL | ||
| 18740 | FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 18755 | FILE-OFFICE Microsoft Office Visio Data Type Memory Corruption (more info ...) | attempted-user | 2011-0093 | 46138 | ||
| 18758 | FILE-IDENTIFY Microsoft Windows Visual Basic script file download request (more info ...) | misc-activity | URL | |||
| 18771 | FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (more info ...) | attempted-user | 2010-1253 | 40531 | ||
| 18772 | FILE-OFFICE Microsoft Office Excel ADO Object Parsing Code Execution (more info ...) | attempted-user | 2010-1253 | 40531 | ||
| 18948 | FILE-OFFICE Microsoft Office PowerPoint converter bad indirection remote code execution attempt (more info ...) | attempted-user | 2010-2572 | URL | ||
| 18949 | FILE-OFFICE Microsoft Office PowerPoint malformed RecolorInfoAtom out of bounds read attempt (more info ...) | attempted-user | 2011-1270 | URL | ||
| 19015 | POLICY-SPAM visiopharm-3d.eu known spam email attempt (more info ...) | policy-violation | ||||
| 19132 | FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | 40524 | ||
| 19133 | FILE-OFFICE Microsoft Office Excel EntExU2 write access violation attempt (more info ...) | attempted-user | 2010-0257 | 38547 | URL | |
| 19134 | FILE-OFFICE Microsoft Office Excel PtgExtraArray data parsing vulnerability exploit attempt (more info ...) | attempted-user | 2010-3231 | 43647 | URL | |
| 19141 | FILE-OFFICE Microsoft Access Wizard control memory corruption ActiveX clsid access (more info ...) | attempted-user | 2010-1881 | 41442 | ||
| 19153 | FILE-OFFICE Microsoft Office Word malformed index code execution attempt (more info ...) | attempted-user | 2010-2750 | 43766 | ||
| 19154 | FILE-OFFICE Microsoft Office Excel PtgExtraArray parsing attempt (more info ...) | attempted-user | 2010-3239 | 43654 | ||
| 19200 | FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (more info ...) | attempted-user | 2011-1272 | URL | ||
| 19222 | FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (more info ...) | attempted-user | 2011-1273 | URL | ||
| 19225 | FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (more info ...) | attempted-user | 2011-1274 | 48159 | URL | |
| 19227 | FILE-OFFICE Microsoft Office Excel Scenario heap memory overflow (more info ...) | attempted-user | 2011-1275 | URL | ||
| 19229 | FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (more info ...) | attempted-user | 2011-1276 | URL | ||
| 19230 | FILE-OFFICE Microsoft Office Excel Selection exploit attempt (more info ...) | attempted-user | 2011-1277 | URL | ||
| 19231 | FILE-OFFICE Microsoft Office Excel Series record exploit attempt (more info ...) | attempted-user | 2011-1278 | URL | ||
| 19232 | FILE-OFFICE Microsoft Office Excel XF record exploit attempt (more info ...) | attempted-user | 2011-1279 | URL | ||
| 19258 | FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | 40523 | URL | |
| 19259 | FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (more info ...) | attempted-user | 2010-0824 | 40522 | URL | |
| 19260 | FILE-OFFICE Microsoft Office Excel malformed MsoDrawingObject record attempt (more info ...) | attempted-user | 2010-3335 | URL | ||
| 19261 | FILE-OFFICE Microsoft Office Excel BIFF8 invalid Selection.cref exploit attempt (more info ...) | attempted-user | 2011-1277 | URL | ||
| 19294 | FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (more info ...) | attempted-user | 2010-0823 | 40521 | URL | |
| 19295 | FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (more info ...) | attempted-user | 2010-1903 | 42130 | URL | |
| 19296 | FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (more info ...) | attempted-user | 2010-0029 | URL | ||
| 19303 | FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0032 | 38104 | URL | |
| 19306 | FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (more info ...) | attempted-user | 2010-2569 | 45277 | ||
| 19317 | FILE-OFFICE Microsoft Office Word sprmTDiagLine80 record parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2010-3214 | 43760 | ||
| 19405 | FILE-OFFICE Microsoft Office Outlook SMB attach by reference code execution attempt (more info ...) | attempted-user | 2010-0266 | 41446 | URL | |
| 19412 | FILE-OFFICE Microsoft Office Excel RealTimeData record parsing memory corruption (more info ...) | attempted-user | 2010-1247 | 40525 | ||
| 19413 | FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (more info ...) | attempted-user | 2010-0479 | 39347 | URL | |
| 19414 | FILE-OFFICE Microsoft Office Publisher 2007 and earlier stack buffer overflow attempt (more info ...) | attempted-user | 2010-0479 | 39347 | URL | |
| 19442 | FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (more info ...) | attempted-user | 2010-0243 | 38073 | URL | |
| 19458 | FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (more info ...) | attempted-user | 2010-1900 | 42136 | URL | |
| 19459 | FILE-OFFICE Microsoft Office Word sprmCMajority record buffer overflow attempt (more info ...) | attempted-user | 2010-1900 | 42136 | URL | |
| 19465 | OS-WINDOWS Visio mfc71 dll-load attempt (more info ...) | attempted-user | 2010-3148 | URL | ||
| 19606 | FILE-OFFICE Microsoft Office Word STSH record parsing memory corruption (more info ...) | attempted-user | 48261 | |||
| 19607 | FILE-OFFICE Microsoft Office Word STSH record parsing memory corruption (more info ...) | attempted-user | 48261 | |||
| 19675 | FILE-OFFICE Microsoft Office Visio invalid UMLString data length exploit attempt (more info ...) | attempted-user | 2011-1979 | URL | ||
| 19676 | FILE-OFFICE Microsoft Office Visio invalid UMLDTOptions object exploit attempt (more info ...) | attempted-user | 2011-1972 | URL | ||
| 19707 | FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (more info ...) | attempted-user | 2011-0028 | URL | ||
| 19811 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 19841 | PUA-ADWARE 0desa MSN password stealer (more info ...) | misc-activity | URL | |||
| 19894 | FILE-OFFICE Microsoft Office PowerPoint TextCharsAtom record buffer overflow attempt (more info ...) | attempted-user | 2010-0034 | 38108 | URL | |
| 19932 | FILE-OFFICE Microsoft Office Publisher 2007 pointer dereference attempt (more info ...) | attempted-user | 2009-0566 | 35599 | URL | |
| 19943 | FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (more info ...) | attempted-user | 2009-0559 | 35243 | URL | |
| 20029 | FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (more info ...) | attempted-user | 2010-0262 | 38553 | URL | |
| 20049 | FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (more info ...) | attempted-user | 2011-1276 | URL | ||
| 20062 | FILE-OFFICE Microsoft Office Excel File Importing Code Execution (more info ...) | attempted-user | 2008-0112 | 28095 | URL | |
| 20111 | SERVER-WEBAPP Microsoft Office SharePoint XSS vulnerability attempt (more info ...) | attempted-user | 2011-0653 | URL | ||
| 20112 | SERVER-WEBAPP Microsoft Office SharePoint XSS vulnerability attempt (more info ...) | attempted-user | 2011-1890 | URL | ||
| 20113 | SERVER-WEBAPP Microsoft Office SharePoint XSS vulnerability attempt (more info ...) | attempted-user | 2011-1890 | URL | ||
| 20115 | SERVER-WEBAPP Microsoft Office SharePoint XML external entity exploit attempt (more info ...) | web-application-attack | 2011-1892 | URL | ||
| 20116 | SERVER-WEBAPP Microsoft Office SharePoint Javascript XSS attempt (more info ...) | web-application-attack | 2011-1893 | URL | ||
| 20123 | FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (more info ...) | attempted-user | 2011-1986 | 49476 | URL | |
| 20124 | FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (more info ...) | attempted-user | 2011-1988 | 49478 | URL | |
| 20125 | FILE-OFFICE Microsoft Office Excel invalid Lbl record (more info ...) | attempted-user | 2011-1988 | URL | ||
| 20126 | FILE-OFFICE Microsoft Office Excel invalid Lbl record (more info ...) | attempted-user | 2011-1988 | URL | ||
| 20127 | FILE-OFFICE Microsoft Office Excel Conditional Formatting record vulnerability (more info ...) | attempted-user | 2011-1989 | URL | ||
| 20128 | FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (more info ...) | attempted-user | 2011-1990 | 49517 | URL | |
| 20129 | FILE-OFFICE Microsoft Office BpscBulletProof uninitialized pointer dereference attempt (more info ...) | attempted-user | 2011-1982 | URL | ||
| 20139 | FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 20140 | FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 20141 | FILE-OFFICE Microsoft Office Word document summary information string overflow attempt (more info ...) | attempted-user | 2006-1540 | URL | ||
| 20257 | OS-WINDOWS Microsoft ForeFront UAG ExcelTable.asp XSS attempt (more info ...) | attempted-user | 2011-1896 | URL | ||
| 20534 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 20590 | FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0032 | 38104 | URL | |
| 20700 | FILE-OFFICE Microsoft Office PowerPoint pp7x32.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-3396 | URL | ||
| 20701 | FILE-OFFICE Microsoft Office PowerPoint pp4x322.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-3396 | URL | ||
| 20702 | FILE-OFFICE Microsoft Office PowerPoint pp7x32.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-3396 | URL | ||
| 20703 | FILE-OFFICE Microsoft Office PowerPoint pp4x322.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-3396 | URL | ||
| 20717 | FILE-OFFICE Microsoft Windows OLE versioned stream missing data stream (more info ...) | attempted-user | 2011-3400 | 50977 | URL | |
| 20718 | FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (more info ...) | attempted-user | 2011-3403 | URL | ||
| 20719 | FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (more info ...) | attempted-user | 2011-3410 | URL | ||
| 20720 | FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (more info ...) | attempted-user | 2011-3411 | 50949 | URL | |
| 20721 | FILE-OFFICE Microsoft Office Publisher PLC object memory corruption attempt (more info ...) | attempted-user | 2011-3412 | URL | ||
| 20722 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 20724 | FILE-OFFICE Microsoft Office Word border use-after-free attempt (more info ...) | attempted-user | 2011-1983 | URL | ||
| 20882 | FILE-OFFICE Microsoft Windows embedded packager object identifier (more info ...) | attempted-user | 2012-0013 | URL | ||
| 20885 | FILE-OFFICE Microsoft Office Excel use after free attempt (more info ...) | attempted-user | URL | |||
| 20886 | FILE-OFFICE Microsoft Office Excel use after free attempt (more info ...) | attempted-user | URL | |||
| 20887 | FILE-OFFICE Microsoft Office Excel use after free attempt (more info ...) | attempted-user | URL | |||
| 21002 | FILE-OFFICE Microsoft Office Word border use-after-free attempt (more info ...) | attempted-user | 2011-1983 | URL | ||
| 21082 | FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (more info ...) | attempted-user | URL | |||
| 21083 | FILE-OFFICE Microsoft Office Excel window2 record use after free attempt (more info ...) | attempted-user | URL | |||
| 21135 | INDICATOR-COMPROMISE Mulcishell web shell password cracking page (more info ...) | trojan-activity | URL | |||
| 21156 | FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (more info ...) | attempted-user | 2008-0081 | URL | ||
| 21157 | FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (more info ...) | attempted-user | 2008-0081 | URL | ||
| 21158 | FILE-OFFICE Microsoft Office Excel macro validation arbitrary code execution attempt (more info ...) | attempted-user | 2008-0081 | URL | ||
| 21163 | FILE-OFFICE Microsoft Office Outlook VEVENT overflow attempt (more info ...) | attempted-user | 2007-0033 | 21931 | URL | |
| 21170 | FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (more info ...) | attempted-user | 2011-3400 | 50977 | URL | |
| 21243 | FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (more info ...) | attempted-user | 2011-3411 | 50949 | URL | |
| 21297 | SERVER-WEBAPP Microsoft Office SharePoint themeweb.aspx XSS attempt (more info ...) | web-application-attack | 2012-0144 | URL | ||
| 21414 | FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (more info ...) | attempted-user | 2010-3237 | 43652 | URL | |
| 21415 | FILE-OFFICE Microsoft Office Excel MergeCells record parsing code execution attempt (more info ...) | attempted-user | 2010-3237 | 43652 | URL | |
| 21422 | FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (more info ...) | attempted-user | 2011-3403 | URL | ||
| 21423 | FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (more info ...) | attempted-user | 2011-3410 | URL | ||
| 21437 | FILE-OTHER WordPerfect WP3TablesGroup heap overflow attempt (more info ...) | attempted-user | 2007-0002 | |||
| 21503 | FILE-OFFICE Microsoft Office Excel SXDB memory corruption (more info ...) | attempted-user | 2009-3127 | 36943 | ||
| 21524 | FILE-OFFICE Microsoft Windows object packager dialogue code execution attempt (more info ...) | attempted-admin | 2006-4692 | 20318 | ||
| 21674 | FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (more info ...) | attempted-user | 2006-2492 | 18037 | URL | |
| 21675 | FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (more info ...) | attempted-user | 2006-2492 | 18037 | URL | |
| 21677 | FILE-OFFICE Microsoft Office Word Smart Tags code execution attempt (more info ...) | attempted-user | 2006-2492 | 18037 | URL | |
| 21759 | FILE-OTHER Ultra Shareware Office HttpUpload buffer overflow attempt (more info ...) | attempted-user | 2008-3878 | 30861 | ||
| 21907 | FILE-OFFICE Microsoft Office rtf document generic exploit indicator (more info ...) | attempted-user | ||||
| 21919 | BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0198 | |||
| 21928 | FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (more info ...) | attempted-user | 2007-1747 | 23826 | URL | |
| 21929 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 21930 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 21931 | FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (more info ...) | misc-activity | 2008-4265 | 32618 | URL | |
| 21932 | FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (more info ...) | attempted-user | 2008-4265 | 32618 | URL | |
| 21933 | FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (more info ...) | attempted-user | 2007-0031 | 21922 | ||
| 21942 | FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 21943 | FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 22002 | FILE-IDENTIFY Microsoft Visual Basic v6.0 - additional file magic detected (more info ...) | misc-activity | ||||
| 22066 | FILE-OFFICE Microsoft Office Word ScriptBridge OCX controller attempt (more info ...) | attempted-user | URL | |||
| 22071 | INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - eval (more info ...) | attempted-user | URL | |||
| 22072 | INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - fromCharCode (more info ...) | attempted-user | URL | |||
| 22073 | INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - unescape (more info ...) | attempted-user | URL | |||
| 22074 | INDICATOR-OBFUSCATION Microsoft Office Word JavaScript obfuscation - charCode (more info ...) | attempted-user | URL | |||
| 22075 | FILE-OFFICE Microsoft Office Visio IndexDirectorySize greater than ChildrenSize memory access attempt (more info ...) | attempted-user | 2012-0018 | URL | ||
| 23010 | FILE-OFFICE Microsoft Office Excel FNGROUPNAME record memory corruption attempt (more info ...) | attempted-user | 2010-0262 | 38553 | URL | |
| 23151 | FILE-OFFICE Microsoft Office Excel zero-width worksheet code execution attempt (more info ...) | attempted-user | 15926 | |||
| 23171 | INDICATOR-COMPROMISE Wordpress Request for html file in fgallery directory (more info ...) | web-application-attack | ||||
| 23211 | FILE-OFFICE Microsoft Office Outlook arbitrary command line attempt (more info ...) | misc-attack | 2008-0110 | URL | ||
| 23266 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 23267 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 23268 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 23270 | FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (more info ...) | attempted-user | 2010-0243 | URL | ||
| 23279 | SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (more info ...) | web-application-attack | 2012-1861 | URL | ||
| 23281 | SERVER-WEBAPP Microsoft Office SharePoint scriptresx.ashx XSS attempt (more info ...) | web-application-attack | 2012-1859 | URL | ||
| 23282 | SERVER-WEBAPP Microsoft Office SharePoint query.iqy XSS attempt (more info ...) | attempted-user | 2012-1863 | URL | ||
| 23315 | FILE-OFFICE Microsoft Office Word request for imeshare.dll over SMB attempt (more info ...) | attempted-user | 2012-1854 | URL | ||
| 23316 | FILE-OFFICE Microsoft Office Word imeshare.dll dll-load exploit attempt (more info ...) | attempted-user | 2012-1854 | URL | ||
| 23356 | FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (more info ...) | attempted-user | 2009-0087 | URL | ||
| 23397 | SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 23398 | SERVER-OTHER Citrix Provisioning Services stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 23484 | INDICATOR-COMPROMISE Wordpress Invit0r plugin non-image file upload attempt (more info ...) | web-application-attack | 53995 | URL | ||
| 23525 | FILE-OFFICE Microsoft Office BMP header biClrUsed integer overflow attempt (more info ...) | attempted-admin | 2009-2518 | 36651 | ||
| 23526 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2010-3945 | URL | ||
| 23527 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2010-3945 | URL | ||
| 23528 | FILE-OFFICE Microsoft Office PICT graphics converter memory corruption attempt (more info ...) | attempted-user | 2010-3946 | URL | ||
| 23530 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 23531 | FILE-OFFICE Microsoft Office Excel invalid Lbl record (more info ...) | attempted-user | 2011-1988 | URL | ||
| 23532 | FILE-OFFICE Microsoft Office Excel invalid Lbl record (more info ...) | attempted-user | 2011-1988 | URL | ||
| 23533 | FILE-OFFICE Microsoft Office Excel invalid Lbl record (more info ...) | attempted-user | 2011-1988 | URL | ||
| 23534 | FILE-OFFICE Microsoft Office PowerPoint paragraph format array inner header overflow attempt (more info ...) | attempted-user | 2009-0220 | 34833 | ||
| 23535 | FILE-OFFICE Microsoft Office PowerPoint Download of version 4.0 file (more info ...) | attempted-user | 2009-1137 | URL | ||
| 23536 | FILE-OFFICE Microsoft Office PowerPoint CurrentUserAtom remote code execution attempt (more info ...) | attempted-user | 2009-1131 | URL | ||
| 23537 | FILE-OFFICE Microsoft Office PowerPoint HashCode10Atom memory corruption attempt (more info ...) | attempted-user | 2009-1130 | URL | ||
| 23538 | FILE-OFFICE Microsoft Office PowerPoint PP7 Component buffer overflow attempt (more info ...) | attempted-user | 2009-1129 | URL | ||
| 23539 | FILE-OFFICE Microsoft Office PowerPoint Legacy file format picture object code execution attempt (more info ...) | attempted-user | 2009-0223 | 34834 | ||
| 23540 | FILE-OFFICE Microsoft Office Word GDI+ Office Art Property Table remote code execution attempt (more info ...) | attempted-user | 2009-2528 | URL | ||
| 23541 | FILE-OFFICE Microsoft Office Excel GDI+ Office Art Property Table remote code execution attempt (more info ...) | attempted-user | 2009-2528 | URL | ||
| 23542 | FILE-OFFICE Microsoft Office Excel integer field in row record improper validation remote code execution attempt (more info ...) | attempted-user | 2009-3130 | URL | ||
| 23543 | FILE-OFFICE Microsoft Office Excel file SxView record exploit attempt (more info ...) | attempted-user | 2009-3128 | URL | ||
| 23544 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt (more info ...) | attempted-user | 2010-0822 | 40520 | URL | |
| 23545 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro (more info ...) | attempted-user | 2010-0822 | URL | ||
| 23546 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with linkFmla (more info ...) | attempted-user | 2010-0822 | URL | ||
| 23547 | FILE-OFFICE Microsoft Office Excel OBJ record stack buffer overflow attempt - with macro and linkFmla (more info ...) | attempted-user | 2010-0822 | URL | ||
| 23548 | FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | 40524 | ||
| 23549 | FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | 40524 | ||
| 23550 | FILE-OFFICE Microsoft Office Excel RealTimeData record stack buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | URL | ||
| 23551 | FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | 40523 | URL | |
| 23552 | FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | URL | ||
| 23553 | FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (more info ...) | attempted-user | 2010-0824 | 40522 | URL | |
| 23554 | FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (more info ...) | attempted-user | 2010-0824 | URL | ||
| 23555 | FILE-OFFICE Microsoft HtmlDlgHelper ActiveX clsid access (more info ...) | attempted-user | 2010-3329 | URL | ||
| 23556 | FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (more info ...) | attempted-user | 2009-0087 | URL | ||
| 23557 | FILE-OFFICE Microsoft Office WordPad and Office text converters integer underflow attempt (more info ...) | attempted-user | 2009-0087 | URL | ||
| 23558 | FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (more info ...) | attempted-user | 2010-2562 | 42199 | ||
| 23559 | FILE-OFFICE Microsoft Office Excel pivot item index boundary corruption attempt (more info ...) | attempted-user | 2010-2562 | 42199 | URL | |
| 23700 | FILE-IDENTIFY Microsoft Word for Mac 5 file magic detected (more info ...) | misc-activity | 2007-3899 | 25906 | URL | |
| 23715 | FILE-IDENTIFY Microsoft Office Access file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 23716 | FILE-IDENTIFY Microsoft Office Access JSDB file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 23717 | FILE-IDENTIFY Microsoft Office Access TJDB file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 23718 | FILE-IDENTIFY Microsoft Office Access MSISAM file magic detected (more info ...) | misc-activity | 2008-1092 | 26468 | URL | |
| 23768 | FILE-IDENTIFY Microsoft Visual Basic v6.0 - additional file magic detected (more info ...) | misc-activity | ||||
| 23844 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (more info ...) | attempted-user | 2013-1313 | URL | ||
| 23943 | FILE-MULTIMEDIA Microsoft Windows Visual Basic 6.0 malformed AVI buffer overflow attempt (more info ...) | attempted-user | 2008-4255 | URL | ||
| 24129 | FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (more info ...) | attempted-user | 2011-0978 | 46225 | URL | |
| 24130 | FILE-OFFICE Microsoft Office Excel catLabel pointer manipulation attempt (more info ...) | attempted-user | 2011-0978 | 46225 | URL | |
| 24186 | FILE-OFFICE Microsoft Office Visio DXF variable name overflow attempt (more info ...) | attempted-user | 2010-1681 | 39836 | ||
| 24198 | SERVER-WEBAPP Microsoft Office SharePoint name field cross site scripting attempt (more info ...) | attempted-user | 2012-1861 | URL | ||
| 24240 | FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (more info ...) | attempted-user | 2011-0977 | 46227 | URL | |
| 24241 | FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (more info ...) | attempted-user | 2011-0977 | 46227 | URL | |
| 24242 | FILE-OFFICE Microsoft Office Excel drawing layer use after free attempt (more info ...) | attempted-user | 2011-0977 | 46227 | URL | |
| 24267 | FILE-OFFICE Microsoft Office Excel Malformed Range Code Execution attempt (more info ...) | attempted-user | 2005-4131 | 15780 | ||
| 24268 | FILE-OFFICE Microsoft Office Excel Malformed Range Code Execution attempt (more info ...) | attempted-user | 2005-4131 | 15780 | ||
| 24269 | FILE-OFFICE Microsoft Office Excel Malformed Range Code Execution attempt (more info ...) | attempted-user | 2005-4131 | 15780 | ||
| 24284 | FILE-OFFICE Microsoft Office Drawing object code execution attempt (more info ...) | attempted-user | 2007-1747 | 23826 | URL | |
| 24556 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 24557 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 24558 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 24815 | FILE-OFFICE Microsoft Office Visio VSD file icon memory corruption attempt (more info ...) | attempted-user | 2009-0095 | URL | ||
| 24868 | FILE-OFFICE Microsoft Office PowerPoint bad text header txttype attempt (more info ...) | attempted-user | 2011-1269 | URL | ||
| 24911 | SERVER-ORACLE Oracle Outside In Excel file parsing integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 24912 | SERVER-ORACLE Oracle Outside In Excel file parsing integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 24974 | FILE-OFFICE Microsoft Office Word rtf invalid listoverridecount value attempt (more info ...) | attempted-user | 2014-1761 | URL | ||
| 24975 | FILE-OFFICE Microsoft Office Word rtf invalid listoverridecount value attempt (more info ...) | attempted-user | 2014-1761 | URL | ||
| 25120 | SERVER-WEBAPP W3 Total Cache for Wordpress access - likely information disclosure (more info ...) | successful-recon-limited | URL | |||
| 25311 | FILE-OFFICE Microsoft Office PowerPoint integer underflow heap corruption attempt (more info ...) | attempted-user | 2010-2573 | URL | ||
| 25330 | FILE-OFFICE Microsoft Office Excel conditional code execution attempt (more info ...) | attempted-user | 2011-1989 | |||
| 25331 | FILE-OFFICE Microsoft Office Excel conditional code execution attempt (more info ...) | attempted-user | 2011-1989 | |||
| 25353 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 25354 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 25355 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 25527 | FILE-OFFICE Microsoft Office PowerPoint TextCharsAtom record buffer overflow attempt (more info ...) | attempted-user | 2010-0034 | 38108 | URL | |
| 25587 | FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (more info ...) | attempted-user | 2008-0118 | 28146 | URL | |
| 25630 | FILE-OFFICE Microsoft Office Word Document remote code execution attempt (more info ...) | attempted-user | 2009-3135 | URL | ||
| 25631 | FILE-OFFICE Microsoft Office Word Document remote code execution attempt (more info ...) | attempted-user | 2016-3283 | URL | ||
| 25768 | FILE-OFFICE Microsoft Office Word unchecked index value remote code execution attempt (more info ...) | attempted-user | 2010-3219 | URL | ||
| 25969 | FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (more info ...) | attempted-user | 2009-0559 | 35243 | URL | |
| 26089 | FILE-OFFICE Microsoft Office Visio version number anomaly (more info ...) | misc-activity | 2007-0934 | 24349 | URL | |
| 26124 | SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (more info ...) | web-application-attack | 2013-0083 | URL | ||
| 26131 | SERVER-WEBAPP Microsoft Office SharePoint cross site scripting attempt (more info ...) | web-application-attack | 2013-0080 | URL | ||
| 26170 | FILE-OFFICE Microsoft Office OneNote 2010 buffer overread info disclosure attempt (more info ...) | attempted-recon | 2013-0086 | URL | ||
| 26171 | FILE-OFFICE Microsoft Office OneNote 2010 buffer overread info disclosure attempt (more info ...) | attempted-recon | 2013-0086 | URL | ||
| 26174 | FILE-OFFICE Microsoft Office Excel FRTWrapper record buffer overflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 26175 | FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 26176 | FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (more info ...) | attempted-user | 2009-3127 | 36943 | ||
| 26177 | FILE-OFFICE Microsoft Office Excel SXDB memory corruption attempt (more info ...) | attempted-user | 2009-3127 | 36943 | ||
| 26205 | OS-MOBILE Android Fakenetflix email password upload (more info ...) | trojan-activity | URL | |||
| 26263 | SERVER-WEBAPP Wordpress wp-banners-lite plugin cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 26329 | FILE-OFFICE Microsoft Office Excel format record code execution attempt (more info ...) | attempted-user | 2008-3005 | URL | ||
| 26330 | FILE-OFFICE Microsoft Office PowerPoint TxMasterStyle10Atom atom numLevels buffer overflow attempt (more info ...) | attempted-user | 2008-1455 | URL | ||
| 26340 | FILE-OTHER Corel WordPerfect document parsing buffer overflow attempt (more info ...) | misc-activity | 2012-4900 | |||
| 26453 | FILE-OFFICE OpenOffice OLE File Stream Buffer Overflow attempt (more info ...) | attempted-user | 2008-0320 | 28819 | ||
| 26557 | SERVER-WEBAPP Wordpress brute-force login attempt (more info ...) | suspicious-login | URL | |||
| 26576 | MALWARE-CNC Potential hostile executable served from compromised or malicious WordPress site attempt (more info ...) | trojan-activity | URL | |||
| 26602 | FILE-OFFICE Microsoft Office Excel sheet name memory corruption attempt (more info ...) | attempted-user | 2007-3490 | 24691 | ||
| 26626 | FILE-OFFICE XML parameter entity reference local file disclosure attempt (more info ...) | attempted-recon | 2018-0878 | 59765 | URL | |
| 26627 | FILE-OFFICE Microsoft Office Visio SVG external entity local file disclosure attempt (more info ...) | attempted-recon | 2013-1301 | URL | ||
| 26628 | FILE-OFFICE Microsoft Office Visio SVG external entity local file disclosure attempt (more info ...) | attempted-recon | 2013-1301 | URL | ||
| 26663 | FILE-OFFICE Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt (more info ...) | attempted-user | 2008-0118 | 28146 | URL | |
| 26672 | FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (more info ...) | attempted-user | 2007-1910 | 23380 | ||
| 26673 | FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (more info ...) | attempted-user | 2007-1910 | 23380 | ||
| 26674 | FILE-OFFICE Microsoft Office Word TextBox sub-document memory corruption attempt (more info ...) | attempted-user | 2007-1910 | 23380 | ||
| 26676 | FILE-OFFICE Microsoft Windows WordPad sprmTSetBrc SPRM overflow attempt (more info ...) | attempted-user | 2010-2563 | 43122 | URL | |
| 26706 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 26707 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 26708 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 26709 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 26710 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 26711 | FILE-OFFICE Microsoft Office Excel malformed ftCMO record remote code execution attempt (more info ...) | attempted-user | 2009-0100 | URL | ||
| 26799 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 26800 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 26801 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 26830 | FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control access (more info ...) | misc-activity | ||||
| 26831 | FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control access (more info ...) | misc-activity | ||||
| 26832 | FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (more info ...) | attempted-user | 2012-1856 | URL | ||
| 26833 | FILE-OFFICE Microsoft Office MSComctlLib.Toolbar ActiveX control exploit attempt (more info ...) | attempted-user | URL | |||
| 26981 | SERVER-WEBAPP WordPress login denial of service attempt (more info ...) | denial-of-service | URL | |||
| 26990 | SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (more info ...) | attempted-admin | 2013-2010 | 59316 | ||
| 26991 | SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (more info ...) | attempted-admin | 2013-2010 | 59316 | ||
| 26992 | SERVER-WEBAPP WordPress Super Cache & W3 Total Cache remote code execution attempt (more info ...) | attempted-admin | 2013-2010 | 59316 | ||
| 27209 | BROWSER-PLUGINS GeoVision LiveAudio ActiveX remote code execution attempt (more info ...) | attempted-user | 2009-1092 | 34115 | ||
| 27211 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 27212 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 27213 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 27214 | FILE-OFFICE Microsoft Office Excel style handling overflow attempt (more info ...) | attempted-user | 2006-3431 | 18872 | URL | |
| 27215 | FILE-OFFICE Microsoft Office PowerPoint schemes record buffer overflow (more info ...) | attempted-user | 2009-0226 | |||
| 27216 | FILE-OFFICE Microsoft Office PowerPoint printer record buffer overflow (more info ...) | attempted-user | 2009-0227 | |||
| 27236 | SERVER-OTHER Citrix XenApp password buffer overflow attempt (more info ...) | attempted-admin | 48898 | URL | ||
| 27634 | FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (more info ...) | attempted-user | 2008-0320 | 18890 | ||
| 27635 | FILE-OFFICE Microsoft Office Excel Malformed Record Code Execution attempt (more info ...) | attempted-user | 2006-0031 | 17101 | ||
| 27760 | BROWSER-PLUGINS Ultra Shareware Office Control ActiveX function call access (more info ...) | attempted-user | 2008-3878 | 30861 | ||
| 27761 | BROWSER-PLUGINS Ultra Shareware Office Control ActiveX function call access (more info ...) | attempted-user | 2008-3878 | 30861 | ||
| 27762 | BROWSER-PLUGINS Ultra Shareware Office Control ActiveX clsid access (more info ...) | attempted-user | 2008-3878 | 30861 | ||
| 27940 | SERVER-WEBAPP Django web framework oversized password denial of service attempt (more info ...) | attempted-dos | 2013-1443 | URL | ||
| 27947 | FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (more info ...) | attempted-user | 2012-0185 | URL | ||
| 27948 | FILE-OFFICE Microsoft Office Excel rtMergeCells heap overflow attempt (more info ...) | attempted-user | 2012-0185 | URL | ||
| 28103 | FILE-OFFICE Microsoft Office Excel Workspace file FontCount record memory corruption attempt (more info ...) | attempted-user | 2011-0103 | URL | ||
| 28113 | FILE-OFFICE Microsoft Office Excel FngGroupCount record overflow attempt (more info ...) | attempted-user | 2006-1308 | 18890 | ||
| 28129 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 28130 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 28131 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 28132 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 28133 | FILE-OFFICE Microsoft Office Word remote code execution attempt (more info ...) | attempted-user | 2009-0563 | URL | ||
| 28135 | FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (more info ...) | attempted-admin | 2009-0557 | URL | ||
| 28136 | FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (more info ...) | attempted-admin | 2009-0557 | URL | ||
| 28137 | FILE-OFFICE Microsoft Office Excel ShrFmla record use after free attempt (more info ...) | attempted-user | 2011-1986 | 49476 | URL | |
| 28311 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28312 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28313 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28314 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28315 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28316 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28317 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28318 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28319 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28320 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28321 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28322 | FILE-OTHER Microsoft Office Image filter BMP overflow attempt (more info ...) | attempted-user | 2008-3020 | |||
| 28390 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2006-2025 | 17732 | URL | |
| 28391 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2006-2025 | 17732 | URL | |
| 28440 | FILE-OFFICE Microsoft Office Visio DXF file invalid memory allocation exploit attempt (more info ...) | attempted-user | 2008-1090 | URL | ||
| 28501 | FILE-OTHER WordPerfect file magic with .doc extension (more info ...) | misc-activity | 2013-1325 | URL | ||
| 28509 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 28511 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 28515 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 28516 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 28517 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 28549 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 28794 | FILE-OFFICE Microsoft Office Excel SerAuxTrend biff record corruption attempt (more info ...) | attempted-user | 2011-1274 | 48159 | URL | |
| 28849 | SERVER-WEBAPP WordPress XMLRPC potential port-scan attempt (more info ...) | web-application-attack | 2013-0235 | 57554 | URL | |
| 29032 | FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (more info ...) | attempted-user | 2009-1137 | URL | ||
| 29033 | FILE-OFFICE Microsoft Office PowerPoint MasterPagePackedText structure CharacterFormatArrayOuterHeaderSize buffer overflow (more info ...) | attempted-user | 2009-1137 | URL | ||
| 29264 | FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 29329 | FILE-OFFICE Microsoft Office Excel SERIES record sdtX memory corruption attempt (more info ...) | attempted-user | 2012-1847 | URL | ||
| 29404 | FILE-OFFICE Microsoft Office Excel country record arbitrary code execution attempt (more info ...) | attempted-user | 2008-4266 | URL | ||
| 29955 | SERVER-WEBAPP WordPress Quick-Post Widget GET request using Body cross-site scripting (more info ...) | attempted-user | 2012-4226 | |||
| 29956 | SERVER-WEBAPP WordPress Quick-Post Widget POST request cross-site scripting (more info ...) | attempted-user | 2012-4226 | |||
| 30162 | FILE-OFFICE Microsoft Windows common controls stack buffer overflow via malicious MSComctlLib xls object attempt (more info ...) | attempted-user | 2012-0158 | URL | ||
| 30243 | FILE-OFFICE Microsoft Office Excel malicious cce value following a PtgMemFunc token (more info ...) | attempted-user | 2013-1315 | URL | ||
| 30244 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fOdbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 30245 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 30246 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fWeb parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 30247 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 30248 | FILE-OFFICE Microsoft Office Excel DbOrParamQry.fodbcConn parsing remote code execution attempt (more info ...) | attempted-user | 2010-0264 | URL | ||
| 30941 | FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0032 | 38104 | URL | |
| 31031 | FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2009-0088 | 34469 | URL | |
| 31032 | FILE-OFFICE Microsoft Office Word WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2009-0088 | 34469 | URL | |
| 31059 | PROTOCOL-SNMP Brocade snAgentUserAccntPassword enumeration attempt (more info ...) | attempted-recon | URL | |||
| 31097 | PROTOCOL-SNMP CableHome Devices cabhPsDevUIPassword enumeration attempt (more info ...) | attempted-recon | 2014-4863 | 69631 | URL | |
| 31100 | PROTOCOL-SNMP Ubee U10C019 series password enumeration attempt (more info ...) | attempted-recon | ||||
| 31112 | MALWARE-CNC Win.Trojan.Bancos password stealing attempt (more info ...) | trojan-activity | URL | |||
| 31125 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 31126 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 31127 | FILE-OFFICE Microsoft Office Excel rtToolbarDef record integer overflow attempt (more info ...) | attempted-user | 2011-0097 | URL | ||
| 31150 | MALWARE-CNC User-Agent known malicious User-Agent DefaultBotPassword - Win.Trojan.Tirabot (more info ...) | trojan-activity | URL | |||
| 31310 | FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 31311 | FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 31312 | FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 31374 | FILE-OFFICE Microsoft Office Excel Qsir and Qsif record remote code execution attempt (more info ...) | attempted-user | 2009-1134 | URL | ||
| 31378 | FILE-OFFICE Microsoft Office Word Converter sprmTSplit overflow attempt (more info ...) | attempted-user | 2011-0028 | 47236 | URL | |
| 31379 | FILE-OFFICE Microsoft Office Word Converter sprmTTextFflow overflow attempt (more info ...) | attempted-user | 2011-0028 | 47236 | URL | |
| 31420 | FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (more info ...) | attempted-user | 2010-3970 | URL | ||
| 31421 | FILE-OFFICE Microsoft Office thumbnail bitmap invalid biClrUsed attempt (more info ...) | attempted-user | 2010-3970 | URL | ||
| 31434 | FILE-OFFICE Microsoft Office Word Section Table Array Buffer Overflow attempt (more info ...) | attempted-user | 2007-0515 | 22225 | ||
| 31435 | FILE-OFFICE Microsoft Office Excel SXDB record memory corruption attempt (more info ...) | attempted-user | 2009-3127 | URL | ||
| 31436 | FILE-OFFICE Microsoft Office Excel SXDB record memory corruption attempt (more info ...) | attempted-user | 2009-3127 | URL | ||
| 31437 | FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (more info ...) | attempted-user | 2010-0029 | URL | ||
| 31441 | FILE-OFFICE Microsoft Office Excel malformed chart arbitrary code execution attempt (more info ...) | attempted-user | 2011-1987 | URL | ||
| 31461 | FILE-OFFICE Microsoft Office Excel Malformed MSODrawing Record attempt (more info ...) | attempted-user | 2010-0243 | URL | ||
| 31462 | FILE-OFFICE Microsoft Office Malformed MSODrawing Record attempt (more info ...) | attempted-user | 2010-0243 | URL | ||
| 31473 | FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | 43650 | URL | |
| 31474 | FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | 43650 | URL | |
| 31475 | FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | 43650 | URL | |
| 31476 | FILE-OFFICE Microsoft Office Excel PtgName invalid index exploit attempt (more info ...) | attempted-user | 2010-3235 | 43650 | URL | |
| 31560 | SERVER-WEBAPP Wordpress MailPoet plugin theme file upload attempt (more info ...) | attempted-user | 2014-4725 | URL | ||
| 31561 | SERVER-WEBAPP Wordpress MailPoet plugin successful theme file upload detected (more info ...) | successful-user | 2014-4725 | URL | ||
| 31562 | FILE-OFFICE Microsoft Office Word global array index heap overflow attempt (more info ...) | attempted-user | 2008-4026 | 32583 | ||
| 31577 | PROTOCOL-SNMP HP Huawei password disclosure attempt (more info ...) | attempted-recon | 2012-3268 | 56183 | ||
| 31578 | PROTOCOL-SNMP HP Huawei password disclosure attempt (more info ...) | attempted-recon | 2012-3268 | 56183 | ||
| 31579 | FILE-OFFICE Microsoft Office Excel invalid Lbl record attempt (more info ...) | attempted-user | 2011-1988 | 49478 | URL | |
| 31591 | FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (more info ...) | misc-activity | 2008-4265 | 32618 | URL | |
| 31592 | FILE-OFFICE Microsoft Office Excel TXO and OBJ records parsing stack memory corruption attempt (more info ...) | attempted-user | 2008-4265 | 32618 | URL | |
| 31743 | SERVER-WEBAPP Wordpress WPTouch file upload remote code execution attempt (more info ...) | attempted-admin | 68654 | |||
| 31751 | FILE-OFFICE Microsoft Office Outlook mailto injection attempt (more info ...) | attempted-user | 2004-0121 | |||
| 31752 | FILE-OFFICE Microsoft Office Outlook mailto injection attempt (more info ...) | attempted-user | 2004-0121 | |||
| 31756 | BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX clsid access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 31757 | BROWSER-PLUGINS Microsoft Office Web Components 11 Spreadsheet ActiveX function call access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 31758 | BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX function call access (more info ...) | attempted-user | 2009-2496 | URL | ||
| 31759 | BROWSER-PLUGINS Microsoft Office Spreadsheet 10.0 ActiveX clsid access (more info ...) | attempted-user | 2009-1136 | URL | ||
| 31843 | FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 1 (more info ...) | attempted-user | 2010-1901 | URL | ||
| 31844 | FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 2 (more info ...) | attempted-user | 2010-1901 | URL | ||
| 31845 | FILE-OFFICE Microsoft Office Word rich text format unexpected field type memory corruption attempt 3 (more info ...) | attempted-user | 2010-1901 | URL | ||
| 31875 | FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (more info ...) | attempted-admin | 2009-0557 | URL | ||
| 31876 | FILE-OFFICE Microsoft Office Excel FtCbls remote code execution attempt (more info ...) | attempted-admin | 2009-0557 | URL | ||
| 31939 | SERVER-WEBAPP password sent via POST parameter (more info ...) | policy-violation | ||||
| 31940 | SERVER-WEBAPP password sent via URL parameter (more info ...) | policy-violation | ||||
| 32062 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2012-2524 | URL | ||
| 32064 | FILE-OFFICE Microsoft Office .CGM file cell array heap overflow attempt (more info ...) | attempted-user | 2012-2524 | URL | ||
| 32082 | FILE-OFFICE Microsoft Office Excel Malformed Filter Records Handling Code Execution attempt (more info ...) | attempted-user | 2007-1214 | 23780 | ||
| 32083 | FILE-OFFICE Microsoft Office Excel malformed file format parsing code execution attempt (more info ...) | attempted-user | 2006-0028 | URL | ||
| 32094 | FILE-OFFICE Microsoft Office Excel MalformedPalete Record Memory Corruption attempt (more info ...) | attempted-user | 2007-0031 | 21922 | ||
| 32095 | FILE-OFFICE Microsoft Office Excel MalformedPalette Record Memory Corruption attempt (more info ...) | attempted-user | 2007-0031 | 21922 | ||
| 32122 | FILE-OFFICE Microsoft Office Excel rtWnDesk record memory corruption exploit attempt (more info ...) | attempted-user | 2007-3890 | URL | ||
| 32131 | FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (more info ...) | attempted-user | 2007-1203 | 23826 | URL | |
| 32132 | FILE-OFFICE Microsoft Office Excel malformed FBI record buffer overflow attempt (more info ...) | attempted-user | 2007-1747 | 23826 | URL | |
| 32206 | FILE-OFFICE Microsoft Office Excel style record overflow attempt (more info ...) | attempted-user | 2008-0114 | URL | ||
| 32276 | SERVER-WEBAPP WordPress Infusionsoft Gravity Forms Plugin arbitrary code execution attempt (more info ...) | attempted-admin | 2014-6446 | 70317 | ||
| 32377 | FILE-OFFICE Microsoft Office invalid MS-OGRAPH DataFormat buffer overflow attempt (more info ...) | attempted-user | 2011-1990 | 49517 | URL | |
| 32428 | FILE-OFFICE Microsoft Office Word document malicious lcbSttbfBkmkArto value attempt (more info ...) | attempted-user | 2014-6333 | URL | ||
| 32429 | FILE-OFFICE Microsoft Office Word document malicious lcbSttbfBkmkArto value attempt (more info ...) | attempted-user | 2014-6333 | URL | ||
| 32514 | FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (more info ...) | attempted-user | 2011-1273 | URL | ||
| 32515 | FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (more info ...) | attempted-user | 2011-1273 | URL | ||
| 32516 | FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (more info ...) | attempted-user | 2011-1273 | URL | ||
| 32517 | FILE-OFFICE Microsoft Office Excel ObjBiff validation exploit attempt (more info ...) | attempted-user | 2011-1273 | URL | ||
| 32587 | FILE-OFFICE Microsoft Office Excel Series record exploit attempt (more info ...) | attempted-user | 2011-1278 | URL | ||
| 32588 | FILE-OFFICE Microsoft Office Excel Selection exploit attempt (more info ...) | attempted-user | 2011-1277 | URL | ||
| 32589 | FILE-OFFICE Microsoft Office Excel Selection exploit attempt (more info ...) | attempted-user | 2011-1277 | URL | ||
| 32601 | SERVER-OTHER Hikvision DVR RTSP request buffer overflow attempt (more info ...) | attempted-admin | 2014-4880 | |||
| 32625 | FILE-OFFICE Microsoft Office Excel DV record buffer overflow attempt (more info ...) | attempted-user | 2011-0105 | URL | ||
| 32642 | BROWSER-PLUGINS Microsoft Office Web Components OWC.Spreadsheet.9 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4695 | 4453 | URL | |
| 32746 | SERVER-WEBAPP Wordpress OptimizePress plugin theme upload attempt (more info ...) | attempted-user | 2013-7102 | URL | ||
| 32872 | FILE-OFFICE Microsoft Office Excel ObjBiff exploit attempt (more info ...) | attempted-user | 2011-1272 | URL | ||
| 32939 | SERVER-WEBAPP Wordpress XSS Clean and Simple Contact Form plugin cross-site scripting attempt (more info ...) | attempted-user | 2014-8955 | |||
| 32940 | FILE-OFFICE Microsoft Office Excel malformed Label record exploit attempt (more info ...) | attempted-user | 2011-0098 | URL | ||
| 32941 | FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (more info ...) | attempted-user | 2011-1276 | URL | ||
| 32942 | FILE-OFFICE Microsoft Office Excel SLK file excessive Picture records exploit attempt (more info ...) | attempted-user | 2011-1276 | URL | ||
| 32960 | FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (more info ...) | attempted-user | 2011-3411 | 50949 | URL | |
| 32961 | FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (more info ...) | attempted-user | 2011-3411 | 50949 | URL | |
| 33307 | FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (more info ...) | attempted-user | 2007-0936 | URL | ||
| 33308 | FILE-OTHER Microsoft Visio packed object parsing memory corruption attempt (more info ...) | attempted-user | 2007-0936 | URL | ||
| 33441 | FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (more info ...) | attempted-user | 2011-3400 | 50977 | URL | |
| 33442 | FILE-OFFICE Microsoft Office OLESS stream object name corruption attempt (more info ...) | attempted-user | 2011-3400 | 50977 | URL | |
| 33548 | BROWSER-PLUGINS Microsoft Office Access multiple control instantiation memory corruption attempt (more info ...) | attempted-user | 2010-0814 | URL | ||
| 33562 | FILE-OFFICE Microsoft Office Word document with embedded networking script (more info ...) | policy-violation | URL | |||
| 33563 | FILE-OFFICE Microsoft Office Word document with embedded networking script (more info ...) | policy-violation | URL | |||
| 33567 | FILE-OFFICE Microsoft Office Word border use-after-free attempt (more info ...) | attempted-user | 2011-1983 | URL | ||
| 33568 | FILE-OFFICE Microsoft Office Word border use-after-free attempt (more info ...) | attempted-user | 2011-1983 | URL | ||
| 33734 | FILE-OFFICE Microsoft Office ADODB.RecordSet code execution attempt (more info ...) | attempted-user | 2015-0097 | URL | ||
| 33735 | FILE-OFFICE Microsoft Office ADODB.RecordSet code execution attempt (more info ...) | attempted-user | 2015-0097 | URL | ||
| 33855 | SERVER-WEBAPP Wordpress Ultimate CSV Importer auth bypass export attempt (more info ...) | attempted-admin | URL | |||
| 33856 | SERVER-WEBAPP Wordpress Holding Pattern theme file upload attempt (more info ...) | attempted-admin | 2015-1172 | 72546 | ||
| 33922 | SERVER-WEBAPP WordPress arbitrary web script injection attempt (more info ...) | attempted-user | 2014-9031 | |||
| 33944 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33945 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33946 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33947 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33948 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33949 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33950 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33951 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33952 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33953 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33954 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33955 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33956 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33957 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33958 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 33959 | FILE-OTHER WordPerfect converter buffer overflow attempt (more info ...) | attempted-user | 2004-0573 | |||
| 34047 | MALWARE-CNC Win.Trojan.VBPasswordStealer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34131 | FILE-OFFICE RTF file with embedded OLE object (more info ...) | policy-violation | URL | |||
| 34328 | SERVER-WEBAPP Wordpress comment field stored XSS attempt (more info ...) | attempted-user | 2015-3440 | URL | ||
| 34475 | SERVER-WEBAPP Wordpress username enumeration attempt (more info ...) | attempted-recon | URL | |||
| 34568 | SERVER-WEBAPP Wordpress Gravity Forms gf_page arbitrary file upload attempt (more info ...) | attempted-user | URL | |||
| 34974 | FILE-OFFICE Microsoft Office Visio UML string object heap buffer overflow attempt (more info ...) | attempted-user | 2011-1979 | URL | ||
| 34975 | FILE-OFFICE Microsoft Office Visio UML string object heap buffer overflow attempt (more info ...) | attempted-user | 2011-1979 | URL | ||
| 35102 | MALWARE-CNC Win.Trojan.Dridex Microsoft Word document dropper download attempt (more info ...) | trojan-activity | URL | |||
| 35103 | MALWARE-CNC Win.Trojan.Dridex Microsoft Word document dropper download attempt (more info ...) | trojan-activity | URL | |||
| 35129 | FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (more info ...) | attempted-recon | 2015-2375 | URL | ||
| 35130 | FILE-OFFICE Microsoft Office Excel invalid table information disclosure attempt (more info ...) | attempted-recon | 2015-2375 | URL | ||
| 35143 | FILE-OFFICE Microsoft Office Excel Viewer msostyle.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-2378 | URL | ||
| 35144 | FILE-OFFICE Microsoft Office Excel Viewer request for msostyle.dll over SMB attempt (more info ...) | attempted-user | 2015-2378 | URL | ||
| 35166 | FILE-OFFICE Microsoft Office RTF object remote code execution attempt (more info ...) | attempted-user | 2015-2369 | URL | ||
| 35167 | FILE-OFFICE Microsoft Office RTF object remote code execution attempt (more info ...) | attempted-user | 2015-2369 | URL | ||
| 35168 | FILE-OFFICE Microsoft Office rapi.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-2369 | URL | ||
| 35169 | FILE-OFFICE Microsoft Office request for rapi.dll over SMB attempt (more info ...) | attempted-user | 2015-2369 | URL | ||
| 35253 | SERVER-OTHER LibreOffice Impress socket manager Use After Free attempt (more info ...) | attempted-user | 2014-3963 | 71351 | URL | |
| 35358 | SERVER-WEBAPP Wordpress RightNow theme file upload attempt (more info ...) | web-application-attack | ||||
| 35423 | BROWSER-PLUGINS Microsoft Windows Visual Basic Charts ActiveX function call access (more info ...) | attempted-user | 2008-4256 | URL | ||
| 35440 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 35441 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 35442 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 35443 | FILE-OFFICE Microsoft Office PowerPoint invalid OfficeArtSpContainer subrecord type confusion attempt (more info ...) | attempted-user | 2011-3413 | 50964 | URL | |
| 35670 | POLICY-OTHER Symantec Endpoint Protection insecure password reset attempt (more info ...) | policy-violation | 2015-1486 | |||
| 35829 | FILE-OTHER OpenOffice Starview metafile arbitrary read write attempt (more info ...) | attempted-user | 2016-1513 | URL | ||
| 35876 | FILE-OTHER InduSoft Web Studio insecure visual basic code execution attempt (more info ...) | policy-violation | ||||
| 35886 | POLICY-OTHER Kaskad SCADA default username and password attempt (more info ...) | default-login-attempt | URL | |||
| 36277 | FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (more info ...) | attempted-user | 2015-5572 | URL | ||
| 36278 | FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (more info ...) | attempted-user | 2015-5572 | URL | ||
| 36279 | FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (more info ...) | attempted-user | 2015-5572 | URL | ||
| 36280 | FILE-FLASH Adobe Flash Player diplayAsPassword information disclosure attempt (more info ...) | attempted-user | 2015-5572 | URL | ||
| 36334 | SERVER-WEBAPP Ignite Realtime Openfire user-password cross site request forgery attempt (more info ...) | attempted-user | 2015-6973 | |||
| 36375 | SERVER-OTHER IBM Tivoli Management Framework Endpoint default HTTP password authentication attempt (more info ...) | attempted-user | 2011-2330 | URL | ||
| 36419 | POLICY-OTHER Remote non-VBScript file found in Visual Basic script tag src attribute (more info ...) | policy-violation | 2015-6059 | URL | ||
| 36420 | POLICY-OTHER Remote non-VBScript file found in Visual Basic script tag src attribute (more info ...) | policy-violation | 2015-6059 | URL | ||
| 36421 | POLICY-OTHER Remote non-VBScript file found in Visual Basic script tag src attribute (more info ...) | policy-violation | 2015-6059 | URL | ||
| 36422 | POLICY-OTHER Remote non-VBScript file found in Visual Basic script tag src attribute (more info ...) | policy-violation | 2015-6059 | URL | ||
| 36425 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 36426 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 36435 | SERVER-OTHER Xerox Administrator Console password extraction attempt (more info ...) | attempted-recon | URL | |||
| 36631 | FILE-OFFICE Microsoft Office Word .rtf file stylesheet buffer overflow attempt (more info ...) | attempted-user | 2008-4031 | URL | ||
| 36784 | POLICY-OTHER Symantec LiveUpdate forcepasswd.do insecure password change attempt (more info ...) | policy-violation | 2014-1644 | 66399 | ||
| 36857 | FILE-OFFICE Microsoft Office Excel WOpt record memory corruption attempt (more info ...) | attempted-user | 2010-0824 | 40522 | URL | |
| 36914 | MALWARE-CNC Potential hostile executable served from compromised or malicious WordPress site (more info ...) | trojan-activity | ||||
| 37012 | FILE-OFFICE Microsoft Office Outlook embedded OLE object sandbox bypass attempt (more info ...) | attempted-user | 2015-6172 | URL | ||
| 37029 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 37030 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 37031 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 37032 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 37033 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 37035 | FILE-OFFICE Microsoft Office PowerPoint malformed record call to freed object attempt (more info ...) | attempted-admin | 2011-0655 | URL | ||
| 37246 | FILE-OFFICE Microsoft Office Excel CrErr record integer overflow attempt (more info ...) | attempted-user | 2010-3230 | 43643 | URL | |
| 37273 | FILE-OFFICE Microsoft Office RTF parser heap overflow attempt (more info ...) | attempted-user | 2016-0010 | URL | ||
| 37281 | FILE-OTHER Microsoft Office MScomctl.ocx memory leak attempt (more info ...) | attempted-user | 2016-0012 | URL | ||
| 37282 | FILE-OTHER Microsoft Office MScomctl.ocx memory leak attempt (more info ...) | attempted-user | 2016-0012 | URL | ||
| 37293 | FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | URL | ||
| 37294 | FILE-OFFICE Microsoft Office Excel RTD buffer overflow attempt (more info ...) | attempted-user | 2010-1246 | URL | ||
| 37318 | FILE-OFFICE Microsoft Office Word rpawinet.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0107 | 47246 | URL | |
| 37319 | FILE-OFFICE Microsoft Office Word request for rpawinet.dll over SMB attempt (more info ...) | attempted-user | 2011-0107 | 47246 | URL | |
| 37362 | FILE-OFFICE Microsoft Office Publisher 2007 conversion library code execution attempt (more info ...) | attempted-user | 2007-1754 | 22702 | URL | |
| 37378 | SERVER-WEBAPP ABB default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37379 | SERVER-WEBAPP BinTec Elmeg default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37380 | SERVER-WEBAPP BinTec Elmeg default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37381 | SERVER-WEBAPP Digi default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37382 | SERVER-WEBAPP Digi default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37383 | SERVER-WEBAPP Digi default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37384 | SERVER-WEBAPP Emerson default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37385 | SERVER-WEBAPP Hirschmann default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37386 | SERVER-WEBAPP Hirschmann default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37387 | SERVER-WEBAPP Moxa default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37388 | SERVER-WEBAPP NOVUS AUTOMATION default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37389 | SERVER-WEBAPP Rockwell Automation default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37390 | SERVER-WEBAPP Rockwell Automation default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37391 | SERVER-WEBAPP Samsung default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37392 | SERVER-WEBAPP Schneider default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37393 | SERVER-WEBAPP Schneider default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37394 | SERVER-WEBAPP Wago default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37395 | SERVER-WEBAPP Westermo default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37396 | SERVER-WEBAPP eWON default password login attempt (more info ...) | default-login-attempt | URL | |||
| 37403 | SERVER-OTHER Easy Chat server authentication request password parameter overflow attempt (more info ...) | misc-attack | URL | |||
| 37462 | SERVER-WEBAPP WordPress Job Manager plugin cross site scripting attempt (more info ...) | attempted-user | 2015-2321 | 76503 | ||
| 37463 | SERVER-WEBAPP WordPress Job Manager plugin cross site scripting attempt (more info ...) | attempted-user | 2015-2321 | 76503 | ||
| 37556 | FILE-OFFICE Microsoft Office phoneinfo.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0041 | URL | ||
| 37562 | FILE-OFFICE Microsoft Office Word missing dpinfo structure integer overflow attempt (more info ...) | attempted-user | 2016-0022 | URL | ||
| 37846 | FILE-OFFICE Microsoft Office Excel file with embedded ActiveX control (more info ...) | attempted-user | 2008-3477 | URL | ||
| 37884 | BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0198 | |||
| 37885 | BROWSER-PLUGINS IBM Tivoli Provisioning Manager Express ActiveX clsid access attempt (more info ...) | attempted-user | 2012-0198 | |||
| 37920 | FILE-OFFICE Microsoft Office Publisher pubconv.dll corruption attempt (more info ...) | attempted-user | 2010-2569 | 45277 | ||
| 37921 | FILE-OFFICE Microsoft Office Publisher tyo.oty field heap overflow attempt (more info ...) | attempted-user | 2010-2569 | URL | ||
| 38110 | FILE-OFFICE Microsoft Office Word bitmap stream parsing remote code execution attempt (more info ...) | attempted-user | 2016-0092 | URL | ||
| 38237 | FILE-OFFICE Microsoft Office Word RTF parsing memory corruption attempt (more info ...) | attempted-user | 2008-1091 | 29104 | URL | |
| 38249 | SERVER-WEBAPP Samsung Data Manager default password login attempt (more info ...) | default-login-attempt | URL | |||
| 38262 | FILE-OFFICE Microsoft Office Word rtf malformed dpcallout buffer overflow attempt (more info ...) | attempted-user | 2008-4028 | 32585 | URL | |
| 38265 | FILE-OFFICE Microsoft Office Excel Formula record remote code execution attempt (more info ...) | attempted-user | 2009-0560 | 35244 | URL | |
| 38266 | FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (more info ...) | attempted-user | 2010-1903 | 42130 | URL | |
| 38267 | FILE-OFFICE Microsoft Office Word HTML linked objects memory corruption attempt (more info ...) | attempted-user | 2010-1903 | 42130 | URL | |
| 38272 | FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 38273 | FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 38274 | FILE-OFFICE Microsoft Office Word formatted disk pages table memory corruption attempt (more info ...) | attempted-user | 2006-6561 | 21589 | ||
| 38536 | SERVER-WEBAPP Wordpress Scoreme cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 38785 | FILE-OFFICE Microsoft Office Excel BOF memory disclosure attempt (more info ...) | attempted-recon | 2018-8162 | URL | ||
| 38786 | FILE-OFFICE Microsoft Office Excel BOF memory disclosure attempt (more info ...) | attempted-recon | 2018-8162 | URL | ||
| 38810 | FILE-OFFICE Microsoft Office wwlib out of bounds memory access attempt (more info ...) | attempted-recon | 2016-0183 | URL | ||
| 38856 | FILE-OTHER Hancom Hangul HCell pConnectionSites OfficeArt record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4294 | URL | ||
| 38858 | FILE-OTHER Hancom Hangul HCell pConnectionSites OfficeArt record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4294 | URL | ||
| 38859 | FILE-OTHER Hancom Hangul HCell pVertices OfficeArt record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4294 | URL | ||
| 38950 | MALWARE-CNC Win.Trojan.PassStealer passwords exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 39049 | FILE-OFFICE Hancom Hangul Office NXDeleteLineObj memory corruption attempt (more info ...) | attempted-user | 2016-4290 | URL | ||
| 39050 | FILE-OFFICE Hancom Hangul Office NXDeleteLineObj memory corruption attempt (more info ...) | attempted-user | 2016-4290 | URL | ||
| 39082 | FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (more info ...) | attempted-user | URL | |||
| 39083 | FILE-OFFICE TRUFFLEHUNTER TALOS-CAN-0160 attack attempt (more info ...) | attempted-user | URL | |||
| 39110 | FILE-OFFICE Hancom Hangul Office HCell HncChart out of bounds write attempt (more info ...) | attempted-user | 2016-4295 | URL | ||
| 39111 | FILE-OFFICE Hancom Hangul Office HCell HncChart out of bounds write attempt (more info ...) | attempted-user | 2016-4295 | URL | ||
| 39152 | SERVER-WEBAPP Huawei HG866 GPON root password change attempt (more info ...) | web-application-attack | ||||
| 39157 | FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (more info ...) | attempted-user | 2010-3240 | 43655 | URL | |
| 39158 | FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (more info ...) | attempted-user | 2010-3240 | 43655 | URL | |
| 39166 | SERVER-WEBAPP Asus RT-N56U router password disclosure attempt (more info ...) | web-application-attack | URL | |||
| 39169 | SERVER-WEBAPP Alpha Networks ADSL2/2+ Wireless Router password disclosure attempt (more info ...) | web-application-attack | URL | |||
| 39346 | FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (more info ...) | attempted-user | 2013-1315 | 43655 | URL | |
| 39347 | FILE-OFFICE Microsoft Office Excel RealTimeData record exploit attempt (more info ...) | attempted-user | 2013-1315 | 43655 | URL | |
| 39444 | INDICATOR-COMPROMISE Netgear D6000 or D3600 password recovery page access attempt (more info ...) | misc-activity | 2015-8289 | URL | ||
| 39665 | FILE-OTHER Oracle OIT libvs_word ContentAccess out of bounds write attempt (more info ...) | attempted-user | 2016-3592 | URL | ||
| 39666 | FILE-OTHER Oracle OIT libvs_word ContentAccess out of bounds write attempt (more info ...) | attempted-user | 2016-3592 | URL | ||
| 39667 | FILE-OTHER Oracle OIT libvs_word ContentAccess out of bounds write attempt (more info ...) | attempted-user | 2016-3592 | URL | ||
| 39668 | FILE-OTHER Oracle OIT libvs_word ContentAccess out of bounds write attempt (more info ...) | attempted-user | 2016-3592 | URL | ||
| 39671 | FILE-OTHER Oracle OIT libvs_word ContentAccess out of bounds write attempt (more info ...) | attempted-user | 2016-3590 | URL | ||
| 39672 | FILE-OTHER Oracle OIT libvs_word ContentAccess out of bounds write attempt (more info ...) | attempted-user | 2016-3590 | URL | ||
| 39757 | FILE-OFFICE Hancom Hangul HCell TableStyle record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4293 | URL | ||
| 39758 | FILE-OFFICE Hancom Hangul HCell TableStyle record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4293 | URL | ||
| 39759 | FILE-OFFICE Hancom Hangul HCell TableStyle record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4293 | URL | ||
| 39760 | FILE-OFFICE Hancom Hangul HCell TableStyle record heap buffer overflow attempt (more info ...) | attempted-user | 2016-4293 | URL | ||
| 39761 | FILE-OFFICE Hancom Hangul Hcell cssValFormat checkUnderbar out of bounds write attempt (more info ...) | attempted-user | 2016-4296 | URL | ||
| 39762 | FILE-OFFICE Hancom Hangul Hcell cssValFormat checkUnderbar out of bounds write attempt (more info ...) | attempted-user | 2016-4296 | URL | ||
| 39816 | FILE-OFFICE Microsoft Office Word sprmSDyaTop memory leak attempt (more info ...) | attempted-user | 2016-3316 | URL | ||
| 39988 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 39989 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 39990 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 39991 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 39992 | FILE-OFFICE Microsoft Office Excel 2007 invalid comments.xml uninitialized pointer access attempt (more info ...) | attempted-user | 2010-0263 | URL | ||
| 40058 | SERVER-WEBAPP WordPress Quick-Post Widget GET request using Body cross-site scripting (more info ...) | attempted-user | 2012-4226 | |||
| 40125 | FILE-OTHER Ichitaro Office Excel TxO record heap overflow attempt (more info ...) | attempted-user | 2017-2790 | URL | ||
| 40126 | FILE-OTHER Ichitaro Office Excel TxO record heap overflow attempt (more info ...) | attempted-user | 2017-2790 | URL | ||
| 40142 | FILE-OFFICE Microsoft PowerPoint bogus JPEG marker length heap buffer overflow (more info ...) | attempted-user | 2016-3357 | URL | ||
| 40278 | INDICATOR-SHELLCODE x86 OS agnostic dword additive feedback decoder (more info ...) | shellcode-detect | ||||
| 40279 | INDICATOR-SHELLCODE x86 OS agnostic dword additive feedback decoder (more info ...) | shellcode-detect | ||||
| 40307 | FILE-OFFICE Microsoft Office Word document containing VBA project entry detected (more info ...) | policy-violation | ||||
| 40497 | SERVER-WEBAPP WordPress Plugin RevSlider file upload attempt (more info ...) | web-application-attack | 2014-9735 | |||
| 40884 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-4114 | URL | ||
| 40885 | FILE-OTHER Microsoft Office ole object external file loading attempt (more info ...) | attempted-admin | 2014-4114 | URL | ||
| 40940 | FILE-OFFICE Microsoft Office hyperlink object out of bounds read attempt (more info ...) | attempted-user | 2016-7278 | 94716 | URL | |
| 40941 | FILE-OFFICE Microsoft Office hyperlink object out of bounds read attempt (more info ...) | attempted-user | 2016-7278 | 94716 | URL | |
| 40944 | FILE-OFFICE Microsoft Office Excel CrtMlFrt record out of bounds read attempt (more info ...) | attempted-user | 2016-7264 | URL | ||
| 40961 | FILE-OTHER Microsoft Office OLE DLL side load attempt (more info ...) | attempted-user | 2016-7275 | URL | ||
| 41094 | FILE-OFFICE Microsoft Office PowerPoint improper filename remote code execution attempt (more info ...) | attempted-user | 2010-0029 | URL | ||
| 41132 | FILE-OFFICE RTF file with embedded OLE object (more info ...) | policy-violation | ||||
| 41223 | SERVER-WEBAPP Moxa AWK-3131A plaintext password leak attempt (more info ...) | policy-violation | 2016-8716 | URL | ||
| 41413 | FILE-OFFICE Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt (more info ...) | attempted-admin | 2009-0556 | |||
| 41414 | FILE-OFFICE Microsoft Office PowerPoint malformed msofbtTextbox exploit attempt (more info ...) | attempted-admin | 2009-0556 | |||
| 41452 | MALWARE-CNC Swf.Tool.Agent flash file in a word document uploading system capabilities (more info ...) | trojan-activity | URL | |||
| 41453 | FILE-OFFICE Microsoft Works file converter field length invalid chunk size buffer overflow attempt (more info ...) | attempted-user | 2008-0108 | 27659 | URL | |
| 41563 | FILE-OFFICE Microsoft Office request for imjp12k.dll over SMB attempt (more info ...) | attempted-user | 2017-0039 | URL | ||
| 41564 | FILE-OFFICE Microsoft Office imjp12k.dll dll-load exploit attempt (more info ...) | attempted-user | 2017-0039 | URL | ||
| 41638 | SERVER-WEBAPP Wordpress NextGEN gallery directory traversal attempt (more info ...) | attempted-recon | URL | |||
| 41639 | SERVER-WEBAPP Wordpress NextGEN gallery directory traversal attempt (more info ...) | attempted-recon | URL | |||
| 41650 | SERVER-WEBAPP Wordpress Excerpt cross site scripting attempt (more info ...) | attempted-user | 2017-5612 | |||
| 41761 | POLICY-OTHER Microsoft Word document with large docProps/core.xml file (more info ...) | policy-violation | URL | |||
| 41762 | POLICY-OTHER Microsoft Word document with large docProps/core.xml file (more info ...) | policy-violation | URL | |||
| 41825 | SERVER-WEBAPP WordPress Plugins Simple Ads Manager information disclosure attempt (more info ...) | web-application-attack | 2015-2826 | |||
| 41826 | SERVER-WEBAPP WordPress Plugins Simple Ads Manager information disclosure attempt (more info ...) | web-application-attack | 2015-2826 | |||
| 41914 | SERVER-WEBAPP WordPress Plugin RevSlider file upload attempt (more info ...) | web-application-attack | 2014-9735 | |||
| 42042 | SERVER-WEBAPP Wordpress Press-This cross site request forgery attempt (more info ...) | denial-of-service | 2017-6819 | URL | ||
| 42043 | SERVER-WEBAPP WordPress embedded URL video cross site scripting attempt (more info ...) | attempted-user | ||||
| 42055 | PROTOCOL-SCADA Moxa password retrieval attempt (more info ...) | attempted-admin | URL | |||
| 42056 | PROTOCOL-SCADA Moxa password retrieval attempt (more info ...) | attempted-admin | URL | |||
| 42066 | SERVER-WEBAPP Wordpress plugin arbitrary file deletion attempt (more info ...) | web-application-attack | URL | |||
| 42137 | FILE-OFFICE Lexmark Perceptive Document Filters malformed XLS information disclosure attempt (more info ...) | attempted-recon | 2017-2806 | URL | ||
| 42163 | FILE-OTHER Microsoft Office OneNote 2007 dll-load exploit attempt (more info ...) | attempted-user | 2017-0197 | URL | ||
| 42164 | FILE-OTHER Microsoft Office OneNote 2007 dll-load exploit attempt (more info ...) | attempted-user | 2017-0197 | URL | ||
| 42197 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 42231 | FILE-OFFICE RTF url moniker COM file download attempt (more info ...) | attempted-admin | 2017-0199 | |||
| 42819 | SERVER-WEBAPP WordPress admin password reset attempt (more info ...) | web-application-attack | 2017-8295 | |||
| 42928 | INDICATOR-COMPROMISE Microsoft Office with embedded EPS download attempt (more info ...) | attempted-admin | 2017-0262 | |||
| 43259 | FILE-OTHER Hangul Word Processor type confusion attempt (more info ...) | attempted-admin | 2015-6585 | |||
| 43260 | FILE-OTHER Hangul Word Processor type confusion attempt (more info ...) | attempted-admin | 2015-6585 | |||
| 43261 | FILE-OTHER Hangul Word Processor type confusion attempt (more info ...) | attempted-admin | 2015-6585 | |||
| 43262 | FILE-OTHER Hangul Word Processor type confusion attempt (more info ...) | attempted-admin | 2015-6585 | |||
| 43263 | FILE-OTHER Hangul Word Processor type confusion attempt (more info ...) | attempted-admin | 2015-6585 | |||
| 43264 | FILE-OTHER Hangul Word Processor type confusion attempt (more info ...) | attempted-admin | 2015-6585 | |||
| 43294 | SERVER-WEBAPP Cybozu Office directory traversal attempt (more info ...) | web-application-attack | 2006-4490 | |||
| 43295 | SERVER-WEBAPP Cybozu Office directory traversal attempt (more info ...) | web-application-attack | 2006-4490 | |||
| 43328 | FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (more info ...) | misc-attack | 2008-4025 | URL | ||
| 43450 | FILE-OFFICE Microsoft Office Word .rtf file double free attempt (more info ...) | attempted-user | 2008-4027 | URL | ||
| 43458 | SERVER-WEBAPP WordPress wp_title function cross site scripting attempt (more info ...) | attempted-user | 2007-1894 | |||
| 43638 | FILE-OFFICE Microsoft Office Excel null pointer dereference attempt (more info ...) | attempted-user | 2007-1239 | |||
| 43639 | FILE-OFFICE Microsoft Office Excel null pointer dereference attempt (more info ...) | attempted-user | 2007-1239 | |||
| 43640 | FILE-OFFICE Microsoft Office Excel null pointer dereference attempt (more info ...) | attempted-user | 2007-1239 | |||
| 43641 | FILE-OFFICE Microsoft Office Excel null pointer dereference attempt (more info ...) | attempted-user | 2007-1239 | |||
| 43674 | FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 43675 | FILE-OFFICE Microsoft Office Word SmartTag record code execution attempt (more info ...) | attempted-user | 2008-2244 | 30124 | ||
| 43678 | FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (more info ...) | attempted-user | 2010-3333 | URL | ||
| 43679 | FILE-OFFICE Microsoft Office RTF parsing remote code execution attempt (more info ...) | attempted-user | 2010-3333 | URL | ||
| 43699 | FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 43804 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 43805 | FILE-OFFICE Microsoft Office mqrt.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-6132 | URL | ||
| 43853 | FILE-OFFICE Microsoft Office Word unpaired RTF dpendgroup buffer overflow attempt (more info ...) | attempted-user | 2008-4030 | 32642 | URL | |
| 43854 | FILE-OFFICE Microsoft Office Word unpaired RTF dpendgroup buffer overflow attempt (more info ...) | attempted-user | 2008-4030 | 32642 | URL | |
| 44031 | FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (more info ...) | attempted-user | 2008-0121 | URL | ||
| 44032 | FILE-OFFICE Powerpoint Viewer malformed msoDrawing property table buffer overflow attempt (more info ...) | attempted-user | 2008-0121 | URL | ||
| 44068 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 44069 | FILE-OFFICE Microsoft Office PowerPoint Viewer memory allocation code execution attempt (more info ...) | attempted-user | 2008-0120 | 30552 | ||
| 44157 | FILE-OFFICE Microsoft Office Word rich text format invalid field size memory corruption attempt (more info ...) | attempted-user | 2010-1902 | URL | ||
| 44182 | FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (more info ...) | misc-attack | 2008-4025 | URL | ||
| 44183 | FILE-OFFICE Microsoft Office Word .rtf file integer overflow attempt (more info ...) | misc-attack | 2008-4025 | URL | ||
| 44280 | FILE-OFFICE Microsoft Office PowerPoint invalid TextByteAtom remote code execution attempt (more info ...) | attempted-user | 2010-0033 | URL | ||
| 44289 | FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 44290 | FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 44291 | FILE-OFFICE Microsoft Office Excel BIFF5 formulas from records parsing code execution attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 44292 | FILE-OFFICE Microsoft Office Excel BIFF8 formulas from records parsing code execution attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 44296 | FILE-OFFICE Microsoft Office Excel sheet object type confusion exploit attempt (more info ...) | attempted-user | 2010-0258 | URL | ||
| 44303 | FILE-OFFICE Microsoft PowerPoint CString atom overflow attempt (more info ...) | attempted-user | 2009-1128 | URL | ||
| 44304 | FILE-OFFICE Microsoft PowerPoint CString atom overflow attempt (more info ...) | attempted-user | 2009-1128 | URL | ||
| 44469 | MALWARE-CNC Potential hostile executable served from compromised or malicious WordPress site attempt (more info ...) | trojan-activity | URL | |||
| 44470 | MALWARE-CNC Potential hostile executable served from compromised or malicious WordPress site attempt (more info ...) | trojan-activity | URL | |||
| 44559 | MALWARE-CNC Word.Trojan.Emotet obfuscated powershell (more info ...) | trojan-activity | URL | |||
| 44560 | MALWARE-CNC Word.Trojan.Emotet obfuscated powershell (more info ...) | trojan-activity | URL | |||
| 44566 | SERVER-WEBAPP Wordpress Customizer directory traversal attempt (more info ...) | web-application-attack | 2017-14722 | |||
| 44567 | SERVER-WEBAPP Wordpress Customizer directory traversal attempt (more info ...) | web-application-attack | 2017-14722 | |||
| 44568 | SERVER-WEBAPP Wordpress Customizer directory traversal attempt (more info ...) | web-application-attack | 2017-14722 | |||
| 44581 | SERVER-OTHER TrendMicro OfficeScan LogonUser buffer overflow attempt (more info ...) | attempted-user | 2017-14089 | |||
| 44585 | FILE-OFFICE Microsoft Office Word docx object type confusion attempt (more info ...) | attempted-admin | 2017-11826 | URL | ||
| 44586 | FILE-OFFICE Microsoft Office Word docx object type confusion attempt (more info ...) | attempted-admin | 2017-11826 | URL | ||
| 44596 | FILE-OFFICE Microsoft Office request for oci.dll over SMB attempt (more info ...) | attempted-user | 2016-0041 | 82505 | URL | |
| 44597 | FILE-OFFICE Microsoft Office request for iasdatastore2.dll over SMB attempt (more info ...) | attempted-user | 2016-0041 | 82505 | URL | |
| 44598 | FILE-OFFICE Microsoft Office request for ociw32.dll over SMB attempt (more info ...) | attempted-user | 2016-0041 | 82505 | URL | |
| 44599 | FILE-OFFICE Microsoft Office oci.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0041 | 82505 | URL | |
| 44600 | FILE-OFFICE Microsoft Office iasdatastore2.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0041 | 82505 | URL | |
| 44601 | FILE-OFFICE Microsoft Office ociw32.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0041 | 82505 | URL | |
| 44631 | SERVER-WEBAPP Wordpress plugin bbPress comment cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 44632 | SERVER-WEBAPP Wordpress content cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 44694 | FILE-OFFICE Microsoft Office dde field code execution attempt (more info ...) | attempted-admin | URL | |||
| 44695 | FILE-OFFICE Microsoft Office dde field code execution attempt (more info ...) | attempted-admin | URL | |||
| 44795 | FILE-OFFICE Hewlett-Packard Autonomy KeyView library stack-based buffer overflow attempt (more info ...) | attempted-user | 2012-6277 | |||
| 44796 | FILE-OFFICE Hewlett-Packard Autonomy KeyView library stack-based buffer overflow attempt (more info ...) | attempted-user | 2012-6277 | |||
| 44838 | FILE-OFFICE Microsoft Office Word RTF memory corruption attempt (more info ...) | attempted-user | 2017-11854 | |||
| 44839 | FILE-OFFICE Microsoft Office Word RTF memory corruption attempt (more info ...) | attempted-user | 2017-11854 | |||
| 45061 | SERVER-WEBAPP Wordpress User History plugin cross site scripting attempt (more info ...) | attempted-user | 2017-15867 | |||
| 45324 | SERVER-WEBAPP Dahua DVR user password hash query attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45328 | SERVER-WEBAPP Dahua DVR admin password reset attempt (more info ...) | attempted-admin | 2013-6117 | 63742 | ||
| 45402 | FILE-OFFICE Microsoft Office Word memory corruption exploit attempt (more info ...) | attempted-user | 2018-0797 | URL | ||
| 45403 | FILE-OFFICE Microsoft Office Word memory corruption exploit attempt (more info ...) | attempted-user | 2018-0797 | URL | ||
| 45491 | FILE-OFFICE Microsoft Office Word PlfLfo use after free attempt (more info ...) | attempted-user | 2008-4024 | |||
| 45492 | FILE-OFFICE Microsoft Office Word PlfLfo use after free attempt (more info ...) | attempted-user | 2008-4024 | |||
| 45556 | FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (more info ...) | attempted-user | 2010-3334 | URL | ||
| 45557 | FILE-OFFICE Microsoft Office embedded Office Art drawings execution attempt (more info ...) | attempted-user | 2010-3334 | URL | ||
| 45601 | SERVER-WEBAPP Cambium ePMP 1000 admin account password reset attempt (more info ...) | web-application-attack | 2017-5254 | URL | ||
| 45619 | FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | 40523 | URL | |
| 45620 | FILE-OFFICE Microsoft Office Excel SxView record memory pointer corruption attempt (more info ...) | attempted-user | 2010-1245 | URL | ||
| 45879 | FILE-OFFICE Microsoft Office RTF listoverride memory corruption attempt (more info ...) | attempted-user | 2018-0922 | URL | ||
| 45880 | FILE-OFFICE Microsoft Office RTF listoverride memory corruption attempt (more info ...) | attempted-user | 2018-0922 | URL | ||
| 46108 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning writable file privilege escalation attempt (more info ...) | attempted-admin | 2018-0144 | |||
| 46109 | SERVER-WEBAPP Cisco Prime Collaboration Provisioning writable file privilege escalation attempt (more info ...) | attempted-admin | 2018-0144 | |||
| 46233 | FILE-OFFICE Microsoft JET Database remote code execution attempt (more info ...) | attempted-user | 2018-1003 | URL | ||
| 46234 | FILE-OFFICE Microsoft JET Database remote code execution attempt (more info ...) | attempted-user | 2018-1003 | URL | ||
| 46483 | SERVER-WEBAPP Wordpress VideoWhisper Live Streaming Integration plugin double extension file upload attempt (more info ...) | web-application-attack | 2014-1905 | |||
| 46899 | POLICY-OTHER Cisco Prime Collaboration Provisioning access control group modification request detected (more info ...) | policy-violation | 2018-0317 | URL | ||
| 46931 | INDICATOR-COMPROMISE dynamic Excel web query file download attempt (more info ...) | attempted-admin | URL | |||
| 46932 | INDICATOR-COMPROMISE dynamic Excel web query file download attempt (more info ...) | attempted-admin | URL | |||
| 46979 | INDICATOR-COMPROMISE Microsoft Office Discovery User-Agent to a potential URL shortener service (more info ...) | misc-activity | URL | |||
| 46980 | INDICATOR-COMPROMISE Microsoft Office Discovery User-Agent to a potential URL shortener service (more info ...) | misc-activity | URL | |||
| 47064 | FILE-OFFICE Microsoft Office Word malformed emf remote code execution attempt (more info ...) | attempted-user | 2017-8510 | |||
| 47159 | SERVER-WEBAPP Cognex VisionView directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47199 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 47200 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 47201 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 47202 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 47203 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 47204 | FILE-OFFICE Microsoft Office Excel fileVersion use-after-free attempt (more info ...) | attempted-user | 2015-2558 | URL | ||
| 47205 | FILE-OFFICE Microsoft Office Word sprmSDyaTop memory leak attempt (more info ...) | attempted-user | 2016-3316 | URL | ||
| 47403 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47404 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47406 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47407 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47408 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47409 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47410 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47411 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47412 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0641 attack attempt (more info ...) | attempted-user | 2018-3975 | URL | ||
| 47424 | SERVER-WEBAPP Site Editor WordPress plugin local file access attempt (more info ...) | web-application-attack | 2018-7422 | |||
| 47565 | FILE-OFFICE LibreOffice WEBSERVICE arbitrary file disclosure attempt (more info ...) | attempted-user | 2018-6871 | |||
| 47566 | FILE-OFFICE LibreOffice WEBSERVICE arbitrary file disclosure attempt (more info ...) | attempted-user | 2018-6871 | |||
| 47668 | SERVER-WEBAPP WordPress plugin WP with Spritz remote file include attempt (more info ...) | web-application-attack | URL | |||
| 47669 | SERVER-WEBAPP Wordpress plugin WP with Spritz directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47880 | POLICY-OTHER Cisco Video Surveillance Operations Manager default password use attempt (more info ...) | policy-violation | 2018-15427 | URL | ||
| 47889 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0143 | 53374 | URL | |
| 47890 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0143 | 53374 | URL | |
| 48136 | FILE-OFFICE Microsoft Office Excel SYLK file arbitrary code execution attempt (more info ...) | policy-violation | ||||
| 48137 | FILE-OFFICE Microsoft Office Excel SYLK file arbitrary code execution attempt (more info ...) | policy-violation | ||||
| 48138 | FILE-OFFICE Microsoft Office Excel SYLK file arbitrary code execution attempt (more info ...) | policy-violation | ||||
| 48139 | FILE-OFFICE Microsoft Office Excel SYLK file arbitrary code execution attempt (more info ...) | policy-violation | ||||
| 48272 | SERVER-WEBAPP Netgear Router admin password access attempt (more info ...) | policy-violation | ||||
| 48385 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0713 attack attempt (more info ...) | attempted-user | 2018-4040 | URL | ||
| 48386 | FILE-OFFICE TRUFFLEHUNTER TALOS-2018-0713 attack attempt (more info ...) | attempted-user | 2018-4040 | URL | ||
| 49182 | FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (more info ...) | attempted-user | 2011-3410 | URL | ||
| 49183 | FILE-OFFICE Microsoft Office Publisher Opltc memory corruption attempt (more info ...) | attempted-user | 2011-3410 | URL | ||
| 49248 | SERVER-WEBAPP WordPress login reconnaissance attempt (more info ...) | suspicious-login | URL | |||
| 49249 | SERVER-WEBAPP WordPress login reconnaissance attempt (more info ...) | suspicious-login | URL | |||
| 49253 | FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 49254 | FILE-OFFICE Microsoft Office Word styleWithEffects use-after-free attempt (more info ...) | attempted-user | 2014-4117 | URL | ||
| 49285 | FILE-OFFICE Microsoft Access arbitrary code execution attempt (more info ...) | attempted-user | 2013-3157 | URL | ||
| 49286 | FILE-OFFICE Microsoft Access arbitrary code execution attempt (more info ...) | attempted-user | 2013-3157 | URL | ||
| 49299 | FILE-OFFICE Microsoft Access arbitrary code execution attempt (more info ...) | attempted-user | 2013-3156 | URL | ||
| 49300 | FILE-OFFICE Microsoft Access arbitrary code execution attempt (more info ...) | attempted-user | 2013-3156 | URL | ||
| 49323 | FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (more info ...) | attempted-user | 2011-3403 | URL | ||
| 49324 | FILE-OFFICE Microsoft Office Excel Lel record memory corruption attempt (more info ...) | attempted-user | 2011-3403 | URL | ||
| 49427 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 49428 | FILE-OTHER Microsoft Wordpad embedded BMP overflow attempt (more info ...) | attempted-user | 2013-3940 | URL | ||
| 49431 | FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (more info ...) | attempted-user | 2011-3411 | 50949 | URL | |
| 49432 | FILE-OFFICE Microsoft Office Publisher 2003 EscherStm memory corruption attempt (more info ...) | attempted-user | 2011-3411 | 50949 | URL | |
| 49461 | POLICY-OTHER D-Link DIR-615 remote unauthenticated password modification attempt (more info ...) | policy-violation | URL | |||
| 49462 | POLICY-OTHER D-Link DIR-615 remote unauthenticated password modification attempt (more info ...) | policy-violation | URL | |||
| 49494 | FILE-OFFICE Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt (more info ...) | attempted-user | 2013-1313 | URL | ||
| 49500 | FILE-OFFICE Microsoft Office Excel conditional code execution attempt (more info ...) | attempted-user | 2011-1989 | URL | ||
| 49501 | FILE-OFFICE Microsoft Office Excel conditional code execution attempt (more info ...) | attempted-user | 2011-1989 | URL | ||
| 49756 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0794 attack attempt (more info ...) | attempted-user | 2019-5032 | URL | ||
| 49757 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0794 attack attempt (more info ...) | attempted-user | 2019-5032 | URL | ||
| 49761 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0795 attack attempt (more info ...) | attempted-user | 2019-5033 | URL | ||
| 49775 | FILE-OFFICE Microsoft Office Equation Editor object stack buffer overflow attempt (more info ...) | attempted-user | 2017-11882 | URL | ||
| 49852 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0805 attack attempt (more info ...) | attempted-user | 2019-5041 | URL | ||
| 49853 | FILE-OFFICE TRUFFLEHUNTER TALOS-2019-0805 attack attempt (more info ...) | attempted-user | 2019-5041 | URL | ||
| 49939 | FILE-OFFICE Microsoft Office PowerPoint malformed RecolorInfoAtom out of bounds read attempt (more info ...) | attempted-user | 2011-1270 | URL | ||
| 50708 | SERVER-WEBAPP WordPress Rencontre plugin cross site scripting attempt (more info ...) | attempted-user | 2019-13413 | |||
| 50818 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 50819 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 50820 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 50821 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 50822 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 50823 | FILE-OFFICE Microsoft Office Project file parsing arbitrary memory access attempt (more info ...) | attempted-user | 2009-0102 | URL | ||
| 50870 | APP-DETECT Quagga password challenge detected (more info ...) | misc-activity | URL | |||
| 50956 | FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (more info ...) | attempted-user | 2009-0559 | 35243 | URL | |
| 50957 | FILE-OFFICE Microsoft Office Excel MsoDrawingGroup record remote code execution attempt (more info ...) | attempted-user | 2009-0559 | 35243 | URL | |
| 50959 | FILE-OFFICE Microsoft VBE6.dll stack corruption attempt (more info ...) | attempted-user | 2010-0815 | 39931 | URL | |
| 50962 | FILE-OFFICE Microsoft Office PowerPoint OfficeArt atom memory corruption attempt (more info ...) | attempted-admin | 2011-0976 | URL | ||
| 50968 | SERVER-WEBAPP WordPress Crop Image arbitrary file write attempt (more info ...) | web-application-attack | 2019-8943 | |||
| 51059 | FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (more info ...) | attempted-user | 2010-0823 | URL | ||
| 51061 | FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (more info ...) | attempted-user | 2010-0823 | URL | ||
| 51062 | FILE-OFFICE Microsoft Office Excel Chart Sheet Substream memory corruption attempt (more info ...) | attempted-user | 2010-0823 | URL | ||
| 51076 | FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt (more info ...) | attempted-user | 2010-1247 | URL | ||
| 51077 | FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt (more info ...) | attempted-user | 2010-1247 | URL | ||
| 51078 | FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt (more info ...) | attempted-user | 2010-1247 | URL | ||
| 51079 | FILE-OFFICE Microsoft Office Excel RealTimeData record heap memory corruption attempt (more info ...) | attempted-user | 2010-1247 | URL | ||
| 51088 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 51089 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 51090 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 51091 | FILE-OFFICE Microsoft Office TIFF filter buffer overflow attempt (more info ...) | attempted-user | 2010-3947 | 45274 | URL | |
| 51165 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51166 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51167 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51168 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51169 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51170 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51171 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51172 | FILE-OFFICE Microsoft Office Excel SxView heap overflow attempt (more info ...) | attempted-user | 2010-0821 | URL | ||
| 51182 | FILE-OFFICE Microsoft Excel Jet Database Engine code execution attempt (more info ...) | attempted-user | 2017-8718 | URL | ||
| 51183 | FILE-OFFICE Microsoft Excel Jet Database Engine code execution attempt (more info ...) | attempted-user | 2017-8718 | URL | ||
| 51207 | SERVER-WEBAPP WordPress default admin theme cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 51208 | SERVER-WEBAPP WordPress default admin theme cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 51310 | FILE-OFFICE Microsoft Excel ExternSheet record remote code execution attempt (more info ...) | attempted-user | 2009-0558 | URL | ||
| 51311 | FILE-OFFICE Microsoft Excel ExternSheet record remote code execution attempt (more info ...) | attempted-user | 2009-0558 | URL | ||
| 51313 | FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record integer underflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 51314 | FILE-OFFICE Microsoft Office Excel invalid FRTWrapper record integer underflow attempt (more info ...) | attempted-user | 2008-3471 | URL | ||
| 51326 | FILE-OFFICE Microsoft Office Excel DBQueryExt record memory corruption attempt (more info ...) | attempted-user | 2010-1253 | URL | ||
| 51473 | FILE-OFFICE Microsoft Windows WordPad and Office text converter integer overflow attempt (more info ...) | attempted-user | 2009-2506 | URL | ||
| 51565 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0141 | URL | ||
| 51566 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0141 | URL | ||
| 51567 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0141 | URL | ||
| 51568 | FILE-OFFICE Microsoft Office Excel invalid Window2 BIFF record value attempt (more info ...) | attempted-user | 2012-0141 | URL | ||
| 51663 | SERVER-WEBAPP WordPress plugin Grace Media Player local file inclusion attempt (more info ...) | web-application-attack | 2019-9618 | URL | ||
| 51804 | SERVER-WEBAPP Wordpress Admin panel delete action cross site scripting attempt (more info ...) | attempted-user | 2017-1244 | URL | ||
| 51805 | SERVER-WEBAPP Wordpress Admin panel delete action cross site scripting attempt (more info ...) | attempted-user | 2017-1244 | URL | ||
| 51806 | SERVER-WEBAPP Wordpress Admin panel delete action cross site scripting attempt (more info ...) | attempted-user | 2017-1244 | URL | ||
| 51807 | SERVER-WEBAPP Wordpress Admin panel delete action cross site scripting attempt (more info ...) | attempted-user | 2017-1244 | URL | ||
| 51946 | FILE-OFFICE Microsoft Office PowerPoint out of bounds value remote code execution attempt (more info ...) | attempted-user | 2010-0032 | URL | ||
| 51958 | FILE-OFFICE Microsoft Word RTF stack exhaustion denial of service attempt (more info ...) | attempted-dos | ||||
| 51959 | FILE-OFFICE Microsoft Word RTF stack exhaustion denial of service attempt (more info ...) | attempted-dos | ||||
| 51960 | FILE-OFFICE Microsoft Word RTF stack exhaustion denial of service attempt (more info ...) | attempted-dos | ||||
| 51999 | FILE-OTHER LibreOffice office document arbitrary script execution attempt (more info ...) | attempted-user | 2019-9848 | |||
| 52000 | FILE-OTHER LibreOffice office document arbitrary script execution attempt (more info ...) | attempted-user | 2019-9848 | |||
| 52001 | SERVER-WEBAPP WordPress meta_input path traversal attempt (more info ...) | web-application-attack | 2019-8942 | |||
| 52055 | POLICY-OTHER WordPress XML-RPC pingback request attempt (more info ...) | policy-violation | URL | |||
| 52065 | FILE-OFFICE Microsoft Office Excel row record buffer overflow attempt (more info ...) | attempted-user | 2009-3130 | URL | ||
| 52066 | FILE-OFFICE Microsoft Office Excel row record buffer overflow attempt (more info ...) | attempted-user | 2009-3130 | URL | ||
| 52356 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 52357 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 52358 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 52359 | FILE-OFFICE Microsoft Office Word invalid sprmTDefTable length stack buffer overflow attempt (more info ...) | attempted-user | 2008-4837 | 32584 | URL | |
| 53171 | POLICY-OTHER Cisco Data Center Network Manager password change detected (more info ...) | policy-violation | 2019-3114 | URL | ||
| 54568 | POLICY-OTHER Cisco Prime License Manager password reset detected (more info ...) | policy-violation | 2020-3140 | URL | ||
| 54814 | SERVER-WEBAPP WordPress TinyMCE Thumbnail Gallery plugin directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 54815 | SERVER-WEBAPP WordPress TinyMCE Thumbnail Gallery plugin directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 54816 | SERVER-WEBAPP WordPress TinyMCE Thumbnail Gallery plugin directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 56324 | SERVER-WEBAPP KingComposer plugin for WordPress cross site scripting attempt (more info ...) | attempted-user | 2020-15299 | URL | ||
| 56325 | SERVER-WEBAPP KingComposer plugin for WordPress cross site scripting attempt (more info ...) | attempted-user | 2020-15299 | URL | ||
| 56833 | SERVER-WEBAPP WordPress plugin Total Upkeep database backup download attempt (more info ...) | web-application-attack | URL | |||
| 57064 | INDICATOR-COMPROMISE Microsoft Word internal OLE object update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 57065 | INDICATOR-COMPROMISE Microsoft Word internal OLE object update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 57384 | SERVER-WEBAPP WordPress Plugin WP-Paginate 2.1.3 cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 59472 | FILE-OFFICE Microsoft JET Database remote code execution attempt (more info ...) | attempted-user | 2018-1003 | URL | ||
| 59473 | FILE-OFFICE Microsoft JET Database remote code execution attempt (more info ...) | attempted-user | 2018-1003 | URL | ||
| 59560 | FILE-OTHER LibreOffice and OpenOffice ODF document PrinterSetup integer underflow attempt (more info ...) | attempted-user | 2015-5212 | |||
| 59561 | FILE-OTHER LibreOffice and OpenOffice ODF document PrinterSetup integer underflow attempt (more info ...) | attempted-user | 2015-5212 | |||
| 59584 | FILE-OFFICE Microsoft Office XML nested num tag double-free attempt (more info ...) | attempted-user | 2015-1650 | |||
| 59664 | FILE-OFFICE Microsoft Word internal object auto update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 59665 | FILE-OFFICE Microsoft Word internal object auto update attempt (more info ...) | attempted-user | 2017-0199 | URL | ||
| 59838 | POLICY-OTHER WordPress Plugin WPGraphQL potential denial of service attempt (more info ...) | policy-violation | URL | |||
| 59839 | POLICY-OTHER WordPress Plugin WPGraphQL potential denial of service attempt (more info ...) | policy-violation | URL | |||
| 59970 | FILE-OFFICE Microsoft Word malformed jpeg remote code execution attempt (more info ...) | attempted-user | 2016-3318 | URL | ||
| 60254 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1574 attack attempt (more info ...) | attempted-user | 2022-33896 | URL | ||
| 60255 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1574 attack attempt (more info ...) | attempted-user | 2022-33896 | URL | ||
| 60480 | SERVER-WEBAPP Invision Community cross site scripting attempt (more info ...) | web-application-attack | 2020-29477 | |||
| 60481 | SERVER-WEBAPP Invision Community cross site scripting attempt (more info ...) | web-application-attack | 2020-29477 | |||
| 61011 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1673 attack attempt (more info ...) | attempted-user | 2022-43664 | URL | ||
| 61012 | FILE-OFFICE TRUFFLEHUNTER TALOS-2022-1673 attack attempt (more info ...) | attempted-user | 2022-43664 | URL | ||
| 61713 | SERVER-WEBAPP WordPress Comment Content Filter cross-site request forgery attempt (more info ...) | attempted-admin | 2019-9787 | |||
| 61896 | POLICY-OTHER Cisco TelePresence Video Communication Server password reset request detected (more info ...) | policy-violation | 2023-20105 | URL | ||
| 61946 | POLICY-OTHER WordPress WooCommerce Stripe Gateway information disclosure attempt (more info ...) | policy-violation | 2023-34000 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3689 | BROWSER-IE Microsoft Internet Explorer tRNS overflow attempt (more info ...) | attempted-user | 2012-4170 | 13941 | 18490 | URL |
| 10142 | BROWSER-PLUGINS Microsoft Internet Explorer LexRefBilingualTextContext ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10144 | BROWSER-PLUGINS Microsoft Internet Explorer LexRefBilingualTextContext ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10145 | BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Sound Control ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10147 | BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Sound Control ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10148 | BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Movie Control ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10150 | BROWSER-PLUGINS Microsoft Internet Explorer HTML Inline Movie Control ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10151 | BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10153 | BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy ActiveX function call access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 10154 | BROWSER-PLUGINS Microsoft Internet Explorer BlnSetUser Proxy 2 ActiveX clsid access (more info ...) | attempted-user | 2007-0219 | URL | ||
| 11680 | SERVER-WEBAPP Oracle Java web proxy sockd buffer overflow attempt (more info ...) | attempted-admin | 2007-2881 | 24165 | ||
| 12474 | BROWSER-PLUGINS Oracle Java Web Start ActiveX function call access (more info ...) | attempted-user | 2007-5019 | 25734 | ||
| 15191 | BROWSER-FIREFOX Mozilla Firefox animated PNG processing integer overflow (more info ...) | attempted-user | 2008-4064 | |||
| 15237 | FILE-IDENTIFY Java .class file download request (more info ...) | misc-activity | URL | |||
| 15428 | BROWSER-FIREFOX Mozilla Firefox SVG data processing memory corruption attempt (more info ...) | attempted-user | 2009-0771 | 33990 | URL | |
| 15482 | SERVER-OTHER Oracle Java System sockd authentication buffer overflow attempt (more info ...) | attempted-admin | 2007-2881 | |||
| 15733 | BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (more info ...) | attempted-user | 2009-1918 | URL | ||
| 15872 | BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (more info ...) | attempted-user | 2009-2469 | 35758 | ||
| 16032 | BROWSER-IE Microsoft Internet Explorer HTML Decoding memory corruption attempt (more info ...) | attempted-user | 2006-2382 | 18309 | ||
| 16344 | BROWSER-FIREFOX Mozilla Firefox top-level script object offset calculation memory corruption attempt (more info ...) | attempted-user | 2009-3073 | 36343 | ||
| 16347 | BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (more info ...) | attempted-user | 2009-3382 | 36866 | ||
| 16482 | BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | 38615 | URL | |
| 16667 | BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (more info ...) | attempted-user | 2010-1663 | 39813 | ||
| 16668 | BROWSER-CHROME Google Chrome GURL cross origin bypass attempt (more info ...) | attempted-user | 2010-1663 | 39813 | ||
| 17153 | BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 1 (more info ...) | attempted-user | 2010-2755 | 41933 | URL | |
| 17154 | BROWSER-FIREFOX Mozilla Firefox plugin parameter array dangling pointer exploit attempt - 2 (more info ...) | attempted-user | 2010-2755 | 41933 | URL | |
| 17236 | BROWSER-FIREFOX Mozilla Firefox nsPropertyTable PropertyList memory corruption attempt (more info ...) | attempted-user | 2009-3070 | URL | ||
| 17378 | BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (more info ...) | attempted-user | 2008-4064 | |||
| 17379 | BROWSER-FIREFOX Mozilla Firefox Animated PNG Processing integer overflow attempt (more info ...) | attempted-user | 2008-4064 | |||
| 17398 | BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (more info ...) | attempted-user | 2009-0773 | 33990 | ||
| 17399 | BROWSER-FIREFOX Mozilla Firefox Javascript array.splice memory corruption attempt (more info ...) | attempted-user | 2009-0773 | 33990 | ||
| 17422 | BROWSER-FIREFOX Mozilla Firefox defineSetter function pointer memory corruption attempt (more info ...) | attempted-user | 2009-2469 | 35758 | ||
| 17519 | BROWSER-FIREFOX Mozilla Firefox UTF-8 URL Handling Stack Buffer Overflow (more info ...) | attempted-user | 2008-0016 | 31346 | ||
| 17557 | BROWSER-PLUGINS Novell iPrint ActiveX operation parameter overflow (more info ...) | attempted-user | 2008-2908 | 30986 | URL | |
| 17631 | FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (more info ...) | attempted-user | 2008-3111 | 30148 | ||
| 17642 | BROWSER-FIREFOX Mozilla Firefox ConstructFrame with floating first-letter memory corruption attempt (more info ...) | attempted-user | 2009-2462 | 35765 | ||
| 17685 | BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17686 | BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17687 | BROWSER-IE Microsoft Internet Explorer invalid pointer memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 17688 | BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | 38615 | URL | |
| 17689 | BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | URL | ||
| 18187 | BROWSER-FIREFOX Mozilla Firefox InstallTrigger.install memory corruption attempt (more info ...) | attempted-user | 2006-1790 | 17516 | URL | |
| 18244 | FILE-JAVA Oracle Java browser plugin docbase overflow attempt (more info ...) | attempted-user | 2010-3552 | 44023 | ||
| 18245 | BROWSER-PLUGINS Oracle Java browser plugin docbase overflow attempt (more info ...) | attempted-user | 2010-3552 | 44023 | URL | |
| 18612 | SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2010-0361 | 37874 | ||
| 18613 | SERVER-WEBAPP Oracle Java Web Server WebDAV Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2010-0361 | 37874 | ||
| 18649 | PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation overflow attempt (more info ...) | attempted-admin | 2011-4050 | 46936 | ||
| 18679 | SERVER-OTHER Oracle Java Applet2ClassLoader Remote Code Execution (more info ...) | attempted-user | 2010-4452 | URL | ||
| 18958 | BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (more info ...) | attempted-user | 2010-1119 | 40642 | ||
| 19713 | BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (more info ...) | attempted-user | 2011-2371 | 48372 | ||
| 19714 | BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (more info ...) | attempted-user | 2011-2371 | 48372 | ||
| 19809 | BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (more info ...) | attempted-user | 2012-1260 | URL | ||
| 19814 | BROWSER-IE Microsoft Internet Explorer empty table tag memory corruption attempt (more info ...) | attempted-user | 2009-1918 | URL | ||
| 20030 | PROTOCOL-SCADA IGSS IGSSDataServer.exe file operation directory traversal attempt (more info ...) | attempted-admin | 2011-1567 | 46936 | ||
| 20072 | BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (more info ...) | attempted-user | 2011-0073 | URL | ||
| 20215 | PROTOCOL-SCADA Measuresoft ScadaPro directory traversal file operation attempt (more info ...) | attempted-admin | 2011-3497 | |||
| 20444 | FILE-JAVA Oracle Java browser plugin docbase overflow attempt (more info ...) | attempted-user | 2010-3552 | 44023 | ||
| 20492 | FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (more info ...) | misc-activity | ||||
| 20600 | BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (more info ...) | attempted-user | 2011-0084 | 49213 | ||
| 20622 | FILE-JAVA Oracle Java Applet remote code execution attempt (more info ...) | attempted-user | 2012-5076 | |||
| 20820 | FILE-JAVA Oracle Java JNLP parameter argument injection attempt (more info ...) | attempted-user | 2005-0418 | |||
| 20831 | FILE-JAVA Oracle Java Applet Rhino script engine remote code execution attempt (more info ...) | attempted-user | 2011-3544 | |||
| 21057 | FILE-OTHER Java Applet Rhino script engine remote code execution attempt (more info ...) | attempted-user | 2011-3544 | |||
| 21092 | MALWARE-TOOLS JavaScript LOIC attack (more info ...) | attempted-dos | URL | |||
| 21292 | BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (more info ...) | attempted-dos | 2012-0155 | URL | ||
| 21438 | EXPLOIT-KIT Blackhole exploit kit JavaScript carat string splitting with hostile applet (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 21481 | FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (more info ...) | attempted-user | 2012-0500 | |||
| 21664 | FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (more info ...) | attempted-user | 2012-0507 | 52161 | ||
| 21665 | FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (more info ...) | attempted-user | 2012-0507 | 52161 | ||
| 21666 | FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (more info ...) | attempted-user | 2015-2590 | 52161 | ||
| 21667 | FILE-JAVA Oracle Java JRE sandbox Atomic breach attempt (more info ...) | attempted-user | 2012-0507 | 52161 | ||
| 21668 | EXPLOIT-KIT Java exploit kit iframe drive by attempt (more info ...) | attempted-user | 2011-3544 | URL | ||
| 21790 | BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (more info ...) | attempted-user | 2012-0171 | URL | ||
| 21791 | BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (more info ...) | attempted-user | 2012-0171 | URL | ||
| 21793 | BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (more info ...) | attempted-user | 2012-0172 | 52906 | URL | |
| 21796 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 21869 | FILE-OTHER Java JRE sandbox breach attempt (more info ...) | attempted-user | 2012-0507 | 52161 | ||
| 21881 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2012-0775 | 52949 | URL | |
| 21953 | BROWSER-FIREFOX Mozilla Multiple Products HTML href shell attempt (more info ...) | policy-violation | 2004-0648 | |||
| 22038 | BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (more info ...) | attempted-user | 2012-0171 | URL | ||
| 22080 | BROWSER-IE Microsoft Internet Explorer xbap custom ISeralizable object exception attempt (more info ...) | attempted-user | 2012-0161 | URL | ||
| 23008 | FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (more info ...) | attempted-user | 2011-3544 | |||
| 23060 | BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (more info ...) | attempted-dos | 2012-0155 | URL | ||
| 23106 | EXPLOIT-KIT SET java applet load attempt (more info ...) | attempted-user | ||||
| 23116 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (more info ...) | attempted-user | 2012-1878 | URL | ||
| 23117 | BROWSER-IE Microsoft Internet Explorer 9 DOM element use after free attempt (more info ...) | attempted-user | 2012-1877 | URL | ||
| 23118 | BROWSER-IE Microsoft Internet Explorer console object use after free attempt (more info ...) | attempted-user | 2012-1874 | URL | ||
| 23121 | BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (more info ...) | attempted-user | 2012-1523 | URL | ||
| 23122 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | misc-attack | 2012-1881 | URL | ||
| 23123 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 23124 | BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (more info ...) | attempted-user | 2012-1876 | URL | ||
| 23125 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 23126 | BROWSER-IE Microsoft Internet Explorer insertAdjacentText memory corruption attempt (more info ...) | attempted-user | 2012-1879 | URL | ||
| 23142 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23143 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23144 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23145 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23146 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23212 | BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (more info ...) | attempted-user | 2012-0469 | URL | ||
| 23219 | EXPLOIT-KIT Redkit exploit kit Java Exploit request to .class file (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23220 | EXPLOIT-KIT Redkit exploit kit Java Exploit Requested - 5 digit jar (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23273 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 23274 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 23275 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 23276 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 23277 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 23278 | BROWSER-IE Microsoft Internet Explorer nested list memory corruption attempt (more info ...) | attempted-user | 2012-1522 | URL | ||
| 23285 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 23286 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23287 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23288 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23289 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23290 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23292 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23294 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23295 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23296 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23297 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23299 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23300 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23302 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23303 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23609 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 23611 | FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (more info ...) | trojan-activity | 2019-7115 | URL | ||
| 23612 | FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (more info ...) | trojan-activity | 2019-7115 | URL | ||
| 23614 | FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (more info ...) | attempted-user | 2012-4969 | URL | ||
| 23637 | FILE-IDENTIFY Java .class file attachment detected (more info ...) | misc-activity | ||||
| 23638 | FILE-IDENTIFY Java .class file attachment detected (more info ...) | misc-activity | ||||
| 23676 | FILE-IDENTIFY Universal Binary/Java Bytecode file magic detected (more info ...) | misc-activity | ||||
| 23789 | BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (more info ...) | attempted-user | 2012-1952 | |||
| 23790 | BROWSER-FIREFOX Mozilla Multiple Products table frames memory corruption attempt (more info ...) | attempted-user | 2012-1952 | |||
| 23834 | BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (more info ...) | attempted-user | 2012-2521 | URL | ||
| 23835 | BROWSER-IE Microsoft Internet Explorer asynchronous code execution attempt (more info ...) | attempted-user | 2012-2521 | URL | ||
| 23836 | BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (more info ...) | attempted-user | 2012-1526 | 54950 | URL | |
| 23840 | BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (more info ...) | attempted-user | 2012-2523 | URL | ||
| 23841 | BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (more info ...) | attempted-user | 2012-2523 | URL | ||
| 23958 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | |||
| 23959 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | |||
| 23960 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 23961 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24020 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24021 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24022 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24023 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24024 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24025 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24026 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-5076 | |||
| 24027 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24028 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24036 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24037 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24038 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24055 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24056 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24057 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24058 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24063 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24064 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24065 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24066 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24084 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24085 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24125 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24126 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24187 | BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (more info ...) | attempted-user | 2011-2371 | 48372 | ||
| 24188 | BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow (more info ...) | attempted-user | 2011-2371 | 48372 | ||
| 24201 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 24202 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | URL | ||
| 24203 | BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (more info ...) | attempted-user | 2012-1876 | URL | ||
| 24204 | BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (more info ...) | attempted-user | 2012-1876 | URL | ||
| 24205 | BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (more info ...) | attempted-user | 2012-1876 | URL | ||
| 24212 | BROWSER-IE Microsoft Internet Explorer execCommand use-after-free attempt (more info ...) | attempted-user | 2012-4969 | URL | ||
| 24252 | BROWSER-IE Microsoft Internet Explorer execCommand use embedded within javascript tags (more info ...) | attempted-user | 2012-4969 | |||
| 24313 | SERVER-WEBAPP HP OpenView Operations Agent request attempt (more info ...) | misc-activity | 2012-2020 | |||
| 24314 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24315 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24316 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24317 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24318 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24319 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24320 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24570 | BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (more info ...) | attempted-user | 2012-0469 | URL | ||
| 24571 | BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (more info ...) | attempted-user | 2012-0469 | URL | ||
| 24572 | BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (more info ...) | attempted-user | 2012-0469 | URL | ||
| 24573 | BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (more info ...) | attempted-user | 2012-0469 | URL | ||
| 24574 | BROWSER-FIREFOX Mozilla Firefox IDB use-after-free attempt (more info ...) | attempted-user | 2012-0469 | URL | ||
| 24653 | BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (more info ...) | attempted-user | 2012-4775 | URL | ||
| 24654 | BROWSER-IE Microsoft Internet Explorer 9 table th element use after free attempt (more info ...) | attempted-user | 2012-4775 | URL | ||
| 24660 | BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (more info ...) | attempted-user | 2012-1539 | URL | ||
| 24661 | BROWSER-IE Microsoft Internet Explorer 9 style properties use after free attempt (more info ...) | attempted-user | 2012-1539 | URL | ||
| 24662 | BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (more info ...) | attempted-user | 2012-1538 | URL | ||
| 24663 | BROWSER-IE Microsoft Internet Explorer button object use after free memory corruption attempt (more info ...) | attempted-user | 2012-1538 | URL | ||
| 24701 | FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (more info ...) | attempted-user | 2012-0499 | |||
| 24769 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24770 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 24786 | EXPLOIT-KIT CritX exploit kit Java Exploit request structure (more info ...) | trojan-activity | URL | |||
| 24787 | EXPLOIT-KIT CritX exploit kit Java Exploit download (more info ...) | trojan-activity | URL | |||
| 24793 | EXPLOIT-KIT KaiXin exploit kit Java Class download (more info ...) | trojan-activity | 2012-1889 | URL | ||
| 24808 | FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (more info ...) | attempted-user | 2012-5272 | URL | ||
| 24809 | FILE-FLASH Microsoft Internet Explorer premature unload of Flash plugin use after free attempt (more info ...) | attempted-user | 2012-5272 | URL | ||
| 24827 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24828 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24829 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24830 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24831 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24832 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24833 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24834 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24835 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24836 | SERVER-WEBAPP HP OpenView Operations Agent buffer overflow attempt (more info ...) | attempted-admin | 2012-2020 | 54362 | URL | |
| 24904 | FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (more info ...) | attempted-user | 2008-3111 | 30148 | ||
| 24915 | FILE-JAVA Oracle Java Runtime true type font idef opcode heap buffer overflow attempt (more info ...) | attempted-user | 2012-0499 | |||
| 24956 | BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (more info ...) | attempted-dos | 2012-4787 | URL | ||
| 24993 | FILE-JAVA Oracle Java Applet remote code execution attempt (more info ...) | attempted-user | 2012-5076 | |||
| 24994 | BROWSER-FIREFOX Mozilla Firefox onChannelRedirect method attempt (more info ...) | attempted-user | 2011-0065 | |||
| 25006 | FILE-JAVA Oracle JavaScript heap exploitation library usage attempt (more info ...) | attempted-user | 2012-4969 | URL | ||
| 25041 | EXPLOIT-KIT Java User-Agent flowbit set (more info ...) | misc-activity | ||||
| 25046 | EXPLOIT-KIT CritX exploit kit Java V6 exploit download (more info ...) | trojan-activity | URL | |||
| 25047 | EXPLOIT-KIT CritX exploit kit Java V7 exploit download (more info ...) | trojan-activity | URL | |||
| 25052 | EXPLOIT-KIT Redkit exploit kit Java Exploit requested - 3 digit (more info ...) | trojan-activity | 2012-4681 | |||
| 25078 | BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (more info ...) | attempted-user | 2012-2523 | URL | ||
| 25079 | BROWSER-IE Microsoft Internet Explorer sign extension vulnerability exploitation attempt (more info ...) | attempted-user | 2012-2523 | URL | ||
| 25121 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | 53960 | URL | |
| 25122 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | 53960 | URL | |
| 25123 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-4681 | 53960 | URL | |
| 25125 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25126 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25127 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25128 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25129 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25130 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25131 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25132 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25133 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25134 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25234 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25235 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 25297 | FILE-MULTIMEDIA Mozilla products Ogg Vorbis decoding memory corruption attempt (more info ...) | attempted-user | 2012-0444 | 51753 | ||
| 25301 | EXPLOIT-KIT redirect to malicious java archive attempt (more info ...) | attempted-user | 2013-0422 | 57246 | URL | |
| 25320 | BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (more info ...) | attempted-dos | 2012-1524 | URL | ||
| 25392 | FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (more info ...) | attempted-user | 2011-3544 | |||
| 25449 | FILE-PDF Javascript openDoc UNC network request attempt (more info ...) | policy-violation | 2013-0622 | 57295 | URL | |
| 25450 | FILE-PDF Javascript openDoc UNC network request attempt (more info ...) | policy-violation | 2013-0622 | 57295 | URL | |
| 25472 | FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (more info ...) | attempted-user | 2013-0431 | 57246 | URL | |
| 25473 | FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (more info ...) | attempted-user | 2013-0422 | 57246 | URL | |
| 25475 | FILE-PDF JavaScript contained in an xml template embedded in a pdf attempt (more info ...) | trojan-activity | 2019-7115 | URL | ||
| 25539 | EXPLOIT-KIT Red Dot java retrieval attempt (more info ...) | trojan-activity | 2013-0422 | URL | ||
| 25650 | BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (more info ...) | attempted-user | 2004-1050 | 11515 | ||
| 25764 | EXPLOIT-KIT Zuponcic exploit kit Oracle Java file download (more info ...) | trojan-activity | URL | |||
| 25769 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 25771 | BROWSER-IE Microsoft Internet Explorer custom cursor file use after free attempt (more info ...) | attempted-user | 2013-0028 | URL | ||
| 25772 | BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (more info ...) | attempted-user | 2013-0029 | URL | ||
| 25773 | BROWSER-IE Microsoft Internet Explorer VML shape object malformed path attempt (more info ...) | attempted-user | 2013-0030 | |||
| 25775 | BROWSER-IE Microsoft Internet Explorer pre-line use after free attempt (more info ...) | attempted-user | 2015-6050 | URL | ||
| 25776 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free memory corruption attempt (more info ...) | attempted-user | 2013-0024 | URL | ||
| 25777 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free memory corruption attempt (more info ...) | attempted-user | 2013-0024 | URL | ||
| 25784 | BROWSER-IE Microsoft Internet Explorer text layout calculation use after free attempt (more info ...) | attempted-user | 2013-0022 | URL | ||
| 25785 | BROWSER-IE Microsoft Internet Explorer text layout calculation use after free attempt (more info ...) | attempted-user | 2013-0022 | URL | ||
| 25786 | BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0026 | 57832 | URL | |
| 25787 | BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0026 | 57832 | URL | |
| 25788 | BROWSER-IE Microsoft Internet Explorer iframe use after free attempt (more info ...) | attempted-user | 2013-0019 | URL | ||
| 25789 | BROWSER-IE Microsoft Internet Explorer iframe use after free attempt (more info ...) | attempted-user | 2013-0019 | URL | ||
| 25790 | BROWSER-IE Microsoft Internet Explorer compatibility mode invalid memory access attempt (more info ...) | attempted-user | 2013-0021 | URL | ||
| 25791 | BROWSER-IE Microsoft Internet Explorer compatibility mode invalid memory access attempt (more info ...) | attempted-user | 2013-0021 | URL | ||
| 25792 | BROWSER-IE Microsoft Internet Explorer SVG object use after free attempt (more info ...) | attempted-admin | 2013-0023 | URL | ||
| 25805 | EXPLOIT-KIT Whitehole exploit kit Java exploit retrieval (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25823 | EXPLOIT-KIT CritX exploit kit Java V5 exploit download (more info ...) | trojan-activity | URL | |||
| 25830 | FILE-JAVA Oracle Java malicious class download attempt (more info ...) | attempted-user | 2013-2471 | 60659 | ||
| 25831 | FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (more info ...) | attempted-user | 2013-0422 | 57246 | URL | |
| 25832 | FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (more info ...) | attempted-user | 2013-0431 | 57246 | URL | |
| 25833 | FILE-JAVA Oracle Java malicious class download attempt (more info ...) | attempted-user | 2013-0422 | 57246 | ||
| 25834 | FILE-JAVA Oracle Java JMX class arbitrary code execution attempt (more info ...) | attempted-user | 2013-0422 | 57246 | URL | |
| 25984 | BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | 38615 | URL | |
| 25985 | BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | 38615 | URL | |
| 25986 | BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt (more info ...) | attempted-user | 2010-0806 | 38615 | URL | |
| 26000 | FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26001 | FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26003 | FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26005 | FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26007 | FILE-FLASH Adobe Flash Player HTML & Javascript SWF use-after-free execution attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26025 | INDICATOR-COMPROMISE Java user-agent request to svchost.jpg (more info ...) | trojan-activity | 2013-1493 | |||
| 26035 | EXPLOIT-KIT Crimeboss exploit kit - java on (more info ...) | trojan-activity | URL | |||
| 26036 | EXPLOIT-KIT Crimeboss exploit kit - Java Exploit (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 26038 | EXPLOIT-KIT Crimeboss exploit kit - Java exploit download (more info ...) | trojan-activity | 2013-0422 | URL | ||
| 26039 | EXPLOIT-KIT Crimeboss exploit kit - Java exploit download (more info ...) | trojan-activity | 2013-0422 | URL | ||
| 26125 | BROWSER-IE Microsoft Internet Explorer text transform use after free attempt (more info ...) | attempted-user | 2013-0087 | 58341 | URL | |
| 26129 | BROWSER-IE Microsoft Internet Explorer htc file use after free attempt (more info ...) | attempted-user | 2013-0094 | URL | ||
| 26130 | BROWSER-IE Microsoft Internet Explorer htc file use after free attempt (more info ...) | attempted-user | 2013-0094 | URL | ||
| 26132 | BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (more info ...) | attempted-dos | 2013-0088 | URL | ||
| 26133 | BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (more info ...) | attempted-dos | 2013-0088 | URL | ||
| 26134 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0091 | URL | ||
| 26135 | BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (more info ...) | attempted-user | 2013-0089 | URL | ||
| 26136 | BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (more info ...) | attempted-user | 2013-0089 | URL | ||
| 26137 | BROWSER-IE Microsoft Internet Explorer 9 onBeforeCopy use after free attempt (more info ...) | attempted-user | 2013-0093 | URL | ||
| 26138 | BROWSER-IE Microsoft Internet Explorer 9 onBeforeCopy use after free attempt (more info ...) | attempted-user | 2013-0093 | URL | ||
| 26157 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26158 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26159 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26160 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26161 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26162 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26185 | FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (more info ...) | attempted-user | 2012-5076 | |||
| 26186 | FILE-JAVA Oracle Java Gmbal package sandbox breach attempt (more info ...) | attempted-user | 2012-5076 | |||
| 26195 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 26196 | FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 26197 | FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 26198 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 26199 | FILE-JAVA Oracle Java 2D ImagingLib LookupOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 26200 | FILE-JAVA Oracle Java 2D ImagingLib ConvolveOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 26216 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26217 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26218 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26219 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26220 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26221 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26222 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26223 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26224 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26225 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor object use after free attempt (more info ...) | attempted-user | 2013-0027 | URL | ||
| 26292 | EXPLOIT-KIT Oracle Java Jar file downloaded when zip is defined (more info ...) | trojan-activity | ||||
| 26348 | EXPLOIT-KIT Redkit exploit kit java exploit delivery (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26377 | EXPLOIT-KIT Redkit exploit kit java exploit request (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26419 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26420 | BROWSER-IE Microsoft Internet Explorer 9 onbeforeprint use after free attempt (more info ...) | attempted-user | 2013-0092 | URL | ||
| 26441 | INDICATOR-OBFUSCATION Obfuscated javascript/html generated by myobfuscate.com detected (more info ...) | bad-unknown | URL | |||
| 26509 | EXPLOIT-KIT Multiple exploit kit java payload detection (more info ...) | trojan-activity | 2013-2423 | |||
| 26569 | BROWSER-IE Microsoft Internet Explorer null object access attempt (more info ...) | attempted-user | 2013-1347 | URL | ||
| 26571 | BROWSER-IE Microsoft Internet Explorer null object access attempt (more info ...) | attempted-user | 2013-1347 | URL | ||
| 26572 | BROWSER-IE Microsoft Internet Explorer null object access attempt (more info ...) | attempted-user | 2013-1347 | URL | ||
| 26584 | BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (more info ...) | attempted-user | 2012-0172 | 52906 | URL | |
| 26629 | BROWSER-IE Microsoft Internet Explorer setInterval focus use after free attempt (more info ...) | attempted-admin | 2013-1308 | URL | ||
| 26630 | BROWSER-IE Microsoft Internet Explorer CDispNode float css element use after free attempt (more info ...) | attempted-user | 2013-1309 | URL | ||
| 26631 | BROWSER-IE Microsoft Internet Explorer CDispNode float css element use after free attempt (more info ...) | attempted-user | 2013-1309 | URL | ||
| 26633 | BROWSER-IE Microsoft Internet Explorer html reload loop attempt (more info ...) | misc-activity | 2013-1306 | 59745 | URL | |
| 26634 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (more info ...) | attempted-user | 2013-1311 | URL | ||
| 26635 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (more info ...) | attempted-user | 2013-1311 | URL | ||
| 26636 | BROWSER-IE Microsoft Internet Explorer DCOMTextNode object use after free attempt (more info ...) | attempted-user | 2013-1312 | URL | ||
| 26637 | BROWSER-IE Microsoft Internet Explorer DCOMTextNode object use after free attempt (more info ...) | attempted-user | 2013-1312 | URL | ||
| 26641 | BROWSER-IE Microsoft Internet Explorer runtimeStyle memory corruption attempt (more info ...) | attempted-user | 2013-1307 | URL | ||
| 26642 | BROWSER-IE Microsoft Internet Explorer runtimeStyle memory corruption attempt (more info ...) | attempted-user | 2013-1307 | URL | ||
| 26666 | BROWSER-IE Microsoft Internet Explorer ANIMATECOLOR SMIL access attempt (more info ...) | attempted-user | 2013-1347 | |||
| 26668 | BROWSER-IE Microsoft Internet Explorer null object access attempt (more info ...) | attempted-user | 2013-1347 | URL | ||
| 26716 | FILE-JAVA Oracle Java font rendering remote code execution attempt (more info ...) | attempted-user | 2013-1491 | URL | ||
| 26717 | FILE-JAVA Oracle Java font rendering remote code execution attempt (more info ...) | attempted-user | 2013-1491 | URL | ||
| 26753 | BROWSER-IE Microsoft Internet Explorer CDispNode float css element use after free attempt (more info ...) | attempted-user | 2013-1309 | URL | ||
| 26754 | BROWSER-IE Microsoft Internet Explorer CDispNode float css element use after free attempt (more info ...) | attempted-user | 2013-1309 | URL | ||
| 26843 | BROWSER-IE Microsoft Internet Explorer 9 array element property use after free attempt (more info ...) | attempted-user | 2013-3112 | URL | ||
| 26844 | BROWSER-IE Microsoft Internet Explorer 9 layout engine memory corruption attempt (more info ...) | attempted-user | 2013-3122 | URL | ||
| 26845 | BROWSER-IE Microsoft Internet Explorer 10 insertImage with designMode on deleted object access attempt (more info ...) | attempted-user | 2013-3120 | URL | ||
| 26846 | BROWSER-IE Microsoft Internet Explorer 10 insertImage with designMode on deleted object access attempt (more info ...) | attempted-user | 2013-3120 | URL | ||
| 26847 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2013-3125 | URL | ||
| 26849 | BROWSER-IE Microsoft Internet Explorer superscript use after free attempt (more info ...) | attempted-user | 2013-3111 | URL | ||
| 26851 | BROWSER-IE Microsoft Internet Explorer 5 compatibility mode use after free attempt (more info ...) | attempted-user | 2013-3121 | URL | ||
| 26867 | BROWSER-IE Microsoft Internet Explorer 8 select element deleted object access attempt (more info ...) | attempted-user | 2013-3139 | URL | ||
| 26868 | BROWSER-IE Microsoft Internet Explorer 8 select element deleted object access attempt (more info ...) | attempted-user | 2013-3139 | URL | ||
| 26869 | BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (more info ...) | attempted-user | 2013-3118 | URL | ||
| 26870 | BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (more info ...) | attempted-user | 2013-3118 | URL | ||
| 26871 | BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (more info ...) | attempted-user | 2013-3118 | URL | ||
| 26872 | BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (more info ...) | attempted-user | 2013-3118 | URL | ||
| 26873 | BROWSER-IE Microsoft Internet Explorer 9 CSS rules cache use-after-free attempt (more info ...) | attempted-user | 2013-3117 | URL | ||
| 26874 | BROWSER-IE Microsoft Internet Explorer 9 CSS rules cache use-after-free attempt (more info ...) | attempted-user | 2013-3117 | URL | ||
| 26875 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNodeobject use-after-free attempt (more info ...) | attempted-user | 2013-3119 | URL | ||
| 26876 | BROWSER-IE Microsoft Internet Explorer 9 cached display node use-after-free attempt (more info ...) | attempted-user | 2013-3116 | URL | ||
| 26878 | BROWSER-IE Microsoft Internet Explorer 8 tree element use after free attempt (more info ...) | attempted-user | 2013-3110 | URL | ||
| 26882 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 26883 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 26884 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 26885 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 26886 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 26887 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 26888 | BROWSER-IE Microsoft Internet Explorer CTreeNode use after free memory corruption attempt (more info ...) | attempted-user | 2013-3142 | URL | ||
| 26889 | BROWSER-IE Microsoft Internet Explorer CTreeNode use after free memory corruption attempt (more info ...) | attempted-user | 2013-3142 | URL | ||
| 26894 | EXPLOIT-KIT Flashpack/Safe/CritX exploit kit Java V6 exploit download (more info ...) | trojan-activity | URL | |||
| 26895 | EXPLOIT-KIT Flashpack/Safe/CritX exploit kit Java V7 exploit download (more info ...) | trojan-activity | URL | |||
| 26985 | EXPLOIT-KIT Rawin exploit kit outbound java retrieval (more info ...) | trojan-activity | ||||
| 26988 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNodeobject use-after-free attempt (more info ...) | attempted-user | 2013-3119 | URL | ||
| 27052 | MALWARE-OTHER Trojan.Java.JVDrop.A jar file download attempt (more info ...) | trojan-activity | URL | |||
| 27053 | MALWARE-OTHER Trojan.Java.JVDrop.A jar file download attempt (more info ...) | trojan-activity | URL | |||
| 27061 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (more info ...) | attempted-user | 2013-1311 | URL | ||
| 27062 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (more info ...) | attempted-user | 2013-1311 | URL | ||
| 27076 | FILE-JAVA Oracle Java Applet disable security manager attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 27077 | FILE-JAVA Oracle Java Applet disable security manager attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 27081 | EXPLOIT-KIT Nailed exploit kit Internet Explorer exploit download - autopwn (more info ...) | trojan-activity | 2012-4969 | URL | ||
| 27100 | BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (more info ...) | attempted-user | 2013-3118 | URL | ||
| 27101 | BROWSER-IE Microsoft Internet Explorer double-free memory corruption attempt (more info ...) | attempted-user | 2013-3118 | URL | ||
| 27126 | BROWSER-IE Microsoft Internet Explorer setCapture use after free attempt (more info ...) | attempted-user | 2013-3150 | URL | ||
| 27127 | BROWSER-IE Microsoft Internet Explorer 10 CTreePos use-after-free attempt (more info ...) | attempted-user | 2013-3143 | URL | ||
| 27128 | BROWSER-IE Microsoft Internet Explorer 10 CTreePos use-after-free attempt (more info ...) | attempted-user | 2013-3143 | URL | ||
| 27129 | BROWSER-IE Microsoft Internet Explorer 9 use after free attempt (more info ...) | attempted-user | 2013-3148 | URL | ||
| 27130 | BROWSER-IE Microsoft Internet Explorer 9 use after free attempt (more info ...) | attempted-user | 2013-3148 | URL | ||
| 27131 | BROWSER-IE Microsoft Internet Explorer 8 CTreePos use after free attempt (more info ...) | attempted-user | 2013-3151 | URL | ||
| 27132 | BROWSER-IE Microsoft Internet Explorer PreviousTreePos use after free attempt (more info ...) | attempted-user | 2013-3153 | URL | ||
| 27133 | BROWSER-IE Microsoft Internet Explorer display node use after free attempt (more info ...) | attempted-user | 2013-3115 | URL | ||
| 27134 | BROWSER-IE Microsoft Internet Explorer display node use after free attempt (more info ...) | attempted-user | 2013-3115 | URL | ||
| 27135 | BROWSER-IE Microsoft Internet Explorer 10 CTreePos use after free attempt (more info ...) | attempted-user | 2013-3152 | URL | ||
| 27137 | BROWSER-IE Microsoft Internet Explorer CTreeNode use after free memory corruption attempt (more info ...) | attempted-user | 2013-3164 | URL | ||
| 27138 | BROWSER-IE Microsoft Internet Explorer CTreeNode use after free memory corruption attempt (more info ...) | attempted-user | 2013-3164 | URL | ||
| 27147 | BROWSER-IE Microsoft Internet Explorer 9 IE5 compatibility mode use after free attempt (more info ...) | attempted-admin | 2013-3144 | URL | ||
| 27148 | BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (more info ...) | attempted-user | 2013-3147 | URL | ||
| 27149 | BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (more info ...) | attempted-user | 2013-3147 | URL | ||
| 27150 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 27151 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 27152 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 27153 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 27154 | BROWSER-IE Microsoft Internet Explorer pElement member use after free attempt (more info ...) | attempted-user | 2013-3145 | URL | ||
| 27156 | BROWSER-IE Microsoft Internet Explorer table column-count integer overflow attempt (more info ...) | attempted-user | 2013-3146 | URL | ||
| 27157 | BROWSER-IE Microsoft Internet Explorer table column-count integer overflow attempt (more info ...) | attempted-user | 2013-3146 | URL | ||
| 27171 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 27172 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 27188 | FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 27189 | FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 27190 | FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 27191 | FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 27220 | BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (more info ...) | attempted-user | 2012-2522 | 54951 | URL | |
| 27221 | BROWSER-IE Microsoft Internet Explorer virtual function table corruption attempt (more info ...) | attempted-user | 2012-2522 | 54951 | URL | |
| 27272 | INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (more info ...) | attempted-user | URL | |||
| 27274 | EXPLOIT-KIT CritX exploit kit Java Exploit request structure (more info ...) | trojan-activity | ||||
| 27568 | BROWSER-FIREFOX Mozilla Firefox 17 onreadystatechange memory corruption attempt (more info ...) | attempted-user | 2013-1690 | URL | ||
| 27592 | INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (more info ...) | misc-activity | URL | |||
| 27605 | BROWSER-IE Microsoft Internet Explorer TreeNode use after free attempt (more info ...) | attempted-user | 2013-3188 | URL | ||
| 27606 | BROWSER-IE Microsoft Internet Explorer CSelectionManager use after free attempt (more info ...) | attempted-admin | 2013-3199 | URL | ||
| 27607 | BROWSER-IE Microsoft Internet Explorer content generation use after free attempt (more info ...) | attempted-user | 2013-3187 | URL | ||
| 27608 | BROWSER-IE Microsoft Internet Explorer CTreeNode object CSS text overflow attempt (more info ...) | attempted-dos | 2013-3189 | URL | ||
| 27612 | BROWSER-IE Microsoft Internet Explorer CMarkupPointer with SVG use-after-free attempt (more info ...) | attempted-user | 2013-3194 | URL | ||
| 27613 | BROWSER-IE Microsoft Internet Explorer CElement use-after-free attempt (more info ...) | attempted-user | 2013-3193 | URL | ||
| 27614 | BROWSER-IE Microsoft Internet Explorer CElement use-after-free attempt (more info ...) | attempted-user | 2013-3193 | URL | ||
| 27615 | BROWSER-IE Microsoft Internet Explorer MoveToMarkupPointer call with CControlTracker OnExitTree use-after-free attempt (more info ...) | attempted-user | 2013-3184 | URL | ||
| 27616 | BROWSER-IE Microsoft Internet Explorer MoveToMarkupPointer call with CControlTracker OnExitTree use-after-free attempt (more info ...) | attempted-user | 2013-3184 | URL | ||
| 27618 | BROWSER-IE Microsoft Internet Explorer 6 usp10.dll Bengali font stack overrun attempt (more info ...) | attempted-dos | 2013-3181 | URL | ||
| 27619 | BROWSER-IE Microsoft Internet Explorer 6 usp10.dll Bengali font stack overrun attempt (more info ...) | attempted-dos | 2013-3181 | URL | ||
| 27620 | BROWSER-IE Microsoft Internet Explorer merged stylesheet array use after free attempt (more info ...) | attempted-user | 2013-3191 | URL | ||
| 27621 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27622 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27672 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27673 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27674 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27675 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27676 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27677 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 27691 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 27692 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 27697 | EXPLOIT-KIT Kore exploit kit successful Java exploit (more info ...) | trojan-activity | 2013-2471 | URL | ||
| 27704 | EXPLOIT-KIT Gong Da exploit kit Java exploit requested (more info ...) | trojan-activity | 2013-1493 | |||
| 27705 | EXPLOIT-KIT Gong Da exploit kit Java exploit requested (more info ...) | trojan-activity | 2013-1493 | |||
| 27716 | BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0026 | 57832 | URL | |
| 27717 | BROWSER-IE Microsoft Internet Explorer 9 deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0026 | 57832 | URL | |
| 27733 | EXPLOIT-KIT IFRAMEr Tool embedded javascript attack method - generic structure (more info ...) | misc-activity | URL | |||
| 27734 | EXPLOIT-KIT IFRAMEr Tool embedded javascript attack method - specific structure (more info ...) | misc-activity | URL | |||
| 27735 | INDICATOR-OBFUSCATION Javascript obfuscation - document - seen in IFRAMEr Tool usage (more info ...) | misc-activity | URL | |||
| 27736 | INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (more info ...) | misc-activity | URL | |||
| 27741 | EXPLOIT-KIT Zip file downloaded by Java (more info ...) | misc-activity | ||||
| 27750 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2473 | 60659 | URL | |
| 27751 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 27764 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 27765 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 27766 | BROWSER-PLUGINS Oracle Java Security Slider feature bypass attempt (more info ...) | attempted-user | 2013-1489 | URL | ||
| 27786 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 27787 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 27829 | BROWSER-IE Microsoft Internet Explorer hgroup element DOM reset use after free attempt (more info ...) | attempted-user | 2013-3202 | URL | ||
| 27830 | BROWSER-IE Microsoft Internet Explorer hgroup element DOM reset use after free attempt (more info ...) | attempted-user | 2013-3202 | URL | ||
| 27831 | BROWSER-IE Microsoft Internet Explorer javascript call method type confusion attempt (more info ...) | attempted-user | 2013-3203 | URL | ||
| 27832 | BROWSER-IE Microsoft Internet Explorer javascript apply method type confusion attempt (more info ...) | attempted-user | 2013-3203 | URL | ||
| 27833 | BROWSER-IE Microsoft Internet Explorer javascript call method type confusion attempt (more info ...) | attempted-user | 2013-3203 | URL | ||
| 27834 | BROWSER-IE Microsoft Internet Explorer javascript apply method type confusion attempt (more info ...) | attempted-user | 2013-3203 | URL | ||
| 27835 | BROWSER-IE Microsoft Internet Explorer AddOption use after free attempt (more info ...) | attempted-user | 2013-3204 | URL | ||
| 27836 | BROWSER-IE Microsoft Internet Explorer AddOption use after free attempt (more info ...) | attempted-user | 2013-3204 | URL | ||
| 27837 | BROWSER-IE Microsoft Internet Explorer CDisplayPointer use after free attempt (more info ...) | attempted-user | 2013-3205 | URL | ||
| 27838 | BROWSER-IE Microsoft Internet Explorer CDisplayPointer use after free attempt (more info ...) | attempted-user | 2013-3205 | URL | ||
| 27839 | BROWSER-IE Microsoft Internet Explorer range markup switch use after free attempt (more info ...) | attempted-user | 2013-3206 | URL | ||
| 27840 | BROWSER-IE Microsoft Internet Explorer range markup switch use after free attempt (more info ...) | attempted-user | 2013-3206 | URL | ||
| 27841 | BROWSER-IE Microsoft Internet Explorer 9 MutationEvent use after free attempt (more info ...) | attempted-admin | 2013-3207 | URL | ||
| 27842 | BROWSER-IE Microsoft Internet Explorer CSegment object use after free attempt (more info ...) | attempted-user | 2013-3209 | URL | ||
| 27843 | BROWSER-IE Microsoft Internet Explorer CTreePos object use-after-free attempt (more info ...) | attempted-user | 2013-3845 | URL | ||
| 27844 | BROWSER-IE Microsoft Internet Explorer CTreePos object use-after-free attempt (more info ...) | attempted-user | 2013-3845 | URL | ||
| 27845 | BROWSER-IE Microsoft Internet Explorer iframe execCommand use after free attempt (more info ...) | attempted-user | 2013-3208 | URL | ||
| 27846 | BROWSER-IE Microsoft Internet Explorer iframe execCommand use after free attempt (more info ...) | attempted-user | 2013-3208 | URL | ||
| 27883 | EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Oracle Java (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 27908 | BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (more info ...) | attempted-user | 2013-3163 | 60975 | URL | |
| 27909 | BROWSER-IE Microsoft Internet Explorer CPhraseElement use after free attempt (more info ...) | attempted-user | 2013-3163 | 60975 | URL | |
| 27920 | INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (more info ...) | misc-activity | URL | |||
| 28023 | INDICATOR-OBFUSCATION Javascript obfuscation - document - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28024 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in IFRAMEr Tool attack (more info ...) | misc-activity | URL | |||
| 28025 | INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (more info ...) | misc-activity | URL | |||
| 28109 | EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 28111 | EXPLOIT-KIT Nuclear/Magnitude exploit kit post Java compromise download attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 28151 | BROWSER-IE Microsoft Internet Explorer STextBlockPosition use after free attempt (more info ...) | attempted-user | 2013-3885 | URL | ||
| 28158 | BROWSER-IE Microsoft Internet Explorer CLayoutBlock use after free attempt (more info ...) | attempted-user | 2013-3875 | URL | ||
| 28159 | BROWSER-IE Microsoft Internet Explorer CLayoutBlock use after free attempt (more info ...) | attempted-user | 2013-3875 | URL | ||
| 28160 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2013-3874 | URL | ||
| 28195 | EXPLOIT-KIT X2O exploit kit post java exploit download attempt (more info ...) | trojan-activity | ||||
| 28204 | BROWSER-IE Microsoft Internet Explorer deleted object memory corruption attempt (more info ...) | attempted-user | 2013-3886 | URL | ||
| 28231 | BROWSER-IE Microsoft Internet Explorer javascript call method type confusion attempt (more info ...) | attempted-user | 2013-3203 | URL | ||
| 28232 | BROWSER-IE Microsoft Internet Explorer javascript call method type confusion attempt (more info ...) | attempted-user | 2013-3203 | URL | ||
| 28264 | EXPLOIT-KIT Sweet Orange exploit kit java compromise successful (more info ...) | trojan-activity | ||||
| 28276 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 28277 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp storeImageArray memory corruption attempt (more info ...) | attempted-user | 2013-2465 | 60657 | URL | |
| 28309 | EXPLOIT-KIT Himan exploit kit payload - Oracle Java compromise (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 28310 | EXPLOIT-KIT Himan exploit kit payload - Oracle Java compromise (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 28345 | INDICATOR-OBFUSCATION Javascript obfuscation - split - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28346 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28354 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28355 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28356 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28357 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28358 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28359 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28360 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 28363 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 28364 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 28414 | EXPLOIT-KIT Nuclear/Magnitude exploit kit Oracle Java exploit download attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 28420 | INDICATOR-OBFUSCATION Javascript obfuscation - createElement - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28421 | INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28422 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28424 | EXPLOIT-KIT Nuclear exploit kit Microsoft Internet Explorer vulnerability request (more info ...) | trojan-activity | 2013-2551 | |||
| 28476 | EXPLOIT-KIT Neutrino exploit kit outbound request by Java - generic detection (more info ...) | trojan-activity | 2013-2465 | |||
| 28489 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3871 | URL | ||
| 28490 | BROWSER-IE Microsoft Internet Explorer deleted object memory corruption attempt (more info ...) | attempted-user | 2013-3917 | URL | ||
| 28491 | BROWSER-IE Microsoft Internet Explorer CEditAdorner use after free attempt (more info ...) | attempted-user | 2013-3911 | URL | ||
| 28492 | BROWSER-IE Microsoft Internet Explorer freed CTreePos object use-after-free attempt (more info ...) | attempted-user | 2013-3912 | URL | ||
| 28494 | BROWSER-IE Microsoft Internet Explorer execCommand CTreePos memory corruption attempt (more info ...) | attempted-user | 2013-3914 | URL | ||
| 28495 | BROWSER-IE Microsoft Internet Explorer execCommand CTreePos memory corruption attempt (more info ...) | attempted-user | 2013-3914 | URL | ||
| 28496 | BROWSER-IE Microsoft Internet Explorer createRange user after free attempt (more info ...) | attempted-user | 2013-3910 | URL | ||
| 28504 | BROWSER-IE Microsoft Internet Explorer undo use after free attempt (more info ...) | attempted-user | 2013-3915 | URL | ||
| 28523 | BROWSER-IE Microsoft Internet Explorer generic use after free attempt (more info ...) | attempted-user | 2013-3916 | URL | ||
| 28524 | BROWSER-IE Microsoft Internet Explorer generic use after free attempt (more info ...) | attempted-recon | 2013-3916 | URL | ||
| 28594 | EXPLOIT-KIT Nuclear exploit kit Microsoft Internet Explorer vulnerability request (more info ...) | trojan-activity | ||||
| 28595 | EXPLOIT-KIT Nuclear exploit kit Oracle Java jar file retrieval (more info ...) | trojan-activity | ||||
| 28658 | FILE-PDF Adobe Acrobat Reader XML Java used in app.setTimeOut (more info ...) | attempted-admin | 2013-0641 | 57931 | URL | |
| 28811 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28812 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28843 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2013-3346 | 62149 | URL | |
| 28844 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2013-3346 | 62149 | URL | |
| 28845 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2013-3346 | 62149 | URL | |
| 28846 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2013-3346 | 62149 | URL | |
| 28854 | BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (more info ...) | attempted-user | 2013-3147 | 60966 | URL | |
| 28855 | BROWSER-IE Microsoft Internet Explorer beforeeditfocus use after free exploit attempt (more info ...) | attempted-user | 2013-3147 | 60966 | URL | |
| 28862 | BROWSER-IE Microsoft Internet Explorer CViewportChangeInvalidation use after free attempt (more info ...) | attempted-user | 2013-5051 | URL | ||
| 28863 | BROWSER-IE Microsoft Internet Explorer CViewportChangeInvalidation use after free attempt (more info ...) | attempted-user | 2013-5051 | URL | ||
| 28865 | BROWSER-IE Microsoft Internet Explorer table sub structure use after free attempt (more info ...) | attempted-user | 2013-5048 | URL | ||
| 28866 | BROWSER-IE Microsoft Internet Explorer table sub structure use after free attempt (more info ...) | attempted-user | 2013-5048 | URL | ||
| 28873 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-5047 | URL | ||
| 28874 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-5047 | URL | ||
| 28875 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 28876 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 28877 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 28878 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 28880 | BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (more info ...) | attempted-user | 2013-5052 | URL | ||
| 28881 | BROWSER-IE Microsoft Internet Explorer Dictionary Object use after free attempt (more info ...) | attempted-user | 2013-5056 | 64082 | URL | |
| 28882 | BROWSER-IE Microsoft Internet Explorer Dictionary Object use after free attempt (more info ...) | attempted-user | 2013-5056 | 64082 | URL | |
| 28915 | FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 28916 | FILE-JAVA Oracle Java IntegerInterleavedRaster.verify method integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 28926 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 28927 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 28941 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in IFRAMEr Tool attack (more info ...) | trojan-activity | URL | |||
| 28972 | BROWSER-IE Microsoft Internet Explorer malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2003-1048 | 8530 | URL | |
| 28973 | BROWSER-IE Microsoft Internet Explorer malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2003-1048 | 8530 | URL | |
| 28974 | BROWSER-IE Microsoft Internet Explorer malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2003-1048 | 8530 | URL | |
| 28975 | BROWSER-IE Microsoft Internet Explorer malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2003-1048 | 8530 | URL | |
| 29034 | BROWSER-IE Microsoft Internet Explorer CDisplayPointer use after free attempt (more info ...) | attempted-user | 2013-3205 | URL | ||
| 29035 | BROWSER-IE Microsoft Internet Explorer CDisplayPointer use after free attempt (more info ...) | attempted-user | 2013-3205 | URL | ||
| 29036 | BROWSER-IE Microsoft Internet Explorer 8 CElement Use After Free exploit attempt (more info ...) | attempted-user | 2013-5052 | 64124 | URL | |
| 29189 | EXPLOIT-KIT Magnitude exploit kit Microsoft Internet Explorer Payload request (more info ...) | trojan-activity | ||||
| 29190 | INDICATOR-OBFUSCATION Javascript obfuscation - seen in Nuclear exploit kit (more info ...) | trojan-activity | URL | |||
| 29218 | FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (more info ...) | attempted-user | 2013-2420 | |||
| 29219 | FILE-JAVA Oracle Java and JavaFX JPEGImageReader memory corruption attempt (more info ...) | attempted-user | 2013-2420 | |||
| 29265 | BROWSER-IE Microsoft Internet Explorer invalid object property use after free memory corruption attempt (more info ...) | attempted-dos | 2012-4787 | URL | ||
| 29268 | FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (more info ...) | attempted-user | 2013-2420 | |||
| 29269 | FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (more info ...) | attempted-user | 2013-2420 | |||
| 29270 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 29271 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 29272 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 29273 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 29409 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2016-1079 | 64804 | URL | |
| 29410 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2016-1079 | 64804 | URL | |
| 29412 | EXPLOIT-KIT Angler exploit kit Java download attempt (more info ...) | trojan-activity | ||||
| 29490 | FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (more info ...) | attempted-user | 2013-2472 | 60656 | URL | |
| 29491 | FILE-JAVA Oracle Java ShortComponentRaster integer overflow attempt (more info ...) | attempted-user | 2013-2472 | 60656 | URL | |
| 29503 | BROWSER-FIREFOX Mozilla Products SVG text content element getCharNumAtPosition use after free attempt (more info ...) | attempted-user | 2011-0084 | 49213 | ||
| 29535 | FILE-JAVA Oracle Java Rhino script engine remote code execution attempt (more info ...) | attempted-user | 2011-3544 | |||
| 29579 | BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (more info ...) | attempted-user | 2009-3382 | 36866 | ||
| 29580 | BROWSER-FIREFOX Mozilla Firefox SVG data processing obfuscated memory corruption attempt (more info ...) | attempted-user | 2009-0771 | 33990 | URL | |
| 29602 | BROWSER-IE Microsoft Internet Explorer VML array with negative length memory corruption attempt (more info ...) | attempted-user | 2013-2551 | 58570 | URL | |
| 29605 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 29606 | FILE-JAVA Oracle Java 2D ImagingLib AffineTransformOp integer overflow attempt (more info ...) | attempted-user | 2013-0809 | 58296 | ||
| 29617 | BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (more info ...) | attempted-user | 2011-0073 | URL | ||
| 29623 | BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (more info ...) | attempted-user | 2010-1119 | 40642 | ||
| 29624 | BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (more info ...) | attempted-user | 2011-2371 | 48372 | ||
| 29625 | BROWSER-FIREFOX Mozilla Array.reduceRight integer overflow attempt (more info ...) | attempted-user | 2011-2371 | 48372 | ||
| 29640 | MALWARE-OTHER Java FileDialog heap buffer overflow attempt (more info ...) | attempted-user | 2011-0802 | 48129 | ||
| 29641 | MALWARE-OTHER Java FileDialog heap buffer overflow attempt (more info ...) | attempted-user | 2011-0802 | 48129 | ||
| 29642 | MALWARE-OTHER Java FileDialog heap buffer overflow attempt (more info ...) | attempted-user | 2011-0802 | 48129 | ||
| 29643 | MALWARE-OTHER Java FileDialog heap buffer overflow attempt (more info ...) | attempted-user | 2011-0802 | 48129 | ||
| 29655 | BROWSER-IE Microsoft Internet Explorer 8 use after free attempt (more info ...) | attempted-user | 2014-0272 | URL | ||
| 29667 | BROWSER-IE Microsoft Internet Explorer CTreePos deleted object access attempt (more info ...) | attempted-user | 2014-0277 | URL | ||
| 29668 | BROWSER-IE Microsoft Internet Explorer CTreePos deleted object access attempt (more info ...) | attempted-user | 2014-0277 | URL | ||
| 29671 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 29672 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 29673 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 29674 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 29676 | BROWSER-IE Microsoft Internet Explorer CRootElement Object use after free attempt (more info ...) | attempted-user | 2014-0273 | URL | ||
| 29677 | BROWSER-IE Microsoft Internet Explorer CRootElement Object use after free attempt (more info ...) | attempted-user | 2014-0273 | URL | ||
| 29678 | BROWSER-IE Microsoft Internet Explorer swap node user after free (more info ...) | attempted-user | 2014-0290 | URL | ||
| 29679 | BROWSER-IE Microsoft Internet Explorer swap node user after free (more info ...) | attempted-user | 2014-0290 | URL | ||
| 29706 | BROWSER-IE Microsoft Internet Explorer deleted object access attempt detected (more info ...) | attempted-user | 2014-0285 | URL | ||
| 29707 | BROWSER-IE Microsoft Internet Explorer deleted object access attempt detected (more info ...) | attempted-user | 2014-0285 | URL | ||
| 29708 | BROWSER-IE Microsoft Internet Explorer CSS uninitialized object access attempt detected (more info ...) | attempted-user | 2014-0278 | URL | ||
| 29709 | BROWSER-IE Microsoft Internet Explorer fontFamily attribute deleted object access memory corruption attempt (more info ...) | attempted-user | 2014-0284 | URL | ||
| 29710 | BROWSER-IE Microsoft Internet Explorer fontFamily attribute deleted object access memory corruption attempt (more info ...) | attempted-user | 2014-0284 | URL | ||
| 29711 | BROWSER-IE Microsoft Internet Explorer CTree Node use after free attempt (more info ...) | attempted-user | 2014-0281 | URL | ||
| 29712 | BROWSER-IE Microsoft Internet Explorer CTree Node use after free attempt (more info ...) | attempted-user | 2014-0281 | URL | ||
| 29716 | BROWSER-IE Microsoft Internet Explorer deleted object memory corruption attempt (more info ...) | attempted-user | 2014-0267 | URL | ||
| 29717 | BROWSER-IE Microsoft Internet Explorer text node use after free attempt (more info ...) | attempted-user | 2014-0298 | URL | ||
| 29718 | BROWSER-IE Microsoft Internet Explorer text node use after free attempt (more info ...) | attempted-user | 2014-0298 | URL | ||
| 29721 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-0279 | URL | ||
| 29722 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-0279 | URL | ||
| 29727 | BROWSER-IE Microsoft Internet Explorer CElement event handler use after free attempt (more info ...) | attempted-user | 2014-0275 | URL | ||
| 29728 | BROWSER-IE Microsoft Internet Explorer CElement event handler use after free attempt (more info ...) | attempted-user | 2014-0275 | URL | ||
| 29729 | BROWSER-IE Microsoft Internet Explorer CElement event handler use after free attempt (more info ...) | attempted-user | 2014-0275 | URL | ||
| 29730 | BROWSER-IE Microsoft Internet Explorer CElement event handler use after free attempt (more info ...) | attempted-user | 2014-0275 | URL | ||
| 29731 | BROWSER-IE Microsoft Internet Explorer list element use after free attempt (more info ...) | attempted-user | 2014-0270 | URL | ||
| 29732 | BROWSER-IE Microsoft Internet Explorer list element use after free attempt (more info ...) | attempted-user | 2014-0270 | URL | ||
| 29733 | BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (more info ...) | attempted-user | 2014-0274 | URL | ||
| 29734 | BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (more info ...) | attempted-user | 2014-0274 | URL | ||
| 29735 | BROWSER-IE Microsoft Internet Explorer selectall use after free attempt (more info ...) | attempted-user | 2014-0287 | URL | ||
| 29736 | BROWSER-IE Microsoft Internet Explorer selectall use after free attempt (more info ...) | attempted-user | 2014-0287 | URL | ||
| 29737 | BROWSER-IE Microsoft Internet Explorer cmarkup methods use after free attempt (more info ...) | attempted-user | 2014-0269 | URL | ||
| 29738 | BROWSER-IE Microsoft Internet Explorer cmarkup methods use after free attempt (more info ...) | attempted-user | 2014-0269 | URL | ||
| 29741 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2014-0288 | URL | ||
| 29742 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2014-0288 | URL | ||
| 29743 | BROWSER-IE Microsoft Internet Explorer CInput element user after free attempt (more info ...) | attempted-user | 2014-0286 | URL | ||
| 29744 | BROWSER-IE Microsoft Internet Explorer CInput element user after free attempt (more info ...) | attempted-user | 2014-0286 | URL | ||
| 29796 | BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (more info ...) | attempted-user | 2012-0171 | URL | ||
| 29797 | BROWSER-IE Microsoft Internet Explorer SelectAll dangling pointer use after free attempt (more info ...) | attempted-user | 2012-0171 | URL | ||
| 29819 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2014-0322 | URL | ||
| 29820 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2014-0322 | URL | ||
| 29821 | INDICATOR-COMPROMISE Windows Internet Explorer EMET check and garbage collection (more info ...) | misc-attack | 2013-7331 | URL | ||
| 29822 | INDICATOR-COMPROMISE Windows Internet Explorer EMET check and garbage collection (more info ...) | misc-attack | 2013-7331 | URL | ||
| 29988 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 29989 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 30002 | EXPLOIT-KIT Hello/LightsOut exploit kit Java download attempt (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30004 | EXPLOIT-KIT Hello/LightsOut exploit kit - exploit targeting Java before v1.7.17 (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30005 | EXPLOIT-KIT Hello/LightsOut exploit kit - exploit targeting Google Chrome with Java before v1.7.17 (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30006 | EXPLOIT-KIT Hello/LightsOut exploit kit - exploit targeting Microsoft Internet Explorer 6 on Windows XP (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30007 | EXPLOIT-KIT Hello/LightsOut exploit kit - exploit targeting Microsoft Internet Explorer 7 on Windows XP with Java before v1.7.17 (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30008 | EXPLOIT-KIT Hello/LightsOut exploit kit - exploit targeting Microsoft Internet Explorer 8 on Windows XP (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30009 | EXPLOIT-KIT Hello/LightsOut exploit kit - exploit targeting Java v1.6.32 and older (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30079 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 30080 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 30081 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 30082 | BROWSER-IE Microsoft Internet Explorer SVG handling use after free attempt (more info ...) | attempted-user | 2014-0283 | 65382 | URL | |
| 30106 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2014-0322 | URL | ||
| 30107 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2014-0322 | URL | ||
| 30108 | BROWSER-IE Microsoft Internet Explorer Remove Format use after free attempt (more info ...) | attempted-user | 2014-0306 | URL | ||
| 30109 | BROWSER-IE Microsoft Internet Explorer Remove Format use after free attempt (more info ...) | attempted-user | 2014-0306 | URL | ||
| 30110 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2014-2799 | 66028 | URL | |
| 30111 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2014-2799 | 66028 | URL | |
| 30112 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2014-2799 | 66028 | URL | |
| 30113 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2014-2799 | 66028 | URL | |
| 30116 | BROWSER-IE Microsoft Internet Explorer button element onreadystatechange use after free attempt (more info ...) | attempted-user | 2014-0302 | URL | ||
| 30117 | BROWSER-IE Microsoft Internet Explorer button element onreadystatechange use after free attempt (more info ...) | attempted-user | 2014-0302 | URL | ||
| 30118 | BROWSER-IE Microsoft Internet Explorer setEndPoint use after free attempt (more info ...) | attempted-user | 2014-0314 | URL | ||
| 30119 | BROWSER-IE Microsoft Internet Explorer setEndPoint use after free attempt (more info ...) | attempted-user | 2014-0314 | URL | ||
| 30120 | BROWSER-IE Microsoft Internet Explorer pastHTML use after free (more info ...) | attempted-user | 2014-0305 | URL | ||
| 30121 | BROWSER-IE Microsoft Internet Explorer pastHTML use after free (more info ...) | attempted-user | 2014-0305 | URL | ||
| 30122 | BROWSER-IE Microsoft Internet Explorer CSelectElement SetCurSel remote code execution attempt (more info ...) | attempted-user | 2014-0312 | URL | ||
| 30123 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free attempt (more info ...) | attempted-user | 2014-0297 | URL | ||
| 30124 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free attempt (more info ...) | attempted-user | 2014-0297 | URL | ||
| 30125 | BROWSER-IE Microsoft Internet Explorer CTreeDataPos object use after free attempt (more info ...) | attempted-user | 2014-0311 | URL | ||
| 30126 | BROWSER-IE Microsoft Internet Explorer CTreeDataPos object use after free attempt (more info ...) | attempted-user | 2014-0311 | URL | ||
| 30127 | BROWSER-IE Microsoft Internet Explorer use after free memory corruption attempt (more info ...) | attempted-user | 2014-0304 | URL | ||
| 30128 | BROWSER-IE Microsoft Internet Explorer use after free memory corruption attempt (more info ...) | attempted-user | 2014-0304 | URL | ||
| 30129 | BROWSER-IE Microsoft Internet Explorer Nested Tables use after free attempt (more info ...) | attempted-user | 2014-0299 | URL | ||
| 30130 | BROWSER-IE Microsoft Internet Explorer Nested Tables use after free attempt (more info ...) | attempted-user | 2014-0299 | URL | ||
| 30131 | BROWSER-IE Microsoft Internet Explorer ruby element in media element use after free attempt (more info ...) | attempted-user | 2014-0309 | URL | ||
| 30132 | BROWSER-IE Microsoft Internet Explorer ruby element in media element use after free attempt (more info ...) | attempted-user | 2014-0309 | URL | ||
| 30140 | BROWSER-IE Microsoft Internet Explorer OnMove use after free attempt (more info ...) | attempted-user | 2014-0324 | URL | ||
| 30141 | BROWSER-IE Microsoft Internet Explorer OnMove use after free attempt (more info ...) | attempted-user | 2014-0324 | URL | ||
| 30142 | BROWSER-IE Microsoft Internet Explorer OnMove use after free attempt (more info ...) | attempted-user | 2014-0324 | URL | ||
| 30143 | BROWSER-IE Microsoft Internet Explorer OnMove use after free attempt (more info ...) | attempted-user | 2014-0324 | URL | ||
| 30144 | BROWSER-IE Microsoft Internet Explorer ruby text tag heap-based buffer overflow attempt (more info ...) | attempted-dos | 2014-0313 | URL | ||
| 30145 | BROWSER-IE Microsoft Internet Explorer ruby text tag heap-based buffer overflow attempt (more info ...) | attempted-dos | 2014-0313 | URL | ||
| 30169 | BROWSER-IE Microsoft Internet Explorer CSS uninitialized object access attempt detected (more info ...) | attempted-user | 2014-0278 | URL | ||
| 30201 | BROWSER-IE Microsoft Internet Explorer merged stylesheet array use after free attempt (more info ...) | attempted-user | 2013-3191 | URL | ||
| 30217 | FILE-JAVA Oracle Java font rendering remote code execution attempt (more info ...) | attempted-user | 2013-1491 | URL | ||
| 30345 | BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (more info ...) | attempted-user | 2013-0029 | URL | ||
| 30497 | BROWSER-IE Microsoft Internet Explorer failed large copy clonenode attempt (more info ...) | attempted-user | 2014-1753 | URL | ||
| 30498 | BROWSER-IE Microsoft Internet Explorer failed large copy clonenode attempt (more info ...) | attempted-user | 2014-1753 | URL | ||
| 30499 | BROWSER-IE Microsoft Internet Explorer remote code execution attempt (more info ...) | attempted-user | 2014-1751 | URL | ||
| 30500 | BROWSER-IE Microsoft Internet Explorer remote code execution attempt (more info ...) | attempted-user | 2014-1751 | URL | ||
| 30501 | BROWSER-IE Microsoft Internet Explorer nth-child use after free attempt (more info ...) | attempted-user | 2014-1755 | URL | ||
| 30502 | BROWSER-IE Microsoft Internet Explorer nth-child use after free attempt (more info ...) | attempted-user | 2014-1755 | URL | ||
| 30503 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 30504 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 30505 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 30506 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 30528 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2013-3346 | 62149 | URL | |
| 30529 | FILE-PDF Adobe Acrobat Reader javascript toolbar button use after free attempt (more info ...) | attempted-user | 2013-3346 | 62149 | URL | |
| 30767 | EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (more info ...) | trojan-activity | ||||
| 30768 | EXPLOIT-KIT Magnitude exploit kit Oracle Java payload request (more info ...) | trojan-activity | ||||
| 30790 | SERVER-WEBAPP Java ClassLoader access attempt (more info ...) | attempted-admin | 2022-22965 | 65999 | URL | |
| 30791 | SERVER-WEBAPP Java ClassLoader access attempt (more info ...) | attempted-admin | 2022-22965 | URL | ||
| 30792 | SERVER-WEBAPP Java ClassLoader access attempt (more info ...) | attempted-admin | 2022-22965 | 65999 | URL | |
| 30793 | SERVER-WEBAPP Java ClassLoader access attempt (more info ...) | attempted-admin | 2022-22965 | URL | ||
| 30794 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | 67075 | URL | |
| 30803 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | 67075 | URL | |
| 30847 | BROWSER-IE Microsoft Internet Explorer CElement event handler use after free attempt (more info ...) | attempted-user | 2014-0275 | URL | ||
| 30848 | BROWSER-IE Microsoft Internet Explorer CElement event handler use after free attempt (more info ...) | attempted-user | 2014-0275 | URL | ||
| 30892 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | URL | ||
| 30893 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | URL | ||
| 30894 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | URL | ||
| 30895 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | URL | ||
| 30956 | BROWSER-IE Microsoft Internet Explorer deleted object memory corruption attempt (more info ...) | attempted-user | 2014-0310 | URL | ||
| 30957 | BROWSER-IE Microsoft Internet Explorer deleted object memory corruption attempt (more info ...) | attempted-user | 2014-0310 | URL | ||
| 30961 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2014-1815 | URL | ||
| 30962 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2014-1815 | URL | ||
| 30963 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2014-1815 | URL | ||
| 30964 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2014-1815 | URL | ||
| 30965 | EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (more info ...) | trojan-activity | ||||
| 30966 | EXPLOIT-KIT CritX exploit kit landing page - redirection to Microsoft Internet Explorer exploit (more info ...) | trojan-activity | ||||
| 30969 | EXPLOIT-KIT CritX exploit kit outbound request for Microsoft Internet Explorer landing page (more info ...) | trojan-activity | ||||
| 30971 | EXPLOIT-KIT CritX exploit kit outbound request for Oracle Java landing page (more info ...) | trojan-activity | ||||
| 30975 | EXPLOIT-KIT CritX exploit kit landing page - redirection to Oracle Java exploit (more info ...) | trojan-activity | ||||
| 31017 | BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (more info ...) | attempted-user | 2014-0527 | URL | ||
| 31018 | BROWSER-PLUGINS Microsoft Internet Explorer Adobe Reader Extension race condition attempt (more info ...) | attempted-user | 2014-0527 | URL | ||
| 31188 | BROWSER-IE Microsoft Internet Explorer isIndex attribute overflow attempt (more info ...) | attempted-user | 2014-1797 | URL | ||
| 31189 | BROWSER-IE Microsoft Internet Explorer isIndex attribute overflow attempt (more info ...) | attempted-user | 2014-1797 | URL | ||
| 31190 | BROWSER-IE Microsoft Internet Explorer RemoveSplice use-after-free attempt (more info ...) | attempted-user | 2014-1785 | URL | ||
| 31191 | BROWSER-IE Microsoft Internet Explorer RemoveSplice use-after-free attempt (more info ...) | attempted-user | 2014-1785 | URL | ||
| 31196 | BROWSER-IE Microsoft Internet Explorer CTreeNode onmousemove use-after-free attempt (more info ...) | attempted-user | 2014-1791 | URL | ||
| 31197 | BROWSER-IE Microsoft Internet Explorer CTreeNode onmousemove use-after-free attempt (more info ...) | attempted-user | 2014-1791 | URL | ||
| 31198 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-1804 | URL | ||
| 31199 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-1804 | URL | ||
| 31202 | BROWSER-IE Microsoft Internet Explorer CRangeSaver use after free attempt (more info ...) | attempted-user | 2014-1772 | URL | ||
| 31203 | BROWSER-IE Microsoft Internet Explorer CRangeSaver use after free attempt (more info ...) | attempted-user | 2014-1772 | URL | ||
| 31204 | BROWSER-IE Microsoft Internet Explorer celement use after free attempt (more info ...) | attempted-user | 2014-0282 | URL | ||
| 31205 | BROWSER-IE Microsoft Internet Explorer celement use after free attempt (more info ...) | attempted-user | 2014-0282 | URL | ||
| 31206 | BROWSER-IE Microsoft Internet Explorer 11 CTreePos child element use-after-free attempt (more info ...) | attempted-user | 2014-1800 | URL | ||
| 31207 | BROWSER-IE Microsoft Internet Explorer 11 CTreePos child element use-after-free attempt (more info ...) | attempted-user | 2014-1800 | URL | ||
| 31215 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-1802 | URL | ||
| 31216 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-1802 | URL | ||
| 31219 | BROWSER-IE Microsoft Internet Explorer WindowedMarkupContext use after free attempt (more info ...) | attempted-user | 2014-1805 | URL | ||
| 31220 | BROWSER-IE Microsoft Internet Explorer WindowedMarkupContext use after free attempt (more info ...) | attempted-user | 2014-1805 | URL | ||
| 31277 | EXPLOIT-KIT CottonCastle exploit kit Oracle Java outbound connection (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 31278 | EXPLOIT-KIT CottonCastle exploit kit Oracle java outbound connection (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 31284 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2015-3083 | URL | ||
| 31286 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 31296 | BROWSER-IE Microsoft Internet Explorer negative margin use after free attempt (more info ...) | attempted-user | 2012-1526 | 54950 | URL | |
| 31302 | APP-DETECT Oracle Java debug wire protocol remote debugging attempt (more info ...) | protocol-command-decode | 2017-6639 | URL | ||
| 31366 | FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 31367 | FILE-JAVA Oracle Java sun.tracing.ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | 60635 | URL | |
| 31380 | BROWSER-IE Microsoft Internet Explorer 11 onpropertychange remote code execution attempt (more info ...) | attempted-user | 2014-1765 | 66244 | URL | |
| 31381 | BROWSER-IE Microsoft Internet Explorer 11 onpropertychange remote code execution attempt (more info ...) | attempted-user | 2014-1765 | 66244 | URL | |
| 31382 | BROWSER-IE Microsoft Internet Explorer uninitialized object use after free attempt (more info ...) | attempted-user | 2014-2797 | URL | ||
| 31383 | BROWSER-IE Microsoft Internet Explorer uninitialized object use after free attempt (more info ...) | attempted-user | 2014-2797 | URL | ||
| 31384 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-2795 | URL | ||
| 31385 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-2795 | URL | ||
| 31388 | BROWSER-IE Microsoft Internet Explorer improper object cast memory corruption attempt (more info ...) | attempted-user | 2014-2787 | URL | ||
| 31389 | BROWSER-IE Microsoft Internet Explorer improper object cast memory corruption attempt (more info ...) | attempted-user | 2014-2787 | URL | ||
| 31403 | BROWSER-IE Microsoft Internet Explorer celement use after free (more info ...) | attempted-user | 2014-0282 | URL | ||
| 31404 | BROWSER-IE Microsoft Internet Explorer celement use after free (more info ...) | attempted-user | 2014-0282 | URL | ||
| 31470 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 31485 | BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (more info ...) | attempted-user | 2013-0029 | URL | ||
| 31486 | BROWSER-IE Microsoft Internet Explorer onbeforeeditfocus element attribute use after free attempt (more info ...) | attempted-user | 2013-0029 | URL | ||
| 31511 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | 53960 | URL | |
| 31512 | FILE-JAVA Oracle Java field bytecode verifier cache code execution attempt (more info ...) | attempted-user | 2012-1723 | 53960 | URL | |
| 31540 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2473 | 60659 | URL | |
| 31541 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2473 | 60659 | URL | |
| 31580 | BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (more info ...) | attempted-user | 2012-1529 | 55641 | URL | |
| 31581 | BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (more info ...) | attempted-user | 2012-1529 | 55641 | URL | |
| 31582 | BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (more info ...) | attempted-user | 2012-1529 | 55641 | URL | |
| 31583 | BROWSER-IE Microsoft Internet Explorer OnMove Use After Free exploit attempt (more info ...) | attempted-user | 2012-1529 | 55641 | URL | |
| 31584 | BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (more info ...) | attempted-user | 2013-1310 | 59751 | URL | |
| 31585 | BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (more info ...) | attempted-user | 2013-1310 | 59751 | URL | |
| 31608 | BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (more info ...) | attempted-user | 2012-2557 | 55647 | URL | |
| 31609 | BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (more info ...) | attempted-user | 2012-2557 | 55647 | URL | |
| 31610 | BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (more info ...) | attempted-user | 2012-2557 | 55647 | URL | |
| 31611 | BROWSER-IE Microsoft Internet Explorer cloneNode for loop remote code execution attempt (more info ...) | attempted-user | 2012-2557 | 55647 | URL | |
| 31619 | BROWSER-IE Microsoft Internet Explorer kbd element use-after-free attempt (more info ...) | attempted-user | 2014-4050 | URL | ||
| 31620 | BROWSER-IE Microsoft Internet Explorer kbd element use-after-free attempt (more info ...) | attempted-user | 2014-4050 | URL | ||
| 31621 | BROWSER-IE Microsoft Internet Explorer onreadystatechange use after free attempt (more info ...) | attempted-user | 2014-4063 | URL | ||
| 31622 | BROWSER-IE Microsoft Internet Explorer onreadystatechange use after free attempt (more info ...) | attempted-user | 2014-4063 | URL | ||
| 31623 | BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (more info ...) | attempted-user | 2012-2546 | 55645 | URL | |
| 31624 | BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (more info ...) | attempted-user | 2012-2546 | 55645 | URL | |
| 31625 | BROWSER-IE Microsoft Internet Explorer Use after free attempt (more info ...) | attempted-user | 2014-2823 | URL | ||
| 31626 | BROWSER-IE Microsoft Internet Explorer Use after free attempt (more info ...) | attempted-user | 2014-2823 | URL | ||
| 31627 | BROWSER-IE Microsoft Internet Explorer cdomuievent use after free attempt (more info ...) | attempted-user | 2014-2820 | 69116 | URL | |
| 31628 | BROWSER-IE Microsoft Internet Explorer cdomuievent use after free attempt (more info ...) | attempted-user | 2014-2820 | 69116 | URL | |
| 31629 | BROWSER-IE Microsoft Internet Explorer CMarkup insertMarquee use after free attempt (more info ...) | attempted-user | 2014-4057 | URL | ||
| 31630 | BROWSER-IE Microsoft Internet Explorer CMarkup insertMarquee use after free attempt (more info ...) | attempted-user | 2014-4057 | URL | ||
| 31634 | BROWSER-IE Microsoft Internet Explorer margin overflow use after free attempt (more info ...) | attempted-user | 2014-2824 | URL | ||
| 31635 | BROWSER-IE Microsoft Internet Explorer margin overflow use after free attempt (more info ...) | attempted-user | 2014-2824 | URL | ||
| 31760 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 31761 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 31762 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 31763 | BROWSER-IE Microsoft Internet Explorer GetClassObject use after free attempt (more info ...) | attempted-user | 2013-5049 | URL | ||
| 31782 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor instance use after free attempt (more info ...) | attempted-user | 2014-4095 | URL | ||
| 31783 | BROWSER-IE Microsoft Internet Explorer CHTMLEditor instance use after free attempt (more info ...) | attempted-user | 2014-4095 | URL | ||
| 31784 | BROWSER-IE Microsoft Internet Explorer 11 C1DLayout ruby element use-after-free attempt (more info ...) | attempted-user | 2014-4094 | URL | ||
| 31785 | BROWSER-IE Microsoft Internet Explorer 11 C1DLayout ruby element use-after-free attempt (more info ...) | attempted-user | 2014-4094 | URL | ||
| 31786 | BROWSER-IE Microsoft Internet Explorer style-image-url use after free attempt (more info ...) | attempted-user | 2014-4087 | URL | ||
| 31787 | BROWSER-IE Microsoft Internet Explorer style-image-url use after free attempt (more info ...) | attempted-user | 2014-4087 | URL | ||
| 31788 | BROWSER-IE Microsoft Internet Explorer justifying text with an incorrect type use after free attempt (more info ...) | attempted-user | 2014-4080 | URL | ||
| 31789 | BROWSER-IE Microsoft Internet Explorer justifying text with an incorrect type use after free attempt (more info ...) | attempted-user | 2014-4080 | URL | ||
| 31790 | BROWSER-IE Microsoft Internet Explorer CAttrArray use after free attempt (more info ...) | attempted-user | 2014-4065 | URL | ||
| 31791 | BROWSER-IE Microsoft Internet Explorer CAttrArray use after free attempt (more info ...) | attempted-user | 2014-4065 | URL | ||
| 31792 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use-after-free attempt (more info ...) | attempted-user | 2014-4084 | URL | ||
| 31793 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use-after-free attempt (more info ...) | attempted-user | 2014-4084 | URL | ||
| 31794 | BROWSER-IE Microsoft Internet Explorer access violation attempt (more info ...) | attempted-user | 2014-4081 | URL | ||
| 31795 | BROWSER-IE Microsoft Internet Explorer access violation attempt (more info ...) | attempted-user | 2014-4081 | URL | ||
| 31799 | BROWSER-IE Microsoft Internet Explorer CTableCell Use After Free exploit attempt (more info ...) | attempted-user | 2014-4092 | URL | ||
| 31800 | BROWSER-IE Microsoft Internet Explorer CTableCell Use After Free exploit attempt (more info ...) | attempted-user | 2014-4092 | URL | ||
| 31801 | BROWSER-IE Microsoft Internet Explorer 11 InsertInputSubmit use after free attempt (more info ...) | attempted-user | 2014-4088 | URL | ||
| 31802 | BROWSER-IE Microsoft Internet Explorer 11 InsertInputSubmit use after free attempt (more info ...) | attempted-user | 2014-4088 | URL | ||
| 31809 | BROWSER-IE Microsoft Internet Explorer integer overflow exploit attempt (more info ...) | attempted-user | 2014-4082 | URL | ||
| 31810 | BROWSER-IE Microsoft Internet Explorer integer overflow exploit attempt (more info ...) | attempted-user | 2014-4082 | URL | ||
| 31900 | EXPLOIT-KIT Angler exploit kit Internet Explorer encoded shellcode detected (more info ...) | trojan-activity | ||||
| 31901 | EXPLOIT-KIT Angler exploit kit Oracle Java encoded shellcode detected (more info ...) | trojan-activity | ||||
| 31946 | FILE-JAVA Oracle Java Web Start arbitrary command execution attempt (more info ...) | attempted-user | 2012-0500 | |||
| 32137 | BROWSER-IE Microsoft Internet Explorer element attribute use after free attempt (more info ...) | attempted-user | 2014-4134 | URL | ||
| 32138 | BROWSER-IE Microsoft Internet Explorer element attribute use after free attempt (more info ...) | attempted-user | 2014-4134 | URL | ||
| 32139 | BROWSER-IE Microsoft Internet Explorer DCOM sandbox escape attempt (more info ...) | attempted-user | 2014-4073 | URL | ||
| 32140 | BROWSER-IE Microsoft Internet Explorer DCOM sandbox escape attempt (more info ...) | attempted-user | 2014-4073 | URL | ||
| 32153 | BROWSER-IE Microsoft Internet Explorer innerHTML use after free attempt (more info ...) | attempted-user | 2014-4127 | URL | ||
| 32154 | BROWSER-IE Microsoft Internet Explorer innerHTML use after free attempt (more info ...) | attempted-user | 2014-4127 | URL | ||
| 32155 | BROWSER-IE Microsoft Internet Explorer FormatContext Use after free attempt (more info ...) | attempted-user | 2014-4129 | URL | ||
| 32156 | BROWSER-IE Microsoft Internet Explorer FormatContext Use after free attempt (more info ...) | attempted-user | 2014-4129 | URL | ||
| 32159 | BROWSER-IE Microsoft Internet Explorer CMarkup Object use after free attempt (more info ...) | attempted-user | 2014-4132 | URL | ||
| 32160 | BROWSER-IE Microsoft Internet Explorer CMarkup Object use after free attempt (more info ...) | attempted-user | 2014-4132 | URL | ||
| 32161 | BROWSER-IE Microsoft Internet Explorer superscript invalid parameter denial of service attempt (more info ...) | attempted-dos | 2014-4133 | URL | ||
| 32162 | BROWSER-IE Microsoft Internet Explorer superscript invalid parameter denial of service attempt (more info ...) | attempted-dos | 2014-4133 | URL | ||
| 32166 | FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (more info ...) | attempted-user | 2014-4138 | URL | ||
| 32167 | FILE-OTHER Microsoft Internet Explorer SVG heap corruption attempt (more info ...) | attempted-user | 2014-4138 | URL | ||
| 32168 | BROWSER-IE Microsoft Internet Explorer CTransientLookaside object use after free attempt (more info ...) | attempted-user | 2014-4126 | URL | ||
| 32169 | BROWSER-IE Microsoft Internet Explorer CTransientLookaside object use after free attempt (more info ...) | attempted-user | 2014-4126 | URL | ||
| 32182 | BROWSER-IE Microsoft Internet Explorer CTableLayout AddRow out of bounds array access heap corruption attempt (more info ...) | attempted-user | 2014-4137 | URL | ||
| 32183 | BROWSER-IE Microsoft Internet Explorer CTableLayout AddRow out of bounds array access heap corruption attempt (more info ...) | attempted-user | 2014-4137 | URL | ||
| 32184 | BROWSER-IE Microsoft Internet Explorer CFunctionPointer use after free exploit attempt (more info ...) | attempted-user | 2014-4141 | URL | ||
| 32185 | BROWSER-IE Microsoft Internet Explorer CFunctionPointer use after free exploit attempt (more info ...) | attempted-user | 2014-4141 | URL | ||
| 32232 | FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (more info ...) | attempted-user | 2014-0457 | 66866 | ||
| 32233 | FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (more info ...) | attempted-user | 2014-0457 | 66866 | ||
| 32234 | FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (more info ...) | attempted-user | 2014-0457 | 66866 | ||
| 32235 | FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (more info ...) | attempted-user | 2014-0457 | 66866 | ||
| 32317 | BROWSER-IE Microsoft Internet Explorer onreadystatechange use after free attempt (more info ...) | attempted-user | 2014-4063 | URL | ||
| 32318 | BROWSER-IE Microsoft Internet Explorer onreadystatechange use after free attempt (more info ...) | attempted-user | 2014-4063 | URL | ||
| 32362 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | 67075 | URL | |
| 32363 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | 67075 | URL | |
| 32364 | BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (more info ...) | attempted-user | 2014-0274 | URL | ||
| 32365 | BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (more info ...) | attempted-user | 2014-0274 | URL | ||
| 32389 | EXPLOIT-KIT Nuclear exploit kit outbound Oracle Java request (more info ...) | trojan-activity | ||||
| 32399 | EXPLOIT-KIT Angler exploit kit outbound Oracle Java request (more info ...) | trojan-activity | URL | |||
| 32424 | BROWSER-IE Microsoft Internet Explorer object type confusion remote code execution attempt (more info ...) | attempted-user | 2014-6347 | URL | ||
| 32425 | BROWSER-IE Microsoft Internet Explorer object type confusion remote code execution attempt (more info ...) | attempted-user | 2014-6347 | URL | ||
| 32426 | BROWSER-IE Microsoft Internet Explorer contentEditable use after free attempt (more info ...) | attempted-user | 2014-6337 | URL | ||
| 32427 | BROWSER-IE Microsoft Internet Explorer contentEditable use after free attempt (more info ...) | attempted-user | 2014-6337 | URL | ||
| 32430 | BROWSER-IE Microsoft Internet Explorer CHeaderElement object use-after-free remote code execution attempt (more info ...) | attempted-admin | 2014-6348 | URL | ||
| 32431 | BROWSER-IE Microsoft Internet Explorer CHeaderElement object use-after-free remote code execution attempt (more info ...) | attempted-admin | 2014-6348 | URL | ||
| 32438 | BROWSER-IE Microsoft Internet Explorer 9 CHTMLEditorProxy use after free attempt (more info ...) | attempted-user | 2014-6353 | URL | ||
| 32439 | BROWSER-IE Microsoft Internet Explorer 9 CHTMLEditorProxy use after free attempt (more info ...) | attempted-user | 2014-6353 | URL | ||
| 32440 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-6344 | URL | ||
| 32441 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2014-6344 | URL | ||
| 32442 | BROWSER-IE Microsoft Internet Explorer CElementIDContextList use after free attempt (more info ...) | attempted-user | 2015-1662 | URL | ||
| 32443 | BROWSER-IE Microsoft Internet Explorer CElementIDContextList use after free attempt (more info ...) | attempted-user | 2015-1662 | URL | ||
| 32460 | BROWSER-IE Microsoft Internet Explorer CPtsTextParaclient out of bounds error remote code execution attempt (more info ...) | attempted-admin | 2014-6342 | URL | ||
| 32461 | BROWSER-IE Microsoft Internet Explorer CPtsTextParaclient out of bounds error remote code execution attempt (more info ...) | attempted-admin | 2014-6342 | URL | ||
| 32470 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32471 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32472 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32473 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32478 | BROWSER-IE Microsoft Internet Explorer CSecurityContext use after free attempt (more info ...) | attempted-user | 2014-4143 | URL | ||
| 32479 | BROWSER-IE Microsoft Internet Explorer CSecurityContext use after free attempt (more info ...) | attempted-user | 2014-4143 | URL | ||
| 32495 | BROWSER-IE Microsoft Internet Explorer 11 CStyleSheet object use after free attempt (more info ...) | attempted-user | 2014-6341 | URL | ||
| 32496 | BROWSER-IE Microsoft Internet Explorer 11 CStyleSheet object use after free attempt (more info ...) | attempted-user | 2014-6341 | URL | ||
| 32497 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 32498 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 32508 | FILE-OTHER Oracle Java SE GSUB FeatureCount Buffer Overflow attempt (more info ...) | attempted-user | URL | |||
| 32509 | FILE-OTHER Oracle Java SE GSUB FeatureCount Buffer Overflow attempt (more info ...) | attempted-user | URL | |||
| 32555 | EXPLOIT-KIT Hellspawn exploit kit outbound Oracle Java jar request (more info ...) | trojan-activity | ||||
| 32562 | FILE-OTHER Oracle Java awt_setPixels out-of-bounds read attempt (more info ...) | attempted-user | URL | |||
| 32564 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32565 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32629 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32630 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 32679 | BROWSER-IE Microsoft Internet Explorer lineboxbuilder out of bound array access attempt (more info ...) | attempted-user | 2014-6376 | URL | ||
| 32680 | BROWSER-IE Microsoft Internet Explorer lineboxbuilder out of bound array access attempt (more info ...) | attempted-user | 2014-6376 | URL | ||
| 32685 | BROWSER-IE Microsoft Internet Explorer setTimeout use after free attempt (more info ...) | attempted-user | 2014-6327 | URL | ||
| 32686 | BROWSER-IE Microsoft Internet Explorer setTimeout use after free attempt (more info ...) | attempted-user | 2014-6327 | URL | ||
| 32689 | BROWSER-IE Microsoft Internet Explorer style object type confusion attempt (more info ...) | attempted-user | 2014-6373 | URL | ||
| 32690 | BROWSER-IE Microsoft Internet Explorer style object type confusion attempt (more info ...) | attempted-user | 2014-6373 | URL | ||
| 32691 | BROWSER-IE Microsoft Internet Explorer NodeFilter use after free attempt (more info ...) | attempted-user | 2014-6330 | URL | ||
| 32692 | BROWSER-IE Microsoft Internet Explorer NodeFilter use after free attempt (more info ...) | attempted-user | 2014-6330 | URL | ||
| 32703 | BROWSER-IE Microsoft Internet Explorer use of rtf file in clipboard attempt (more info ...) | attempted-user | 2014-6374 | URL | ||
| 32704 | BROWSER-IE Microsoft Internet Explorer use of rtf file in clipboard attempt (more info ...) | attempted-user | 2014-6374 | URL | ||
| 32714 | BROWSER-IE Microsoft Internet Explorer 10 CTableSection remote code execution attempt (more info ...) | attempted-user | 2014-6369 | URL | ||
| 32715 | BROWSER-IE Microsoft Internet Explorer 10 CTableSection remote code execution attempt (more info ...) | attempted-user | 2014-6369 | URL | ||
| 32716 | BROWSER-IE Microsoft Internet Explorer 7 CTreeNode object remote code execution attempt (more info ...) | attempted-user | 2014-6366 | URL | ||
| 32717 | BROWSER-IE Microsoft Internet Explorer 7 CTreeNode object remote code execution attempt (more info ...) | attempted-user | 2014-6366 | URL | ||
| 32720 | BROWSER-IE Microsoft Internet Explorer element type confusion use after free attempt (more info ...) | attempted-user | 2014-8966 | URL | ||
| 32721 | BROWSER-IE Microsoft Internet Explorer element type confusion use after free attempt (more info ...) | attempted-user | 2014-8966 | URL | ||
| 32722 | BROWSER-IE Microsoft Internet Explorer CButton object use after free attempt (more info ...) | attempted-user | 2014-6375 | URL | ||
| 32723 | BROWSER-IE Microsoft Internet Explorer CButton object use after free attempt (more info ...) | attempted-user | 2014-6375 | URL | ||
| 32724 | BROWSER-IE Microsoft Internet Explorer CTreePos insertAdjacentText use after free attempt (more info ...) | attempted-user | 2014-6329 | URL | ||
| 32725 | BROWSER-IE Microsoft Internet Explorer CTreePos insertAdjacentText use after free attempt (more info ...) | attempted-user | 2014-6329 | URL | ||
| 32804 | EXPLOIT-KIT known malicious javascript packer detected (more info ...) | misc-activity | URL | |||
| 33085 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2014-0322 | URL | ||
| 33086 | BROWSER-IE Microsoft Internet Explorer 10 use after free attempt (more info ...) | attempted-user | 2014-0322 | URL | ||
| 33088 | BROWSER-FIREFOX Mozilla Firefox 17 onreadystatechange memory corruption attempt (more info ...) | attempted-user | 2013-1690 | URL | ||
| 33089 | BROWSER-FIREFOX Mozilla Firefox 17 onreadystatechange memory corruption attempt (more info ...) | attempted-user | 2013-1690 | URL | ||
| 33090 | BROWSER-FIREFOX Mozilla Firefox 17 onreadystatechange memory corruption attempt (more info ...) | attempted-user | 2013-1690 | URL | ||
| 33093 | BROWSER-IE Microsoft Internet Explorer CInput element user after free attempt (more info ...) | attempted-user | 2014-0286 | URL | ||
| 33094 | BROWSER-IE Microsoft Internet Explorer CInput element user after free attempt (more info ...) | attempted-user | 2014-0286 | URL | ||
| 33095 | BROWSER-IE Microsoft Internet Explorer CTreePos Use After Free attempt (more info ...) | attempted-user | 2013-3845 | |||
| 33096 | BROWSER-IE Microsoft Internet Explorer CTreePos Use After Free attempt (more info ...) | attempted-user | 2013-3845 | |||
| 33097 | BROWSER-IE Microsoft Internet Explorer CTreePos Use After Free attempt (more info ...) | attempted-user | 2013-3845 | |||
| 33098 | BROWSER-IE Microsoft Internet Explorer CTreePos Use After Free attempt (more info ...) | attempted-user | 2013-3845 | |||
| 33115 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 33116 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 33157 | BROWSER-IE Microsoft Internet Explorer CClipStack array index exploitation attempt (more info ...) | attempted-user | 2014-1773 | URL | ||
| 33158 | BROWSER-IE Microsoft Internet Explorer CClipStack array index exploitation attempt (more info ...) | attempted-user | 2014-1773 | URL | ||
| 33191 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 33192 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 33193 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 33194 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 33195 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 33196 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 33312 | BROWSER-IE Microsoft Internet Explorer InsertElementInternal out of bounds indexed array remote code execution attempt (more info ...) | attempted-user | 2015-0044 | URL | ||
| 33313 | BROWSER-IE Microsoft Internet Explorer InsertElementInternal out of bounds indexed array remote code execution attempt (more info ...) | attempted-user | 2015-0044 | URL | ||
| 33314 | BROWSER-IE Microsoft Internet Explorer CGeneratedSvgTreeNode use-after-free attempt (more info ...) | attempted-user | 2015-0043 | URL | ||
| 33315 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2015-0035 | URL | ||
| 33316 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2015-0035 | URL | ||
| 33317 | BROWSER-IE Microsoft Internet Explorer CTreeNode use after free attempt (more info ...) | attempted-user | 2015-0020 | URL | ||
| 33318 | BROWSER-IE Microsoft Internet Explorer CTreeNode use after free attempt (more info ...) | attempted-user | 2015-0020 | URL | ||
| 33323 | BROWSER-IE Microsoft Internet Explorer uninitialized pointer use exploit attempt (more info ...) | attempted-admin | 2015-0067 | URL | ||
| 33324 | BROWSER-IE Microsoft Internet Explorer CFormElement use after free attempt (more info ...) | attempted-user | 2015-0026 | URL | ||
| 33325 | BROWSER-IE Microsoft Internet Explorer CFormElement use after free attempt (more info ...) | attempted-user | 2015-0026 | URL | ||
| 33331 | BROWSER-IE Microsoft Internet Explorer CHTMLEditorProxy use after free attempt (more info ...) | attempted-user | 2015-0049 | URL | ||
| 33332 | BROWSER-IE Microsoft Internet Explorer CHTMLEditorProxy use after free attempt (more info ...) | attempted-user | 2015-0049 | URL | ||
| 33333 | BROWSER-IE Microsoft Internet Explorer Hyphenator object use after free attempt (more info ...) | attempted-user | 2015-0039 | URL | ||
| 33334 | BROWSER-IE Microsoft Internet Explorer Hyphenator object use after free attempt (more info ...) | attempted-user | 2015-0039 | URL | ||
| 33335 | BROWSER-IE Microsoft Internet Explorer ActiveX type confusion attempt (more info ...) | attempted-user | 2015-0046 | URL | ||
| 33336 | BROWSER-IE Microsoft Internet Explorer ActiveX type confusion attempt (more info ...) | attempted-user | 2015-0046 | URL | ||
| 33340 | BROWSER-IE Microsoft Internet Explorer CParaElement use after free attempt (more info ...) | attempted-user | 2015-0019 | URL | ||
| 33341 | BROWSER-IE Microsoft Internet Explorer CParaElement use after free attempt (more info ...) | attempted-user | 2015-0019 | URL | ||
| 33345 | BROWSER-IE Microsoft Internet Explorer CBatchParentUndoUnit object use after free attempt (more info ...) | attempted-user | 2015-0030 | URL | ||
| 33346 | BROWSER-IE Microsoft Internet Explorer CBatchParentUndoUnit object use after free attempt (more info ...) | attempted-user | 2015-0030 | URL | ||
| 33347 | BROWSER-IE Microsoft Internet Explorer CTreePos use-after-free attempt (more info ...) | attempted-user | 2015-0021 | URL | ||
| 33348 | BROWSER-IE Microsoft Internet Explorer dximagetransform.microsoft.shadow out of bounds array access attempt (more info ...) | attempted-user | 2015-0036 | URL | ||
| 33349 | BROWSER-IE Microsoft Internet Explorer dximagetransform.microsoft.shadow out of bounds array access attempt (more info ...) | attempted-user | 2015-0036 | URL | ||
| 33353 | BROWSER-IE Microsoft Internet Explorer CAttrArray object used after free attempt (more info ...) | attempted-user | 2015-0038 | URL | ||
| 33354 | BROWSER-IE Microsoft Internet Explorer CAttrArray object used after free attempt (more info ...) | attempted-user | 2015-0038 | URL | ||
| 33356 | BROWSER-IE Microsoft Internet Explorer CTreeNode object used after free attempt (more info ...) | attempted-user | 2015-0023 | URL | ||
| 33357 | BROWSER-IE Microsoft Internet Explorer CTreeNode object used after free attempt (more info ...) | attempted-user | 2015-0023 | URL | ||
| 33358 | BROWSER-IE Microsoft Internet Explorer SLayoutRun use-after-free attempt (more info ...) | attempted-user | 2015-0050 | URL | ||
| 33359 | BROWSER-IE Microsoft Internet Explorer svg use after free attempt (more info ...) | attempted-user | 2015-0042 | URL | ||
| 33360 | BROWSER-IE Microsoft Internet Explorer svg use after free attempt (more info ...) | attempted-user | 2015-0042 | URL | ||
| 33361 | BROWSER-IE Microsoft Internet Explorer CCharFormat use-after-free attempt (more info ...) | attempted-admin | 2015-0029 | URL | ||
| 33365 | BROWSER-IE Microsoft Internet Explorer CMapElement use-after-free attempt (more info ...) | attempted-user | 2015-0040 | URL | ||
| 33366 | BROWSER-IE Microsoft Internet Explorer CMapElement use-after-free attempt (more info ...) | attempted-user | 2015-0040 | URL | ||
| 33412 | BROWSER-IE Microsoft Internet Explorer style type confusion remote code execution attempt (more info ...) | attempted-user | 2015-0052 | URL | ||
| 33415 | BROWSER-IE Microsoft Internet Explorer CLineCore use after free attempt (more info ...) | attempted-user | 2015-0045 | URL | ||
| 33416 | BROWSER-IE Microsoft Internet Explorer CLineCore use after free attempt (more info ...) | attempted-user | 2015-0045 | URL | ||
| 33417 | BROWSER-IE Microsoft Internet Explorer CGenericElement use after free attempt (more info ...) | attempted-user | 2015-0017 | URL | ||
| 33418 | BROWSER-IE Microsoft Internet Explorer CGenericElement use after free attempt (more info ...) | attempted-user | 2015-0017 | URL | ||
| 33419 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free attempt (more info ...) | attempted-user | 2015-0068 | URL | ||
| 33420 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free attempt (more info ...) | attempted-user | 2015-0068 | URL | ||
| 33421 | BROWSER-IE Microsoft Internet Explorer CTreeDataPos use-after-free remote code execution attempt (more info ...) | attempted-user | 2015-0041 | URL | ||
| 33422 | BROWSER-IE Microsoft Internet Explorer memory leak exploit attempt (more info ...) | attempted-user | 2015-0037 | URL | ||
| 33425 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-0018 | URL | ||
| 33426 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-0018 | URL | ||
| 33427 | BROWSER-IE Microsoft Internet Explorer CMarkupTransNavContext object use after free attempt (more info ...) | attempted-user | 2015-0031 | URL | ||
| 33428 | BROWSER-IE Microsoft Internet Explorer CMarkupTransNavContext object use after free attempt (more info ...) | attempted-user | 2015-0031 | URL | ||
| 33707 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2015-0056 | URL | ||
| 33708 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2015-0056 | URL | ||
| 33709 | BROWSER-IE Microsoft Internet Explorer 11 VBScript array element use after free attempt (more info ...) | attempted-user | 2015-0032 | URL | ||
| 33710 | BROWSER-IE Microsoft Internet Explorer 11 VBScript array element use after free attempt (more info ...) | attempted-user | 2015-0032 | URL | ||
| 33718 | BROWSER-IE Microsoft Internet Explorer CTreeNode interpreted as CGeneratedTreeNode remote code execution attempt (more info ...) | attempted-user | 2015-1622 | URL | ||
| 33719 | BROWSER-IE Microsoft Internet Explorer CTreeNode interpreted as CGeneratedTreeNode remote code execution attempt (more info ...) | attempted-user | 2015-1622 | URL | ||
| 33724 | FILE-OTHER Microsoft Windows Type 1 font blend operator negative operand code execution attempt (more info ...) | attempted-user | 2015-0093 | URL | ||
| 33725 | FILE-OTHER Microsoft Windows Type 1 font blend operator negative operand code execution attempt (more info ...) | attempted-user | 2015-0093 | URL | ||
| 33726 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-1623 | URL | ||
| 33727 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-1623 | URL | ||
| 33730 | BROWSER-IE Microsoft Internet Explorer out of bounds array access attempt (more info ...) | attempted-user | 2015-0099 | URL | ||
| 33731 | BROWSER-IE Microsoft Internet Explorer out of bounds array access attempt (more info ...) | attempted-user | 2015-0099 | URL | ||
| 33736 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use after free attempt (more info ...) | attempted-user | 2015-1624 | URL | ||
| 33737 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use after free attempt (more info ...) | attempted-user | 2015-1624 | URL | ||
| 33738 | BROWSER-IE Microsoft Internet Explorer 11 CInputContext object use after free attempt (more info ...) | attempted-user | 2015-1626 | URL | ||
| 33739 | BROWSER-IE Microsoft Internet Explorer 11 CInputContext object use after free attempt (more info ...) | attempted-user | 2015-1626 | URL | ||
| 33741 | BROWSER-IE Microsoft Internet Explorer CTreeNode use-after-free attempt (more info ...) | attempted-user | 2015-0100 | URL | ||
| 33742 | BROWSER-IE Microsoft Internet Explorer CTreeNode use-after-free attempt (more info ...) | attempted-user | 2015-0100 | URL | ||
| 33743 | BROWSER-IE Microsoft Internet Explorer table cell out-of-bounds access attempt (more info ...) | attempted-user | 2015-1625 | URL | ||
| 33744 | BROWSER-IE Microsoft Internet Explorer table cell out-of-bounds access attempt (more info ...) | attempted-user | 2015-1625 | URL | ||
| 33763 | BROWSER-IE Microsoft Internet Explorer 11 CInputContext object use after free attempt (more info ...) | attempted-user | 2015-1634 | URL | ||
| 33764 | BROWSER-IE Microsoft Internet Explorer 11 CInputContext object use after free attempt (more info ...) | attempted-user | 2015-1634 | URL | ||
| 33775 | BROWSER-IE Microsoft Internet Explorer out of bounds array access attempt (more info ...) | attempted-user | 2015-0081 | URL | ||
| 33776 | BROWSER-IE Microsoft Internet Explorer out of bounds array access attempt (more info ...) | attempted-user | 2015-0081 | URL | ||
| 33979 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 33980 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-dos | 2014-6332 | URL | ||
| 34059 | BROWSER-IE Microsoft Internet Explorer CBodyElement use after free attempt (more info ...) | attempted-user | 2015-1660 | URL | ||
| 34060 | BROWSER-IE Microsoft Internet Explorer CBodyElement use after free attempt (more info ...) | attempted-user | 2015-1660 | URL | ||
| 34070 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34071 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34072 | BROWSER-IE Microsoft Internet Explorer CMetaElement use after free attempt (more info ...) | attempted-user | 2015-1666 | URL | ||
| 34073 | BROWSER-IE Microsoft Internet Explorer CMetaElement use after free attempt (more info ...) | attempted-user | 2015-1666 | URL | ||
| 34074 | BROWSER-IE Microsoft Internet Explorer TextData object use after free attempt (more info ...) | attempted-user | 2015-1665 | URL | ||
| 34075 | BROWSER-IE Microsoft Internet Explorer TextData object use after free attempt (more info ...) | attempted-user | 2015-1665 | URL | ||
| 34076 | BROWSER-IE Microsoft Internet Explorer append and swap use after free attempt (more info ...) | attempted-user | 2015-1659 | URL | ||
| 34077 | BROWSER-IE Microsoft Internet Explorer append and swap use after free attempt (more info ...) | attempted-user | 2015-1659 | URL | ||
| 34084 | BROWSER-IE Microsoft Internet Explorer CDocument use after free attempt (more info ...) | attempted-user | 2015-1652 | URL | ||
| 34085 | BROWSER-IE Microsoft Internet Explorer CDocument use after free attempt (more info ...) | attempted-user | 2015-1652 | URL | ||
| 34089 | BROWSER-IE Microsoft Internet Explorer incorrect array element read information disclosure attempt (more info ...) | attempted-user | 2015-1657 | URL | ||
| 34090 | BROWSER-IE Microsoft Internet Explorer incorrect array element read information disclosure attempt (more info ...) | attempted-user | 2015-1657 | URL | ||
| 34195 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34196 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34197 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34198 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34199 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34200 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34201 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34202 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34203 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34204 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34205 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34206 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34207 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34208 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34209 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34210 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34211 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34212 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | URL | ||
| 34332 | EXPLOIT-KIT Fiesta exploit kit Oracle Java exploit download (more info ...) | trojan-activity | ||||
| 34381 | BROWSER-IE Microsoft Internet Explorer range use after free attempt (more info ...) | attempted-user | 2015-1708 | URL | ||
| 34382 | BROWSER-IE Microsoft Internet Explorer range use after free attempt (more info ...) | attempted-user | 2015-1708 | URL | ||
| 34383 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2015-1712 | URL | ||
| 34384 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2015-1712 | URL | ||
| 34409 | BROWSER-IE Microsoft Internet Explorer DOMNodeInserted use-after-free attempt (more info ...) | attempted-admin | 2015-1689 | URL | ||
| 34410 | BROWSER-IE Microsoft Internet Explorer DOMNodeInserted use-after-free attempt (more info ...) | attempted-admin | 2015-1689 | URL | ||
| 34411 | BROWSER-IE Microsoft Internet Explorer CSecurityContext type confusion use after free attempt (more info ...) | attempted-user | 2015-1706 | URL | ||
| 34412 | BROWSER-IE Microsoft Internet Explorer CSecurityContext type confusion use after free attempt (more info ...) | attempted-user | 2015-1706 | URL | ||
| 34415 | BROWSER-IE Microsoft Internet Explorer dd element use after free attempt (more info ...) | attempted-user | 2015-1691 | URL | ||
| 34417 | BROWSER-IE Microsoft Internet Explorer dd element use after free attempt (more info ...) | attempted-user | 2015-1691 | URL | ||
| 34418 | BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (more info ...) | attempted-admin | 2015-1705 | URL | ||
| 34419 | BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (more info ...) | attempted-admin | 2015-1705 | URL | ||
| 34420 | BROWSER-IE Microsoft Internet Explorer CDispScroller object use-after-free attempt (more info ...) | attempted-admin | 2015-1718 | URL | ||
| 34421 | BROWSER-IE Microsoft Internet Explorer CDispScroller object use-after-free attempt (more info ...) | attempted-admin | 2015-1718 | URL | ||
| 34422 | BROWSER-IE Microsoft Internet Explorer CTitleElement object use-after-free attempt (more info ...) | attempted-admin | 2015-1717 | URL | ||
| 34423 | BROWSER-IE Microsoft Internet Explorer CTitleElement object use-after-free attempt (more info ...) | attempted-admin | 2015-1717 | URL | ||
| 34424 | BROWSER-IE Microsoft Internet Explorer compatibility mode use after free attempt (more info ...) | attempted-user | 2015-1710 | URL | ||
| 34425 | BROWSER-IE Microsoft Internet Explorer compatibility mode use after free attempt (more info ...) | attempted-user | 2015-1710 | URL | ||
| 34430 | BROWSER-IE Microsoft Internet Explorer CTreePos object use after free attempt (more info ...) | attempted-user | 2015-1711 | URL | ||
| 34431 | BROWSER-IE Microsoft Internet Explorer CTreePos object use after free attempt (more info ...) | attempted-user | 2015-1711 | URL | ||
| 34432 | BROWSER-IE Microsoft Internet Explorer TableGridBlock use after free attempt (more info ...) | attempted-user | 2015-1658 | URL | ||
| 34433 | BROWSER-IE Microsoft Internet Explorer TableGridBlock use after free attempt (more info ...) | attempted-user | 2015-1658 | URL | ||
| 34436 | BROWSER-IE Microsoft Internet Explorer CTitleElement use after free attempt (more info ...) | attempted-user | 2015-1714 | URL | ||
| 34437 | BROWSER-IE Microsoft Internet Explorer CTitleElement use after free attempt (more info ...) | attempted-user | 2015-1714 | URL | ||
| 34444 | BROWSER-IE Microsoft Internet Explorer TableGridBlock object use after free attempt (more info ...) | attempted-admin | 2015-1709 | URL | ||
| 34445 | BROWSER-IE Microsoft Internet Explorer TableGridBlock object use after free attempt (more info ...) | attempted-admin | 2015-1709 | URL | ||
| 34550 | FILE-PDF Adobe Acrobat Reader JavaScript API trustPropagatorFunction execution bypass attempt (more info ...) | attempted-admin | 2015-3074 | URL | ||
| 34551 | FILE-PDF Adobe Acrobat Reader JavaScript API trustPropagatorFunction execution bypass attempt (more info ...) | attempted-admin | 2015-3074 | URL | ||
| 34557 | FILE-PDF Adobe Acrobat Reader embedded JavaScript remote code execution attempt (more info ...) | attempted-user | 2015-3072 | |||
| 34558 | FILE-PDF Adobe Acrobat Reader embedded JavaScript remote code execution attempt (more info ...) | attempted-user | 2015-3072 | |||
| 34612 | FILE-PDF Adobe Reader bypass JavaScript API restrictions attempt (more info ...) | attempted-user | 2015-3062 | URL | ||
| 34613 | FILE-PDF Adobe Reader bypass JavaScript API restrictions attempt (more info ...) | attempted-user | 2015-3062 | URL | ||
| 34625 | FILE-PDF Adobe Reader bypass JavaScript API restrictions attempt (more info ...) | attempted-user | 2015-3069 | URL | ||
| 34626 | FILE-PDF Adobe Reader bypass JavaScript API restrictions attempt (more info ...) | attempted-user | 2015-3069 | URL | ||
| 34627 | FILE-PDF Adobe Reader bypass JavaScript API restrictions attempt (more info ...) | attempted-user | 2015-3064 | URL | ||
| 34628 | FILE-PDF Adobe Reader bypass JavaScript API restrictions attempt (more info ...) | attempted-user | 2015-3064 | URL | ||
| 34721 | BROWSER-IE Microsoft Internet Explorer callback function use-after-free attempt (more info ...) | attempted-user | 2015-1741 | URL | ||
| 34722 | BROWSER-IE Microsoft Internet Explorer callback function use-after-free attempt (more info ...) | attempted-user | 2015-1741 | URL | ||
| 34723 | BROWSER-IE Microsoft Internet Explorer out of bounds array access attempt (more info ...) | attempted-user | 2015-1742 | URL | ||
| 34724 | BROWSER-IE Microsoft Internet Explorer out of bounds array access attempt (more info ...) | attempted-user | 2015-1742 | URL | ||
| 34725 | BROWSER-IE Microsoft Internet Explorer CTreeNode undefined beforeElement use-after-free attempt (more info ...) | attempted-user | 2015-1766 | URL | ||
| 34726 | BROWSER-IE Microsoft Internet Explorer CTreeNode undefined beforeElement use-after-free attempt (more info ...) | attempted-user | 2015-1766 | URL | ||
| 34729 | BROWSER-IE Microsoft Internet Explorer stack exhaustion handler remote code execution attempt (more info ...) | attempted-admin | 2015-1730 | URL | ||
| 34730 | BROWSER-IE Microsoft Internet Explorer stack exhaustion handler remote code execution attempt (more info ...) | attempted-admin | 2015-1730 | URL | ||
| 34733 | BROWSER-IE Microsoft Internet Explorer CAttrValue uninitialized object access attempt (more info ...) | attempted-admin | 2015-1745 | URL | ||
| 34734 | BROWSER-IE Microsoft Internet Explorer CAttrValue uninitialized object access attempt (more info ...) | attempted-admin | 2015-1745 | URL | ||
| 34735 | BROWSER-IE Microsoft Internet Explorer COptionElement object use after free attempt (more info ...) | attempted-user | 2015-1755 | URL | ||
| 34736 | BROWSER-IE Microsoft Internet Explorer COptionElement object use after free attempt (more info ...) | attempted-user | 2015-1755 | URL | ||
| 34745 | BROWSER-IE Microsoft Internet Explorer TextNode object use after free attempt (more info ...) | attempted-user | 2015-1737 | URL | ||
| 34746 | BROWSER-IE Microsoft Internet Explorer TextNode object use after free attempt (more info ...) | attempted-user | 2015-1737 | URL | ||
| 34747 | BROWSER-IE Microsoft Internet Explorer CoInternetParseUrl use-after-free attempt (more info ...) | attempted-user | 2015-1740 | URL | ||
| 34748 | BROWSER-IE Microsoft Internet Explorer CoInternetParseUrl use-after-free attempt (more info ...) | attempted-user | 2015-1740 | URL | ||
| 34749 | BROWSER-IE Microsoft Internet Explorer TableGridBlock object use after free attempt (more info ...) | attempted-user | 2015-1751 | URL | ||
| 34750 | BROWSER-IE Microsoft Internet Explorer TableGridBlock object use after free attempt (more info ...) | attempted-user | 2015-1751 | URL | ||
| 34753 | BROWSER-IE Microsoft Internet Explorer CLegendElement object use after free attempt (more info ...) | attempted-user | 2015-1753 | URL | ||
| 34754 | BROWSER-IE Microsoft Internet Explorer CLegendElement object use after free attempt (more info ...) | attempted-user | 2015-1753 | URL | ||
| 34755 | BROWSER-IE Microsoft Internet Explorer uninitialized VARIANT object remote code execution attempt (more info ...) | attempted-admin | 2015-1735 | URL | ||
| 34756 | BROWSER-IE Microsoft Internet Explorer uninitialized VARIANT object remote code execution attempt (more info ...) | attempted-admin | 2015-1735 | URL | ||
| 34757 | BROWSER-IE Microsoft Internet Explorer CDXTFilterNode object remote code execution attempt (more info ...) | attempted-admin | 2015-1744 | URL | ||
| 34758 | BROWSER-IE Microsoft Internet Explorer CDXTFilterNode object remote code execution attempt (more info ...) | attempted-admin | 2015-1744 | URL | ||
| 34759 | BROWSER-IE Microsoft Internet Explorer 9 CTableSection object use-after-free attempt (more info ...) | attempted-user | 2015-1687 | URL | ||
| 34760 | BROWSER-IE Microsoft Internet Explorer 9 CTableSection object use-after-free attempt (more info ...) | attempted-user | 2015-1687 | URL | ||
| 34763 | BROWSER-IE Microsoft Internet Explorer 8 mode menu tag out-of-bounds access attempt (more info ...) | attempted-user | 2015-1752 | URL | ||
| 34764 | BROWSER-IE Microsoft Internet Explorer 8 mode menu tag out-of-bounds access attempt (more info ...) | attempted-user | 2015-1752 | URL | ||
| 34765 | BROWSER-IE Microsoft Internet Explorer CStyleAttrArray use after free attempt (more info ...) | policy-violation | 2015-1736 | URL | ||
| 34766 | BROWSER-IE Microsoft Internet Explorer CStyleAttrArray use after free attempt (more info ...) | policy-violation | 2015-1736 | URL | ||
| 34767 | BROWSER-IE Microsoft Internet Explorer textarea parent use-after-free attempt (more info ...) | attempted-user | 2015-1750 | URL | ||
| 34768 | BROWSER-IE Microsoft Internet Explorer textarea parent use-after-free attempt (more info ...) | attempted-user | 2015-1750 | URL | ||
| 34778 | BROWSER-IE Microsoft Internet Explorer LayoutLineBoxFullShort use after free attempt (more info ...) | attempted-user | 2015-1731 | URL | ||
| 34779 | BROWSER-IE Microsoft Internet Explorer LayoutLineBoxFullShort use after free attempt (more info ...) | attempted-user | 2015-1731 | URL | ||
| 34790 | BROWSER-IE Microsoft Internet Explorer out of bounds memory access attempt (more info ...) | attempted-admin | 2015-1732 | URL | ||
| 34791 | BROWSER-IE Microsoft Internet Explorer out of bounds memory access attempt (more info ...) | attempted-admin | 2015-1732 | URL | ||
| 34824 | BROWSER-IE Microsoft Internet Explorer moveEnd information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 34825 | BROWSER-IE Microsoft Internet Explorer moveEnd information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 34873 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 34874 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 35012 | BROWSER-IE Microsoft Internet Explorer CTreeNode use-after-free attempt (more info ...) | attempted-user | 2015-0100 | URL | ||
| 35013 | BROWSER-IE Microsoft Internet Explorer CTreeNode use-after-free attempt (more info ...) | attempted-user | 2015-0100 | URL | ||
| 35051 | BROWSER-FIREFOX Mozilla Firefox IDL fragment privilege escalation attempt (more info ...) | attempted-user | 2014-1510 | URL | ||
| 35052 | BROWSER-FIREFOX Mozilla Firefox IDL fragment privilege escalation attempt (more info ...) | attempted-user | 2014-1510 | URL | ||
| 35070 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength insertItemBefore use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 35071 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength replaceItem use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 35072 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength initialize use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 35073 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength insertItemBefore use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 35074 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength replaceItem use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 35075 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength initialize use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 35114 | BROWSER-IE Microsoft Internet Explorer replaceChild function memory corruption attempt (more info ...) | attempted-user | 2014-0280 | URL | ||
| 35115 | BROWSER-IE Microsoft Internet Explorer replaceChild function memory corruption attempt (more info ...) | attempted-user | 2014-0280 | URL | ||
| 35119 | BROWSER-IE Microsoft Internet Explorer CTreeNode type confusion attempt (more info ...) | attempted-user | 2015-2384 | URL | ||
| 35120 | BROWSER-IE Microsoft Internet Explorer CTreeNode type confusion attempt (more info ...) | attempted-user | 2015-2384 | URL | ||
| 35121 | BROWSER-IE Microsoft Internet Explorer CTextArea use after free attempt (more info ...) | attempted-user | 2015-2397 | URL | ||
| 35122 | BROWSER-IE Microsoft Internet Explorer CTextArea use after free attempt (more info ...) | attempted-user | 2015-2397 | URL | ||
| 35123 | BROWSER-IE Microsoft Internet Explorer CTableRow use after free attempt (more info ...) | attempted-user | 2015-2406 | URL | ||
| 35124 | BROWSER-IE Microsoft Internet Explorer CTableRow use after free attempt (more info ...) | attempted-user | 2015-2406 | URL | ||
| 35125 | BROWSER-IE Microsoft Internet Explorer CInput use after free attempt (more info ...) | attempted-user | 2015-2401 | URL | ||
| 35126 | BROWSER-IE Microsoft Internet Explorer CInput use after free attempt (more info ...) | attempted-user | 2015-2401 | URL | ||
| 35139 | BROWSER-IE Microsoft Internet Explorer sandbox permission bypass registry read attempt (more info ...) | attempted-user | 2015-2429 | URL | ||
| 35140 | BROWSER-IE Microsoft Internet Explorer sandbox permission bypass registry read attempt (more info ...) | attempted-user | 2015-2429 | URL | ||
| 35145 | BROWSER-IE Microsoft Internet Explorer CTableSection use after free attempt (more info ...) | attempted-user | 2015-1733 | URL | ||
| 35146 | BROWSER-IE Microsoft Internet Explorer CTableSection use after free attempt (more info ...) | attempted-user | 2015-1733 | URL | ||
| 35152 | BROWSER-IE Microsoft Internet Explorer memory access through an uninitialized pointer attempt (more info ...) | attempted-admin | 2015-2406 | URL | ||
| 35153 | BROWSER-IE Microsoft Internet Explorer memory access through an uninitialized pointer attempt (more info ...) | attempted-admin | 2015-2406 | URL | ||
| 35154 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use after free attempt (more info ...) | attempted-user | 2015-1767 | URL | ||
| 35155 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use after free attempt (more info ...) | attempted-user | 2015-1767 | URL | ||
| 35156 | BROWSER-IE Microsoft Internet Explorer CTableSection object out of bounds memory access attempt (more info ...) | attempted-user | 2015-2403 | URL | ||
| 35157 | BROWSER-IE Microsoft Internet Explorer CTableSection object out of bounds memory access attempt (more info ...) | attempted-user | 2015-2403 | URL | ||
| 35158 | BROWSER-IE Microsoft Internet Explorer CFancyFormat object use-after-free attempt (more info ...) | attempted-user | 2015-2422 | URL | ||
| 35159 | BROWSER-IE Microsoft Internet Explorer CFancyFormat object use-after-free attempt (more info ...) | attempted-user | 2015-2422 | URL | ||
| 35164 | BROWSER-IE Microsoft Internet Explorer CTreeNode object use after free attempt (more info ...) | attempted-admin | 2015-2390 | URL | ||
| 35165 | BROWSER-IE Microsoft Internet Explorer CTreeNode object use after free attempt (more info ...) | attempted-admin | 2015-2390 | URL | ||
| 35170 | BROWSER-IE Microsoft Internet Explorer MutationObserver use after free attempt (more info ...) | attempted-user | 2015-2425 | 75745 | URL | |
| 35172 | BROWSER-IE Microsoft Internet Explorer CTitleElement object use after free attempt (more info ...) | attempted-user | 2015-2408 | URL | ||
| 35173 | BROWSER-IE Microsoft Internet Explorer CTitleElement object use after free attempt (more info ...) | attempted-user | 2015-2408 | URL | ||
| 35178 | BROWSER-IE Microsoft Internet Explorer CAttribute object use after free attempt (more info ...) | attempted-admin | 2015-2389 | URL | ||
| 35179 | BROWSER-IE Microsoft Internet Explorer CAttribute object use after free attempt (more info ...) | attempted-admin | 2015-2389 | URL | ||
| 35182 | BROWSER-IE Microsoft Internet Explorer table column resize use-after-free attempt (more info ...) | attempted-user | 2015-2388 | URL | ||
| 35183 | BROWSER-IE Microsoft Internet Explorer table column resize use-after-free attempt (more info ...) | attempted-user | 2015-2388 | URL | ||
| 35185 | BROWSER-IE Microsoft Internet Explorer meta tag double free attempt (more info ...) | attempted-user | 2015-2391 | URL | ||
| 35196 | BROWSER-IE Microsoft Internet Explorer CFieldSetElement object use after free attempt (more info ...) | attempted-user | 2015-1738 | URL | ||
| 35197 | BROWSER-IE Microsoft Internet Explorer CFieldSetElement object use after free attempt (more info ...) | attempted-user | 2015-1738 | URL | ||
| 35199 | BROWSER-IE Microsoft Internet Explorer TreeComputedContent object use after free attempt (more info ...) | attempted-user | 2015-6073 | URL | ||
| 35200 | BROWSER-IE Microsoft Internet Explorer TreeComputedContent object use after free attempt (more info ...) | attempted-user | 2015-6073 | URL | ||
| 35203 | BROWSER-IE Microsoft Internet Explorer CImgElement object use after free attempt (more info ...) | attempted-user | 2015-2383 | URL | ||
| 35204 | BROWSER-IE Microsoft Internet Explorer CImgElement object use after free attempt (more info ...) | attempted-user | 2015-2383 | URL | ||
| 35205 | BROWSER-IE Microsoft Internet Explorer CImgElement object use after free attempt (more info ...) | attempted-user | 2015-2383 | URL | ||
| 35206 | BROWSER-IE Microsoft Internet Explorer CImgElement object use after free attempt (more info ...) | attempted-user | 2015-2383 | URL | ||
| 35209 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2404 | URL | ||
| 35210 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2404 | URL | ||
| 35211 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2404 | URL | ||
| 35212 | BROWSER-IE Microsoft Internet Explorer CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2404 | URL | ||
| 35213 | BROWSER-IE Microsoft Internet Explorer 10 VBScript array element use after free attempt (more info ...) | attempted-user | 2015-2372 | URL | ||
| 35214 | BROWSER-IE Microsoft Internet Explorer 10 VBScript array element use after free attempt (more info ...) | attempted-user | 2015-2372 | URL | ||
| 35331 | FILE-PDF Adobe Reader PDF document closed prior to javascript termination use after free attempt (more info ...) | attempted-user | 2016-0937 | URL | ||
| 35332 | FILE-PDF Adobe Reader PDF document closed prior to javascript termination use after free attempt (more info ...) | attempted-user | 2016-0937 | URL | ||
| 35380 | FILE-PDF Adobe Reader javascript setExportValues field object use after free attempt (more info ...) | attempted-user | 2015-4448 | URL | ||
| 35381 | FILE-PDF Adobe Reader javascript setExportValues field object use after free attempt (more info ...) | attempted-user | 2015-4448 | URL | ||
| 35382 | FILE-PDF Adobe Reader javascript setExportValues field object use after free attempt (more info ...) | attempted-user | 2015-4448 | URL | ||
| 35383 | FILE-PDF Adobe Reader javascript setExportValues field object use after free attempt (more info ...) | attempted-user | 2015-4448 | URL | ||
| 35467 | FILE-JAVA Oracle Java VersionHelper loadClass sandbox bypass attempt (more info ...) | policy-violation | 2014-0422 | |||
| 35468 | FILE-JAVA Oracle Java VersionHelper loadClass sandbox bypass attempt (more info ...) | policy-violation | 2014-0422 | |||
| 35469 | FILE-JAVA Oracle Java VersionHelper loadClass sandbox bypass attempt (more info ...) | policy-violation | 2014-0422 | |||
| 35473 | BROWSER-IE Microsoft Internet Explorer COrphanedStylesheetArray use-after-free attempt (more info ...) | attempted-user | 2015-2450 | URL | ||
| 35474 | BROWSER-IE Microsoft Internet Explorer COrphanedStylesheetArray use-after-free attempt (more info ...) | attempted-user | 2015-2450 | URL | ||
| 35475 | BROWSER-IE Microsoft Internet Explorer COrphanedStylesheetArray use after free attempt (more info ...) | attempted-user | 2015-2451 | URL | ||
| 35476 | BROWSER-IE Microsoft Internet Explorer COrphanedStylesheetArray use after free attempt (more info ...) | attempted-user | 2015-2451 | URL | ||
| 35477 | BROWSER-IE Microsoft Internet Explorer CLabelElement object use after free attempt (more info ...) | attempted-user | 2015-2444 | 69325 | URL | |
| 35478 | BROWSER-IE Microsoft Internet Explorer CLabelElement object use after free attempt (more info ...) | attempted-user | 2015-2444 | 69325 | URL | |
| 35481 | BROWSER-IE Microsoft Internet Explorer CParaElement use-after-free attempt (more info ...) | attempted-user | 2015-2442 | URL | ||
| 35482 | BROWSER-IE Microsoft Internet Explorer CParaElement use-after-free attempt (more info ...) | attempted-user | 2015-2442 | URL | ||
| 35493 | BROWSER-IE Microsoft Internet Explorer CAttrArray use after free attempt (more info ...) | attempted-admin | 2015-2452 | URL | ||
| 35494 | BROWSER-IE Microsoft Internet Explorer CAttrArray use after free attempt (more info ...) | attempted-admin | 2015-2452 | URL | ||
| 35499 | BROWSER-IE Microsoft Internet Explorer window scroll integer overflow attempt (more info ...) | attempted-user | 2015-2446 | 76193 | URL | |
| 35500 | BROWSER-IE Microsoft Internet Explorer window scroll integer overflow attempt (more info ...) | attempted-user | 2015-2446 | 76193 | URL | |
| 35536 | BROWSER-IE Microsoft Internet Explorer table layout cache arbitrary code execution attempt (more info ...) | attempted-user | 2015-2502 | URL | ||
| 35537 | BROWSER-IE Microsoft Internet Explorer table layout cache arbitrary code execution attempt (more info ...) | attempted-user | 2015-2502 | URL | ||
| 35588 | FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (more info ...) | attempted-user | 2015-5563 | URL | ||
| 35589 | FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (more info ...) | attempted-user | 2015-5563 | URL | ||
| 35590 | FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (more info ...) | attempted-user | 2015-5563 | URL | ||
| 35591 | FILE-FLASH Google Chrome pepflashplayer SurfaceFilterList use-after-free attempt (more info ...) | attempted-user | 2015-5563 | URL | ||
| 35685 | BROWSER-PLUGINS Mozilla Firefox generatecrmfrequest policy function call access attempt (more info ...) | attempted-user | 2013-1710 | 61900 | URL | |
| 35686 | BROWSER-PLUGINS Mozilla Firefox generatecrmfrequest policy function call access attempt (more info ...) | attempted-user | 2013-1710 | 61900 | URL | |
| 35737 | INDICATOR-OBFUSCATION Javascript stealth executable download attempt (more info ...) | trojan-activity | URL | |||
| 35738 | INDICATOR-OBFUSCATION Javascript stealth executable download attempt (more info ...) | trojan-activity | URL | |||
| 35747 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 35748 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 35771 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 35772 | BROWSER-IE Microsoft Internet Explorer iframe onreadystatechange handler use after free attempt (more info ...) | attempted-user | 2012-0170 | 52904 | URL | |
| 35809 | FILE-PDF Adobe Reader Javascript API ANSendForReview - possible privilege escalation attempt (more info ...) | attempted-user | 2015-4438 | URL | ||
| 35810 | FILE-PDF Adobe Reader Javascript API ANSendForReview - possible privilege escalation attempt (more info ...) | attempted-user | 2015-4438 | URL | ||
| 35811 | FILE-PDF Adobe Reader Javascript API ANStartApproval - possible privilege escalation attempt (more info ...) | attempted-user | 2015-4435 | URL | ||
| 35812 | FILE-PDF Adobe Reader Javascript API ANStartApproval - possible privilege escalation attempt (more info ...) | attempted-user | 2015-4435 | URL | ||
| 35836 | BROWSER-IE Microsoft Internet Explorer CLabelElement object use after free attempt (more info ...) | attempted-user | 2015-2444 | 69325 | URL | |
| 35837 | BROWSER-IE Microsoft Internet Explorer CLabelElement object use after free attempt (more info ...) | attempted-user | 2015-2444 | 69325 | URL | |
| 35865 | BROWSER-IE Internet Explorer DataSource recordset remote code execution attempt (more info ...) | attempted-user | ||||
| 35866 | BROWSER-IE Microsoft Internet Explorer XMLDOM double free corruption attempt (more info ...) | attempted-user | ||||
| 35867 | BROWSER-IE Microsoft Internet Explorer XMLDOM double free corruption attempt (more info ...) | attempted-user | ||||
| 35868 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | ||||
| 35869 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | ||||
| 35870 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | ||||
| 35871 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | ||||
| 35877 | FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (more info ...) | attempted-user | ||||
| 35878 | FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (more info ...) | attempted-user | ||||
| 35879 | FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (more info ...) | attempted-user | ||||
| 35880 | FILE-PDF Adobe Acrobat Reader javascript AcroForm object use after free attempt (more info ...) | attempted-user | ||||
| 35963 | BROWSER-IE Microsoft Internet Explorer element attribute use after free attempt (more info ...) | attempted-user | 2015-2485 | URL | ||
| 35964 | BROWSER-IE Microsoft Internet Explorer element attribute use after free attempt (more info ...) | attempted-user | 2015-2485 | URL | ||
| 35965 | BROWSER-IE Microsoft Internet Explorer CElement input type memory corruption attempt (more info ...) | attempted-user | 2015-2486 | URL | ||
| 35966 | BROWSER-IE Microsoft Internet Explorer CElement input type memory corruption attempt (more info ...) | attempted-user | 2015-2486 | URL | ||
| 35969 | BROWSER-IE Microsoft Internet Explorer Embedded Windows Media Player CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2487 | URL | ||
| 35970 | BROWSER-IE Microsoft Internet Explorer Embedded Windows Media Player CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2487 | URL | ||
| 35971 | BROWSER-IE Microsoft Internet Explorer Embedded Windows Media Player CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2487 | URL | ||
| 35972 | BROWSER-IE Microsoft Internet Explorer Embedded Windows Media Player CMarkup object use after free attempt (more info ...) | attempted-user | 2015-2487 | URL | ||
| 35975 | BROWSER-IE Microsoft Internet Explorer CElement object use-after-free attempt (more info ...) | attempted-user | 2015-2491 | URL | ||
| 35976 | BROWSER-IE Microsoft Internet Explorer CElement object use-after-free attempt (more info ...) | attempted-user | 2015-2491 | URL | ||
| 35990 | BROWSER-IE Microsoft Internet Explorer JScript.Compact insertBefore memory corruption attempt (more info ...) | attempted-user | 2015-2493 | URL | ||
| 35991 | BROWSER-IE Microsoft Internet Explorer JScript.Compact insertBefore memory corruption attempt (more info ...) | attempted-user | 2015-2493 | URL | ||
| 35992 | BROWSER-IE Microsoft Internet Explorer CImgTaskSvgDoc object double free attempt (more info ...) | attempted-user | 2015-2501 | URL | ||
| 35993 | BROWSER-IE Microsoft Internet Explorer CImgTaskSvgDoc object double free attempt (more info ...) | attempted-user | 2015-2501 | URL | ||
| 36004 | BROWSER-IE Microsoft Internet Explorer CImgElement object double free attempt (more info ...) | attempted-user | 2015-2500 | URL | ||
| 36005 | BROWSER-IE Microsoft Internet Explorer CImgElement object double free attempt (more info ...) | attempted-user | 2015-2500 | URL | ||
| 36006 | BROWSER-IE Microsoft Internet Explorer CTableColCalc out of bounds memory write attempt (more info ...) | attempted-user | 2015-2499 | URL | ||
| 36007 | BROWSER-IE Microsoft Internet Explorer CTableColCalc out of bounds memory write attempt (more info ...) | attempted-user | 2015-2499 | URL | ||
| 36008 | BROWSER-IE Microsoft Internet Explorer out of bounds array memory access attempt (more info ...) | attempted-user | 2015-2498 | URL | ||
| 36009 | BROWSER-IE Microsoft Internet Explorer out of bounds array memory access attempt (more info ...) | attempted-user | 2015-2498 | URL | ||
| 36018 | BROWSER-IE Microsoft Internet Explorer invalid memory access attempt (more info ...) | attempted-user | 2015-2492 | URL | ||
| 36019 | BROWSER-IE Microsoft Internet Explorer invalid memory access attempt (more info ...) | attempted-user | 2015-2492 | URL | ||
| 36068 | BROWSER-IE Microsoft Internet Explorer window scroll integer overflow attempt (more info ...) | attempted-user | 2015-2446 | 76193 | URL | |
| 36069 | BROWSER-IE Microsoft Internet Explorer window scroll integer overflow attempt (more info ...) | attempted-user | 2015-2446 | 76193 | URL | |
| 36224 | BROWSER-IE Microsoft Internet Explorer superscript use after free attempt (more info ...) | attempted-user | 2013-3111 | URL | ||
| 36235 | BROWSER-IE Microsoft Internet Explorer CGenericElement use after free attempt (more info ...) | attempted-user | 2015-0017 | URL | ||
| 36236 | BROWSER-IE Microsoft Internet Explorer CGenericElement use after free attempt (more info ...) | attempted-user | 2015-0017 | URL | ||
| 36237 | BROWSER-IE Microsoft Internet Explorer CGenericElement use after free attempt (more info ...) | attempted-user | 2015-0017 | URL | ||
| 36238 | BROWSER-IE Microsoft Internet Explorer CGenericElement use after free attempt (more info ...) | attempted-user | 2015-0017 | URL | ||
| 36239 | FILE-JAVA Oracle Java System.arraycopy race condition attempt (more info ...) | attempted-user | 2014-0456 | |||
| 36240 | FILE-JAVA Oracle Java System.arraycopy race condition attempt (more info ...) | attempted-user | 2014-0456 | |||
| 36249 | BROWSER-IE Microsoft Internet Explorer CSelectElement SetCurSel remote code execution attempt (more info ...) | attempted-user | 2014-0312 | URL | ||
| 36401 | BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (more info ...) | attempted-user | 2015-2515 | URL | ||
| 36402 | BROWSER-IE Microsoft Internet Explorer CQuickLinks object use-after-free attempt (more info ...) | attempted-user | 2015-2515 | URL | ||
| 36418 | BROWSER-IE Microsoft Internet Explorer CWindow object use after free attempt (more info ...) | attempted-user | 2015-6042 | URL | ||
| 36423 | BROWSER-IE Microsoft Internet Explorer CDeskBand use-after-free attempt (more info ...) | attempted-user | 2015-2548 | URL | ||
| 36424 | BROWSER-IE Microsoft Internet Explorer CDeskBand use-after-free attempt (more info ...) | attempted-user | 2015-2548 | URL | ||
| 36436 | BROWSER-IE Microsoft Internet Explorer pre-line use after free attempt (more info ...) | attempted-user | 2015-6050 | URL | ||
| 36437 | BROWSER-IE Microsoft Internet Explorer ieframe.dll ActiveX clsid access (more info ...) | attempted-user | 2015-6049 | URL | ||
| 36438 | BROWSER-IE Microsoft Internet Explorer ieframe.dll ActiveX clsid access (more info ...) | attempted-user | 2015-6049 | URL | ||
| 36439 | BROWSER-IE Microsoft Internet Explorer CTableSelection use-after-free attempt (more info ...) | attempted-user | 2015-6048 | URL | ||
| 36440 | BROWSER-IE Microsoft Internet Explorer CTableSelection use-after-free attempt (more info ...) | attempted-user | 2015-6048 | URL | ||
| 36443 | BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (more info ...) | attempted-user | 2015-6045 | URL | ||
| 36444 | BROWSER-IE Microsoft Internet Explorer EventListener use after free attempt (more info ...) | attempted-user | 2015-6045 | URL | ||
| 36450 | BROWSER-IE Microsoft Internet Explorer RegExp object use after free attempt (more info ...) | attempted-user | 2015-2482 | URL | ||
| 36451 | BROWSER-IE Microsoft Internet Explorer RegExp object use after free attempt (more info ...) | attempted-user | 2015-2482 | URL | ||
| 36532 | SERVER-OTHER Oracle Java RMI remote code execution attempt (more info ...) | attempted-user | 2020-11998 | URL | ||
| 36604 | BROWSER-IE Microsoft Internet Explorer meta tag double free attempt (more info ...) | attempted-user | 2015-2391 | URL | ||
| 36605 | BROWSER-IE Microsoft Internet Explorer meta tag double free attempt (more info ...) | attempted-user | 2015-2391 | URL | ||
| 36671 | BROWSER-IE Microsoft Internet Explorer fragmented CtxtBlk heap overflow attempt (more info ...) | attempted-user | 2015-6068 | URL | ||
| 36672 | BROWSER-IE Microsoft Internet Explorer fragmented CtxtBlk heap overflow attempt (more info ...) | attempted-user | 2015-6068 | URL | ||
| 36673 | BROWSER-IE Microsoft Internet Explorer GetPlainText negative start index out of bounds write attempt (more info ...) | attempted-user | 2015-6158 | URL | ||
| 36674 | BROWSER-IE Microsoft Internet Explorer GetPlainText negative start index out of bounds write attempt (more info ...) | attempted-user | 2015-6158 | URL | ||
| 36675 | BROWSER-IE Microsoft Internet Explorer CMarkup use-after-free attempt (more info ...) | attempted-user | 2015-6078 | URL | ||
| 36676 | BROWSER-IE Microsoft Internet Explorer CMarkup use-after-free attempt (more info ...) | attempted-user | 2015-6078 | URL | ||
| 36677 | BROWSER-IE Microsoft Internet Explorer SVG textbox out of bound memory access attempt (more info ...) | attempted-user | 2015-6085 | URL | ||
| 36678 | BROWSER-IE Microsoft Internet Explorer SVG textbox out of bound memory access attempt (more info ...) | attempted-user | 2015-6085 | URL | ||
| 36679 | BROWSER-IE Microsoft Internet Explorer cache management code overflow attempt (more info ...) | attempted-user | 2015-6064 | URL | ||
| 36680 | BROWSER-IE Microsoft Internet Explorer cache management code overflow attempt (more info ...) | attempted-user | 2015-6064 | URL | ||
| 36681 | BROWSER-IE Microsoft Internet Explorer access violation attempt (more info ...) | attempted-user | 2015-6081 | URL | ||
| 36682 | BROWSER-IE Microsoft Internet Explorer access violation attempt (more info ...) | attempted-user | 2015-6081 | URL | ||
| 36683 | BROWSER-IE Microsoft Internet Explorer CTableCell object use after free attempt (more info ...) | attempted-user | 2015-6079 | URL | ||
| 36684 | BROWSER-IE Microsoft Internet Explorer CTableCell object use after free attempt (more info ...) | attempted-user | 2015-6079 | URL | ||
| 36685 | BROWSER-IE Microsoft Internet Explorer col onpropertychange memory corruption attempt (more info ...) | attempted-user | 2015-6070 | URL | ||
| 36686 | BROWSER-IE Microsoft Internet Explorer col onpropertychange memory corruption attempt (more info ...) | attempted-user | 2015-6070 | URL | ||
| 36687 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2015-6076 | URL | ||
| 36688 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2015-6076 | URL | ||
| 36689 | BROWSER-IE Microsoft Internet Explorer managed CDispNode objects use-after-free attempt (more info ...) | attempted-user | 2015-6082 | URL | ||
| 36690 | BROWSER-IE Microsoft Internet Explorer managed CDispNode objects use-after-free attempt (more info ...) | attempted-user | 2015-6082 | URL | ||
| 36691 | BROWSER-IE Microsoft Internet Explorer CUListElement use-after-free attempt (more info ...) | attempted-user | 2015-6080 | URL | ||
| 36692 | BROWSER-IE Microsoft Internet Explorer CUListElement use-after-free attempt (more info ...) | attempted-user | 2015-6080 | URL | ||
| 36693 | BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (more info ...) | attempted-user | 2015-6065 | URL | ||
| 36694 | BROWSER-IE Microsoft Internet Explorer style object stylesheet use after free attempt (more info ...) | attempted-user | 2015-6065 | URL | ||
| 36695 | BROWSER-IE Microsoft Internet Explorer table element modification use after free attempt (more info ...) | attempted-user | 2015-6066 | URL | ||
| 36696 | BROWSER-IE Microsoft Internet Explorer table element modification use after free attempt (more info ...) | attempted-user | 2015-6066 | URL | ||
| 36699 | BROWSER-IE Microsoft Internet Explorer CTreeNode row element removal remote code execution attempt (more info ...) | attempted-user | 2015-6072 | URL | ||
| 36700 | BROWSER-IE Microsoft Internet Explorer CTreeNode row element removal remote code execution attempt (more info ...) | attempted-user | 2015-6072 | URL | ||
| 36701 | BROWSER-IE Microsoft Internet Explorer CEditEventSink navigate use after free attempt (more info ...) | attempted-user | 2015-6071 | 77445 | URL | |
| 36702 | BROWSER-IE Microsoft Internet Explorer CEditEventSink navigate use after free attempt (more info ...) | attempted-user | 2015-6071 | 77445 | URL | |
| 36738 | BROWSER-IE Microsoft Internet Explorer CTsfTextStore use-after-free attempt (more info ...) | attempted-user | 2015-6077 | URL | ||
| 36739 | BROWSER-IE Microsoft Internet Explorer CTsfTextStore use-after-free attempt (more info ...) | attempted-user | 2015-6077 | URL | ||
| 36742 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2015-6075 | URL | ||
| 36743 | BROWSER-IE Microsoft Internet Explorer CElement use after free attempt (more info ...) | attempted-user | 2015-6075 | URL | ||
| 36759 | INDICATOR-COMPROMISE Microsoft Internet Explorer setAttributeNS ASLR bypass attempt (more info ...) | misc-activity | 2015-6086 | URL | ||
| 36760 | INDICATOR-COMPROMISE Microsoft Internet Explorer setAttributeNS ASLR bypass attempt (more info ...) | misc-activity | 2015-6086 | URL | ||
| 36811 | BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (more info ...) | attempted-dos | 2012-1524 | URL | ||
| 36813 | BROWSER-IE Microsoft Internet Explorer nonexistent attribute removal memory corruption attempt (more info ...) | attempted-dos | 2012-1524 | URL | ||
| 36826 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | 2018-15381 | URL | ||
| 36896 | BROWSER-IE Microsoft Internet Explorer 11 VBScript redim preserve denial-of-service attempt (more info ...) | attempted-user | 2014-6332 | URL | ||
| 36917 | BROWSER-IE Microsoft Internet Explorer iCalendar cross site scripting attempt (more info ...) | attempted-user | 2015-6139 | URL | ||
| 36918 | BROWSER-IE Microsoft Internet Explorer CElement object use after free attempt (more info ...) | attempted-user | 2015-6151 | URL | ||
| 36919 | BROWSER-IE Microsoft Internet Explorer CElement object use after free attempt (more info ...) | attempted-user | 2015-6151 | URL | ||
| 36920 | BROWSER-IE Microsoft Internet Explorer invalid TableRow use after free attempt (more info ...) | attempted-user | 2015-6147 | URL | ||
| 36921 | BROWSER-IE Microsoft Internet Explorer invalid TableRow use after free attempt (more info ...) | attempted-user | 2015-6147 | URL | ||
| 36922 | BROWSER-IE Microsoft Internet Explorer VBScript engine use after free attempt (more info ...) | attempted-user | 2015-6136 | URL | ||
| 36923 | BROWSER-IE Microsoft Internet Explorer VBScript engine use after free attempt (more info ...) | attempted-user | 2015-6136 | URL | ||
| 36926 | BROWSER-IE Microsoft Internet Explorer CObjectElement type confusion attempt (more info ...) | attempted-user | 2015-6156 | URL | ||
| 36927 | BROWSER-IE Microsoft Internet Explorer CObjectElement type confusion attempt (more info ...) | attempted-user | 2015-6156 | URL | ||
| 36928 | BROWSER-IE Microsoft Internet Explorer CTableLayout use after free attempt (more info ...) | attempted-user | 2015-6150 | URL | ||
| 36929 | BROWSER-IE Microsoft Internet Explorer CTableLayout use after free attempt (more info ...) | attempted-user | 2015-6150 | URL | ||
| 36936 | BROWSER-IE Microsoft Internet Explorer TextBlock out of bounds read attempt (more info ...) | attempted-user | 2015-6159 | URL | ||
| 36937 | BROWSER-IE Microsoft Internet Explorer TextBlock out of bounds read attempt (more info ...) | attempted-user | 2015-6159 | URL | ||
| 36938 | BROWSER-IE Microsoft Internet Explorer invalid table grid memory corruption attempt (more info ...) | attempted-user | 2015-6153 | URL | ||
| 36939 | BROWSER-IE Microsoft Internet Explorer invalid table grid memory corruption attempt (more info ...) | attempted-user | 2015-6153 | URL | ||
| 36940 | BROWSER-IE Microsoft Internet Explorer CSpliceTreeEngine RemoveSplice null pointer dereference attempt (more info ...) | attempted-user | 2015-6148 | URL | ||
| 36941 | BROWSER-IE Microsoft Internet Explorer CSpliceTreeEngine RemoveSplice null pointer dereference attempt (more info ...) | attempted-user | 2015-6148 | URL | ||
| 36942 | BROWSER-IE Microsoft Internet Explorer flexbox use after free attempt (more info ...) | attempted-user | 2015-6155 | URL | ||
| 36943 | BROWSER-IE Microsoft Internet Explorer flexbox use after free attempt (more info ...) | attempted-user | 2015-6155 | URL | ||
| 36944 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free attempt (more info ...) | attempted-user | 2015-6160 | URL | ||
| 36945 | BROWSER-IE Microsoft Internet Explorer CTreePos use after free attempt (more info ...) | attempted-user | 2015-6160 | URL | ||
| 36946 | BROWSER-IE Microsoft Internet Explorer CSharedStyleSheet RemoveRule out of bounds read attempt (more info ...) | attempted-user | 2015-6141 | URL | ||
| 36947 | BROWSER-IE Microsoft Internet Explorer CSharedStyleSheet RemoveRule out of bounds read attempt (more info ...) | attempted-user | 2015-6141 | URL | ||
| 36948 | BROWSER-IE Microsoft Internet Explorer CTableCell invalid index memory corruption attempt (more info ...) | attempted-user | 2015-6149 | URL | ||
| 36949 | BROWSER-IE Microsoft Internet Explorer CTableCell invalid index memory corruption attempt (more info ...) | attempted-user | 2015-6149 | URL | ||
| 36950 | BROWSER-IE Microsoft Internet Explorer SComputedStyle destructor out of bounds read attempt (more info ...) | attempted-user | 2015-6140 | URL | ||
| 36951 | BROWSER-IE Microsoft Internet Explorer SComputedStyle destructor out of bounds read attempt (more info ...) | attempted-user | 2015-6140 | URL | ||
| 36956 | BROWSER-IE Microsoft Internet Explorer TableGridBoxBuilder UpdateColumnSize out of bounds read attempt (more info ...) | attempted-user | 2015-6157 | URL | ||
| 36957 | BROWSER-IE Microsoft Internet Explorer TableGridBoxBuilder UpdateColumnSize out of bounds read attempt (more info ...) | attempted-user | 2015-6157 | URL | ||
| 36962 | BROWSER-IE Microsoft Internet Explorer CAttribute to CStyleAttrArray type confusion attempt (more info ...) | attempted-user | 2015-6142 | URL | ||
| 36963 | BROWSER-IE Microsoft Internet Explorer CAttribute to CStyleAttrArray type confusion attempt (more info ...) | attempted-user | 2015-6142 | URL | ||
| 36980 | BROWSER-IE Microsoft Internet Explorer javascript argument type confusion attempt (more info ...) | attempted-user | 2015-6134 | URL | ||
| 36981 | BROWSER-IE Microsoft Internet Explorer javascript argument type confusion attempt (more info ...) | attempted-user | 2015-6134 | URL | ||
| 36983 | BROWSER-IE Microsoft Internet Explorer select use after free attempt (more info ...) | attempted-user | 2015-6145 | URL | ||
| 36986 | BROWSER-IE Microsoft Internet Explorer CAttrArray use after free attempt (more info ...) | attempted-user | 2016-0082 | URL | ||
| 36987 | BROWSER-IE Microsoft Internet Explorer CAttrArray use after free attempt (more info ...) | attempted-user | 2016-0082 | URL | ||
| 36988 | BROWSER-IE Microsoft Internet Explorer cross origin policy bypass via redirect attempt (more info ...) | attempted-user | 2015-6164 | URL | ||
| 36991 | BROWSER-IE Microsoft Internet Explorer CDispContainer out of bounds read attempt (more info ...) | attempted-user | 2015-6152 | URL | ||
| 36992 | BROWSER-IE Microsoft Internet Explorer CDispContainer out of bounds read attempt (more info ...) | attempted-user | 2015-6152 | URL | ||
| 37003 | BROWSER-IE Microsoft Internet Explorer CMarkupPointer UnEmbed out of bounds read attempt (more info ...) | attempted-user | 2015-6154 | URL | ||
| 37004 | BROWSER-IE Microsoft Internet Explorer CMarkupPointer UnEmbed out of bounds read attempt (more info ...) | attempted-user | 2015-6154 | URL | ||
| 37009 | BROWSER-IE Microsoft Internet Explorer TextBlock object use after free attempt (more info ...) | attempted-user | 2015-6162 | URL | ||
| 37010 | BROWSER-IE Microsoft Internet Explorer TextBlock object use after free attempt (more info ...) | attempted-user | 2015-6162 | URL | ||
| 37135 | SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (more info ...) | attempted-user | URL | |||
| 37136 | SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (more info ...) | attempted-user | URL | |||
| 37137 | SERVER-WEBAPP Fireeye Java decompiler reflection remote code execution attempt (more info ...) | attempted-user | URL | |||
| 37257 | BROWSER-IE Microsoft Internet Explorer mapi32x.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-0020 | URL | ||
| 37258 | BROWSER-IE Microsoft Internet Explorer request for mapi32x.dll over SMB attempt (more info ...) | attempted-user | 2016-0020 | URL | ||
| 37283 | BROWSER-IE Microsoft Internet Explorer VBScript engine use after free attempt (more info ...) | attempted-user | 2018-1023 | URL | ||
| 37284 | BROWSER-IE Microsoft Internet Explorer VBScript engine use after free attempt (more info ...) | attempted-user | 2018-1023 | URL | ||
| 37326 | BROWSER-CHROME Google Chrome PDF Viewer information disclosure attempt (more info ...) | misc-attack | 2015-1302 | URL | ||
| 37327 | BROWSER-CHROME Google Chrome PDF Viewer information disclosure attempt (more info ...) | misc-attack | 2015-1302 | URL | ||
| 37405 | FILE-PDF Adobe Reader addAnnot JavaScript based memory corruption attempt (more info ...) | attempted-user | 2016-0931 | URL | ||
| 37406 | FILE-PDF Adobe Reader addAnnot JavaScript based memory corruption attempt (more info ...) | attempted-user | 2016-0931 | URL | ||
| 37441 | FILE-OTHER Adobe Flash Player javascript parsing cross site scripting attempt (more info ...) | attempted-user | 2014-0533 | URL | ||
| 37442 | FILE-OTHER Adobe Flash Player javascript parsing cross site scripting attempt (more info ...) | attempted-user | 2014-0533 | URL | ||
| 37464 | FILE-PDF Adobe Acrobat Reader JavaScript model privileged API bypass attempt (more info ...) | policy-violation | 2016-0943 | URL | ||
| 37465 | FILE-PDF Adobe Acrobat Reader JavaScript model privileged API bypass attempt (more info ...) | policy-violation | 2016-0943 | URL | ||
| 37527 | SERVER-OTHER IBM WebSphere InvokerTransformer serialized Java object remote code execution attempt (more info ...) | attempted-user | 2015-7450 | 77653 | URL | |
| 37553 | BROWSER-IE Microsoft Internet Explorer CDATA use-after-free attempt (more info ...) | attempted-user | 2016-0072 | URL | ||
| 37554 | BROWSER-IE Microsoft Internet Explorer CDATA use-after-free attempt (more info ...) | attempted-user | 2016-0072 | URL | ||
| 37571 | BROWSER-IE Microsoft Internet Explorer CDomPrototype type confusion attempt (more info ...) | attempted-user | 2016-0063 | URL | ||
| 37572 | BROWSER-IE Microsoft Internet Explorer CDomPrototype type confusion attempt (more info ...) | attempted-user | 2016-0063 | URL | ||
| 37573 | BROWSER-IE Microsoft Internet Explorer CDomPrototype type confusion attempt (more info ...) | attempted-user | 2016-0063 | URL | ||
| 37574 | BROWSER-IE Microsoft Internet Explorer CDomPrototype type confusion attempt (more info ...) | attempted-user | 2016-0063 | URL | ||
| 37596 | BROWSER-IE Microsoft Internet Explorer CTextBlock use-after-free attempt (more info ...) | attempted-user | 2016-0071 | URL | ||
| 37597 | BROWSER-IE Microsoft Internet Explorer CTextBlock use-after-free attempt (more info ...) | attempted-user | 2016-0071 | URL | ||
| 37602 | BROWSER-IE Microsoft Internet Explorer IFRAME object constructor cross site scripting attempt (more info ...) | web-application-attack | 2016-0068 | URL | ||
| 37603 | BROWSER-IE Microsoft Internet Explorer IFRAME object constructor cross site scripting attempt (more info ...) | web-application-attack | 2016-0068 | URL | ||
| 37604 | BROWSER-IE Microsoft Internet Explorer StrCmpNICW string object use after free attempt (more info ...) | attempted-user | 2016-0067 | URL | ||
| 37605 | BROWSER-IE Microsoft Internet Explorer StrCmpNICW string object use after free attempt (more info ...) | attempted-user | 2016-0067 | URL | ||
| 37608 | BROWSER-IE Microsoft Internet Explorer CallInvoke type confusion attempt (more info ...) | attempted-user | 2016-0061 | URL | ||
| 37609 | BROWSER-IE Microsoft Internet Explorer CallInvoke type confusion attempt (more info ...) | attempted-user | 2016-0061 | URL | ||
| 37610 | BROWSER-IE Microsoft Internet Explorer CallInvoke type confusion attempt (more info ...) | attempted-user | 2016-0061 | URL | ||
| 37611 | BROWSER-IE Microsoft Internet Explorer CallInvoke type confusion attempt (more info ...) | attempted-user | 2016-0061 | URL | ||
| 37612 | BROWSER-IE Microsoft Internet Explorer CACPWrap object use-after-free attempt (more info ...) | attempted-user | 2016-0062 | URL | ||
| 37613 | BROWSER-IE Microsoft Internet Explorer CACPWrap object use-after-free attempt (more info ...) | attempted-user | 2016-0062 | URL | ||
| 37614 | BROWSER-IE Microsoft Internet Explorer CFGBitmap heap code execution attempt (more info ...) | attempted-user | 2016-0080 | URL | ||
| 37615 | BROWSER-IE Microsoft Internet Explorer CFGBitmap heap code execution attempt (more info ...) | attempted-user | 2016-0080 | URL | ||
| 37626 | BROWSER-FIREFOX Mozilla Firefox IDL fragment privilege escalation attempt (more info ...) | attempted-user | 2014-1510 | URL | ||
| 37633 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 37634 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 37664 | FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (more info ...) | attempted-user | 2014-0457 | 66866 | ||
| 37665 | FILE-JAVA Oracle Java ServiceLoader exception handling exploit attempt (more info ...) | attempted-user | 2014-0457 | 66866 | ||
| 37802 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 37804 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2014-4262 | 60659 | URL | |
| 37805 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2014-4262 | 60659 | URL | |
| 37810 | BROWSER-IE Microsoft Internet Explorer CDisplayPointer use after free attempt (more info ...) | attempted-user | 2013-3205 | URL | ||
| 37811 | BROWSER-IE Microsoft Internet Explorer CDisplayPointer use after free attempt (more info ...) | attempted-user | 2013-3205 | URL | ||
| 37818 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 37819 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 37820 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 37821 | FILE-JAVA Oracle Java sun.awt.image.ImagingLib.lookupByteBI memory corruption attempt (more info ...) | attempted-user | 2013-2470 | 60651 | URL | |
| 37859 | SERVER-WEBAPP Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | 2020-14625 | URL | ||
| 37860 | SERVER-WEBAPP Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | 2017-15708 | URL | ||
| 37870 | BROWSER-IE Microsoft Internet Explorer tRNS overflow attempt (more info ...) | attempted-user | 2005-1211 | 13941 | 18490 | URL |
| 37918 | EXPLOIT-KIT Magnitude exploit kit Internet Explorer exploit attempt (more info ...) | attempted-admin | ||||
| 38015 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 38016 | BROWSER-IE Microsoft Internet Explorer DOM manipulation memory corruption attempt (more info ...) | attempted-user | 2012-1875 | 53847 | URL | |
| 38065 | BROWSER-IE Microsoft Internet Explorer GETDISPID invalid pointer access attempt (more info ...) | attempted-user | 2016-0112 | URL | ||
| 38066 | BROWSER-IE Microsoft Internet Explorer GETDISPID invalid pointer access attempt (more info ...) | attempted-user | 2016-0112 | URL | ||
| 38067 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 38068 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 38069 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 38070 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 38079 | BROWSER-IE Microsoft Internet Explorer embedded media player use after free attempt (more info ...) | attempted-user | 2016-0098 | URL | ||
| 38080 | BROWSER-IE Microsoft Internet Explorer embedded media player use after free attempt (more info ...) | attempted-user | 2016-0098 | URL | ||
| 38081 | BROWSER-IE Microsoft Internet Explorer SetItem use after free attempt (more info ...) | attempted-user | 2016-0106 | URL | ||
| 38082 | BROWSER-IE Microsoft Internet Explorer SetItem use after free attempt (more info ...) | attempted-user | 2016-0106 | URL | ||
| 38085 | BROWSER-IE Microsoft Internet Explorer CTravelEntry use after free attempt (more info ...) | attempted-user | 2016-0113 | URL | ||
| 38086 | BROWSER-IE Microsoft Internet Explorer CTravelEntry use after free attempt (more info ...) | attempted-user | 2016-0113 | URL | ||
| 38088 | BROWSER-IE Microsoft Internet Explorer string type confusion remote code execution attempt (more info ...) | attempted-user | 2016-0105 | URL | ||
| 38089 | BROWSER-IE Microsoft Internet Explorer string type confusion remote code execution attempt (more info ...) | attempted-user | 2016-0105 | URL | ||
| 38090 | BROWSER-IE Microsoft Internet Explorer CSVGHelpers use-after-free attempt (more info ...) | attempted-user | 2016-0111 | URL | ||
| 38091 | BROWSER-IE Microsoft Internet Explorer CSVGHelpers use-after-free attempt (more info ...) | attempted-user | 2016-0111 | URL | ||
| 38094 | BROWSER-IE Microsoft Internet Explorer CTreePos remote code execution attempt (more info ...) | attempted-user | 2016-0102 | URL | ||
| 38095 | BROWSER-IE Microsoft Internet Explorer CTreePos remote code execution attempt (more info ...) | attempted-user | 2016-0102 | URL | ||
| 38096 | BROWSER-IE Microsoft Internet Explorer out of bound write access attempt (more info ...) | attempted-admin | 2016-0110 | URL | ||
| 38097 | BROWSER-IE Microsoft Internet Explorer out of bound write access attempt (more info ...) | attempted-admin | 2016-0110 | URL | ||
| 38098 | BROWSER-IE Microsoft Internet Explorer TableCellLayoutArray use-after-free attempt (more info ...) | attempted-user | 2016-0109 | URL | ||
| 38099 | BROWSER-IE Microsoft Internet Explorer TableCellLayoutArray use-after-free attempt (more info ...) | attempted-user | 2016-0109 | URL | ||
| 38102 | BROWSER-IE Microsoft Internet Explorer CEditEventSink navigate use after free attempt (more info ...) | attempted-user | 2015-6071 | 77445 | URL | |
| 38103 | BROWSER-IE Microsoft Internet Explorer CEditEventSink navigate use after free attempt (more info ...) | attempted-user | 2015-6071 | 77445 | URL | |
| 38108 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use-after-free (more info ...) | attempted-user | 2016-0104 | URL | ||
| 38109 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode use-after-free (more info ...) | attempted-user | 2016-0104 | URL | ||
| 38112 | BROWSER-IE Microsoft Internet Explorer addRow out-of-bounds read attempt (more info ...) | attempted-user | 2016-3242 | URL | ||
| 38113 | BROWSER-IE Microsoft Internet Explorer addRow out-of-bounds read attempt (more info ...) | attempted-user | 2016-3242 | URL | ||
| 38117 | BROWSER-IE Microsoft Internet Explorer mshtml InsertRange out of bounds write access (more info ...) | attempted-user | 2016-0103 | URL | ||
| 38118 | BROWSER-IE Microsoft Internet Explorer mshtml InsertRange out of bounds write access (more info ...) | attempted-user | 2016-0103 | URL | ||
| 38122 | BROWSER-IE Microsoft Internet Explorer CInput sliderdata object use after free attempt (more info ...) | attempted-user | 2016-0114 | URL | ||
| 38123 | BROWSER-IE Microsoft Internet Explorer CInput sliderdata object use after free attempt (more info ...) | attempted-user | 2016-0114 | URL | ||
| 38276 | BROWSER-IE Microsoft Internet Explorer text transform use after free attempt (more info ...) | attempted-user | 2013-0087 | 58341 | URL | |
| 38277 | BROWSER-IE Microsoft Internet Explorer text transform use after free attempt (more info ...) | attempted-user | 2013-0087 | 58341 | URL | |
| 38278 | BROWSER-IE Microsoft Internet Explorer text transform use after free attempt (more info ...) | attempted-user | 2013-0087 | 58341 | URL | |
| 38308 | BROWSER-IE Microsoft Internet Explorer VBScript engine use after free attempt (more info ...) | attempted-user | 2016-0002 | URL | ||
| 38309 | BROWSER-IE Microsoft Internet Explorer VBScript engine use after free attempt (more info ...) | attempted-user | 2016-0002 | URL | ||
| 38317 | FILE-OTHER Microsoft Edge Chakra JavaScript engine out of bounds read attempt (more info ...) | attempted-user | 2016-0024 | URL | ||
| 38318 | FILE-OTHER Microsoft Edge Chakra JavaScript engine out of bounds read attempt (more info ...) | attempted-user | 2016-0024 | URL | ||
| 38338 | FILE-JAVA Oracle Java Class Loader namespace sandbox bypass attempt (more info ...) | attempted-user | 2013-5838 | 63131 | URL | |
| 38339 | FILE-JAVA Oracle Java Class Loader namespace sandbox bypass attempt (more info ...) | attempted-user | 2013-5838 | 63131 | URL | |
| 38465 | BROWSER-IE Microsoft Internet Explorer InsertSanitizedTextEx use after free attempt (more info ...) | attempted-admin | 2016-0164 | URL | ||
| 38466 | BROWSER-IE Microsoft Internet Explorer InsertSanitizedTextEx use after free attempt (more info ...) | attempted-admin | 2016-0164 | URL | ||
| 38467 | BROWSER-IE Microsoft Internet Explorer 9 frameset use after free attempt (more info ...) | attempted-user | 2016-0159 | URL | ||
| 38468 | BROWSER-IE Microsoft Internet Explorer 9 frameset use after free attempt (more info ...) | attempted-user | 2016-0159 | URL | ||
| 38503 | BROWSER-IE Microsoft Internet Explorer CChildIterator media object use-after-free attempt (more info ...) | attempted-user | 2016-0166 | URL | ||
| 38504 | BROWSER-IE Microsoft Internet Explorer CChildIterator media object use-after-free attempt (more info ...) | attempted-user | 2016-0166 | URL | ||
| 38505 | BROWSER-IE Microsoft Internet Explorer CChildIterator media object use-after-free attempt (more info ...) | attempted-user | 2016-0166 | URL | ||
| 38506 | BROWSER-IE Microsoft Internet Explorer CChildIterator media object use-after-free attempt (more info ...) | attempted-user | 2016-0166 | URL | ||
| 38507 | BROWSER-IE Microsoft Internet Explorer ConvertStringFromUnicodeEx out of bounds write attempt (more info ...) | attempted-user | 2016-0154 | URL | ||
| 38508 | BROWSER-IE Microsoft Internet Explorer ConvertStringFromUnicodeEx out of bounds write attempt (more info ...) | attempted-user | 2016-0154 | URL | ||
| 38669 | BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (more info ...) | attempted-user | 2014-0322 | |||
| 38670 | BROWSER-IE Microsoft Internet Explorer onpropertychange use-after-free attempt (more info ...) | attempted-user | 2014-0322 | |||
| 38763 | BROWSER-IE Microsoft Internet Explorer mshtml.dll null pointer dereference attempt (more info ...) | attempted-user | 2016-0192 | URL | ||
| 38764 | BROWSER-IE Microsoft Internet Explorer mshtml.dll null pointer dereference attempt (more info ...) | attempted-user | 2016-0192 | URL | ||
| 38768 | BROWSER-IE Microsoft Internet Explorer CreateColorSpace vulnerability attempt (more info ...) | attempted-user | 2016-0168 | URL | ||
| 38769 | BROWSER-IE Microsoft Internet Explorer CreateColorSpace vulnerability attempt (more info ...) | attempted-user | 2016-0168 | URL | ||
| 38770 | BROWSER-IE Microsoft Internet Explorer CreateColorSpace vulnerability attempt (more info ...) | attempted-user | 2016-0168 | URL | ||
| 38771 | BROWSER-IE Microsoft Internet Explorer CreateColorSpace vulnerability attempt (more info ...) | attempted-user | 2016-0168 | URL | ||
| 38772 | BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (more info ...) | attempted-user | 2016-0169 | URL | ||
| 38773 | BROWSER-IE Microsoft Internet Explorer EMF file integer overflow attempt (more info ...) | attempted-user | 2016-0169 | URL | ||
| 38776 | BROWSER-IE Microsoft Internet Explorer uninitialized pointer attempt (more info ...) | attempted-user | 2016-0191 | URL | ||
| 38777 | BROWSER-IE Microsoft Internet Explorer uninitialized pointer attempt (more info ...) | attempted-user | 2016-0191 | URL | ||
| 38780 | OS-WINDOWS Microsoft Internet Explorer VerifyFile information disclosure attempt (more info ...) | attempted-user | 2016-0194 | URL | ||
| 38781 | OS-WINDOWS Microsoft Internet Explorer VerifyFile information disclosure attempt (more info ...) | attempted-user | 2016-0194 | URL | ||
| 38794 | FILE-PDF Adobe Reader XFA javascript use after free attempt (more info ...) | attempted-user | 2016-1073 | URL | ||
| 38795 | FILE-PDF Adobe Reader XFA javascript use after free attempt (more info ...) | attempted-user | 2016-1073 | URL | ||
| 38828 | BROWSER-IE Microsoft Internet Explorer BooleanProtoObj objects JSONStringifyArray use-after-free attempt (more info ...) | attempted-user | 2016-0187 | URL | ||
| 38829 | BROWSER-IE Microsoft Internet Explorer BooleanProtoObj objects JSONStringifyArray use-after-free attempt (more info ...) | attempted-user | 2016-0187 | URL | ||
| 38841 | BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (more info ...) | attempted-user | 2016-0189 | URL | ||
| 38842 | BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (more info ...) | attempted-user | 2016-0189 | URL | ||
| 38843 | FILE-PDF Adobe Reader javascript replace integer overflow attempt (more info ...) | attempted-user | 2016-1043 | URL | ||
| 38844 | FILE-PDF Adobe Reader javascript replace integer overflow attempt (more info ...) | attempted-user | 2016-1043 | URL | ||
| 38874 | FILE-FLASH Adobe Flash Player DeleteRangeTimelineOperation type confusion attempt (more info ...) | attempted-user | 2016-4224 | URL | ||
| 38875 | FILE-FLASH Adobe Flash Player DeleteRangeTimelineOperation type confusion attempt (more info ...) | attempted-user | 2016-4224 | URL | ||
| 38877 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1044 | URL | ||
| 38878 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1044 | URL | ||
| 38909 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1039 | URL | ||
| 38910 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1039 | URL | ||
| 38911 | FILE-PDF Adobe Reader DisablePermEnforcement JavaScript function use-after-free attempt (more info ...) | attempted-user | 2016-1084 | URL | ||
| 38912 | FILE-PDF Adobe Reader DisablePermEnforcement JavaScript function use-after-free attempt (more info ...) | attempted-user | 2016-1084 | URL | ||
| 38914 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1038 | URL | ||
| 38915 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1038 | URL | ||
| 38918 | FILE-PDF Adobe Reader createAVView JavaScript use-after-free attempt (more info ...) | attempted-user | 2016-1082 | URL | ||
| 38919 | FILE-PDF Adobe Reader createAVView JavaScript use-after-free attempt (more info ...) | attempted-user | 2016-1082 | URL | ||
| 38920 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1042 | URL | ||
| 38921 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1042 | URL | ||
| 38923 | FILE-PDF Adobe Reader compareDocuments JavaScript function use-after-free attempt (more info ...) | attempted-user | 2016-1085 | URL | ||
| 38924 | FILE-PDF Adobe Reader compareDocuments JavaScript function use-after-free attempt (more info ...) | attempted-user | 2016-1085 | URL | ||
| 38935 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1041 | URL | ||
| 38936 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1041 | URL | ||
| 38943 | FILE-PDF Adobe Reader XFA javascript out of bound memory corruption attempt (more info ...) | attempted-user | 2016-1072 | URL | ||
| 38944 | FILE-PDF Adobe Reader XFA javascript out of bound memory corruption attempt (more info ...) | attempted-user | 2016-1072 | URL | ||
| 38991 | FILE-PDF Adobe Reader execAVDialog JavaScript function use-after-free attempt (more info ...) | attempted-user | 2016-1083 | URL | ||
| 38992 | FILE-PDF Adobe Reader execAVDialog JavaScript function use-after-free attempt (more info ...) | attempted-user | 2016-1083 | URL | ||
| 39161 | FILE-PDF Google Chrome PDFium jpeg2000 SIZ segment check failure heap buffer overflow attempt (more info ...) | attempted-user | 2016-1681 | URL | ||
| 39162 | FILE-PDF Google Chrome PDFium jpeg2000 SIZ segment check failure heap buffer overflow attempt (more info ...) | attempted-user | 2016-1681 | URL | ||
| 39170 | SERVER-WEBAPP Cisco Video Surveillance Operations Manager directory traversal attempt (more info ...) | web-application-attack | 2013-3429 | URL | ||
| 39171 | SERVER-WEBAPP Cisco Video Surveillance Operations Manager directory traversal attempt (more info ...) | web-application-attack | 2013-3429 | URL | ||
| 39172 | SERVER-WEBAPP Cisco Video Surveillance Operations Manager directory traversal attempt (more info ...) | web-application-attack | 2013-3429 | URL | ||
| 39201 | BROWSER-IE Microsoft Internet Explorer vbscript csession close use after free attempt (more info ...) | attempted-user | 2016-3205 | |||
| 39202 | BROWSER-IE Microsoft Internet Explorer vbscript csession close use after free attempt (more info ...) | attempted-user | 2016-3205 | |||
| 39207 | BROWSER-IE Microsoft Internet Explorer drag and drop API remote code execution attempt (more info ...) | attempted-user | 2016-3211 | URL | ||
| 39208 | BROWSER-IE Microsoft Internet Explorer drag and drop API remote code execution attempt (more info ...) | attempted-user | 2016-3211 | URL | ||
| 39211 | BROWSER-IE Microsoft Internet Explorer VBScript out of bounds memory access remote code execution attempt (more info ...) | attempted-user | 2016-3206 | URL | ||
| 39212 | BROWSER-IE Microsoft Internet Explorer VBScript out of bounds memory access remote code execution attempt (more info ...) | attempted-user | 2016-3206 | URL | ||
| 39230 | BROWSER-IE Microsoft Internet Explorer CSS link element use-after-free attempt (more info ...) | attempted-user | 2016-0200 | URL | ||
| 39231 | BROWSER-IE Microsoft Internet Explorer CSS link element use-after-free attempt (more info ...) | attempted-user | 2016-0200 | URL | ||
| 39234 | BROWSER-IE Microsoft Internet Explorer tagged integer type confusion attempt (more info ...) | attempted-user | 2016-0199 | URL | ||
| 39235 | BROWSER-IE Microsoft Internet Explorer tagged integer type confusion attempt (more info ...) | attempted-user | 2016-0199 | URL | ||
| 39236 | BROWSER-IE Microsoft Internet Explorer scripting engine buffer overflow attempt (more info ...) | attempted-user | 2016-3207 | URL | ||
| 39237 | BROWSER-IE Microsoft Internet Explorer scripting engine buffer overflow attempt (more info ...) | attempted-user | 2016-3207 | URL | ||
| 39242 | BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt (more info ...) | attempted-user | 2016-3210 | URL | ||
| 39243 | BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt (more info ...) | attempted-user | 2016-3210 | URL | ||
| 39491 | BROWSER-IE Microsoft Internet Explorer Dxtrans table element use after free attempt (more info ...) | attempted-user | 2016-3240 | URL | ||
| 39492 | BROWSER-IE Microsoft Internet Explorer Dxtrans table element use after free attempt (more info ...) | attempted-user | 2016-3240 | URL | ||
| 39499 | BROWSER-IE Microsoft Internet Explorer mshtml.dll invalid resize use after free attempt (more info ...) | attempted-user | 2016-3243 | URL | ||
| 39500 | BROWSER-IE Microsoft Internet Explorer mshtml.dll invalid resize use after free attempt (more info ...) | attempted-user | 2016-3243 | URL | ||
| 39505 | BROWSER-IE Microsoft Internet Explorer Edge text node table-cell use after free attempt (more info ...) | attempted-user | 2016-3244 | URL | ||
| 39514 | BROWSER-IE Microsoft Internet Explorer textTransform out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-3261 | URL | ||
| 39515 | BROWSER-IE Microsoft Internet Explorer textTransform out-of-bounds memory access attempt (more info ...) | attempted-user | 2016-3261 | URL | ||
| 39680 | BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (more info ...) | attempted-user | 2016-0189 | URL | ||
| 39681 | BROWSER-IE Microsoft Internet Explorer VBScript toString redim array use after free attempt (more info ...) | attempted-user | 2016-0189 | URL | ||
| 39763 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 39764 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 39810 | BROWSER-IE Microsoft Internet Explorer iertutil.dll long UNC redirect out of bounds read attempt (more info ...) | attempted-user | 2016-3327 | URL | ||
| 39811 | BROWSER-IE Microsoft Internet Explorer iertutil.dll long UNC redirect out of bounds read attempt (more info ...) | attempted-user | 2016-3327 | URL | ||
| 39812 | BROWSER-IE Microsoft Internet Explorer page layout use after free attempt (more info ...) | attempted-user | 2016-3288 | URL | ||
| 39813 | BROWSER-IE Microsoft Internet Explorer page layout use after free attempt (more info ...) | attempted-user | 2016-3288 | URL | ||
| 39818 | OS-WINDOWS Microsoft Windows operating system win32kfull heap corruption attempt (more info ...) | attempted-admin | 2016-3308 | URL | ||
| 39819 | OS-WINDOWS Microsoft Windows operating system win32kfull heap corruption attempt (more info ...) | attempted-admin | 2016-3308 | URL | ||
| 39827 | BROWSER-IE Microsoft Internet Explorer CStr internal string use-after-free attempt (more info ...) | attempted-user | 2016-3326 | URL | ||
| 39828 | BROWSER-IE Microsoft Internet Explorer mshtml.dll cached object use after free attempt (more info ...) | attempted-user | 2016-3322 | URL | ||
| 39829 | BROWSER-IE Microsoft Internet Explorer mshtml.dll cached object use after free attempt (more info ...) | attempted-user | 2016-3322 | URL | ||
| 39833 | BROWSER-IE Microsoft Internet Explorer InsertSelectDropdown use after free attempt (more info ...) | attempted-user | 2016-3289 | URL | ||
| 39834 | BROWSER-IE Microsoft Internet Explorer InsertSelectDropdown use after free attempt (more info ...) | attempted-user | 2016-3289 | URL | ||
| 39839 | BROWSER-IE Microsoft Windows Internet Explorer MSHTML.dll type confusion attempt (more info ...) | attempted-user | 2016-3290 | URL | ||
| 39840 | BROWSER-IE Microsoft Windows Internet Explorer MSHTML.dll type confusion attempt (more info ...) | attempted-user | 2016-3290 | URL | ||
| 40077 | BROWSER-IE Microsoft Internet Explorer protected mode sandbox escape attempt (more info ...) | attempted-admin | 2016-3292 | URL | ||
| 40078 | BROWSER-IE Microsoft Internet Explorer protected mode sandbox escape attempt (more info ...) | attempted-admin | 2016-3292 | URL | ||
| 40108 | BROWSER-IE Microsoft Internet Explorer font element out of bounds read attempt (more info ...) | attempted-recon | 2016-3297 | URL | ||
| 40109 | BROWSER-IE Microsoft Internet Explorer font element out of bounds read attempt (more info ...) | attempted-recon | 2016-3297 | URL | ||
| 40149 | BROWSER-IE Microsoft Internet Explorer MSXML IDispatch use after free attempt (more info ...) | attempted-user | ||||
| 40150 | BROWSER-IE Microsoft Internet Explorer MSXML IDispatch use after free attempt (more info ...) | attempted-user | ||||
| 40312 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 40363 | BROWSER-FIREFOX Mozilla Firefox CSP report-uri arbitrary file write attempt (more info ...) | attempted-user | 2016-1954 | URL | ||
| 40364 | BROWSER-IE Microsoft Internet Explorer loadXML parseError.errorCode information disclosure attempt (more info ...) | attempted-user | 2017-0022 | URL | ||
| 40365 | BROWSER-IE Microsoft Internet Explorer loadXML parseError.errorCode information disclosure attempt (more info ...) | attempted-user | 2017-0022 | URL | ||
| 40370 | BROWSER-IE Microsoft Edge spread operator memory corruption attempt (more info ...) | attempted-user | 2016-3386 | URL | ||
| 40371 | BROWSER-IE Microsoft Edge spread operator memory corruption attempt (more info ...) | attempted-user | 2016-3386 | URL | ||
| 40378 | BROWSER-IE Microsoft Internet Explorer iframe type confusion attempt (more info ...) | attempted-user | 2016-3383 | URL | ||
| 40379 | BROWSER-IE Microsoft Internet Explorer iframe type confusion attempt (more info ...) | attempted-user | 2016-3383 | URL | ||
| 40385 | BROWSER-IE Microsoft Internet Explorer vbscript variable type confusion attempt (more info ...) | attempted-user | 2016-3385 | URL | ||
| 40386 | BROWSER-IE Microsoft Internet Explorer vbscript variable type confusion attempt (more info ...) | attempted-user | 2016-3385 | URL | ||
| 40420 | BROWSER-IE Microsoft Internet Explorer readyState property information disclosure attempt (more info ...) | attempted-user | 2016-3267 | URL | ||
| 40421 | BROWSER-IE Microsoft Internet Explorer readyState property information disclosure attempt (more info ...) | attempted-user | 2016-3267 | URL | ||
| 40546 | FILE-PDF Adobe Reader JavaScript API privileged function bypass attempt (more info ...) | attempted-user | 2016-6958 | URL | ||
| 40547 | FILE-PDF Adobe Reader JavaScript API privileged function bypass attempt (more info ...) | attempted-user | 2016-6958 | URL | ||
| 40577 | FILE-PDF Adobe Reader XFA remerge JavaScript use after free attempt (more info ...) | attempted-user | 2016-6988 | URL | ||
| 40578 | FILE-PDF Adobe Reader XFA remerge JavaScript use after free attempt (more info ...) | attempted-user | 2016-6988 | URL | ||
| 40602 | FILE-PDF Adobe Reader XFA exclGroup JavaScript out of bounds memory access attempt (more info ...) | attempted-user | 2016-6942 | URL | ||
| 40603 | FILE-PDF Adobe Reader XFA exclGroup JavaScript out of bounds memory access attempt (more info ...) | attempted-user | 2016-6942 | URL | ||
| 40641 | FILE-PDF Adobe Reader XFA relayoutPageArea JavaScript out of bounds memory access attempt (more info ...) | attempted-user | 2016-6947 | URL | ||
| 40642 | FILE-PDF Adobe Reader XFA relayoutPageArea JavaScript out of bounds memory access attempt (more info ...) | attempted-user | 2016-6947 | URL | ||
| 40653 | BROWSER-IE Microsoft Internet Explorer msSaveBlob use after free attempt (more info ...) | attempted-admin | 2016-7196 | URL | ||
| 40654 | BROWSER-IE Microsoft Internet Explorer msSaveBlob use after free attempt (more info ...) | attempted-admin | 2016-7196 | URL | ||
| 40655 | BROWSER-IE Microsoft Internet Explorer Chakra.dll Array.filter type confusion attempt (more info ...) | attempted-user | 2016-7200 | URL | ||
| 40656 | BROWSER-IE Microsoft Internet Explorer Chakra.dll Array.filter type confusion attempt (more info ...) | attempted-user | 2016-7200 | URL | ||
| 40703 | BROWSER-IE Microsoft Internet Explorer UIAnimaation.dll use after free attempt (more info ...) | attempted-user | 2016-7205 | URL | ||
| 40704 | BROWSER-IE Microsoft Internet Explorer UIAnimaation.dll use after free attempt (more info ...) | attempted-user | 2016-7205 | URL | ||
| 40707 | FILE-PDF Adobe Reader JavaScript use after free attempt (more info ...) | attempted-user | 2016-6944 | URL | ||
| 40708 | FILE-PDF Adobe Reader JavaScript use after free attempt (more info ...) | attempted-user | 2016-6944 | URL | ||
| 40721 | BROWSER-IE Microsoft Internet Explorer print preview information disclosure attempt (more info ...) | attempted-recon | 2016-7227 | URL | ||
| 40722 | BROWSER-IE Microsoft Internet Explorer print preview information disclosure attempt (more info ...) | attempted-recon | 2016-7227 | URL | ||
| 40731 | BROWSER-IE Microsoft Internet Explorer CDeskBand use-after-free attempt (more info ...) | attempted-user | 2015-2548 | URL | ||
| 40732 | BROWSER-IE Microsoft Internet Explorer CDeskBand use-after-free attempt (more info ...) | attempted-user | 2015-2548 | URL | ||
| 40787 | BROWSER-IE Microsoft Internet Explorer iertutil.dll long UNC redirect out of bounds read attempt (more info ...) | attempted-user | 2016-3327 | URL | ||
| 40788 | BROWSER-IE Microsoft Internet Explorer iertutil.dll long UNC redirect out of bounds read attempt (more info ...) | attempted-user | 2016-3327 | URL | ||
| 40825 | FILE-PDF Adobe Reader JavaScript recursive calls memory corruption attempt (more info ...) | attempted-user | 2016-6970 | URL | ||
| 40826 | FILE-PDF Adobe Reader JavaScript recursive calls memory corruption attempt (more info ...) | attempted-user | 2016-6970 | URL | ||
| 40888 | BROWSER-FIREFOX Mozilla Firefox ESR NotifyTimeChange use after free attempt (more info ...) | attempted-user | 2016-9079 | URL | ||
| 40896 | BROWSER-FIREFOX Mozilla Firefox ESR NotifyTimeChange use after free attempt (more info ...) | attempted-user | 2016-9079 | URL | ||
| 40971 | BROWSER-IE Microsoft Edge spread operator memory corruption attempt (more info ...) | attempted-user | 2016-7297 | URL | ||
| 40972 | BROWSER-IE Microsoft Edge spread operator memory corruption attempt (more info ...) | attempted-user | 2016-7297 | URL | ||
| 40973 | BROWSER-IE Microsoft Edge spread operator memory corruption attempt (more info ...) | attempted-user | 2016-7296 | URL | ||
| 40974 | BROWSER-IE Microsoft Edge spread operator memory corruption attempt (more info ...) | attempted-user | 2016-7296 | URL | ||
| 40982 | FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (more info ...) | attempted-admin | 2016-7272 | URL | ||
| 40983 | FILE-OTHER Microsoft Internet Explorer malformed ico integer overflow attempt (more info ...) | attempted-admin | 2016-7272 | URL | ||
| 40986 | BROWSER-IE Microsoft Internet Explorer title integer overflow attempt (more info ...) | attempted-user | 2016-7279 | URL | ||
| 40987 | BROWSER-IE Microsoft Internet Explorer title integer overflow attempt (more info ...) | attempted-user | 2016-7279 | URL | ||
| 40988 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2016-7283 | URL | ||
| 40989 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2016-7283 | URL | ||
| 40992 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | attempted-recon | 2016-7284 | URL | ||
| 40993 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | attempted-recon | 2016-7284 | URL | ||
| 41086 | SERVER-WEBAPP Oracle Opera Property Management System ProcessInfo command injection attempt (more info ...) | web-application-attack | 2016-5563 | 93768 | URL | |
| 41087 | SERVER-WEBAPP Oracle Opera Property Management System ProcessInfo command injection attempt (more info ...) | web-application-attack | 2016-5563 | 93768 | URL | |
| 41150 | FILE-PDF Adobe Acrobat Reader JavaScript navigation pane use after free attempt (more info ...) | attempted-user | 2017-2957 | URL | ||
| 41151 | FILE-PDF Adobe Acrobat Reader JavaScript navigation pane use after free attempt (more info ...) | attempted-user | 2017-2957 | URL | ||
| 41152 | FILE-PDF Adobe Acrobat Reader Forms Data Format embedded javascript attempt (more info ...) | attempted-user | 2017-2947 | URL | ||
| 41153 | FILE-PDF Adobe Acrobat Reader Forms Data Format embedded javascript attempt (more info ...) | attempted-user | 2017-2947 | URL | ||
| 41405 | BROWSER-IE Microsoft Internet Explorer object property change use after free attempt (more info ...) | attempted-user | 2015-0048 | URL | ||
| 41406 | BROWSER-IE Microsoft Internet Explorer object property change use after free attempt (more info ...) | attempted-user | 2015-0048 | URL | ||
| 41422 | BROWSER-PLUGINS Mozilla Firefox generatecrmfrequest policy function call access attempt (more info ...) | attempted-user | 2013-1710 | 61900 | URL | |
| 41423 | BROWSER-PLUGINS Mozilla Firefox generatecrmfrequest policy function call access attempt (more info ...) | attempted-user | 2013-1710 | 61900 | URL | |
| 41450 | BROWSER-IE Microsoft Internet Explorer CElement object use after free attempt (more info ...) | attempted-user | 2013-3846 | URL | ||
| 41451 | BROWSER-IE Microsoft Internet Explorer CElement object use after free attempt (more info ...) | attempted-user | 2013-3846 | URL | ||
| 41474 | BROWSER-IE Microsoft Internet Explorer 7 CTreeNode object remote code execution attempt (more info ...) | attempted-user | 2014-6366 | URL | ||
| 41475 | BROWSER-IE Microsoft Internet Explorer 7 CTreeNode object remote code execution attempt (more info ...) | attempted-user | 2014-6366 | URL | ||
| 41555 | BROWSER-IE Microsoft Internet Explorer use asm memory corruption attempt (more info ...) | attempted-user | 2016-0010 | URL | ||
| 41556 | BROWSER-IE Microsoft Internet Explorer use asm memory corruption attempt (more info ...) | attempted-user | 2016-0010 | URL | ||
| 41561 | BROWSER-IE Microsoft Internet Explorer array proto chain manipulation memory corruption attempt (more info ...) | attempted-user | 2017-0032 | URL | ||
| 41562 | BROWSER-IE Microsoft Internet Explorer array proto chain manipulation memory corruption attempt (more info ...) | attempted-user | 2017-0032 | URL | ||
| 41583 | BROWSER-IE Microsoft Internet Explorer DOMAttrModified event use after free attempt (more info ...) | attempted-user | 2017-0009 | URL | ||
| 41584 | BROWSER-IE Microsoft Internet Explorer DOMAttrModified event use after free attempt (more info ...) | attempted-user | 2017-0009 | URL | ||
| 41585 | BROWSER-IE Microsoft Internet Explorer mutated scope with generator memory corruption attempt (more info ...) | attempted-user | 2017-0049 | URL | ||
| 41586 | BROWSER-IE Microsoft Internet Explorer mutated scope with generator memory corruption attempt (more info ...) | attempted-user | 2017-0049 | URL | ||
| 41587 | BROWSER-IE Microsoft Internet Explorer Array out of bounds memory corruption (more info ...) | attempted-user | 2017-0040 | URL | ||
| 41588 | BROWSER-IE Microsoft Internet Explorer Array out of bounds memory corruption (more info ...) | attempted-user | 2017-0040 | URL | ||
| 41589 | BROWSER-IE Microsoft Internet Explorer CHtmlTab use after free attempt (more info ...) | attempted-user | 2017-0018 | URL | ||
| 41590 | BROWSER-IE Microsoft Internet Explorer CHtmlTab use after free attempt (more info ...) | attempted-user | 2017-0018 | URL | ||
| 41599 | BROWSER-IE Microsoft Internet Explorer CPeerHolder use after free attempt (more info ...) | attempted-user | 2015-0022 | URL | ||
| 41600 | BROWSER-IE Microsoft Internet Explorer CPeerHolder use after free attempt (more info ...) | attempted-user | 2015-0022 | URL | ||
| 41718 | BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (more info ...) | attempted-user | 2004-1050 | 11515 | ||
| 41719 | BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (more info ...) | attempted-user | 2004-1050 | 11515 | ||
| 41720 | BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (more info ...) | attempted-user | 2004-1050 | 11515 | ||
| 41745 | FILE-MULTIMEDIA Chrome Pepper Flash Player SampleCount heap overflow attempt (more info ...) | attempted-user | 2017-2992 | URL | ||
| 41746 | FILE-MULTIMEDIA Chrome Pepper Flash Player SampleCount heap overflow attempt (more info ...) | attempted-user | 2017-2992 | URL | ||
| 41797 | BROWSER-IE Microsoft Internet Explorer loadXML parseError.errorCode information disclosure attempt (more info ...) | attempted-user | 2017-0022 | URL | ||
| 41798 | BROWSER-IE Microsoft Internet Explorer loadXML parseError.errorCode information disclosure attempt (more info ...) | attempted-user | 2017-0022 | URL | ||
| 41911 | BROWSER-IE Microsoft Internet Explorer Chakra.dll proxy object prototype return type confusion attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 41912 | BROWSER-IE Microsoft Internet Explorer Chakra.dll proxy object prototype return type confusion attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 41954 | BROWSER-IE Microsoft Internet Explorer textarea type confusion attempt (more info ...) | attempted-user | 2017-8652 | URL | ||
| 41955 | BROWSER-IE Microsoft Internet Explorer textarea type confusion attempt (more info ...) | attempted-user | 2017-8652 | URL | ||
| 41956 | BROWSER-IE Microsoft Internet Explorer arguments type confusion attempt (more info ...) | attempted-user | 2017-0130 | URL | ||
| 41957 | BROWSER-IE Microsoft Internet Explorer arguments type confusion attempt (more info ...) | attempted-user | 2017-0130 | URL | ||
| 42152 | BROWSER-IE Microsoft Edge JavaScript string object type confusion attempt (more info ...) | attempted-user | 2017-0201 | |||
| 42153 | BROWSER-IE Microsoft Edge JavaScript string object type confusion attempt (more info ...) | attempted-user | 2017-0201 | |||
| 42156 | BROWSER-IE Microsoft Internet Explorer recordset use after free attempt (more info ...) | attempted-user | 2017-0158 | |||
| 42157 | BROWSER-IE Microsoft Internet Explorer recordset use after free attempt (more info ...) | attempted-user | 2017-0158 | |||
| 42165 | BROWSER-IE Microsoft Internet Explorer type confusion vulnerability attempt (more info ...) | attempted-user | 2017-0202 | |||
| 42166 | BROWSER-IE Microsoft Internet Explorer type confusion vulnerability attempt (more info ...) | attempted-user | 2017-0202 | |||
| 42175 | FILE-PDF Adobe Reader JavaScript API documentToStream use after free attempt (more info ...) | attempted-user | 2017-3057 | URL | ||
| 42176 | FILE-PDF Adobe Reader JavaScript API documentToStream use after free attempt (more info ...) | attempted-user | 2017-3057 | URL | ||
| 42201 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 42202 | FILE-PDF Adobe Reader JavaScript string from stream memory corruption attempt (more info ...) | attempted-user | 2017-3056 | URL | ||
| 42203 | FILE-PDF Adobe Reader JavaScript string from stream memory corruption attempt (more info ...) | attempted-user | 2017-3056 | URL | ||
| 42204 | BROWSER-IE Microsoft Internet Explorer htmlFile ActiveX control universal XSS attempt (more info ...) | attempted-user | 2017-0210 | |||
| 42205 | BROWSER-IE Microsoft Internet Explorer htmlFile ActiveX control universal XSS attempt (more info ...) | attempted-user | 2017-0210 | |||
| 42414 | FILE-PDF Adobe PDF JavaScript engine use after free memory corruption attempt (more info ...) | attempted-user | 2017-3047 | URL | ||
| 42415 | FILE-PDF Adobe PDF JavaScript engine use after free memory corruption attempt (more info ...) | attempted-user | 2017-3047 | URL | ||
| 42416 | BROWSER-IE Microsoft Internet Explorer IE11 memory corruption attempt (more info ...) | attempted-user | 2015-1752 | URL | ||
| 42417 | BROWSER-IE Microsoft Internet Explorer IE8 mode menu tag out-of-bounds access attempt (more info ...) | attempted-user | 2015-1752 | URL | ||
| 42932 | FILE-FLASH Adobe Flash Player javascript decompressor use after free attempt (more info ...) | attempted-user | 2017-3037 | URL | ||
| 42933 | FILE-FLASH Adobe Flash Player javascript decompressor use after free attempt (more info ...) | attempted-user | 2017-3037 | URL | ||
| 43007 | SERVER-OTHER HP Operations Orchestration unauthorized serialized object attempt (more info ...) | attempted-user | 2016-8519 | URL | ||
| 43056 | OS-WINDOWS Microsoft Windows MsMpEng JavaScript garbage collection use after free attempt (more info ...) | attempted-admin | 2017-8541 | URL | ||
| 43057 | OS-WINDOWS Microsoft Windows MsMpEng JavaScript garbage collection use after free attempt (more info ...) | attempted-admin | 2017-8541 | URL | ||
| 43117 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 43118 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 43155 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2017-8547 | |||
| 43156 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2017-8547 | |||
| 43337 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 43338 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2013-3163 | URL | ||
| 43346 | BROWSER-FIREFOX Mozilla Firefox domFuzzLite3 table use after free attempt (more info ...) | attempted-admin | 2017-5404 | |||
| 43347 | BROWSER-FIREFOX Mozilla Firefox domFuzzLite3 table use after free attempt (more info ...) | attempted-admin | 2017-5404 | |||
| 43497 | BROWSER-IE Microsoft Internet Explorer EPM brokercreatefile file access bypass attempt (more info ...) | policy-violation | 2017-3080 | URL | ||
| 43498 | BROWSER-IE Microsoft Internet Explorer EPM brokercreatefile file access bypass attempt (more info ...) | policy-violation | 2017-3080 | URL | ||
| 43521 | BROWSER-IE Microsoft Internet Explorer 11 type confusion vulnerability attempt (more info ...) | attempted-user | 2017-8594 | |||
| 43522 | BROWSER-IE Microsoft Internet Explorer 11 type confusion vulnerability attempt (more info ...) | attempted-user | 2017-8594 | |||
| 43758 | BROWSER-IE Microsoft Internet Explorer CTravelEntry use after free attempt (more info ...) | attempted-user | 2016-0113 | URL | ||
| 43759 | BROWSER-IE Microsoft Internet Explorer CTravelEntry use after free attempt (more info ...) | attempted-user | 2016-0113 | URL | ||
| 43779 | BROWSER-FIREFOX Mozilla multiple products SharedWorker MessagePort memory corruption attempt (more info ...) | attempted-user | 2014-1548 | 68818 | URL | |
| 43961 | FILE-PDF Adobe Acrobat Reader Forms Data Format embedded javascript attempt (more info ...) | attempted-user | 2017-11229 | URL | ||
| 43962 | FILE-PDF Adobe Acrobat Reader Forms Data Format embedded javascript attempt (more info ...) | attempted-user | 2017-11229 | URL | ||
| 44098 | FILE-PDF Multiple products PDF JavaScript launchURL command injection and remote code execution attempt (more info ...) | attempted-user | 2017-7442 | |||
| 44315 | SERVER-WEBAPP Java XML deserialization remote code execution attempt (more info ...) | attempted-admin | 2017-9805 | URL | ||
| 44342 | BROWSER-IE Internet Explorer WeakMap Freeze memory corruption attempt (more info ...) | attempted-user | 2017-8750 | URL | ||
| 44343 | BROWSER-IE Internet Explorer WeakMap Freeze memory corruption attempt (more info ...) | attempted-user | 2017-8750 | URL | ||
| 44350 | BROWSER-IE Microsoft Internet Explorer object use after free attempt (more info ...) | attempted-user | 2017-8749 | URL | ||
| 44356 | BROWSER-IE Microsoft Internet Explorer CSS padding property memory corruption attempt (more info ...) | attempted-user | 2017-8747 | URL | ||
| 44357 | BROWSER-IE Microsoft Internet Explorer CSS padding property memory corruption attempt (more info ...) | attempted-user | 2017-8747 | URL | ||
| 44510 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11810 | URL | ||
| 44511 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11810 | URL | ||
| 44512 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2017-11822 | URL | ||
| 44513 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2017-11822 | URL | ||
| 44526 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2017-8727 | URL | ||
| 44527 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2017-8727 | URL | ||
| 44530 | SERVER-WEBAPP HP Intelligent Management Center DeviceService Java expression language injection attempt (more info ...) | attempted-admin | 2017-12491 | 100367 | URL | |
| 44534 | SERVER-WEBAPP HP IMC wmiConfigContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12526 | 100367 | URL | |
| 44535 | SERVER-WEBAPP HP IMC wmiConfigContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12526 | 100367 | URL | |
| 44536 | SERVER-WEBAPP HP IMC wmiConfigContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12526 | 100367 | URL | |
| 44607 | SERVER-WEBAPP HP IMC userSelectPagingContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12521 | 100367 | URL | |
| 44608 | SERVER-WEBAPP HP IMC userSelectPagingContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12521 | 100367 | URL | |
| 44609 | SERVER-WEBAPP HP IMC userSelectPagingContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12521 | 100367 | URL | |
| 44642 | SERVER-WEBAPP HP Intelligent Management Center getSelInsBean Java expression language injection attempt (more info ...) | attempted-admin | 2017-12490 | 100367 | URL | |
| 44829 | BROWSER-IE Microsoft Internet Explorer array memory corruption attempt (more info ...) | attempted-user | 2017-11856 | URL | ||
| 44830 | BROWSER-IE Microsoft Internet Explorer array memory corruption attempt (more info ...) | attempted-user | 2017-11856 | URL | ||
| 44856 | FILE-PDF Adobe Acrobat Reader XI JavaScript annotation use after free attempt (more info ...) | attempted-user | 2017-16393 | URL | ||
| 44857 | FILE-PDF Adobe Acrobat Reader XI JavaScript annotation use after free attempt (more info ...) | attempted-user | 2017-16393 | URL | ||
| 44900 | FILE-PDF Adobe Reader PDF embedded javascript events use after free attempt (more info ...) | attempted-user | 2017-16389 | URL | ||
| 44901 | FILE-PDF Adobe Reader PDF embedded javascript events use after free attempt (more info ...) | attempted-user | 2017-16389 | URL | ||
| 44955 | FILE-PDF Adobe Acrobat Reader JavaScript infinite recursion heap overflow attempt (more info ...) | attempted-user | 2017-16419 | URL | ||
| 44956 | FILE-PDF Adobe Acrobat Reader JavaScript infinite recursion heap overflow attempt (more info ...) | attempted-user | 2017-16419 | URL | ||
| 44978 | BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (more info ...) | attempted-user | 2009-3382 | 36866 | URL | |
| 45121 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2018-8297 | URL | ||
| 45122 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-user | 2018-8297 | URL | ||
| 45138 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11890 | URL | ||
| 45139 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11890 | URL | ||
| 45144 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11901 | URL | ||
| 45145 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2017-11901 | URL | ||
| 45146 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | misc-activity | 2017-11903 | URL | ||
| 45147 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | misc-activity | 2017-11903 | URL | ||
| 45148 | BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (more info ...) | attempted-user | 2017-11907 | URL | ||
| 45149 | BROWSER-IE Microsoft Internet Explorer Array out of bounds write attempt (more info ...) | attempted-user | 2017-11907 | URL | ||
| 45155 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2017-11911 | URL | ||
| 45156 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2017-11911 | URL | ||
| 45171 | BROWSER-FIREFOX Mozilla Firefox buffer overflow attempt (more info ...) | attempted-user | 2004-0902 | URL | ||
| 45172 | BROWSER-FIREFOX Mozilla Firefox buffer overflow attempt (more info ...) | attempted-user | 2004-0902 | URL | ||
| 45177 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45178 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45179 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45180 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45181 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45182 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45183 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45184 | BROWSER-FIREFOX Mozilla Firefox SOAPParameter integer overflow attempt (more info ...) | attempted-user | 2004-0722 | URL | ||
| 45212 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2016-7283 | URL | ||
| 45213 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2016-7283 | URL | ||
| 45267 | POLICY-OTHER CoinHive Miner Javascript library download detected (more info ...) | policy-violation | URL | |||
| 45673 | BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (more info ...) | attempted-user | 2018-0866 | URL | ||
| 45674 | BROWSER-IE Microsoft Internet Explorer localeCompare use after free attempt (more info ...) | attempted-user | 2018-0866 | URL | ||
| 45677 | SERVER-WEBAPP HP IMC mibBrowser arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-12556 | 101152 | URL | |
| 45695 | FILE-PDF Adobe Acrobat Reader JavaScript XFA engine use after free attempt (more info ...) | attempted-user | 2018-4913 | URL | ||
| 45696 | FILE-PDF Adobe Acrobat Reader JavaScript XFA engine use after free attempt (more info ...) | attempted-user | 2018-4913 | URL | ||
| 45774 | SERVER-WEBAPP HP IMC operatorGroupSelectContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12524 | 100367 | URL | |
| 45775 | SERVER-WEBAPP HP IMC operatorGroupSelectContent Java expression language injection attempt (more info ...) | attempted-admin | 2017-12524 | 100367 | URL | |
| 45790 | SERVER-WEBAPP Jenkins Java SignedObject deserialization command execution attempt (more info ...) | attempted-admin | 2017-1000353 | URL | ||
| 45805 | SERVER-WEBAPP HP IMC guiDataDetail Java expression language injection attempt (more info ...) | attempted-admin | 2017-12523 | 100367 | URL | |
| 45806 | SERVER-WEBAPP HP IMC guiDataDetail Java expression language injection attempt (more info ...) | attempted-admin | 2017-12523 | 100367 | URL | |
| 45870 | SERVER-WEBAPP Cisco ACS unsafe Java object deserialization attempt (more info ...) | attempted-admin | 2018-0147 | URL | ||
| 45877 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8353 | URL | ||
| 45878 | BROWSER-IE Microsoft Internet Explorer scripting engine memory corruption attempt (more info ...) | attempted-user | 2018-8353 | URL | ||
| 45887 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | misc-activity | 2018-0889 | URL | ||
| 45888 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | misc-activity | 2018-0889 | URL | ||
| 45953 | SERVER-WEBAPP HP IMC mediaForAction Java expression language injection attempt (more info ...) | attempted-admin | 2017-12494 | 100367 | URL | |
| 45954 | SERVER-WEBAPP HP IMC mediaForAction Java expression language injection attempt (more info ...) | attempted-admin | 2017-12494 | 100367 | URL | |
| 45957 | SERVER-WEBAPP HP IMC iccSelectDeviceSeries Java expression language injection attempt (more info ...) | attempted-admin | 2017-12510 | 100367 | URL | |
| 45958 | SERVER-WEBAPP HP IMC iccSelectDeviceSeries Java expression language injection attempt (more info ...) | attempted-admin | 2017-12510 | 100367 | URL | |
| 46198 | BROWSER-IE Microsoft Internet Explorer Vbscript String out of bounds write (more info ...) | attempted-user | 2018-0988 | URL | ||
| 46199 | BROWSER-IE Microsoft Internet Explorer Vbscript String out of bounds write (more info ...) | attempted-user | 2018-0988 | URL | ||
| 46204 | BROWSER-IE Microsoft Internet Explorer array use after free attempt (more info ...) | attempted-user | 2018-1018 | URL | ||
| 46205 | BROWSER-IE Microsoft Internet Explorer array use after free attempt (more info ...) | attempted-user | 2018-1018 | URL | ||
| 46220 | BROWSER-IE Microsoft Internet Explorer object use after free attempt (more info ...) | attempted-user | 2018-0997 | URL | ||
| 46221 | BROWSER-IE Microsoft Internet Explorer object use after free attempt (more info ...) | attempted-user | 2018-0997 | URL | ||
| 46228 | BROWSER-IE Microsoft Internet Explorer javascript memory corruption attempt (more info ...) | attempted-user | 2018-1001 | URL | ||
| 46229 | BROWSER-IE Microsoft Internet Explorer JavaScript memory corruption attempt (more info ...) | attempted-user | 2018-1001 | URL | ||
| 46243 | BROWSER-IE Microsoft Internet Explorer embedSWF use after free exploit attempt (more info ...) | attempted-user | 2018-0870 | URL | ||
| 46244 | BROWSER-IE Microsoft Internet Explorer embedSWF use after free exploit attempt (more info ...) | attempted-user | 2018-0870 | URL | ||
| 46245 | BROWSER-IE Microsoft Internet Explorer embedSWF use after free exploit attempt (more info ...) | attempted-user | 2018-0870 | URL | ||
| 46246 | BROWSER-IE Microsoft Internet Explorer embedSWF use after free exploit attempt (more info ...) | attempted-user | 2018-0870 | URL | ||
| 46384 | BROWSER-IE Internet Explorer URL file remote code execution attempt detected (more info ...) | attempted-user | 2016-3353 | URL | ||
| 46385 | BROWSER-IE Internet Explorer URL file remote code execution attempt detected (more info ...) | attempted-user | 2016-3353 | URL | ||
| 46414 | PUA-OTHER Mineralt JavaScript cryptocurrency mining attempt (more info ...) | misc-attack | URL | |||
| 46415 | PUA-OTHER obfuscated cryptomining javascript download attempt (more info ...) | misc-attack | URL | |||
| 46549 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-admin | 2019-1390 | |||
| 46554 | BROWSER-IE Microsoft Internet Explorer Regexp use after free attempt (more info ...) | attempted-user | 2019-0666 | URL | ||
| 46555 | BROWSER-IE Microsoft Internet Explorer Regexp use after free attempt (more info ...) | attempted-user | 2019-0666 | URL | ||
| 46594 | BROWSER-IE Microsoft Internet Explorer prototype type confusion attempt (more info ...) | attempted-admin | 2018-8122 | URL | ||
| 46595 | BROWSER-IE Microsoft Internet Explorer prototype type confusion attempt (more info ...) | attempted-admin | 2018-8122 | URL | ||
| 46653 | FILE-PDF Adobe Acrobat Reader JavaScript data structure use after free attempt (more info ...) | attempted-user | 2018-4983 | URL | ||
| 46654 | FILE-PDF Adobe Acrobat Reader JavaScript data structure use after free attempt (more info ...) | attempted-user | 2018-4983 | URL | ||
| 46657 | FILE-PDF Adobe Acrobat Reader JavaScript Engine annotations use after free attempt (more info ...) | attempted-user | 2018-4958 | URL | ||
| 46658 | FILE-PDF Adobe Acrobat Reader JavaScript Engine annotations use after free attempt (more info ...) | attempted-user | 2018-4958 | URL | ||
| 46721 | FILE-PDF Adobe Acrobat Reader JavaScript annotation use after free attempt (more info ...) | attempted-user | 2018-4961 | URL | ||
| 46722 | FILE-PDF Adobe Acrobat Reader JavaScript annotation use after free attempt (more info ...) | attempted-user | 2018-4961 | URL | ||
| 46745 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-admin | ||||
| 46746 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-admin | ||||
| 46912 | BROWSER-FIREFOX Mozilla multiple products JavaScript string replace buffer overflow attempt (more info ...) | attempted-user | 2009-3075 | 36343 | ||
| 46913 | BROWSER-FIREFOX Mozilla multiple products JavaScript string replace buffer overflow attempt (more info ...) | attempted-user | 2009-3075 | 36343 | ||
| 46937 | INDICATOR-SHELLCODE ysoserial Java object deserialization exploit attempt (more info ...) | shellcode-detect | 2020-36239 | |||
| 46944 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8249 | URL | ||
| 46945 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8249 | URL | ||
| 46951 | BROWSER-IE Microsoft Internet Explorer 11 JScript use-after-free attempt (more info ...) | attempted-user | 2018-8267 | URL | ||
| 46952 | BROWSER-IE Microsoft Internet Explorer 11 JScript use-after-free attempt (more info ...) | attempted-user | 2018-8267 | URL | ||
| 47091 | BROWSER-IE Microsoft Internet Explorer crafted UNC path sandbox escape attempt (more info ...) | attempted-user | 2018-0949 | URL | ||
| 47092 | BROWSER-IE Microsoft Internet Explorer crafted UNC path sandbox escape attempt (more info ...) | attempted-user | 2018-0949 | URL | ||
| 47151 | BROWSER-IE Microsoft Internet Explorer CTravelEntry use after free attempt (more info ...) | attempted-user | 2016-0113 | URL | ||
| 47152 | BROWSER-IE Microsoft Internet Explorer CTravelEntry use after free attempt (more info ...) | attempted-user | 2016-0113 | URL | ||
| 47189 | FILE-PDF Adobe Reader JavaScript field manipulation out-of-bounds read attempt (more info ...) | attempted-user | 2018-5022 | URL | ||
| 47190 | FILE-PDF Adobe Reader JavaScript field manipulation out-of-bounds read attempt (more info ...) | attempted-user | 2018-5022 | URL | ||
| 47212 | FILE-PDF Adobe Reader JavaScript form field manipulation out-of-bounds read attempt (more info ...) | attempted-user | 2018-5023 | URL | ||
| 47213 | FILE-PDF Adobe Reader JavaScript form field manipulation out-of-bounds read attempt (more info ...) | attempted-user | 2018-5023 | URL | ||
| 47214 | FILE-PDF Adobe Reader JavaScript annotation objects out-of-bounds read attempt (more info ...) | attempted-user | 2018-5024 | URL | ||
| 47215 | FILE-PDF Adobe Reader JavaScript annotation objects out-of-bounds read attempt (more info ...) | attempted-user | 2018-5024 | URL | ||
| 47221 | FILE-PDF Adobe Reader JavaScript object prototype defineSetter out-of-bounds read attempt (more info ...) | attempted-user | 2018-5025 | URL | ||
| 47222 | FILE-PDF Adobe Reader JavaScript object prototype defineSetter out-of-bounds read attempt (more info ...) | attempted-user | 2018-5025 | URL | ||
| 47227 | FILE-PDF Adobe Acrobat Reader JavaScript annotation out of bound read attempt (more info ...) | attempted-user | 2018-5066 | URL | ||
| 47228 | FILE-PDF Adobe Acrobat Reader JavaScript annotation out of bound read attempt (more info ...) | attempted-user | 2018-5066 | URL | ||
| 47270 | FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (more info ...) | attempted-user | 2018-5064 | URL | ||
| 47271 | FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (more info ...) | attempted-user | 2018-5064 | URL | ||
| 47287 | FILE-PDF Adobe Reader JavaScript XSLT parsing out-of-bounds read attempt (more info ...) | attempted-user | 2018-5063 | URL | ||
| 47288 | FILE-PDF Adobe Reader JavaScript XSLT parsing out-of-bounds read attempt (more info ...) | attempted-user | 2018-5063 | URL | ||
| 47289 | FILE-PDF Adobe Reader JavaScript exportAsFDFStr out-of-bounds write attempt (more info ...) | attempted-user | 2018-5021 | URL | ||
| 47290 | FILE-PDF Adobe Reader JavaScript exportAsFDFStr out-of-bounds write attempt (more info ...) | attempted-user | 2018-5021 | URL | ||
| 47291 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 47292 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 47293 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 47294 | BROWSER-IE Microsoft Internet Explorer CTreePos type confusion attempt (more info ...) | attempted-user | 2016-0108 | URL | ||
| 47310 | BROWSER-IE Microsoft Internet Explorer page layout use after free attempt (more info ...) | attempted-user | 2016-3288 | URL | ||
| 47311 | BROWSER-IE Microsoft Internet Explorer page layout use after free attempt (more info ...) | attempted-user | 2016-3288 | URL | ||
| 47484 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8389 | URL | ||
| 47485 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8389 | URL | ||
| 47591 | BROWSER-IE Microsoft Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2018-8373 | URL | ||
| 47592 | BROWSER-IE Microsoft Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2018-8373 | URL | ||
| 47730 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8447 | URL | ||
| 47731 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8447 | URL | ||
| 47738 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8461 | URL | ||
| 47739 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2018-8461 | URL | ||
| 47747 | BROWSER-IE Microsoft Internet Explorer MSXML use after free attempt (more info ...) | attempted-user | 2018-8420 | URL | ||
| 47748 | BROWSER-IE Microsoft Internet Explorer MSXML use after free attempt (more info ...) | attempted-user | 2018-8420 | URL | ||
| 47924 | FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (more info ...) | attempted-user | 2018-12769 | URL | ||
| 47925 | FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (more info ...) | attempted-user | 2018-12769 | URL | ||
| 47928 | FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (more info ...) | attempted-user | 2018-12832 | URL | ||
| 47929 | FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (more info ...) | attempted-user | 2018-12832 | URL | ||
| 47930 | FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (more info ...) | attempted-user | 2018-12846 | URL | ||
| 47931 | FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (more info ...) | attempted-user | 2018-12846 | URL | ||
| 47947 | FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (more info ...) | attempted-user | 2018-15920 | URL | ||
| 47948 | FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (more info ...) | attempted-user | 2018-15920 | URL | ||
| 47963 | FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (more info ...) | attempted-user | 2019-7078 | URL | ||
| 47964 | FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (more info ...) | attempted-user | 2019-7078 | URL | ||
| 47965 | FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (more info ...) | attempted-user | 2018-12836 | URL | ||
| 47966 | FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (more info ...) | attempted-user | 2018-12836 | URL | ||
| 47973 | FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (more info ...) | attempted-user | 2018-15924 | URL | ||
| 47974 | FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (more info ...) | attempted-user | 2018-15924 | URL | ||
| 48000 | FILE-PDF Adobe Reader JavaScript pointer offset out-of-bounds read attempt (more info ...) | attempted-user | 2018-15921 | URL | ||
| 48001 | FILE-PDF Adobe Reader JavaScript pointer offset out-of-bounds read attempt (more info ...) | attempted-user | 2018-15921 | URL | ||
| 48016 | FILE-IMAGE Adobe Acrobat Reader malformed JavaScript input out of bounds read attempt (more info ...) | attempted-user | 2018-15922 | URL | ||
| 48017 | FILE-IMAGE Adobe Acrobat Reader malformed JavaScript input out of bounds read attempt (more info ...) | attempted-user | 2018-15922 | URL | ||
| 48018 | FILE-PDF Adobe Reader malformed JavaScript input out of bounds read attempt (more info ...) | attempted-user | 2018-15923 | URL | ||
| 48019 | FILE-PDF Adobe Reader malformed JavaScript input out of bounds read attempt (more info ...) | attempted-user | 2018-15923 | URL | ||
| 48020 | FILE-PDF Adobe Acrobat Reader malformed JavaScript input out of bounds read attempt (more info ...) | attempted-user | 2018-15925 | URL | ||
| 48021 | FILE-PDF Adobe Acrobat Reader malformed JavaScript input out of bounds read attempt (more info ...) | attempted-user | 2018-15925 | URL | ||
| 48049 | BROWSER-IE Microsoft Internet Explorer import key use-after-free attempt (more info ...) | attempted-user | 2018-8491 | URL | ||
| 48050 | BROWSER-IE Microsoft Internet Explorer import key use-after-free attempt (more info ...) | attempted-user | 2018-8491 | URL | ||
| 48368 | BROWSER-IE Microsoft Internet Explorer VBScript Engine remote code execution attempt (more info ...) | attempted-user | 2018-8552 | URL | ||
| 48369 | BROWSER-IE Microsoft Internet Explorer VBScript Engine remote code execution attempt (more info ...) | attempted-admin | 2018-8552 | URL | ||
| 48370 | BROWSER-IE Microsoft Internet Explorer DirectX information disclosure attempt (more info ...) | attempted-user | 2018-8563 | URL | ||
| 48371 | BROWSER-IE Microsoft Internet Explorer DirectX information disclosure attempt (more info ...) | attempted-user | 2018-8563 | URL | ||
| 48372 | BROWSER-IE Microsoft Internet Explorer VBScript Engine remote code execution attempt (more info ...) | attempted-admin | 2018-8544 | URL | ||
| 48373 | BROWSER-IE Microsoft Internet Explorer VBScript Engine remote code execution attempt (more info ...) | attempted-user | 2018-8544 | URL | ||
| 48517 | BROWSER-IE Microsoft Internet Explorer Chakra engine memory corruption attempt (more info ...) | attempted-user | 2018-8624 | URL | ||
| 48518 | BROWSER-IE Microsoft Internet Explorer Chakra engine memory corruption attempt (more info ...) | attempted-admin | 2018-8624 | URL | ||
| 48531 | BROWSER-IE Microsoft Internet Explorer 11 VBScript execution policy bypass attempt (more info ...) | attempted-user | 2018-8619 | URL | ||
| 48532 | BROWSER-IE Microsoft Internet Explorer 11 VBScript execution policy bypass attempt (more info ...) | attempted-user | 2018-8619 | URL | ||
| 48533 | BROWSER-IE Microsoft Internet Explorer Jscript.Encode out-of-bounds read attempt (more info ...) | attempted-user | 2018-8631 | URL | ||
| 48534 | BROWSER-IE Microsoft Internet Explorer Jscript.Encode out-of-bounds read attempt (more info ...) | attempted-admin | 2018-8631 | URL | ||
| 48564 | BROWSER-FIREFOX Mozilla Firefox javascript type confusion code execution attempt (more info ...) | attempted-user | 2018-12386 | URL | ||
| 48565 | BROWSER-FIREFOX Mozilla Firefox javascript type confusion code execution attempt (more info ...) | attempted-user | 2018-12386 | URL | ||
| 48596 | BROWSER-IE Microsoft Internet Explorer out-of-bounds read attempt (more info ...) | attempted-user | 2018-8643 | URL | ||
| 48597 | BROWSER-IE Microsoft Internet Explorer out-of-bounds read attempt (more info ...) | attempted-user | 2018-8643 | URL | ||
| 48625 | BROWSER-FIREFOX Mozilla Firefox method array.prototype.push remote code execution attempt (more info ...) | attempted-user | 2018-12387 | URL | ||
| 48626 | BROWSER-FIREFOX Mozilla Firefox method array.prototype.push remote code execution attempt (more info ...) | attempted-user | 2018-12387 | URL | ||
| 48693 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-user | 2018-8373 | URL | ||
| 48694 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-user | 2018-8373 | URL | ||
| 48695 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-user | 2018-8373 | URL | ||
| 48696 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-user | 2018-8373 | URL | ||
| 48697 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-user | ||||
| 48698 | BROWSER-IE Microsoft Internet Explorer VBScript remote code execution attempt (more info ...) | attempted-user | ||||
| 48699 | BROWSER-IE Microsoft Internet Explorer JavaScript engine downgrade detected (more info ...) | policy-violation | ||||
| 48700 | BROWSER-IE Microsoft Internet Explorer JavaScript engine downgrade detected (more info ...) | policy-violation | ||||
| 48701 | BROWSER-IE Microsoft Internet Explorer JavaScript engine memory corruption attempt (more info ...) | attempted-user | 2020-0674 | URL | ||
| 48702 | BROWSER-IE Microsoft Internet Explorer JavaScript engine memory corruption attempt (more info ...) | attempted-user | 2020-0674 | URL | ||
| 48750 | FILE-PDF Adobe Reader JavaScript resolveNode use-after-free attempt (more info ...) | attempted-user | 2018-19707 | URL | ||
| 48751 | FILE-PDF Adobe Reader JavaScript resolveNode use-after-free attempt (more info ...) | attempted-user | 2018-19707 | URL | ||
| 48756 | FILE-PDF Adobe Acrobat Reader JavaScript extractContents use after free attempt (more info ...) | attempted-user | 2018-15992 | URL | ||
| 48757 | FILE-PDF Adobe Acrobat Reader JavaScript extractContents use after free attempt (more info ...) | attempted-user | 2018-15992 | URL | ||
| 48782 | BROWSER-IE Microsoft Internet Explorer ProgID arbitrary code execution attempt (more info ...) | attempted-user | 2019-0541 | URL | ||
| 48783 | BROWSER-IE Microsoft Internet Explorer ProgID arbitrary code execution attempt (more info ...) | attempted-user | 2019-0541 | URL | ||
| 48816 | FILE-PDF Adobe Acrobat javascript based security bypass attempt (more info ...) | attempted-user | 2018-16044 | URL | ||
| 48817 | FILE-PDF Adobe Acrobat javascript based security bypass attempt (more info ...) | attempted-user | 2018-16044 | URL | ||
| 48848 | FILE-PDF Adobe Reader Javascript ANAuthenticateResource use-after-free attempt (more info ...) | attempted-user | 2018-16040 | URL | ||
| 48849 | FILE-PDF Adobe Reader Javascript ANAuthenticateResource use-after-free attempt (more info ...) | attempted-user | 2018-16040 | URL | ||
| 48898 | BROWSER-IE Microsoft Internet Explorer page layout use after free attempt (more info ...) | attempted-user | 2016-3288 | URL | ||
| 48899 | BROWSER-IE Microsoft Internet Explorer page layout use after free attempt (more info ...) | attempted-user | 2016-3288 | URL | ||
| 48942 | FILE-PDF Adobe Reader Javascript out-of-bounds read (more info ...) | attempted-user | 2018-16031 | URL | ||
| 48943 | FILE-PDF Adobe Reader Javascript out-of-bounds read (more info ...) | attempted-user | 2018-16031 | URL | ||
| 48944 | FILE-PDF Adobe Reader Javascript out-of-bounds read (more info ...) | attempted-user | 2018-16047 | URL | ||
| 48945 | FILE-PDF Adobe Reader Javascript out-of-bounds read (more info ...) | attempted-user | 2018-19701 | URL | ||
| 49081 | FILE-PDF Adobe Acrobat Reader JavaScript out-of-bounds read (more info ...) | attempted-user | 2018-16047 | URL | ||
| 49082 | FILE-PDF Adobe Acrobat Reader JavaScript out-of-bounds read (more info ...) | attempted-user | 2018-16047 | URL | ||
| 49120 | SERVER-WEBAPP HP IMC faultEventSelectBean Java expression language injection attempt (more info ...) | attempted-admin | 2017-12519 | URL | ||
| 49121 | SERVER-WEBAPP HP IMC faultEventSelectBean Java expression language injection attempt (more info ...) | attempted-admin | 2017-12519 | URL | ||
| 49126 | SERVER-WEBAPP HP IMC perfAddorModDeviceMonitorBean Java expression language injection attempt (more info ...) | attempted-admin | 2017-12520 | URL | ||
| 49127 | SERVER-WEBAPP HP IMC perfAddorModDeviceMonitorBean Java expression language injection attempt (more info ...) | attempted-admin | 2017-12520 | URL | ||
| 49155 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | attempted-user | 2019-0676 | URL | ||
| 49156 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | attempted-user | 2019-0676 | URL | ||
| 49196 | FILE-PDF Adobe Acrobat JavaScript defineProperty memory corruption attempt (more info ...) | attempted-user | 2018-19725 | URL | ||
| 49197 | FILE-PDF Adobe Acrobat JavaScript defineProperty memory corruption attempt (more info ...) | attempted-user | 2018-19725 | URL | ||
| 49201 | FILE-PDF Adobe Acrobat Reader JavaScript memory corruption attempt (more info ...) | attempted-user | 2019-7018 | URL | ||
| 49202 | FILE-PDF Adobe Acrobat Reader JavaScript memory corruption attempt (more info ...) | attempted-user | 2019-7018 | URL | ||
| 49203 | FILE-PDF Adobe Reader Javascript out-of-bounds read attempt (more info ...) | attempted-user | 2019-7022 | URL | ||
| 49204 | FILE-PDF Adobe Reader Javascript out-of-bounds read attempt (more info ...) | attempted-user | 2019-7022 | URL | ||
| 49211 | FILE-PDF Adobe Acrobat JavaScript engine use after free attempt (more info ...) | attempted-user | 2019-7029 | URL | ||
| 49212 | FILE-PDF Adobe Acrobat JavaScript engine use after free attempt (more info ...) | attempted-user | 2019-7029 | URL | ||
| 49213 | FILE-PDF Adobe Acrobat JavaScript engine out-of-bounds read attempt (more info ...) | attempted-user | 2019-7053 | URL | ||
| 49214 | FILE-PDF Adobe Acrobat JavaScript engine out-of-bounds read attempt (more info ...) | attempted-user | 2019-7053 | URL | ||
| 49227 | FILE-PDF Adobe Acrobat JavaScript engine use after free attempt (more info ...) | attempted-user | 2019-7082 | URL | ||
| 49228 | FILE-PDF Adobe Acrobat JavaScript engine use after free attempt (more info ...) | attempted-user | 2019-7082 | URL | ||
| 49229 | FILE-PDF Adobe Reader Javascript out-of-bounds write attempt (more info ...) | attempted-user | 2019-7060 | URL | ||
| 49230 | FILE-PDF Adobe Reader Javascript out-of-bounds write attempt (more info ...) | attempted-user | 2019-7060 | URL | ||
| 49233 | FILE-PDF Adobe Reader Javascript untrusted pointer dereference attempt detected (more info ...) | attempted-user | 2019-7054 | URL | ||
| 49234 | FILE-PDF Adobe Reader Javascript untrusted pointer dereference attempt detected (more info ...) | attempted-user | 2019-7054 | URL | ||
| 49235 | FILE-PDF JavaScript XFA engine use after free attempt (more info ...) | attempted-user | 2019-7022 | URL | ||
| 49236 | FILE-PDF JavaScript XFA engine use after free attempt (more info ...) | attempted-user | 2019-7022 | URL | ||
| 49239 | SERVER-WEBAPP Exhibitor for ZooKeeper javaEnvironment command injection attempt (more info ...) | web-application-attack | 2018-15380 | URL | ||
| 49246 | FILE-OTHER Adobe Acrobat JavaScript engine security bypass attempt (more info ...) | attempted-user | 2019-7041 | URL | ||
| 49247 | FILE-OTHER Adobe Acrobat JavaScript engine security bypass attempt (more info ...) | attempted-user | 2019-7041 | URL | ||
| 49255 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 49256 | FILE-JAVA Oracle Java ImagingLib buffer overflow attempt (more info ...) | attempted-user | 2013-2463 | |||
| 49313 | FILE-PDF Adobe Acrobat XFA JavaScript manipulation out of bounds read attempt (more info ...) | attempted-user | 2019-7065 | URL | ||
| 49314 | FILE-PDF Adobe Acrobat XFA JavaScript manipulation out of bounds read attempt (more info ...) | attempted-user | 2019-7065 | URL | ||
| 49360 | BROWSER-CHROME Google Chrome FileReader use after free attempt (more info ...) | attempted-user | 2019-5786 | 107213 | URL | |
| 49361 | BROWSER-CHROME Google Chrome FileReader use after free attempt (more info ...) | attempted-user | 2019-5786 | 107213 | URL | |
| 49378 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-0768 | URL | ||
| 49379 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-0768 | URL | ||
| 49384 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-0763 | URL | ||
| 49385 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-0763 | URL | ||
| 49442 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2019-0791 attack attempt (more info ...) | attempted-user | URL | |||
| 49443 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2019-0791 attack attempt (more info ...) | attempted-user | URL | |||
| 49752 | BROWSER-IE Microsoft Internet Explorer use-after-free attempt (more info ...) | attempted-user | 2019-0862 | URL | ||
| 49753 | BROWSER-IE Microsoft Internet Explorer use-after-free attempt (more info ...) | attempted-user | 2019-0862 | URL | ||
| 49799 | BROWSER-IE Microsoft Internet Explorer MHTML XXE external entity attempt (more info ...) | attempted-user | URL | |||
| 49800 | BROWSER-IE Microsoft Internet Explorer MHTML XXE external entity attempt (more info ...) | attempted-user | URL | |||
| 49805 | BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (more info ...) | attempted-admin | 2015-1705 | URL | ||
| 49806 | BROWSER-IE Microsoft Internet Explorer Element object use-after-free attempt (more info ...) | attempted-admin | 2015-1705 | URL | ||
| 49846 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 49917 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength appendItem use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 49918 | BROWSER-FIREFOX Mozilla Firefox DOMSVGLength appendItem use after free attempt (more info ...) | attempted-user | 2014-1563 | URL | ||
| 49950 | BROWSER-IE Microsoft Internet Explorer TextData object use after free attempt (more info ...) | attempted-user | 2015-1665 | URL | ||
| 49951 | BROWSER-IE Microsoft Internet Explorer TextData object use after free attempt (more info ...) | attempted-user | 2015-1665 | URL | ||
| 50082 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-0930 | URL | ||
| 50083 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-0930 | URL | ||
| 50183 | BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2019-1053 | URL | ||
| 50184 | BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2019-1053 | URL | ||
| 50359 | BROWSER-IE Microsoft Internet Explorer Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1051 | URL | ||
| 50360 | BROWSER-IE Microsoft Internet Explorer Chakra scripting engine memory corruption attempt (more info ...) | attempted-user | 2019-1051 | URL | ||
| 50367 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-1055 | URL | ||
| 50368 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2019-1055 | URL | ||
| 50518 | BROWSER-FIREFOX Mozilla Firefox Array.prototype.pop type confusion attempt (more info ...) | attempted-user | 2019-11707 | URL | ||
| 50519 | BROWSER-FIREFOX Mozilla Firefox Array.prototype.pop type confusion attempt (more info ...) | attempted-user | 2019-11707 | URL | ||
| 51375 | SERVER-OTHER Fortigate SSL VPN javascript parsing heap buffer overflow attempt (more info ...) | attempted-user | 2018-13383 | |||
| 51376 | SERVER-OTHER Fortigate SSL VPN javascript parsing heap buffer overflow attempt (more info ...) | attempted-user | 2018-13383 | |||
| 51388 | BROWSER-WEBKIT Apple Safari JSValues type confusion attempt (more info ...) | attempted-user | 2017-7064 | URL | ||
| 51389 | BROWSER-WEBKIT Apple Safari JSValues type confusion attempt (more info ...) | attempted-user | 2017-7064 | URL | ||
| 51391 | BROWSER-WEBKIT Apple Safari WebKit out-of-bounds write attempt (more info ...) | attempted-user | 2017-2505 | URL | ||
| 51392 | BROWSER-WEBKIT Apple Safari WebKit out-of-bounds write attempt (more info ...) | attempted-user | 2017-2505 | URL | ||
| 51433 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | |||
| 51434 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | |||
| 51640 | SERVER-WEBAPP JavaScript library OpenPGP.js improper signature verification attempt (more info ...) | web-application-attack | 2019-9153 | URL | ||
| 51641 | SERVER-WEBAPP JavaScript library OpenPGP.js improper signature verification attempt (more info ...) | web-application-attack | 2019-9153 | URL | ||
| 51789 | BROWSER-IE Microsoft Edge JavaScript engine memory corruption attempt (more info ...) | attempted-user | 2019-1239 | URL | ||
| 51790 | BROWSER-IE Microsoft Edge JavaScript engine memory corruption attempt (more info ...) | attempted-user | 2019-1239 | URL | ||
| 51821 | BROWSER-WEBKIT WebKit JavaScriptCore AIR optimization memory corruption attempt (more info ...) | attempted-user | 2019-8611 | |||
| 51822 | BROWSER-WEBKIT WebKit JavaScriptCore AIR optimization memory corruption attempt (more info ...) | attempted-user | 2019-8611 | |||
| 51823 | BROWSER-WEBKIT WebKit JavaScriptCore JSValue use after free attempt (more info ...) | attempted-user | 2019-8672 | |||
| 51824 | BROWSER-WEBKIT WebKit JavaScriptCore JSValue use after free attempt (more info ...) | attempted-user | 2019-8672 | |||
| 51831 | BROWSER-WEBKIT WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt (more info ...) | attempted-user | 2019-8684 | |||
| 51832 | BROWSER-WEBKIT WebKit JavaScriptCore emitEqualityOpImpl memory corruption attempt (more info ...) | attempted-user | 2019-8684 | |||
| 51943 | BROWSER-IE Microsoft Internet Explorer ActiveX type confusion attempt (more info ...) | attempted-user | 2015-0046 | URL | ||
| 51944 | BROWSER-IE Microsoft Internet Explorer ActiveX type confusion attempt (more info ...) | attempted-user | 2015-0046 | URL | ||
| 51961 | SERVER-WEBAPP Jenkins CLI arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-1000353 | URL | ||
| 52068 | BROWSER-CHROME Google Chrome blink webaudio module use after free attempt (more info ...) | attempted-user | 2019-13720 | URL | ||
| 52069 | BROWSER-CHROME Google Chrome blink webaudio module use after free attempt (more info ...) | attempted-user | 2019-13720 | URL | ||
| 52348 | BROWSER-CHROME Google Chrome V8 engine memory corruption attempt (more info ...) | attempted-user | URL | |||
| 52349 | BROWSER-CHROME Google Chrome V8 engine memory corruption attempt (more info ...) | attempted-user | URL | |||
| 52400 | BROWSER-CHROME V8 JavaScript engine Out-of-Memory denial of service attempt (more info ...) | attempted-dos | URL | |||
| 52401 | BROWSER-CHROME V8 JavaScript engine Out-of-Memory denial of service attempt (more info ...) | attempted-dos | URL | |||
| 52424 | BROWSER-FIREFOX Mozilla Firefox RemotePrompt sandbox escape attempt (more info ...) | attempted-user | 2019-11708 | URL | ||
| 52425 | BROWSER-FIREFOX Mozilla Firefox RemotePrompt sandbox escape attempt (more info ...) | attempted-user | 2019-11708 | URL | ||
| 52503 | BROWSER-CHROME Google Chrome V8 AwaitedPromise memory corruption attempt (more info ...) | attempted-user | 2018-6106 | URL | ||
| 52504 | BROWSER-CHROME Google Chrome V8 AwaitedPromise memory corruption attempt (more info ...) | attempted-user | 2018-6106 | URL | ||
| 52601 | BROWSER-CHROME Google V8 engine type confusion attempt (more info ...) | attempted-user | 2018-6064 | |||
| 52602 | BROWSER-CHROME Google V8 engine type confusion attempt (more info ...) | attempted-user | 2018-6064 | |||
| 53100 | BROWSER-WEBKIT Apple Safari Webkit WebCore memory corruption attempt (more info ...) | attempted-user | 2018-4200 | URL | ||
| 53101 | BROWSER-WEBKIT Apple Safari Webkit WebCore memory corruption attempt (more info ...) | attempted-user | 2018-4200 | URL | ||
| 53121 | BROWSER-WEBKIT Apple Safari WebKit cached page memory corruption attempt (more info ...) | attempted-user | 2019-8822 | URL | ||
| 53122 | BROWSER-WEBKIT Apple Safari WebKit cached page memory corruption attempt (more info ...) | attempted-user | 2019-8822 | URL | ||
| 53123 | BROWSER-WEBKIT Apple Safari WebKit cached page universal cross-site scripting attempt (more info ...) | attempted-user | URL | |||
| 53124 | BROWSER-WEBKIT Apple Safari WebKit cached page universal cross-site scripting attempt (more info ...) | attempted-user | URL | |||
| 53145 | BROWSER-CHROME Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt (more info ...) | attempted-user | 2017-5071 | |||
| 53146 | BROWSER-CHROME Google Chrome V8 FindSharedFunctionInfo out-of-bounds read attempt (more info ...) | attempted-user | 2017-5071 | |||
| 53150 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 53151 | BROWSER-IE Microsoft Internet Explorer onscroll use after free attempt (more info ...) | attempted-user | 2013-3123 | URL | ||
| 53342 | BROWSER-CHROME Google Chrome V8 Turbofan Array pop type confusion attempt (more info ...) | attempted-user | 2020-6418 | URL | ||
| 53343 | BROWSER-CHROME Google Chrome V8 Turbofan Array pop type confusion attempt (more info ...) | attempted-user | 2020-6418 | URL | ||
| 53404 | BROWSER-IE Internet Explorer Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2020-0833 | URL | ||
| 53405 | BROWSER-IE Internet Explorer Scripting Engine memory corruption attempt (more info ...) | attempted-user | 2020-0833 | URL | ||
| 53459 | BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (more info ...) | attempted-user | 2012-1523 | URL | ||
| 53460 | BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (more info ...) | attempted-user | 2012-1523 | URL | ||
| 53461 | BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (more info ...) | attempted-user | 2012-1523 | |||
| 53462 | BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (more info ...) | attempted-user | 2012-1523 | URL | ||
| 53463 | BROWSER-IE Microsoft Internet Explorer center element dynamic manipulation attempt (more info ...) | attempted-user | 2012-1523 | URL | ||
| 53477 | BROWSER-WEBKIT Apple Safari WebKit type confusion attempt (more info ...) | attempted-dos | 2019-8765 | |||
| 53478 | BROWSER-WEBKIT Apple Safari WebKit type confusion attempt (more info ...) | attempted-dos | 2019-8765 | |||
| 53533 | BROWSER-CHROME Google Chrome desktopMediaPickerController use after free attempt (more info ...) | attempted-user | 2019-13767 | URL | ||
| 53534 | BROWSER-CHROME Google Chrome desktopMediaPickerController use after free attempt (more info ...) | attempted-user | 2019-13767 | URL | ||
| 53751 | BROWSER-CHROME Google Chrome ObjectCreate type confusion attempt (more info ...) | attempted-user | 2018-17463 | |||
| 53752 | BROWSER-CHROME Google Chrome ObjectCreate type confusion attempt (more info ...) | attempted-user | 2018-17463 | |||
| 53753 | BROWSER-CHROME Google Chrome ObjectCreate type confusion attempt (more info ...) | attempted-user | 2018-17463 | |||
| 53754 | BROWSER-CHROME Google Chrome ObjectCreate type confusion attempt (more info ...) | attempted-user | 2018-17463 | |||
| 53844 | BROWSER-CHROME Google Chromium ImageCapture use after free attempt (more info ...) | attempted-user | 2019-13687 | |||
| 53845 | BROWSER-CHROME Google Chromium ImageCapture use after free attempt (more info ...) | attempted-user | 2019-13687 | |||
| 53918 | BROWSER-IE Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2020-1035 | URL | ||
| 53919 | BROWSER-IE Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2020-1035 | URL | ||
| 53928 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-1062 | URL | ||
| 53929 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-1062 | URL | ||
| 53930 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-1062 | URL | ||
| 53931 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-1062 | URL | ||
| 53942 | BROWSER-CHROME Google Chromium for Android AddInterface use after free attempt (more info ...) | attempted-user | 2019-13686 | |||
| 53943 | BROWSER-CHROME Google Chromium for Android AddInterface use after free attempt (more info ...) | attempted-user | 2019-13686 | |||
| 54028 | INDICATOR-SHELLCODE Java RMI deserialization exploit attempt (more info ...) | shellcode-detect | 2020-3280 | URL | ||
| 54051 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1085 attack attempt (more info ...) | attempted-user | URL | |||
| 54052 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1085 attack attempt (more info ...) | attempted-user | URL | |||
| 54169 | MALWARE-OTHER Cobalt Strike signed java applet execution attempt (more info ...) | trojan-activity | URL | |||
| 54170 | MALWARE-OTHER Cobalt Strike signed java applet execution attempt (more info ...) | trojan-activity | URL | |||
| 54171 | MALWARE-OTHER Cobalt Strike signed java applet download attempt (more info ...) | trojan-activity | URL | |||
| 54172 | MALWARE-OTHER Cobalt Strike signed java applet download attempt (more info ...) | trojan-activity | URL | |||
| 54173 | MALWARE-OTHER Cobalt Strike signed java applet download attempt (more info ...) | trojan-activity | URL | |||
| 54174 | MALWARE-OTHER Cobalt Strike signed java applet download attempt (more info ...) | trojan-activity | URL | |||
| 54189 | FILE-PDF Adobe Reader custom JavaScript field use-after-free attempt (more info ...) | attempted-user | 2020-3805 | URL | ||
| 54190 | FILE-PDF Adobe Reader custom JavaScript field use-after-free attempt (more info ...) | attempted-user | 2020-3805 | URL | ||
| 54230 | BROWSER-IE Microsoft Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2020-1213 | URL | ||
| 54231 | BROWSER-IE Microsoft Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2020-1213 | URL | ||
| 54232 | BROWSER-IE Microsoft Internet Explorer VBScript memory corruption attempt (more info ...) | attempted-user | 2020-1216 | URL | ||
| 54233 | BROWSER-IE Microsoft Internet Explorer VBScript memory corruption attempt (more info ...) | attempted-user | 2020-1216 | URL | ||
| 54319 | SERVER-WEBAPP VMWare Cloud Director Java expression language injection attempt (more info ...) | attempted-admin | 2020-3956 | |||
| 54379 | BROWSER-FIREFOX Mozilla Firefox ReadableStreamCloseInternal out-of-bounds access attempt (more info ...) | attempted-user | 2020-6806 | URL | ||
| 54380 | BROWSER-FIREFOX Mozilla Firefox ReadableStreamCloseInternal out-of-bounds access attempt (more info ...) | attempted-user | 2020-6806 | URL | ||
| 54399 | BROWSER-IE Microsoft Internet Explorer JavaScript engine memory corruption attempt (more info ...) | attempted-user | 2020-0674 | URL | ||
| 54400 | BROWSER-IE Microsoft Internet Explorer JavaScript engine memory corruption attempt (more info ...) | attempted-user | 2020-0674 | URL | ||
| 54497 | BROWSER-CHROME Google Chrome Blink use-after-free attempt (more info ...) | attempted-user | 2019-13688 | URL | ||
| 54498 | BROWSER-CHROME Google Chrome Blink use-after-free attempt (more info ...) | attempted-user | 2019-13688 | URL | ||
| 54509 | BROWSER-IE Microsoft Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2020-1403 | URL | ||
| 54510 | BROWSER-IE Microsoft Internet Explorer VBScript engine memory corruption attempt (more info ...) | attempted-user | 2020-1403 | URL | ||
| 54545 | SERVER-WEBAPP Cisco SD-WAN vManage arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2020-3387 | URL | ||
| 54584 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1123 attack attempt (more info ...) | attempted-recon | URL | |||
| 54585 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1123 attack attempt (more info ...) | attempted-recon | URL | |||
| 54622 | BROWSER-CHROME Google Chrome ReadableStream out of bounds read attempt (more info ...) | attempted-user | 2020-6390 | |||
| 54623 | BROWSER-CHROME Google Chrome ReadableStream out of bounds read attempt (more info ...) | attempted-user | 2020-6390 | |||
| 54638 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1127 attack attempt (more info ...) | attempted-user | URL | |||
| 54639 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1127 attack attempt (more info ...) | attempted-user | URL | |||
| 54741 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-1567 | URL | ||
| 54742 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-1567 | URL | ||
| 55036 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1152 attack attempt (more info ...) | attempted-user | URL | |||
| 55037 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2020-1152 attack attempt (more info ...) | attempted-user | URL | |||
| 56130 | BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (more info ...) | attempted-user | 2020-15999 | URL | ||
| 56131 | BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (more info ...) | attempted-user | 2020-15999 | URL | ||
| 56132 | BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (more info ...) | attempted-user | 2020-15999 | URL | ||
| 56133 | BROWSER-CHROME Google Chrome PNG in TTF parsing heap overflow attempt (more info ...) | attempted-user | 2020-15999 | URL | ||
| 56150 | SERVER-OTHER Adobe ColdFusion DataServicesCFProxy insecure Java deserialization attempt (more info ...) | attempted-user | 2018-4939 | |||
| 56288 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-17053 | URL | ||
| 56289 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2020-17053 | URL | ||
| 56406 | INDICATOR-SHELLCODE ysoserial Java object deserialization exploit attempt (more info ...) | shellcode-detect | 2020-27131 | |||
| 56407 | INDICATOR-SHELLCODE ysoserial Java object deserialization exploit attempt (more info ...) | shellcode-detect | 2020-27131 | |||
| 56437 | BROWSER-CHROME Google Chrome Blink Renderer MediaElementEventListener memory corruption attempt (more info ...) | attempted-user | 2020-6549 | URL | ||
| 56438 | BROWSER-CHROME Google Chrome Blink Renderer MediaElementEventListener memory corruption attempt (more info ...) | attempted-user | 2020-6549 | URL | ||
| 56445 | SERVER-WEBAPP Java Library UniversalExtractor unauthorized deserialization attempt (more info ...) | attempted-user | 2020-14625 | URL | ||
| 56497 | SERVER-WEBAPP Multiple Products Java Faces ViewState deserialization remote code execution attempt (more info ...) | attempted-user | 2019-2904 | URL | ||
| 56557 | SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt (more info ...) | attempted-admin | 2020-17152 | URL | ||
| 56558 | SERVER-WEBAPP Microsoft Dynamics365 Finance and Operations remote code execution attempt (more info ...) | attempted-admin | 2020-17152 | URL | ||
| 56799 | SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2020-7961 | URL | ||
| 56800 | SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2020-7961 | URL | ||
| 57057 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1235 attack attempt (more info ...) | attempted-user | URL | |||
| 57058 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1235 attack attempt (more info ...) | attempted-user | URL | |||
| 57268 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-26411 | URL | ||
| 57269 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-26411 | URL | ||
| 57283 | SERVER-WEBAPP Liferay arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2020-7961 | URL | ||
| 57420 | BROWSER-CHROME Google Chrome V8 engine integer overflow attempt (more info ...) | attempted-user | 2021-21220 | URL | ||
| 57421 | BROWSER-CHROME Google Chrome V8 engine integer overflow attempt (more info ...) | attempted-user | 2021-21220 | URL | ||
| 57429 | BROWSER-CHROME Google Chrome Math.max memory corruption attempt (more info ...) | attempted-user | 2021-21224 | URL | ||
| 57430 | BROWSER-CHROME Google Chrome Math.max memory corruption attempt (more info ...) | attempted-user | 2021-21224 | URL | ||
| 57434 | SERVER-WEBAPP VMware vRealize Operations Manager directory traversal attempt (more info ...) | web-application-attack | 2021-21983 | URL | ||
| 57435 | SERVER-WEBAPP VMware vRealize Operations Manager SSRF attempt (more info ...) | web-application-attack | 2021-21975 | URL | ||
| 57440 | BROWSER-CHROME Google Chrome V8 OnServiceConnectionError memory corruption attempt (more info ...) | attempted-user | 2020-6541 | URL | ||
| 57441 | BROWSER-CHROME Google Chrome V8 OnServiceConnectionError memory corruption attempt (more info ...) | attempted-user | 2020-6541 | URL | ||
| 57494 | SERVER-WEBAPP Micro Focus Operations Bridge Manager remote code execution attempt (more info ...) | attempted-admin | 2020-11854 | |||
| 57495 | POLICY-OTHER Micro Focus Operations Bridge default credentials login attempt (more info ...) | policy-violation | ||||
| 57496 | POLICY-OTHER Micro Focus Operations Bridge default credentials login attempt (more info ...) | policy-violation | ||||
| 57500 | SERVER-WEBAPP HPE Intelligent Management Center IccSelectDevTypeBean Expression Language Injection Java expression language injection attempt (more info ...) | web-application-attack | 2019-11941 | URL | ||
| 57542 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-26419 | URL | ||
| 57543 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-26419 | URL | ||
| 57837 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memory corruption attempt (more info ...) | attempted-user | ||||
| 57838 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memory corruption attempt (more info ...) | attempted-user | ||||
| 57839 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memory corruption attempt (more info ...) | attempted-user | ||||
| 57840 | BROWSER-CHROME Google Chrome NewFixedDoubleArray memory corruption attempt (more info ...) | attempted-user | ||||
| 57938 | BROWSER-CHROME Google Chrome WebRTC addIceCandidate use after free attempt (more info ...) | attempted-user | 2021-30602 | URL | ||
| 57939 | BROWSER-CHROME Google Chrome WebRTC addIceCandidate use after free attempt (more info ...) | attempted-user | 2021-30602 | URL | ||
| 58001 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1352 attack attempt (more info ...) | attempted-user | URL | |||
| 58002 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1352 attack attempt (more info ...) | attempted-user | URL | |||
| 58081 | BROWSER-CHROME Chromium V8 type confusion attempt (more info ...) | attempted-user | 2021-30563 | URL | ||
| 58082 | BROWSER-CHROME Chromium V8 type confusion attempt (more info ...) | attempted-user | 2021-30563 | URL | ||
| 58108 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1372 attack attempt (more info ...) | attempted-user | URL | |||
| 58109 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1372 attack attempt (more info ...) | attempted-user | URL | |||
| 58183 | BROWSER-IE Microsoft Internet Explorer MSHTML CTreePos remote code execution attempt (more info ...) | attempted-user | 2021-33742 | URL | ||
| 58184 | BROWSER-IE Microsoft Internet Explorer MSHTML CTreePos remote code execution attempt (more info ...) | attempted-user | 2021-33742 | URL | ||
| 58282 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfAddFormServer Java expression language injection attempt (more info ...) | web-application-attack | 2017-12487 | |||
| 58283 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfSelItemServer Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58344 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1385 attack attempt (more info ...) | attempted-user | URL | |||
| 58345 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1385 attack attempt (more info ...) | attempted-user | URL | |||
| 58355 | SERVER-WEBAPP GE MDS PulseNET HealthCheck arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2018-10611 | |||
| 58379 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt (more info ...) | attempted-admin | 2017-12514 | |||
| 58380 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center devSoftSel Java expression language injection attempt (more info ...) | attempted-admin | 2017-12514 | |||
| 58384 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt (more info ...) | attempted-admin | 2017-12518 | |||
| 58385 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center operationSelect Java expression language injection attempt (more info ...) | attempted-admin | 2017-12518 | |||
| 58489 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1398 attack attempt (more info ...) | attempted-user | URL | |||
| 58490 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2021-1398 attack attempt (more info ...) | attempted-user | URL | |||
| 58521 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center perfInsListServer Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58524 | FILE-OTHER Apple Safari Type 1 fonts RCE attempt (more info ...) | attempted-user | 2020-27930 | |||
| 58546 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoBroadcastServlet arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-8964 | |||
| 58547 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-26411 | URL | ||
| 58548 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-26411 | URL | ||
| 58563 | SERVER-WEBAPP GE MDS PulseNET foglight service arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2018-10611 | |||
| 58599 | BROWSER-CHROME Google Chrome V8 kConstantType type confusion attempt (more info ...) | attempted-user | 2021-30632 | URL | ||
| 58600 | BROWSER-CHROME Google Chrome V8 kConstantType type confusion attempt (more info ...) | attempted-user | 2021-30632 | URL | ||
| 58606 | SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt (more info ...) | attempted-user | 2018-2380 | |||
| 58607 | SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt (more info ...) | attempted-user | 2018-2380 | |||
| 58608 | SERVER-WEBAPP SAP NetWeaver AS JAVA CRM log injection attempt (more info ...) | attempted-user | 2018-2380 | |||
| 58611 | BROWSER-FIREFOX Mozilla Firefox IonMonkey type confusion attempt (more info ...) | attempted-user | 2019-17026 | |||
| 58612 | BROWSER-FIREFOX Mozilla Firefox IonMonkey type confusion attempt (more info ...) | attempted-user | 2019-17026 | |||
| 58613 | BROWSER-CHROME Google Chrome V8 JavaScript Engine type confusion attempt (more info ...) | attempted-user | 2021-30551 | |||
| 58614 | BROWSER-CHROME Google Chrome V8 JavaScript Engine type confusion attempt (more info ...) | attempted-user | 2021-30551 | |||
| 58683 | BROWSER-CHROME Google Chrome ScriptProcessorNode race condition exploit attempt (more info ...) | attempted-user | 2021-21166 | URL | ||
| 58684 | BROWSER-CHROME Google Chrome ScriptProcessorNode race condition exploit attempt (more info ...) | attempted-user | 2021-21166 | URL | ||
| 58791 | MALWARE-OTHER Win.Ransomware.Blackbyte malicious javascript file download attempt (more info ...) | trojan-activity | URL | |||
| 58793 | MALWARE-OTHER Win.Ransomware.Blackbyte malicious javascript file download attempt (more info ...) | trojan-activity | URL | |||
| 58841 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance Java expression language injection attempt (more info ...) | attempted-admin | ||||
| 58842 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance Java expression language injection attempt (more info ...) | attempted-admin | ||||
| 58905 | SERVER-WEBAPP OneDev AttachmentUploadServet arbitrary Java deserialization attempt (more info ...) | attempted-user | 2021-21242 | URL | ||
| 58985 | SERVER-WEBAPP OneDev Platform AttachmentUploadServet arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2021-21243 | |||
| 58986 | SERVER-WEBAPP OneDev Platform AttachmentUploadServet arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2021-21243 | |||
| 59016 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Java expression language injection attempt (more info ...) | attempted-admin | 2020-7161 | URL | ||
| 59017 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Java expression language injection attempt (more info ...) | attempted-admin | 2020-7161 | URL | ||
| 59216 | BROWSER-IE Microsoft Internet Explorer security zone bypass attempt (more info ...) | attempted-user | 2022-24502 | URL | ||
| 59217 | BROWSER-IE Microsoft Internet Explorer security zone bypass attempt (more info ...) | attempted-user | 2022-24502 | URL | ||
| 59405 | EXPLOIT-KIT Operation Dream Job profile attempt (more info ...) | attempted-user | URL | |||
| 59416 | SERVER-WEBAPP Java getRuntime remote code execution attempt (more info ...) | attempted-user | 2022-22965 | URL | ||
| 59448 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2022-1508 attack attempt (more info ...) | attempted-user | URL | |||
| 59449 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2022-1508 attack attempt (more info ...) | attempted-user | URL | |||
| 59836 | SERVER-WEBAPP Jenkins Pipeline Groovy plugin Java expression language injection attempt (more info ...) | web-application-attack | 2019-1003030 | URL | ||
| 59837 | SERVER-WEBAPP Jenkins Pipeline Groovy plugin Java expression language injection attempt (more info ...) | web-application-attack | 2019-1003030 | URL | ||
| 60076 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2022-1543 attack attempt (more info ...) | attempted-user | URL | |||
| 60077 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2022-1543 attack attempt (more info ...) | attempted-user | URL | |||
| 60154 | BROWSER-WEBKIT Apple Safari WebKit loadInSameDocument use-after-free attempt (more info ...) | attempted-user | 2022-22620 | |||
| 60155 | BROWSER-WEBKIT Apple Safari WebKit loadInSameDocument use-after-free attempt (more info ...) | attempted-user | 2022-22620 | |||
| 60177 | SERVER-WEBAPP Zoho ManageEngine ADAudit Plus Java deserialize payload execution attempt (more info ...) | web-application-attack | 2022-28219 | |||
| 60178 | SERVER-WEBAPP Zoho ManageEngine ADAudit Plus Java deserialize payload execution attempt (more info ...) | web-application-attack | 2022-28219 | |||
| 60179 | SERVER-WEBAPP Zoho ManageEngine ADAudit Plus Java deserialize payload execution attempt (more info ...) | web-application-attack | 2022-28219 | |||
| 60256 | SERVER-WEBAPP Nexus Repository Manager Java EL Injection RCE attempt (more info ...) | attempted-user | 2020-10199 | URL | ||
| 60291 | MALWARE-OTHER Win.Downloader.ChromeLoader payload download attempt (more info ...) | trojan-activity | URL | |||
| 60292 | MALWARE-OTHER Win.Downloader.ChromeLoader payload download attempt (more info ...) | trojan-activity | URL | |||
| 60293 | MALWARE-OTHER Win.Downloader.ChromeLoader payload download attempt (more info ...) | trojan-activity | URL | |||
| 60294 | MALWARE-OTHER Win.Downloader.ChromeLoader payload download attempt (more info ...) | trojan-activity | URL | |||
| 60344 | BROWSER-CHROME WebRTC heap buffer overflow attempt (more info ...) | attempted-user | 2022-2294 | |||
| 60345 | BROWSER-CHROME WebRTC heap buffer overflow attempt (more info ...) | attempted-user | 2022-2294 | |||
| 60362 | BROWSER-CHROME Google Chrome Animation timeline use after free attempt (more info ...) | attempted-user | 2022-0609 | URL | ||
| 60363 | BROWSER-CHROME Google Chrome Animation timeline use after free attempt (more info ...) | attempted-user | 2022-0609 | URL | ||
| 60366 | BROWSER-CHROME V8 Array concat remote code execution attempt (more info ...) | attempted-user | 2017-5030 | URL | ||
| 60367 | BROWSER-CHROME V8 Array concat remote code execution attempt (more info ...) | attempted-user | 2017-5030 | URL | ||
| 60369 | BROWSER-CHROME V8 ReadDenseJSArray out of bounds write attempt (more info ...) | attempted-user | 2018-17480 | URL | ||
| 60370 | BROWSER-CHROME V8 ReadDenseJSArray out of bounds write attempt (more info ...) | attempted-user | 2018-17480 | URL | ||
| 60395 | BROWSER-CHROME Google Chrome V8 CSS prop type interceptor confusion attempt (more info ...) | attempted-user | 2022-1232 | URL | ||
| 60396 | BROWSER-CHROME Google Chrome V8 CSS prop type interceptor confusion attempt (more info ...) | attempted-user | 2022-1232 | URL | ||
| 60413 | BROWSER-WEBKIT JavaScriptCore watchpoint type confusion attempt (more info ...) | attempted-user | 2019-8506 | URL | ||
| 60414 | BROWSER-WEBKIT JavaScriptCore watchpoint type confusion attempt (more info ...) | attempted-user | 2019-8506 | URL | ||
| 60482 | BROWSER-CHROME Google Chrome V8 JSON.stringify remote code execution attempt (more info ...) | attempted-user | 2021-38003 | URL | ||
| 60483 | BROWSER-CHROME Google Chrome V8 JSON.stringify remote code execution attempt (more info ...) | attempted-user | 2021-38003 | URL | ||
| 60502 | SERVER-WEBAPP Dojo Toolkit JavaScript prototype pollution attempt (more info ...) | attempted-user | 2021-23450 | |||
| 60503 | SERVER-WEBAPP Dojo Toolkit JavaScript prototype pollution attempt (more info ...) | attempted-user | 2021-23450 | |||
| 60578 | BROWSER-CHROME Google Chromium security bypass attempt (more info ...) | attempted-user | 2021-30533 | URL | ||
| 60579 | BROWSER-CHROME Google Chromium security bypass attempt (more info ...) | attempted-user | 2021-30533 | URL | ||
| 60647 | BROWSER-CHROME Chrome IPC memory dump attempt (more info ...) | attempted-user | 2021-37976 | URL | ||
| 60648 | BROWSER-CHROME Chrome IPC memory dump attempt (more info ...) | attempted-user | 2021-37976 | URL | ||
| 60917 | BROWSER-IE Google Chrome LinkToTextMenuObserver heap use-after-free attempt (more info ...) | attempted-user | 2022-2998 | URL | ||
| 60918 | BROWSER-IE Google Chrome LinkToTextMenuObserver heap use-after-free attempt (more info ...) | attempted-user | 2022-2998 | URL | ||
| 60950 | BROWSER-CHROME Google Chrome PDFiumEngine RequestThumbnail use-after-free attempt (more info ...) | attempted-user | 2022-0306 | URL | ||
| 60951 | BROWSER-CHROME Google Chrome PDFiumEngine RequestThumbnail use-after-free attempt (more info ...) | attempted-user | 2022-0306 | URL | ||
| 61346 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Get-ChromeDump download attempt (more info ...) | trojan-activity | URL | |||
| 61347 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Get-ChromeDump download attempt (more info ...) | trojan-activity | URL | |||
| 61412 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2023-1724 attack attempt (more info ...) | attempted-user | URL | |||
| 61413 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2023-1724 attack attempt (more info ...) | attempted-user | URL | |||
| 61599 | SERVER-WEBAPP Cisco Secure Network Analytics arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2023-20102 | URL | ||
| 61608 | BROWSER-CHROME Google Chrome URLLoader NotifyCompleted use-after-free attempt (more info ...) | attempted-user | 2022-3038 | URL | ||
| 61609 | BROWSER-CHROME Google Chrome URLLoader NotifyCompleted use-after-free attempt (more info ...) | attempted-user | 2022-3038 | URL | ||
| 61640 | MALWARE-TOOLS Chrome infostealer download attempt (more info ...) | trojan-activity | URL | |||
| 61641 | MALWARE-TOOLS Chrome infostealer download attempt (more info ...) | trojan-activity | URL | |||
| 61687 | BROWSER-CHROME Google Chrome synchronous Mojo message handler use-after-free attempt (more info ...) | attempted-user | 2022-4178 | URL | ||
| 61688 | BROWSER-CHROME Google Chrome synchronous Mojo message handler use-after-free attempt (more info ...) | attempted-user | 2022-4178 | URL | ||
| 61804 | BROWSER-CHROME Google Chrome PerformLayout use after free attempt (more info ...) | attempted-user | 2022-3654 | |||
| 61805 | BROWSER-CHROME Google Chrome PerformLayout use after free attempt (more info ...) | attempted-user | 2022-3654 | |||
| 61885 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2023-1751 attack attempt (more info ...) | attempted-user | URL | |||
| 61886 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2023-1751 attack attempt (more info ...) | attempted-user | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1667 | SERVER-WEBAPP cross site scripting HTML Image tag set to javascript attempt (more info ...) | web-application-attack | 2002-0902 | 4858 | ||
| 1735 | BROWSER-OTHER Mozilla Netscape XMLHttpRequest local file read attempt (more info ...) | web-application-attack | 2002-0354 | 4628 | ||
| 1840 | FILE-JAVA Oracle Javascript document.domain attempt (more info ...) | attempted-user | 2002-0815 | 5346 | ||
| 1841 | BROWSER-FIREFOX Mozilla 1.0 Javascript arbitrary cookie access attempt (more info ...) | attempted-user | 2002-2314 | 5293 | ||
| 1846 | POLICY-MULTIMEDIA vncviewer Java applet download attempt (more info ...) | misc-activity | 10758 | |||
| 2437 | FILE-MULTIMEDIA RealNetworks RealPlayer arbitrary javascript command attempt (more info ...) | attempted-user | 2003-0726 | 9378 | ||
| 2671 | BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset integer overflow attempt (more info ...) | attempted-user | 2004-0566 | 9663 | URL | |
| 3079 | BROWSER-IE Microsoft Internet Explorer ANI file parsing buffer overflow attempt (more info ...) | attempted-user | 2007-1765 | URL | ||
| 3149 | BROWSER-IE Microsoft Internet Explorer malformed object type overflow attempt (more info ...) | attempted-user | 2003-0344 | URL | ||
| 3462 | BROWSER-IE Microsoft Internet Explorer Content-Encoding overflow attempt (more info ...) | attempted-admin | 2003-0113 | 7419 | URL | |
| 3534 | FILE-IMAGE Mozilla GIF single packet heap overflow - NETSCAPE2.0 (more info ...) | attempted-user | 2005-0399 | 12881 | 17605 | |
| 3553 | BROWSER-IE Microsoft Internet Explorer HTML DOM null DHTML element insertion attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 3814 | BROWSER-IE Microsoft Internet Explorer javaprxy.dll COM access (more info ...) | attempted-user | 2005-2087 | 14087 | URL | |
| 4132 | BROWSER-IE Microsoft Internet Explorer msdds clsid access attempt (more info ...) | attempted-user | 2005-2127 | 14594 | URL | |
| 4133 | BROWSER-IE Microsoft Internet Explorer devenum clsid access attempt (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 4134 | BROWSER-IE Microsoft Internet Explorer blnmgr clsid access attempt (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 4147 | BROWSER-PLUGINS Microsoft Internet Explorer ActiveLabel ActiveX object access (more info ...) | attempted-user | 2002-0647 | 5558 | URL | |
| 4155 | BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (more info ...) | attempted-user | 2011-1995 | 49960 | URL | |
| 4165 | BROWSER-PLUGINS Microsoft Internet Explorer Image Control 1.0 ActiveX object access (more info ...) | attempted-user | 12477 | URL | ||
| 4169 | BROWSER-PLUGINS Microsoft Internet Explorer Active Setup ActiveX object access (more info ...) | attempted-user | 667 | URL | ||
| 4171 | BROWSER-PLUGINS Microsoft Internet Explorer Registration Wizard ActiveX object access (more info ...) | attempted-user | 1999-1578 | 671 | URL | |
| 4188 | BROWSER-PLUGINS Microsoft Internet Explorer RAV Online Scanner ActiveX object access (more info ...) | attempted-user | 2004-0936 | 11448 | URL | |
| 4189 | BROWSER-PLUGINS Microsoft Internet Explorer Third-Party Plugin ActiveX object access (more info ...) | attempted-user | 2003-0233 | URL | ||
| 4192 | BROWSER-PLUGINS Microsoft Internet Explorer HHOpen ActiveX object access (more info ...) | attempted-user | 1999-1577 | 669 | URL | |
| 4198 | BROWSER-PLUGINS Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4199 | BROWSER-PLUGINS Microsoft Internet Explorer Blnmgrps.dll ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4200 | BROWSER-PLUGINS Microsoft Internet Explorer Index Server Scope Administration ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4201 | BROWSER-PLUGINS Microsoft Internet Explorer Queued Components Recorder ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4203 | BROWSER-PLUGINS Microsoft Internet Explorer Marquee Control ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4204 | BROWSER-PLUGINS Microsoft Internet Explorer DT PolyLine Control 2 ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4205 | BROWSER-PLUGINS Microsoft Internet Explorer Visual Database Tools Database Designer v7.0 ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4206 | BROWSER-PLUGINS Microsoft Internet Explorer MPEG-4 Video Decompressor Property Page ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4207 | BROWSER-PLUGINS Microsoft Internet Explorer Audio Decompressor Control Property Page ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4208 | BROWSER-PLUGINS Microsoft Internet Explorer LexRefStEsObject Class ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4209 | BROWSER-PLUGINS Microsoft Internet Explorer LexRefStFrObject Class ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4210 | BROWSER-PLUGINS Microsoft Internet Explorer Msb1geen.dll ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4211 | BROWSER-PLUGINS Microsoft Internet Explorer DDS Library Shape Control ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4212 | BROWSER-PLUGINS Microsoft Internet Explorer DDS Generic Class ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4213 | BROWSER-PLUGINS Microsoft Internet Explorer DDS Picture Shape Control ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4214 | BROWSER-PLUGINS Microsoft Internet Explorer TipGW Init ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4215 | BROWSER-PLUGINS Microsoft Internet Explorer HTML Popup Window ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4216 | BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CComAcctImport ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4221 | BROWSER-PLUGINS Microsoft Internet Explorer ProxyStub Dispatch ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4222 | BROWSER-PLUGINS Microsoft Internet Explorer Outllib.dll ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4223 | BROWSER-PLUGINS Microsoft Internet Explorer OpenCable Class ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4224 | BROWSER-PLUGINS Microsoft Internet Explorer VideoPort ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4225 | BROWSER-PLUGINS Microsoft Internet Explorer Repository ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4226 | BROWSER-PLUGINS Microsoft Internet Explorer DocHost User Interface Handler ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4227 | BROWSER-PLUGINS Microsoft Internet Explorer Network Connections ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4230 | BROWSER-PLUGINS Microsoft Internet Explorer Search Assistant UI ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4231 | BROWSER-PLUGINS Microsoft Internet Explorer SysTray ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4232 | BROWSER-PLUGINS Microsoft Internet Explorer SysTray Invoker ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4233 | BROWSER-PLUGINS Microsoft Internet Explorer Visual Database Tools Query Designer v7.0 ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4234 | BROWSER-PLUGINS Microsoft Internet Explorer MSVTDGridCtrl7 ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4235 | BROWSER-PLUGINS Microsoft Internet Explorer Helper Object for Java ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4236 | BROWSER-PLUGINS Microsoft Internet Explorer WMI ASDI Extension ActiveX object access (more info ...) | attempted-user | 2005-2127 | URL | ||
| 4647 | BROWSER-IE Microsoft Internet Explorer javascript onload overflow attempt (more info ...) | attempted-user | 2005-1790 | 13799 | URL | |
| 4648 | BROWSER-PLUGINS Microsoft Internet Explorer wang image admin activex object access (more info ...) | attempted-user | URL | |||
| 4890 | BROWSER-PLUGINS Microsoft Internet Explorer IAVIStream & IAVIFile Proxy ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4891 | BROWSER-PLUGINS Microsoft Internet Explorer cfw Class ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4892 | BROWSER-PLUGINS Microsoft Internet Explorer MTSEvents Class ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4893 | BROWSER-PLUGINS Microsoft Internet Explorer Trident HTMLEditor ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4894 | BROWSER-PLUGINS Microsoft Internet Explorer PSEnumVariant ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4895 | BROWSER-PLUGINS Microsoft Internet Explorer PSTypeInfo ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4896 | BROWSER-PLUGINS Microsoft Internet Explorer PSTypeLib ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4897 | BROWSER-PLUGINS Microsoft Internet Explorer PSOAInterface ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4898 | BROWSER-PLUGINS Microsoft Internet Explorer PSTypeComp ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4899 | BROWSER-PLUGINS Microsoft Internet Explorer ISupportErrorInfo Interface ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4900 | BROWSER-PLUGINS Microsoft Internet Explorer Outlook Progress Ctl ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4901 | BROWSER-PLUGINS Microsoft Internet Explorer VMR Allocator Presenter 9 ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4902 | BROWSER-PLUGINS Microsoft Internet Explorer Video Mixing Renderer 9 ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4903 | BROWSER-PLUGINS Microsoft Internet Explorer VMR ImageSync 9 ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4904 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Alias ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4905 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Object ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4906 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Interface Definition ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4907 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Collection Definition ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4908 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Method Definition ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4909 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Property Definition ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4910 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Relationship Definition ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4911 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Type Library ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4912 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Root ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4913 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Workspace ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4914 | BROWSER-PLUGINS Microsoft Internet Explorer Repository Script Definition ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4915 | BROWSER-PLUGINS Microsoft Internet Explorer Shortcut Handler ActiveX object access (more info ...) | attempted-user | 2005-2831 | URL | ||
| 4916 | BROWSER-IE Microsoft Internet Explorer javascript onload document.write obfuscation overflow attempt (more info ...) | attempted-user | 2005-1790 | 13799 | URL | |
| 4917 | BROWSER-IE Microsoft Internet Explorer javascript onload prompt obfuscation overflow attempt (more info ...) | attempted-user | 2005-1790 | 13799 | URL | |
| 4982 | BROWSER-PLUGINS Microsoft Internet Explorer Adodb.Stream ActiveX object access (more info ...) | attempted-user | 2004-0549 | 10514 | URL | |
| 6002 | BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Rectilinear GDD Layout ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6003 | BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Rectilinear GDD Route ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6004 | BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Circular Auto Layout Logic 2 ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6005 | BROWSER-PLUGINS Microsoft Internet Explorer DT DDS Straight Line Routing Logic 2 ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6006 | BROWSER-PLUGINS Microsoft Internet Explorer DT Icon Control ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6007 | BROWSER-PLUGINS Microsoft Internet Explorer DT DDS OrgChart GDD Layout ActiveX object access (more info ...) | attempted-user | 2006-1186 | URL | ||
| 6502 | FILE-IMAGE Mozilla GIF single packet heap overflow - ANIMEXTS1.0 (more info ...) | attempted-user | 2005-0399 | 12881 | 17605 | |
| 6509 | BROWSER-IE Microsoft Internet Explorer mhtml uri href buffer overflow attempt (more info ...) | attempted-user | 2006-2766 | 18198 | URL | |
| 6510 | BROWSER-IE Microsoft Internet Explorer mhtml uri shortcut buffer overflow attempt (more info ...) | attempted-user | 2006-2766 | 18198 | URL | |
| 6516 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX function call access (more info ...) | attempted-user | 2006-2383 | URL | ||
| 6517 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.Light ActiveX clsid access (more info ...) | attempted-user | 2006-2383 | URL | ||
| 6681 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX clsid access (more info ...) | attempted-user | 2006-1303 | 18328 | URL | |
| 6682 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX function call access (more info ...) | attempted-user | 2006-1303 | 18328 | URL | |
| 6684 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffectInplace1Input ActiveX clsid access (more info ...) | attempted-user | 2006-1303 | 18328 | URL | |
| 6686 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect2Inputs ActiveX clsid access (more info ...) | attempted-user | 2006-1303 | 18328 | URL | |
| 6687 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffect1Input ActiveX function call access (more info ...) | attempted-user | 2006-1303 | 18328 | URL | |
| 7014 | BROWSER-PLUGINS Microsoft Internet Explorer NMSA.ASFSourceMediaDescription.1 ActiveX function call access (more info ...) | attempted-dos | 2006-3897 | 19114 | ||
| 7016 | BROWSER-PLUGINS Microsoft Internet Explorer Object.Microsoft.DXTFilter ActiveX function call access (more info ...) | attempted-dos | 2006-3512 | 18903 | ||
| 7017 | BROWSER-PLUGINS Microsoft Internet Explorer RDS.DataControl ActiveX function call access (more info ...) | attempted-user | 2006-3510 | 18900 | ||
| 7020 | BROWSER-IE Microsoft Internet Explorer isComponentInstalled function buffer overflow (more info ...) | attempted-user | 2006-1016 | 16870 | ||
| 7071 | SERVER-WEBAPP encoded cross site scripting HTML Image tag set to javascript attempt (more info ...) | web-application-attack | 2002-0902 | 4858 | ||
| 7196 | OS-OTHER Multiple Operating Systems invalid DHCP option attempt (more info ...) | attempted-admin | 2019-12264 | 35668 | URL | |
| 7425 | BROWSER-PLUGINS Microsoft Internet Explorer 9x8Resize ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7427 | BROWSER-PLUGINS Microsoft Internet Explorer Allocator Fix ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7429 | BROWSER-PLUGINS Microsoft Internet Explorer Bitmap ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7431 | BROWSER-PLUGINS Microsoft Internet Explorer DirectFrame.DirectControl.1 ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7433 | BROWSER-PLUGINS Microsoft Internet Explorer DirectX Transform Wrapper Property Page ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7435 | BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7436 | BROWSER-PLUGINS Microsoft Internet Explorer Dynamic Casts ActiveX function call (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7437 | BROWSER-PLUGINS Microsoft Internet Explorer Frame Eater ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7442 | BROWSER-PLUGINS Microsoft Internet Explorer mmAEPlugIn.AEPlugIn.1 ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7444 | BROWSER-PLUGINS Microsoft Internet Explorer Mmedia.AsyncMHandler.1 ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7446 | BROWSER-PLUGINS Microsoft Internet Explorer Record Queue ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7448 | BROWSER-PLUGINS Microsoft Internet Explorer ShotDetect ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7450 | BROWSER-PLUGINS Microsoft Internet Explorer Stetch ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7452 | BROWSER-PLUGINS Microsoft Internet Explorer WM Color Converter Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7454 | BROWSER-PLUGINS Microsoft Internet Explorer Wmm2ae.dll ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7456 | BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxa.dll ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7458 | BROWSER-PLUGINS Microsoft Internet Explorer Wmm2fxb.dll ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7460 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Audio Analyzer ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7462 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Black Frame Generator ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7464 | BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7466 | BROWSER-PLUGINS Microsoft Internet Explorer WMT DeInterlace Prop Page ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7468 | BROWSER-PLUGINS Microsoft Internet Explorer WMT DirectX Transform Wrapper ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7470 | BROWSER-PLUGINS Microsoft Internet Explorer WMT DV Extract Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7472 | BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion Prop Page ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7474 | BROWSER-PLUGINS Microsoft Internet Explorer WMT FormatConversion ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7476 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Import Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7478 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Interlacer ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7480 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Log Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7482 | BROWSER-PLUGINS Microsoft Internet Explorer WMT MuxDeMux Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7484 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Sample Info Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7486 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen Capture Filter Task Page ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7488 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Screen capture Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7490 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Switch Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7492 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Renderer ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7494 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Virtual Source ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7496 | BROWSER-PLUGINS Microsoft Internet Explorer WMT Volume ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7498 | BROWSER-PLUGINS Microsoft Internet Explorer WM TV Out Smooth Picture Filter ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7500 | BROWSER-PLUGINS Microsoft Internet Explorer WM VIH2 Fix ActiveX clsid access (more info ...) | attempted-user | 2006-3638 | URL | ||
| 7904 | BROWSER-PLUGINS Microsoft Internet Explorer CDL Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7928 | BROWSER-PLUGINS Microsoft Internet Explorer file or local Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7938 | BROWSER-PLUGINS Microsoft Internet Explorer gopher Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7942 | BROWSER-PLUGINS Microsoft Internet Explorer http Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7944 | BROWSER-PLUGINS Microsoft Internet Explorer https Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7958 | BROWSER-PLUGINS Microsoft Internet Explorer mk Asychronous Pluggable Protocol Handler ActiveX clsid access (more info ...) | attempted-user | 2007-0218 | URL | ||
| 7970 | BROWSER-PLUGINS Microsoft Internet Explorer PostBootReminder object ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7976 | BROWSER-PLUGINS Microsoft Internet Explorer ShellFolder for CD Burning ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7989 | BROWSER-PLUGINS Microsoft Internet Explorer WIA FileSystem USD ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7991 | BROWSER-PLUGINS Microsoft Internet Explorer ACM Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7993 | BROWSER-PLUGINS Microsoft Internet Explorer clbcatex.dll ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7995 | BROWSER-PLUGINS Microsoft Internet Explorer clbcatq.dll ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7997 | BROWSER-PLUGINS Microsoft Internet Explorer CLSID_ApprenticeICW ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 7999 | BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CDIDeviceActionConfigPage ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8001 | BROWSER-PLUGINS Microsoft Internet Explorer CommunicationManager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8003 | BROWSER-PLUGINS Microsoft Internet Explorer Content.mbcontent.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8005 | BROWSER-PLUGINS Microsoft Internet Explorer DiskManagement.Connection ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8007 | BROWSER-PLUGINS Microsoft Internet Explorer Dutch_Dutch Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8009 | BROWSER-PLUGINS Microsoft Internet Explorer English_UK Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8011 | BROWSER-PLUGINS Microsoft Internet Explorer English_US Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8013 | BROWSER-PLUGINS Microsoft Internet Explorer French_French Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8015 | BROWSER-PLUGINS Microsoft Internet Explorer German_German Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8017 | BROWSER-PLUGINS Microsoft Internet Explorer ICM Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8019 | BROWSER-PLUGINS Microsoft Internet Explorer Address Bar ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8021 | BROWSER-PLUGINS Microsoft Internet Explorer ISSimpleCommandCreator.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8023 | BROWSER-PLUGINS Microsoft Internet Explorer Italian_Italian Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8029 | BROWSER-PLUGINS Microsoft Internet Explorer MidiOut Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8031 | BROWSER-PLUGINS Microsoft Internet Explorer Mslablti.MarshalableTI.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8033 | BROWSER-PLUGINS Microsoft Internet Explorer QC.MessageMover.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8035 | BROWSER-PLUGINS Microsoft Internet Explorer Spanish_Modern Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8037 | BROWSER-PLUGINS Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8039 | BROWSER-PLUGINS Microsoft Internet Explorer syncui.dll ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8041 | BROWSER-PLUGINS Microsoft Internet Explorer VFW Capture Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8043 | BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 1 Input ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8045 | BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 2 Input ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8047 | BROWSER-PLUGINS Microsoft Internet Explorer WaveIn Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8049 | BROWSER-PLUGINS Microsoft Internet Explorer WaveOut and DSound Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8051 | BROWSER-PLUGINS Microsoft Internet Explorer WDM Instance Provider ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 8058 | BROWSER-FIREFOX Mozilla javascript navigator object access (more info ...) | attempted-user | 2006-3677 | 19181 | URL | |
| 8064 | BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet.Typelib ActiveX clsid access (more info ...) | attempted-user | 2000-1061 | 598 | URL | |
| 8369 | BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4704 | URL | ||
| 8405 | BROWSER-PLUGINS Microsoft Internet Explorer ActiveX clsid access (more info ...) | attempted-user | 2006-5745 | 20915 | URL | |
| 8443 | BROWSER-FIREFOX Mozilla regular expression heap corruption attempt (more info ...) | attempted-user | 2006-4566 | 20042 | ||
| 8741 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8743 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAFontStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8744 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8746 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEvent.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8747 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8749 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAEndStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8750 | BROWSER-PLUGINS Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8752 | BROWSER-PLUGINS Microsoft Internet Explorer LM.LMBehaviorFactory.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8753 | BROWSER-PLUGINS Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8755 | BROWSER-PLUGINS Microsoft Internet Explorer LM.AutoEffectBvr.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8756 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8758 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SpriteControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8759 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8761 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.SequencerControl ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8762 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.Sequence ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8764 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.Sequence ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8765 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8767 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAView.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8768 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8770 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8771 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8773 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAVector2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8774 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8776 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAUserData.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8777 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8779 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8780 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8782 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DATransform2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8783 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8785 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAString.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8786 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8788 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DASound.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8789 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8791 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8792 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8794 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPoint2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8795 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8797 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPath2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8798 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8800 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAPair.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8801 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8803 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DANumber.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8804 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8806 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMontage.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8807 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8809 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMicrophone.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8810 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8812 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAMatte.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8813 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8815 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DALineStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8816 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8818 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAJoinStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8819 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8821 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAImage.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8822 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8824 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAGeometry.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8825 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8827 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DADashStyle.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8828 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8830 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAColor.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8831 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8833 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DACamera.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8834 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8836 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABoolean.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8837 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8839 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox3.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8840 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8842 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DABbox2.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8843 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX clsid access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 8845 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAArray.1 ActiveX function call access (more info ...) | attempted-user | 2006-4777 | URL | ||
| 9843 | FILE-PDF Adobe Acrobat Plugin JavaScript parameter double free attempt (more info ...) | attempted-user | 2007-0046 | URL | ||
| 10062 | FILE-IMAGE Oracle Java Virtual Machine malformed GIF buffer overflow attempt (more info ...) | attempted-user | 2007-0243 | 22085 | ||
| 10063 | BROWSER-FIREFOX Mozilla Firefox query interface suspicious function call access attempt (more info ...) | attempted-user | 2006-0295 | 16476 | URL | |
| 10131 | BROWSER-FIREFOX Mozilla compareTo arbitrary code execution attempt (more info ...) | attempted-user | 2005-2265 | 14242 | URL | |
| 11000 | SERVER-ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11001 | SERVER-ORACLE dbms_snap_internal.delete_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11002 | SERVER-ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11003 | SERVER-ORACLE dbms_snap_internal.generate_refresh_operations buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | URL | |
| 11224 | BROWSER-PLUGINS Microsoft Internet Explorer MSAuth ActiveX clsid access (more info ...) | attempted-user | 2007-2221 | URL | ||
| 11226 | BROWSER-PLUGINS Microsoft Internet Explorer MSAuth ActiveX function call access (more info ...) | attempted-user | 2007-2221 | URL | ||
| 11243 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11245 | BROWSER-PLUGINS Microsoft Internet Explorer DirectAnimation.DAstatics ActiveX function call access (more info ...) | attempted-user | URL | |||
| 11247 | BROWSER-PLUGINS Microsoft Internet Explorer Research In Motion TeamOn Import ActiveX clsid access (more info ...) | attempted-user | 2007-0323 | 23331 | URL | |
| 11252 | BROWSER-PLUGINS Microsoft Internet Explorer Address ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 11301 | BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX clsid access (more info ...) | attempted-user | 2007-2725 | 23986 | URL | |
| 11303 | BROWSER-PLUGINS Microsoft Internet Explorer DB Software Laboratory DeWizardX ActiveX function call access (more info ...) | attempted-user | 2007-2725 | 23986 | URL | |
| 11834 | BROWSER-IE Microsoft Internet Explorer navcancl.htm url spoofing attempt (more info ...) | misc-attack | 2007-1499 | 22966 | URL | |
| 11966 | BROWSER-IE Microsoft Internet Explorer CSS tag memory corruption attempt (more info ...) | attempted-user | 2007-1750 | 24423 | URL | |
| 12014 | BROWSER-IE Microsoft Internet Explorer navcancl.htm url spoofing attempt (more info ...) | misc-attack | 2007-1499 | 22966 | URL | |
| 12277 | BROWSER-IE Microsoft Internet Explorer CSS memory corruption exploit (more info ...) | attempted-user | 2007-0943 | URL | ||
| 12281 | BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (more info ...) | attempted-user | 2007-1749 | 25310 | URL | |
| 12282 | BROWSER-IE Microsoft Internet Explorer VML source file memory corruption attempt (more info ...) | attempted-user | 2007-1749 | 25310 | URL | |
| 12593 | BROWSER-FIREFOX Mozilla Firefox Apple Quicktime chrome exploit (more info ...) | attempted-user | 2007-5045 | |||
| 12664 | BROWSER-IE Microsoft Windows ShellExecute and Internet Explorer 7 url handling code execution attempt (more info ...) | attempted-user | 2007-3896 | 25945 | URL | |
| 12954 | BROWSER-PLUGINS Microsoft Internet Explorer DXLTPI.DLL ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12957 | BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 2 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 12959 | BROWSER-PLUGINS Microsoft Internet Explorer MSN Heartbeat 3 ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 13453 | BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13454 | BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX clsid unicode access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13456 | BROWSER-IE Microsoft Internet Explorer DXLUTBuilder ActiveX function call unicode access (more info ...) | attempted-user | 2008-0078 | URL | ||
| 13828 | BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13830 | BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13832 | BROWSER-PLUGINS Microsoft Internet Explorer backweb ActiveX clsid access (more info ...) | attempted-user | 2007-0675 | URL | ||
| 13834 | BROWSER-IE Microsoft Internet Explorer request header overwrite (more info ...) | misc-activity | 2008-1544 | 28379 | URL | |
| 13838 | BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (more info ...) | attempted-user | 2008-1236 | 28448 | URL | |
| 13840 | SERVER-OTHER Borland Interbase service attach operation buffer overflow (more info ...) | attempted-admin | 2007-5243 | |||
| 13841 | SERVER-OTHER Borland Interbase create operation buffer overflow (more info ...) | attempted-admin | 2007-5243 | |||
| 13842 | SERVER-OTHER Borland Interbase operation buffer overflow (more info ...) | attempted-admin | 2007-5243 | |||
| 13912 | BROWSER-IE Microsoft Internet Explorer isComponentInstalled attack attempt (more info ...) | attempted-user | 2006-1016 | 16870 | ||
| 13932 | MALWARE-CNC User-Agent known malicious user agent - opera (more info ...) | successful-recon-limited | URL | |||
| 13960 | BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (more info ...) | attempted-user | 2008-2255 | URL | ||
| 13961 | BROWSER-IE Microsoft Internet Explorer table layout access violation vulnerability (more info ...) | misc-attack | 2008-2258 | URL | ||
| 13963 | BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (more info ...) | attempted-user | 2008-2259 | 30612 | URL | |
| 14615 | SERVER-OTHER Oracle Java web console format string attempt (more info ...) | attempted-user | 2007-1681 | |||
| 15081 | FILE-JAVA Oracle Java Web Start xml encoding buffer overflow attempt (more info ...) | attempted-admin | 2008-1188 | 28083 | URL | |
| 15109 | BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 1 ActiveX clsid access (more info ...) | attempted-user | 2008-4258 | URL | ||
| 15112 | BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX function call access (more info ...) | attempted-user | 2008-4258 | 11466 | URL | |
| 15114 | BROWSER-IE Microsoft Internet Explorer embed src buffer overflow attempt (more info ...) | attempted-user | 2008-4261 | URL | ||
| 15122 | BROWSER-PLUGINS Microsoft Internet Explorer Shell.Explorer 2 ActiveX clsid access (more info ...) | attempted-user | 2008-4258 | 11466 | URL | |
| 15126 | BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 15164 | BROWSER-FIREFOX Mozilla Firefox SVG pathSegList memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 15238 | FILE-MULTIMEDIA Apple QuickTime for Java toQTPointer function memory corruption attempt (more info ...) | attempted-user | 2007-2175 | 23608 | ||
| 15300 | BROWSER-IE Microsoft Internet Explorer EMF polyline overflow attempt (more info ...) | attempted-user | 2009-0081 | URL | ||
| 15304 | BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (more info ...) | attempted-user | 2009-0075 | URL | ||
| 15305 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 15328 | FILE-JAVA Sun JDK image parsing library ICC buffer overflow attempt (more info ...) | attempted-user | 2007-2788 | 24004 | URL | |
| 15363 | INDICATOR-OBFUSCATION Potential obfuscated javascript eval unescape attack attempt (more info ...) | misc-activity | URL | |||
| 15383 | BROWSER-FIREFOX Mozilla Firefox XBL Event Handler Tags Removal memory corruption attempt (more info ...) | attempted-user | 2007-5339 | 26132 | ||
| 15431 | BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (more info ...) | attempted-user | 2009-1169 | 34235 | URL | |
| 15458 | BROWSER-IE Microsoft Internet Explorer navigating between pages race condition attempt (more info ...) | attempted-user | 2009-0551 | URL | ||
| 15459 | BROWSER-IE Microsoft Internet Explorer deleted/unitialized object memory corruption attempt (more info ...) | attempted-user | 2009-0552 | URL | ||
| 15460 | BROWSER-IE Microsoft Internet Explorer ActiveX load/unload race condition attempt (more info ...) | attempted-user | 2009-0553 | URL | ||
| 15529 | BROWSER-IE Microsoft Internet Explorer cross-domain navigation cookie stealing attempt (more info ...) | misc-attack | 2007-3091 | URL | ||
| 15531 | BROWSER-IE Microsoft Internet Explorer Unexpected method call remote code execution attempt (more info ...) | attempted-user | 2009-1141 | URL | ||
| 15534 | BROWSER-IE Microsoft Internet Explorer XML HttpRequest race condition exploit attempt (more info ...) | attempted-user | 2009-1528 | URL | ||
| 15535 | BROWSER-IE Microsoft Internet Explorer setCapture heap corruption exploit attempt (more info ...) | attempted-user | 2009-1529 | URL | ||
| 15538 | BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (more info ...) | misc-attack | 2009-1531 | URL | ||
| 15540 | BROWSER-IE Microsoft Internet Explorer layout object use after free attempt (more info ...) | attempted-admin | 2009-1532 | URL | ||
| 15678 | BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15679 | BROWSER-PLUGINS Microsoft DirectShow ActiveX exploit via JavaScript - unicode encoding (more info ...) | attempted-user | 2008-0015 | URL | ||
| 15697 | INDICATOR-OBFUSCATION rename of javascript unescape function detected (more info ...) | misc-activity | URL | |||
| 15698 | INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (more info ...) | attempted-user | 2009-2477 | 35660 | ||
| 15699 | BROWSER-FIREFOX Mozilla Firefox 3.5 unicode stack overflow attempt (more info ...) | attempted-user | 2009-2479 | 35707 | ||
| 15731 | BROWSER-IE Microsoft Internet Explorer javascript deleted reference arbitrary code execution attempt (more info ...) | attempted-user | 2009-1917 | URL | ||
| 15732 | BROWSER-IE Microsoft Internet Explorer CSS handling memory corruption attempt (more info ...) | attempted-user | 2009-1919 | URL | ||
| 15880 | BROWSER-IE Microsoft Internet Explorer popup window object tag code execution attempt (more info ...) | attempted-user | 2003-0838 | |||
| 15910 | BROWSER-IE Microsoft Internet Explorer getElementById object corruption attempt (more info ...) | attempted-user | 2008-2254 | 30614 | URL | |
| 15924 | BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (more info ...) | attempted-user | 2009-2519 | 36280 | URL | |
| 15933 | BROWSER-IE Microsoft Internet Explorer URL canonicalization address bar spoofing attempt (more info ...) | misc-activity | 2003-1025 | URL | ||
| 15997 | BROWSER-FIREFOX Mozilla Firefox JIT escape function memory corruption attempt (more info ...) | attempted-user | 2009-2477 | 35660 | URL | |
| 15999 | BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (more info ...) | attempted-user | 2006-6504 | 21668 | ||
| 16000 | FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (more info ...) | attempted-user | 2007-0243 | 22085 | ||
| 16005 | BROWSER-FIREFOX Mozilla browsers JavaScript argument passing code execution attempt (more info ...) | attempted-user | 2007-0777 | 22694 | ||
| 16007 | BROWSER-IE Microsoft Internet Explorer colgroup tag uninitialized memory exploit attempt (more info ...) | attempted-user | 2007-0944 | 23771 | URL | |
| 16009 | BROWSER-FIREFOX Mozilla products overflow event handling memory corruption attempt (more info ...) | attempted-user | 2007-2876 | 24376 | ||
| 16010 | BROWSER-IE Microsoft Internet Explorer Javascript Page update race condition attempt (more info ...) | misc-activity | 2007-3091 | 24283 | ||
| 16011 | BROWSER-IE Microsoft Internet Explorer CSS property method handling memory corruption attempt (more info ...) | attempted-user | 2007-0945 | 23769 | ||
| 16024 | BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (more info ...) | attempted-user | 2006-1993 | 17671 | ||
| 16031 | BROWSER-IE Microsoft Internet Explorer nested object tag memory corruption attempt (more info ...) | attempted-user | 2006-1992 | 17658 | ||
| 16033 | BROWSER-IE Microsoft Internet Explorer compressed content attempt (more info ...) | attempted-user | 2006-3873 | 19987 | ||
| 16035 | BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | URL | |
| 16036 | BROWSER-FIREFOX Mozilla Products QueryInterface method memory corruption attempt (more info ...) | attempted-user | 2006-0295 | 16476 | ||
| 16037 | BROWSER-FIREFOX Mozilla products graphics and XML features integer overflows attempt (more info ...) | attempted-user | 2006-0297 | 16476 | ||
| 16038 | BROWSER-FIREFOX Mozilla Thunderbird WYSIWYG engine filtering IFRAME JavaScript execution attempt (more info ...) | attempted-user | 2006-0884 | 16770 | ||
| 16042 | BROWSER-FIREFOX Mozilla browsers CSS moz-binding cross domain scripting attempt (more info ...) | attempted-user | 2006-0496 | 16427 | ||
| 16043 | BROWSER-IE Microsoft Internet Explorer html tag memory corruption attempt (more info ...) | attempted-dos | 2006-1188 | 17468 | ||
| 16044 | BROWSER-FIREFOX Mozilla Firefox CSS Letter-Spacing overflow attempt (more info ...) | attempted-user | 2006-1730 | 17516 | ||
| 16045 | BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2006-3280 | 18682 | ||
| 16047 | BROWSER-FIREFOX Mozilla Firefox layout frame constructor memory corruption attempt (more info ...) | attempted-user | 2007-5959 | |||
| 16050 | BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (more info ...) | attempted-user | 2006-0749 | 17516 | ||
| 16063 | BROWSER-IE Microsoft Internet Explorer isindex buffer overflow attempt (more info ...) | attempted-user | 2008-0076 | 27668 | URL | |
| 16064 | BROWSER-IE Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt (more info ...) | misc-activity | 2007-3826 | 24911 | URL | |
| 16065 | BROWSER-IE Microsoft Internet Explorer location.replace memory corruption attempt (more info ...) | attempted-user | 2007-5347 | 26427 | URL | |
| 16067 | BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (more info ...) | attempted-user | 2007-5344 | |||
| 16142 | BROWSER-FIREFOX Mozilla Firefox PKCS11 module installation code execution attempt (more info ...) | attempted-user | 2009-3076 | 36343 | ||
| 16145 | BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (more info ...) | attempted-user | 2009-2195 | 36023 | ||
| 16149 | BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (more info ...) | attempted-user | 2009-1547 | URL | ||
| 16150 | BROWSER-IE Microsoft Internet Explorer variant argument validation remote code execution attempt (more info ...) | misc-activity | 2009-2529 | URL | ||
| 16151 | BROWSER-IE Microsoft Internet Explorer uninitialized or deleted object access attempt (more info ...) | misc-activity | 2009-2530 | URL | ||
| 16152 | BROWSER-IE Microsoft Internet Explorer table layout unitialized or deleted object access attempt (more info ...) | misc-activity | 2009-2531 | URL | ||
| 16155 | BROWSER-IE Microsoft Internet Explorer indexing service malformed parameters (more info ...) | attempted-user | 2009-2507 | URL | ||
| 16169 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 16200 | BROWSER-FIREFOX Mozilla Firefox command line URL shell command injection attempt (more info ...) | attempted-user | 2005-2968 | 14888 | ||
| 16284 | BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (more info ...) | attempted-user | 2009-1313 | 34743 | ||
| 16288 | FILE-JAVA Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (more info ...) | attempted-user | 2009-3869 | 36881 | ||
| 16291 | BROWSER-FIREFOX Mozilla Network Security Services regexp heap overflow attempt (more info ...) | attempted-user | 2009-2404 | 35891 | ||
| 16292 | BROWSER-FIREFOX Mozilla CSS value counter overflow attempt (more info ...) | attempted-user | 2008-2785 | 29802 | URL | |
| 16310 | BROWSER-IE Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbitrary code execution attempt (more info ...) | attempted-user | 2009-3672 | 37085 | URL | |
| 16311 | BROWSER-IE Microsoft Internet Explorer 6/7 single line outerHTML invalid reference arbitrary code execution attempt (more info ...) | attempted-user | 2009-3672 | 37085 | URL | |
| 16317 | BROWSER-IE Microsoft Internet Explorer mouse move during refresh memory corruption attempt (more info ...) | attempted-user | 2009-3673 | URL | ||
| 16326 | BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (more info ...) | attempted-user | 2010-0246 | URL | ||
| 16330 | BROWSER-IE Microsoft Internet Explorer orphan DOM objects memory corruption attempt (more info ...) | attempted-user | 2009-3674 | URL | ||
| 16339 | BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt - obfuscated (more info ...) | attempted-user | 2009-0075 | URL | ||
| 16367 | BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 16369 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 16376 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 16377 | BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2011-0094 | 37893 | URL | |
| 16378 | BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (more info ...) | attempted-user | 2010-0248 | |||
| 16382 | BROWSER-IE Microsoft Internet Explorer HTML+TIME animatemotion property memory corruption attempt (more info ...) | attempted-user | 2008-0077 | 27666 | URL | |
| 16392 | SERVER-WEBAPP Oracle Java System Web Server 7.0u7 authorization digest heap overflow (more info ...) | attempted-user | 2010-0387 | 37896 | ||
| 16423 | BROWSER-IE Microsoft Internet Explorer 7/8 execute local file in Internet zone redirect attempt (more info ...) | attempted-user | 2010-0555 | URL | ||
| 16426 | SERVER-WEBAPP Oracle Java System Web Server 7.0 WebDAV format string exploit attempt - PROPFIND method (more info ...) | attempted-user | 2010-0388 | 37910 | ||
| 16427 | SERVER-WEBAPP Oracle Java System Web Server 7.0 WebDAV format string exploit attempt - LOCK method (more info ...) | attempted-user | 2010-0388 | 37910 | ||
| 16452 | BROWSER-IE Microsoft Internet Explorer .hlp samba share download attempt (more info ...) | attempted-user | 2010-0483 | |||
| 16481 | BROWSER-OTHER Opera Content-Length header integer overflow attempt (more info ...) | attempted-user | 2010-1349 | 38519 | URL | |
| 16492 | BROWSER-WEBKIT Apple Safari inline text box use after free attempt (more info ...) | attempted-user | 2010-0049 | |||
| 16501 | BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt (more info ...) | attempted-user | 2010-1028 | 38298 | URL | |
| 16502 | BROWSER-FIREFOX Mozilla Firefox WOFF font processing integer overflow attempt - CFF-based (more info ...) | attempted-user | 2010-1028 | 38298 | URL | |
| 16503 | BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (more info ...) | attempted-user | 2010-0267 | URL | ||
| 16504 | BROWSER-IE Microsoft Internet Explorer 7 encoded content handling exploit attempt (more info ...) | misc-attack | 2010-0488 | URL | ||
| 16505 | BROWSER-IE Microsoft Internet Explorer HTML parsing memory corruption attempt (more info ...) | attempted-user | 2010-0489 | URL | ||
| 16506 | BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (more info ...) | attempted-user | 2010-0490 | 39031 | URL | |
| 16507 | BROWSER-IE Microsoft Internet Explorer onreadystatechange memory corruption attempt (more info ...) | attempted-user | 2010-0491 | URL | ||
| 16508 | BROWSER-IE Microsoft Internet Explorer 8 non-IE8 compatibility mode htmltime remote code execution attempt (more info ...) | attempted-user | 2010-0492 | URL | ||
| 16509 | BROWSER-IE Microsoft Internet Explorer designMode-enabled information disclosure attempt (more info ...) | misc-attack | 2010-0494 | URL | ||
| 16511 | BROWSER-PLUGINS Microsoft Internet Explorer Tabular Control ActiveX overflow by ProgID (more info ...) | attempted-user | 2010-0805 | URL | ||
| 16512 | BROWSER-IE Microsoft Internet Explorer malformed span/div html document heap corruption attempt (more info ...) | attempted-user | 2010-0807 | URL | ||
| 16549 | FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - npruntime-scriptable-plugin (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16550 | FILE-OTHER Oracle JRE Java Platform SE and Java Deployment Toolkit plugins code execution attempt - java-deployment-toolkit (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16554 | FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 16584 | BROWSER-IE Oracle Java Web Start arbitrary command execution attempt - Internet Explorer (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 16592 | BROWSER-OTHER Opera asynchronous document modifications attempted memory corruption (more info ...) | attempted-user | URL | |||
| 16596 | BROWSER-WEBKIT Apple Safari information disclosure and remote code execution attempt (more info ...) | attempted-user | 2010-1939 | URL | ||
| 16602 | BROWSER-PLUGINS Microsoft DirectShow 3 ActiveX exploit via JavaScript (more info ...) | attempted-user | 2008-0015 | URL | ||
| 16605 | BROWSER-IE Microsoft Internet Explorer nested SPAN tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | ||
| 16635 | BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (more info ...) | attempted-user | 2010-0811 | URL | ||
| 16637 | BROWSER-IE Microsoft Internet Explorer security zone restriction bypass attempt (more info ...) | attempted-user | 2010-0255 | URL | ||
| 16658 | BROWSER-IE Microsoft Internet Explorer 8 cross-site scripting attempt (more info ...) | attempted-user | 2010-1257 | URL | ||
| 16659 | BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (more info ...) | attempted-user | 2011-0027 | 40410 | URL | |
| 16666 | BROWSER-WEBKIT Apple Safari window.parent.close unspecified remote code execution vulnerability (more info ...) | attempted-user | 2010-1939 | 39990 | URL | |
| 16690 | BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | URL | |
| 17058 | MALWARE-CNC Trojan-Downloader.JS.Agent.ewh Javascript download (more info ...) | trojan-activity | URL | |||
| 17109 | SERVER-ORACLE Oracle Java Web Console logging functionality format string exploit attempt (more info ...) | attempted-admin | 2007-1681 | 23539 | ||
| 17111 | INDICATOR-OBFUSCATION known JavaScript obfuscation routine (more info ...) | attempted-user | URL | |||
| 17115 | BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2010-1258 | URL | ||
| 17130 | BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (more info ...) | attempted-user | 2010-2557 | 42288 | URL | |
| 17131 | BROWSER-IE Microsoft Internet Explorer 8 parent style rendering arbitrary code execution (more info ...) | attempted-user | 2010-2559 | URL | ||
| 17132 | BROWSER-IE Microsoft Internet Explorer invalid object access attempt (more info ...) | attempted-user | 2010-2560 | URL | ||
| 17136 | BROWSER-IE Microsoft Internet Explorer 6 race condition exploit attempt (more info ...) | attempted-user | 2010-2558 | URL | ||
| 17165 | BROWSER-OTHER Opera browser document writing uninitialized memory access attempt (more info ...) | attempted-user | 2010-1728 | 39855 | ||
| 17212 | BROWSER-FIREFOX Mozilla Firefox JavaScript eval arbitrary code execution attempt (more info ...) | attempted-user | 2005-1532 | 13645 | URL | |
| 17213 | BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (more info ...) | attempted-user | 2005-2706 | URL | ||
| 17216 | BROWSER-WEBKIT Apple Safari TABLE tag with large CELLSPACING attribute exploit attempt (more info ...) | attempted-user | 2006-1986 | 17634 | ||
| 17217 | BROWSER-WEBKIT Apple Safari invalid FRAME tag remote code execution attempt (more info ...) | attempted-user | 2006-1987 | 17634 | ||
| 17218 | BROWSER-WEBKIT Apple Safari LI tag with large VALUE attribute exploit attempt (more info ...) | attempted-user | 2006-1988 | 17634 | ||
| 17219 | BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (more info ...) | attempted-user | 2005-2871 | 14784 | ||
| 17220 | BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (more info ...) | attempted-user | 2005-2871 | 14784 | ||
| 17221 | BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (more info ...) | attempted-user | 2005-2871 | 14784 | ||
| 17222 | BROWSER-FIREFOX Mozilla Firefox domain name handling buffer overflow attempt (more info ...) | attempted-user | 2005-2871 | 14784 | ||
| 17258 | BROWSER-FIREFOX Mozilla Firefox XUL tree element code execution attempt (more info ...) | attempted-user | 2009-1044 | 34181 | ||
| 17260 | BROWSER-FIREFOX Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (more info ...) | attempted-user | 2006-1993 | 17671 | ||
| 17261 | BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | URL | |
| 17262 | BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | URL | |
| 17263 | BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | URL | |
| 17265 | BROWSER-FIREFOX Mozilla Firefox plugin access control bypass attempt (more info ...) | attempted-user | 2005-0527 | 12655 | URL | |
| 17268 | BROWSER-FIREFOX Mozilla Firefox sidebar panel arbitrary code execution attempt (more info ...) | attempted-user | 2005-0402 | 12884 | ||
| 17303 | BROWSER-IE Microsoft Internet Explorer clone object memory corruption attempt (more info ...) | attempted-user | 2007-3903 | 26816 | ||
| 17311 | BROWSER-IE Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (more info ...) | attempted-user | 2005-4089 | 15660 | ||
| 17312 | BROWSER-IE Microsoft Internet Explorer CSS import cross-domain restriction bypass attempt (more info ...) | attempted-user | 2005-4089 | 15660 | ||
| 17360 | BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (more info ...) | attempted-user | 2005-2701 | 14916 | ||
| 17384 | BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (more info ...) | attempted-user | 2008-1544 | 28379 | ||
| 17385 | BROWSER-IE Microsoft Internet Explorer setRequestHeader overflow attempt (more info ...) | attempted-user | 2008-1544 | 28379 | ||
| 17389 | BROWSER-FIREFOX Mozilla Firefox DOMNodeRemoved attack attempt (more info ...) | attempted-user | 2006-2779 | 18228 | ||
| 17392 | INDICATOR-SHELLCODE JavaScript var shellcode (more info ...) | shellcode-detect | ||||
| 17393 | INDICATOR-SHELLCODE JavaScript var heapspray (more info ...) | shellcode-detect | ||||
| 17395 | FILE-IMAGE Oracle Java Web Start Splashscreen GIF decoding buffer overflow attempt (more info ...) | attempted-user | 2008-2086 | |||
| 17400 | INDICATOR-OBFUSCATION rename of javascript unescape function detected (more info ...) | misc-activity | URL | |||
| 17401 | BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt - unescaped (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 17402 | BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 17411 | BROWSER-IE Microsoft Internet Explorer CDF cross-domain scripting attempt (more info ...) | attempted-user | 2005-0056 | 12427 | URL | |
| 17414 | BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (more info ...) | attempted-user | 2005-0989 | 12998 | ||
| 17415 | BROWSER-FIREFOX Mozilla Firefox Javascript Engine Information Disclosure attempt (more info ...) | attempted-user | 2005-0989 | 12998 | ||
| 17424 | BROWSER-FIREFOX Mozilla Firefox IconURL Arbitrary Javascript Execution attempt (more info ...) | attempted-user | 2005-1477 | 13544 | ||
| 17434 | BROWSER-FIREFOX Mozilla Firefox Unicode sequence handling stack corruption attempt (more info ...) | attempted-user | 2005-2702 | 14918 | ||
| 17444 | BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (more info ...) | attempted-user | 2009-1169 | 34235 | URL | |
| 17448 | BROWSER-IE Microsoft Internet Explorer HTTPS proxy information disclosure vulnerability (more info ...) | misc-attack | 2005-2830 | URL | ||
| 17462 | BROWSER-IE Microsoft Internet Explorer marquee object handling memory corruption attempt (more info ...) | attempted-user | 2009-0554 | URL | ||
| 17463 | BROWSER-IE Microsoft Internet Explorer File Download Dialog Box Manipulation (more info ...) | attempted-user | 2005-2829 | 15823 | URL | |
| 17471 | FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 17472 | FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 17482 | BROWSER-FIREFOX Mozilla NNTP URL Handling Buffer Overflow attempt (more info ...) | attempted-user | 2004-1316 | 12131 | ||
| 17487 | BROWSER-IE Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt (more info ...) | attempted-dos | 2006-0753 | 16687 | ||
| 17494 | BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (more info ...) | attempted-user | 2006-3869 | 19667 | ||
| 17512 | BROWSER-IE Microsoft Internet Explorer Script Action Handler buffer overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 17522 | FILE-JAVA Oracle Java Runtime Environment Pack200 Decompression Integer Overflow (more info ...) | attempted-user | 2009-1095 | 34240 | ||
| 17549 | BROWSER-IE Microsoft Internet Explorer Error Handling Code Execution (more info ...) | attempted-admin | 2007-3893 | 25916 | URL | |
| 17554 | BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (more info ...) | attempted-user | 2007-5344 | 26817 | ||
| 17562 | FILE-JAVA Oracle Java Runtime Environment Pack200 Decompression Integer Overflow attempt (more info ...) | misc-attack | 2008-5352 | 32608 | ||
| 17563 | FILE-JAVA Oracle Java Runtime Environment JAR File Processing Stack Buffer Overflow (more info ...) | attempted-user | 2008-5354 | 32608 | ||
| 17566 | BROWSER-IE Microsoft Internet Explorer event handler memory corruption attempt (more info ...) | attempted-user | 2009-1530 | 35224 | URL | |
| 17570 | BROWSER-FIREFOX Mozilla Firefox IFRAME style change handling code execution (more info ...) | attempted-user | 2008-1236 | 28448 | URL | |
| 17580 | BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | 17468 | ||
| 17581 | BROWSER-FIREFOX Mozilla Firefox tag order memory corruption attempt (more info ...) | attempted-user | 2006-0749 | 17516 | ||
| 17585 | BROWSER-IE Microsoft Internet Explorer possible javascript onunload event memory corruption (more info ...) | attempted-user | 2007-1094 | 22678 | ||
| 17586 | FILE-JAVA Oracle Java Web Start malicious parameter value (more info ...) | attempted-user | 2004-1029 | 11726 | ||
| 17601 | BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (more info ...) | attempted-user | 2008-5016 | 32281 | URL | |
| 17603 | BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (more info ...) | attempted-user | 2008-5021 | 32281 | URL | |
| 17604 | SERVER-OTHER Oracle Java AWT ConvolveOp memory corruption attempt (more info ...) | attempted-user | 2006-6731 | 21675 | URL | |
| 17613 | BROWSER-FIREFOX Mozilla Firefox browser engine memory corruption attempt (more info ...) | attempted-user | 2009-1392 | 35326 | ||
| 17622 | BROWSER-IE Microsoft Internet Explorer object reference memory corruption attempt (more info ...) | attempted-user | 2007-3902 | URL | ||
| 17623 | FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (more info ...) | attempted-user | 2009-1099 | 34240 | ||
| 17624 | FILE-JAVA Oracle Java Runtime Environment Type1 Font parsing integer overflow attempt (more info ...) | attempted-user | 2009-1099 | 34240 | ||
| 17628 | FILE-IMAGE Sun Microsystems Java gif handling memory corruption attempt (more info ...) | attempted-user | 2007-0243 | 22085 | ||
| 17629 | BROWSER-FIREFOX Mozilla Firefox Chrome Page Loading Restriction Bypass attempt (more info ...) | attempted-user | 2005-2706 | 14920 | ||
| 17630 | BROWSER-FIREFOX Mozilla multiple products CSSValue array memory corruption attempt (more info ...) | attempted-user | 2008-2785 | 29802 | ||
| 17644 | BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption attempt (more info ...) | attempted-user | 2009-0075 | URL | ||
| 17645 | BROWSER-IE Microsoft Internet Explorer CSS strings parsing memory corruption attempt (more info ...) | attempted-user | 2007-0943 | URL | ||
| 17660 | SERVER-OTHER Oracle Java Web Start arbitrary command execution attempt (more info ...) | attempted-user | 2010-1423 | 39346 | ||
| 17668 | FILE-PDF download of a PDF with embedded JavaScript - JS string attempt (more info ...) | policy-violation | URL | |||
| 17692 | BROWSER-IE Microsoft Internet Explorer ExecWB security zone bypass attempt (more info ...) | attempted-user | 2008-2259 | 30612 | URL | |
| 17703 | BROWSER-IE Microsoft Internet Explorer popup title bar spoofing attempt (more info ...) | misc-activity | 2005-0500 | 12602 | ||
| 17709 | BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (more info ...) | attempted-user | 2009-0553 | 34424 | URL | |
| 17719 | BROWSER-FIREFOX Mozilla Firefox ClearTextRun exploit attempt (more info ...) | attempted-user | 2009-1313 | 34743 | ||
| 17720 | BROWSER-IE Microsoft Internet Explorer static text range overflow attempt (more info ...) | attempted-user | 2008-2255 | URL | ||
| 17725 | BROWSER-OTHER Opera file URI handling buffer overflow (more info ...) | attempted-user | 2008-5178 | 32323 | ||
| 17726 | BROWSER-IE Microsoft Internet Explorer address bar spoofing attempt (more info ...) | misc-activity | 2006-1626 | 17404 | ||
| 17729 | BROWSER-IE Microsoft Internet Explorer EMBED element memory corruption attempt (more info ...) | attempted-user | 2009-0553 | 34424 | URL | |
| 17747 | BROWSER-IE Microsoft Internet Explorer compressed HDMX font processing integer overflow attempt (more info ...) | attempted-admin | 2010-1883 | URL | ||
| 17766 | BROWSER-IE Microsoft Internet Explorer 8 XSS in toStaticHTML API attempt (more info ...) | attempted-user | 2010-3243 | URL | ||
| 17767 | BROWSER-IE Microsoft Internet Explorer 8 tostaticHTML CSS import vulnerability (more info ...) | attempted-user | 2010-3324 | URL | ||
| 17768 | BROWSER-IE Microsoft Internet Explorer 8 object event handler use after free exploit attempt (more info ...) | attempted-user | 2010-3326 | URL | ||
| 17769 | BROWSER-IE Microsoft Internet Explorer 8 CSS invalid mapping exploit attempt (more info ...) | attempted-user | 2010-3328 | URL | ||
| 17771 | BROWSER-IE Microsoft Internet Explorer cross-domain information disclosure attempt (more info ...) | attempted-user | 2010-3330 | URL | ||
| 17774 | BROWSER-IE Microsoft Internet Explorer 8 CSS XSRF exploit attempt (more info ...) | attempted-user | 2010-3325 | URL | ||
| 17776 | FILE-JAVA Oracle Java HsbParser.getSoundBank stack buffer overflow attempt (more info ...) | attempted-user | 2009-3867 | 36881 | ||
| 17804 | BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (more info ...) | attempted-user | 2010-3765 | |||
| 18077 | BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (more info ...) | attempted-user | 2006-1739 | |||
| 18078 | BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (more info ...) | attempted-user | 2006-1739 | |||
| 18102 | FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (more info ...) | attempted-admin | 2010-4091 | 44638 | URL | |
| 18132 | INDICATOR-OBFUSCATION malware-associated JavaScript obfuscation function (more info ...) | trojan-activity | URL | |||
| 18167 | INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (more info ...) | attempted-user | 2009-2477 | 35660 | ||
| 18168 | INDICATOR-SHELLCODE Possible generic javascript heap spray attempt (more info ...) | attempted-user | 2009-2477 | 35660 | ||
| 18170 | BROWSER-FIREFOX Mozilla Firefox and SeaMonkey onUnload event handler memory corruption attempt (more info ...) | attempted-user | 2007-1092 | 22679 | ||
| 18174 | BROWSER-IE Microsoft Internet Explorer CSS memory corruption attempt (more info ...) | attempted-user | 2004-0842 | 10816 | ||
| 18175 | BROWSER-IE Microsoft Internet Explorer CSS memory corruption attempt (more info ...) | attempted-user | 2004-0842 | 10816 | ||
| 18176 | BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (more info ...) | attempted-user | 2006-3113 | 19197 | ||
| 18177 | BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (more info ...) | attempted-user | 2006-3113 | 19197 | ||
| 18178 | BROWSER-FIREFOX Mozilla browsers memory corruption simultaneous XPCOM events code execution attempt (more info ...) | attempted-user | 2006-3113 | 19197 | ||
| 18186 | BROWSER-FIREFOX Mozilla products -moz-grid and -moz-grid-group display styles code execution attempt (more info ...) | attempted-user | 2006-1738 | 17516 | ||
| 18193 | BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2006-3280 | 18682 | ||
| 18194 | BROWSER-IE Microsoft Internet Explorer cross domain information disclosure attempt (more info ...) | attempted-user | 2006-3280 | 18682 | ||
| 18196 | BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (more info ...) | attempted-user | 2010-3971 | 45246 | URL | |
| 18197 | BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 18198 | BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 18199 | BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 18216 | BROWSER-IE Microsoft Internet Explorer 6 #default#anim attempt (more info ...) | attempted-user | 2010-3343 | URL | ||
| 18217 | BROWSER-IE Microsoft Internet Explorer select element memory corruption attempt (more info ...) | attempted-user | 2010-3345 | 45260 | ||
| 18218 | BROWSER-IE Microsoft Internet Explorer time element memory corruption attempt (more info ...) | attempted-user | 2010-3346 | 45261 | URL | |
| 18221 | BROWSER-IE Microsoft Internet Explorer malformed table remote code execution attempt (more info ...) | attempted-user | 2010-3962 | URL | ||
| 18239 | INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (more info ...) | attempted-user | URL | |||
| 18240 | BROWSER-IE Microsoft Internet Explorer CSS importer use-after-free attempt (more info ...) | attempted-user | 2010-3971 | 45246 | URL | |
| 18250 | BROWSER-FIREFOX Mozilla products EscapeAttributeValue integer overflow attempt (more info ...) | attempted-user | 2006-0297 | 16476 | ||
| 18261 | BROWSER-FIREFOX Mozilla Firefox Javascript engine String.toSource memory corruption attempt (more info ...) | attempted-user | 2006-3806 | 19181 | ||
| 18262 | BROWSER-FIREFOX Mozilla Firefox Javascript engine function arguments memory corruption attempt (more info ...) | attempted-user | 2006-3806 | 19181 | ||
| 18263 | BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (more info ...) | attempted-user | 2006-3801 | |||
| 18264 | BROWSER-FIREFOX Mozilla Firefox Javascript deleted frame or window reference attempt (more info ...) | attempted-user | 2006-3801 | |||
| 18280 | BROWSER-IE Microsoft Internet Explorer oversize recordset object cache size exploit attempt (more info ...) | attempted-user | 2011-0027 | URL | ||
| 18282 | BROWSER-IE Microsoft Internet Explorer drag-and-drop vulnerability (more info ...) | attempted-user | 2005-0053 | 11466 | URL | |
| 18286 | BROWSER-FIREFOX Mozilla products element style change memory corruption code execution attempt (more info ...) | attempted-user | 2006-0294 | 16476 | ||
| 18294 | BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (more info ...) | attempted-user | 2009-2195 | 36023 | ||
| 18295 | BROWSER-WEBKIT Apple Safari Webkit floating point buffer overflow attempt (more info ...) | attempted-user | 2009-2195 | 36023 | ||
| 18296 | BROWSER-FIREFOX Mozilla products frame comment objects manipulation memory corruption attempt (more info ...) | attempted-user | 2006-6504 | 21668 | ||
| 18298 | BROWSER-FIREFOX Mozilla Firefox Javascript large regex memory corruption attempt (more info ...) | attempted-user | 2006-1737 | 17516 | ||
| 18299 | BROWSER-IE Microsoft Internet Explorer implicit drag and drop file installation attempt (more info ...) | attempted-user | 2004-0839 | 10973 | ||
| 18301 | BROWSER-FIREFOX Mozilla Firefox GeckoActiveXObject memory corruption attempt (more info ...) | attempted-user | 2006-3803 | 19181 | ||
| 18302 | BROWSER-FIREFOX Mozilla Firefox new function garbage collection remote code execution attempt (more info ...) | attempted-user | 2006-3803 | 19181 | ||
| 18303 | BROWSER-IE Microsoft Internet Explorer script action handler overflow attempt (more info ...) | attempted-user | 2006-1245 | 17131 | ||
| 18304 | BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | |||
| 18305 | BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | |||
| 18306 | BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | |||
| 18307 | BROWSER-IE Microsoft Internet Explorer frameset memory corruption attempt (more info ...) | attempted-user | 2006-3637 | 18277 | ||
| 18313 | BROWSER-IE Microsoft Internet Explorer createTextRange code execution attempt (more info ...) | attempted-user | 2006-1359 | 17196 | URL | |
| 18332 | BROWSER-FIREFOX Mozilla Firefox JS Web Worker arbitrary code execution attempt (more info ...) | attempted-user | 2009-3371 | URL | ||
| 18348 | MALWARE-CNC User-Agent known malicious user-agent string Opera/9.80 Pesto/2.2.15 (more info ...) | trojan-activity | URL | |||
| 18354 | MALWARE-CNC User-Agent known malicious user-agent string opera/8.11 (more info ...) | trojan-activity | URL | |||
| 18370 | MALWARE-CNC User-Agent known malicious user-agent string Mozilla Windows MSIE (more info ...) | trojan-activity | URL | |||
| 18401 | BROWSER-IE Microsoft Internet Explorer Base64 encoded script overflow attempt (more info ...) | attempted-admin | 2011-0031 | URL | ||
| 18403 | BROWSER-IE Microsoft Internet Explorer Data Source Object memory corruption attempt (more info ...) | attempted-user | 2011-0035 | 46157 | URL | |
| 18470 | SERVER-WEBAPP Java floating point number denial of service - via URI (more info ...) | attempted-dos | 2010-4476 | URL | ||
| 18471 | SERVER-WEBAPP Java floating point number denial of service - via POST (more info ...) | attempted-dos | 2010-4476 | URL | ||
| 18482 | BROWSER-IE Microsoft Internet Explorer History.go method double free corruption attempt (more info ...) | attempted-user | 2009-0552 | 34423 | ||
| 18485 | BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (more info ...) | attempted-user | 2006-4253 | 19488 | ||
| 18486 | BROWSER-FIREFOX Mozilla Firefox JavaScript handler race condition memory corruption attempt (more info ...) | attempted-user | 2006-4253 | 19488 | ||
| 18508 | BROWSER-WEBKIT Apple Safari WebKit ParentStyleSheet exploit attempt (more info ...) | attempted-user | URL | |||
| 18517 | BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (more info ...) | attempted-user | 2006-3869 | 19667 | ||
| 18518 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 18519 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 18520 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 18521 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 18522 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML element creation attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 18523 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML exploit attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 18539 | BROWSER-IE Microsoft Internet Explorer event handling remote code execution attempt (more info ...) | attempted-user | 2010-0267 | URL | ||
| 18571 | INDICATOR-COMPROMISE fraudulent digital certificate for addons.mozilla.org detected (more info ...) | misc-attack | URL | |||
| 18597 | BROWSER-OTHER Opera file URI handling buffer overflow (more info ...) | attempted-user | 2008-5178 | 32323 | ||
| 18652 | PROTOCOL-SCADA IGSS IGSSDataServer.exe report template operation overflow attempt (more info ...) | attempted-admin | ||||
| 18669 | BROWSER-IE Microsoft Internet Explorer cross-domain object manipulation attempt (more info ...) | web-application-activity | 2011-1245 | URL | ||
| 18670 | BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (more info ...) | attempted-user | 2011-1345 | 46821 | URL | |
| 18671 | BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (more info ...) | attempted-user | 2011-1345 | 46821 | URL | |
| 18672 | BROWSER-IE Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (more info ...) | attempted-user | 2011-0811 | URL | ||
| 18681 | FILE-PDF transfer of a PDF with embedded JavaScript - JavaScript object detected (more info ...) | policy-violation | URL | |||
| 18770 | BROWSER-WEBKIT Apple Safari WebKit range object remote code execution attempt (more info ...) | attempted-user | 2011-0115 | 46746 | ||
| 18798 | SERVER-OTHER HP Data Protector Media Operations denial of service attempt (more info ...) | attempted-dos | URL | |||
| 18799 | SERVER-OTHER HP Data Protector Media Operations denial of service attempt (more info ...) | attempted-dos | URL | |||
| 18803 | SERVER-WEBAPP Oracle Java Runtime CMM readMabCurveData buffer overflow attempt (more info ...) | attempted-user | 2010-0838 | 39069 | ||
| 18809 | BROWSER-FIREFOX Mozilla EnsureCachedAttrParamArrays integer overflow attempt (more info ...) | attempted-user | 2010-1214 | 41842 | ||
| 18903 | BROWSER-WEBKIT Apple Safari WebKit Rendering Counter Code Execution (more info ...) | attempted-user | 2010-1784 | 42036 | ||
| 18951 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 18973 | BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (more info ...) | attempted-user | 2010-1392 | 40644 | ||
| 18995 | BROWSER-WEBKIT Apple Safari Webkit removeAllRanges use-after-free attempt (more info ...) | attempted-user | 2010-1812 | 43079 | ||
| 18996 | SERVER-ORACLE DBMS_JAVA.SET_OUTPUT_TO_JAVA privilege escalation attempt (more info ...) | attempted-admin | 2010-0867 | 38115 | ||
| 19003 | BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (more info ...) | attempted-user | 2010-1806 | 43049 | ||
| 19004 | BROWSER-WEBKIT Apple Safari Webkit run-in use-after-free attempt (more info ...) | attempted-user | 2010-1806 | 43049 | ||
| 19005 | BROWSER-CHROME Apple Safari/Google Chrome Webkit memory corruption attempt (more info ...) | attempted-user | 2010-1813 | 43078 | ||
| 19008 | BROWSER-WEBKIT Apple Safari Webkit floating point conversion memory corruption attempt (more info ...) | attempted-user | 2010-1807 | 43047 | ||
| 19009 | BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (more info ...) | attempted-user | 2010-1814 | 43083 | ||
| 19010 | BROWSER-WEBKIT Apple Safari WebKit menu onchange memory corruption attempt (more info ...) | attempted-user | 2010-1814 | 43083 | ||
| 19074 | INDICATOR-OBFUSCATION javascript uuencoded noop sled attempt (more info ...) | misc-activity | URL | |||
| 19075 | INDICATOR-OBFUSCATION javascript uuencoded eval statement (more info ...) | misc-activity | URL | |||
| 19076 | BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (more info ...) | attempted-user | 2010-3765 | |||
| 19077 | BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (more info ...) | attempted-user | 2010-3765 | |||
| 19078 | BROWSER-FIREFOX Mozilla Firefox html tag attributes memory corruption (more info ...) | attempted-user | 2010-3765 | |||
| 19079 | BROWSER-IE Microsoft Internet Explorer getElementById object corruption (more info ...) | attempted-user | 2008-2254 | 30614 | URL | |
| 19084 | BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (more info ...) | attempted-user | 2010-3962 | URL | ||
| 19095 | BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (more info ...) | attempted-user | 2010-1770 | 40653 | ||
| 19096 | BROWSER-WEBKIT Apple Safari Webkit CSS Charset Text transformation code execution attempt (more info ...) | attempted-user | 2010-1770 | 40653 | ||
| 19097 | BROWSER-WEBKIT Apple Safari Webkit ContentEditable code execution attempt (more info ...) | attempted-user | 2010-1396 | 40647 | ||
| 19098 | BROWSER-WEBKIT Apple Safari Webkit ContentEditable code exeuction attempt (more info ...) | attempted-user | 2010-1396 | 40647 | ||
| 19099 | BROWSER-WEBKIT Apple Safari CSS font format corruption attempt (more info ...) | attempted-user | 2010-0046 | 38684 | URL | |
| 19100 | FILE-JAVA Oracle Java Soundbank resource name overflow attempt (more info ...) | attempted-user | 2010-0839 | 39070 | ||
| 19101 | SERVER-ORACLE Oracle Java Web Server Admin Server denial of service attempt (more info ...) | attempted-dos | 2010-0389 | 37909 | ||
| 19147 | BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (more info ...) | attempted-user | 2010-0490 | URL | ||
| 19149 | BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (more info ...) | attempted-user | 2010-2560 | |||
| 19150 | BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (more info ...) | attempted-user | 2010-2560 | |||
| 19155 | SERVER-WEBAPP HP Data Protector Media Operations SignInName Parameter overflow attempt (more info ...) | attempted-admin | 44381 | |||
| 19165 | MALWARE-CNC User-Agent known malicious user-agent string Microsoft Internet Explorer (more info ...) | trojan-activity | ||||
| 19171 | BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0038 | 46159 | URL | |
| 19172 | BROWSER-IE Microsoft Internet Explorer 8 ieshims.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0038 | 46159 | URL | |
| 19181 | BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (more info ...) | attempted-user | 2010-2556 | 42257 | URL | |
| 19203 | BROWSER-IE Microsoft Internet Explorer MsgBox arbitrary code execution attempt (more info ...) | attempted-user | 2010-0483 | URL | ||
| 19204 | BROWSER-IE Microsoft Internet Explorer MsgBox arbitrary code execution attempt (more info ...) | attempted-user | 2010-0483 | URL | ||
| 19235 | BROWSER-IE Microsoft Internet Explorer copy/paste memory corruption attempt (more info ...) | attempted-user | 2011-1256 | URL | ||
| 19236 | BROWSER-IE Microsoft Internet Explorer drag event memory corruption attempt (more info ...) | attempted-admin | 2011-1254 | 48204 | URL | |
| 19237 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 19238 | BROWSER-IE Microsoft Internet Explorer 8 self remove from markup vulnerability (more info ...) | attempted-user | 2011-1251 | URL | ||
| 19239 | BROWSER-IE Microsoft Internet Explorer 8 toStaticHTML XSS attempt (more info ...) | attempted-user | 2011-1252 | URL | ||
| 19240 | BROWSER-IE Microsoft Internet Explorer 6/7/8 reload stylesheet attempt (more info ...) | attempted-user | 2011-1250 | URL | ||
| 19243 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-admin | 2011-1260 | URL | ||
| 19245 | BROWSER-IE Microsoft Internet Explorer redirect to cdl protocol attempt (more info ...) | attempted-admin | 2011-1262 | URL | ||
| 19246 | BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (more info ...) | attempted-user | 2011-1261 | 48210 | URL | |
| 19254 | FILE-PDF Adobe Acrobat Reader javascript in PDF go-to actions exploit attempt (more info ...) | attempted-user | 2011-2101 | URL | ||
| 19265 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 19266 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 19292 | BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (more info ...) | attempted-user | 2010-3765 | |||
| 19321 | BROWSER-FIREFOX Mozilla Products nsCSSValue Array Index Integer Overflow (more info ...) | attempted-user | 2010-2752 | 41852 | ||
| 19322 | BROWSER-IE Microsoft Internet Explorer and SharePoint toStaticHTML information disclosure attempt (more info ...) | attempted-recon | 2010-3243 | |||
| 19372 | MALWARE-CNC User-Agent known malicious user-agent string javasw - Trojan.Banload (more info ...) | trojan-activity | URL | |||
| 19411 | BROWSER-IE Microsoft Internet Explorer Cross-Domain information disclosure attempt (more info ...) | attempted-user | 2010-3330 | 43709 | URL | |
| 19436 | BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (more info ...) | attempted-user | 2010-3328 | 43705 | URL | |
| 19666 | BROWSER-IE Microsoft Internet Explorer multi-window access memory corruption attempt (more info ...) | attempted-user | 2011-1257 | URL | ||
| 19667 | BROWSER-IE Microsoft Internet Explorer cross-domain scripting attack (more info ...) | attempted-user | 2011-1960 | URL | ||
| 19668 | BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (more info ...) | attempted-user | 2011-1961 | URL | ||
| 19670 | BROWSER-IE Microsoft Internet Explorer telnet.exe file load exploit attempt (more info ...) | attempted-user | 2011-1961 | URL | ||
| 19671 | BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (more info ...) | attempted-user | 2011-1963 | 49037 | URL | |
| 19672 | BROWSER-IE Microsoft Internet Explorer stylesheet dynamic access memory corruption attempt (more info ...) | attempted-user | 2011-1964 | URL | ||
| 19710 | BROWSER-CHROME Google Chrome float rendering corruption attempt (more info ...) | attempted-user | 2011-1804 | |||
| 19756 | MALWARE-CNC User-Agent known malicious user-agent string Opera/8.89 - P2P-Worm.Win32.Palevo.ddm (more info ...) | trojan-activity | URL | |||
| 19786 | MALWARE-CNC User-Agent known malicious user agent - Mozilla (more info ...) | trojan-activity | URL | |||
| 19806 | BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (more info ...) | attempted-user | 2011-0222 | 48844 | URL | |
| 19807 | BROWSER-WEBKIT Apple Safari Webkit SVG memory corruption attempt (more info ...) | attempted-user | 2011-0222 | 48844 | URL | |
| 19808 | BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 19815 | SERVER-OTHER HP Operations Manager Server Default Credientials in use attempt (more info ...) | default-login-attempt | 2009-4189 | |||
| 19867 | INDICATOR-OBFUSCATION randomized javascript encodings detected (more info ...) | policy-violation | URL | |||
| 19871 | BROWSER-IE Microsoft Internet Explorer VML buffer overflow attempt (more info ...) | attempted-user | 2006-4868 | URL | ||
| 19872 | BROWSER-IE Microsoft Internet Explorer MDAC remote code execution attempt (more info ...) | attempted-user | 2006-0003 | URL | ||
| 19873 | BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (more info ...) | attempted-user | 2010-3962 | URL | ||
| 19885 | BROWSER-IE Microsoft Internet Explorer daxctle.ocx spline method buffer overflow attempt (more info ...) | attempted-user | 2006-4446 | URL | ||
| 19887 | INDICATOR-OBFUSCATION potential javascript unescape obfuscation attempt detected (more info ...) | policy-violation | URL | |||
| 19888 | INDICATOR-OBFUSCATION potential javascript unescape obfuscation attempt detected (more info ...) | policy-violation | URL | |||
| 19910 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2011-1266 | 48173 | URL | |
| 19926 | FILE-JAVA Oracle Java Runtime AWT setDiffICM stack buffer overflow attempt (more info ...) | attempted-user | 2009-3869 | 36881 | ||
| 20137 | INDICATOR-OBFUSCATION Possible generic javascript heap spray attempt (more info ...) | attempted-user | 2009-2477 | 35660 | URL | |
| 20231 | MALWARE-CNC User-Agent known malicious user-agent string Mozilla//4.0 (more info ...) | trojan-activity | URL | |||
| 20238 | SERVER-OTHER Oracle Java calendar deserialize vulnerability (more info ...) | attempted-user | 2008-5353 | |||
| 20249 | SERVER-OTHER Oracle Java Web Start BasicService arbitrary command execution attempt (more info ...) | attempted-user | 2008-4910 | |||
| 20258 | OS-WINDOWS Microsoft generic javascript handler in URI XSS attempt (more info ...) | attempted-user | 2016-3212 | URL | ||
| 20262 | BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (more info ...) | attempted-user | 2011-1993 | 49947 | URL | |
| 20263 | BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (more info ...) | attempted-user | 2011-1995 | 49960 | URL | |
| 20264 | BROWSER-IE Microsoft Internet Explorer form selection reset attempt (more info ...) | attempted-user | 2011-1996 | 49961 | URL | |
| 20265 | BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (more info ...) | attempted-user | 2011-1997 | 49962 | URL | |
| 20266 | BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (more info ...) | attempted-user | 2011-1999 | 49964 | URL | |
| 20267 | BROWSER-IE Microsoft Internet Explorer circular reference exploit attempt (more info ...) | attempted-user | 2011-2000 | 49965 | URL | |
| 20268 | BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (more info ...) | attempted-user | 2011-2001 | 49966 | URL | |
| 20273 | BROWSER-IE Microsoft Internet Explorer jscript9 parsing corruption attempt (more info ...) | attempted-user | 2011-1998 | URL | ||
| 20277 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML comment creation attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 20279 | BROWSER-IE Microsoft Internet Explorer HTML DOM invalid DHTML textnode creation attempt (more info ...) | attempted-user | 2005-0553 | 13120 | 10861 | URL |
| 20430 | FILE-JAVA Oracle Java Web Start BasicServiceImpl security policy bypass attempt (more info ...) | attempted-user | 2010-3563 | 43999 | ||
| 20529 | FILE-JAVA Oracle Java trusted method chaining attempt (more info ...) | attempted-user | 2010-0840 | |||
| 20535 | BROWSER-OTHER Opera Config File script access attempt (more info ...) | attempted-user | ||||
| 20560 | FILE-FLASH Adobe Flash Player salign null javascript access attempt (more info ...) | attempted-user | 2011-2459 | URL | ||
| 20579 | BROWSER-CHROME Google Chrome and Apple Safari Ruby before and after memory corruption (more info ...) | attempted-user | 2011-1440 | |||
| 20593 | BROWSER-WEBKIT Apple Safari Webkit libxslt arbitrary file creation attempt (more info ...) | attempted-user | 2011-1774 | URL | ||
| 20666 | BROWSER-FIREFOX Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (more info ...) | attempted-user | 2006-6505 | |||
| 20667 | BROWSER-FIREFOX Mozilla Thunderbird / SeaMonkey Content-Type header buffer overflow attempt (more info ...) | attempted-user | 2006-6505 | |||
| 20699 | BROWSER-IE Microsoft Internet Explorer XSRF timing attack against XSS filter (more info ...) | attempted-recon | 2011-1992 | URL | ||
| 20704 | BROWSER-PLUGINS Microsoft Internet Explorer defaulttime behavior attack attempt (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20705 | BROWSER-PLUGINS Microsoft Internet Explorer Time DATIME.DLL ActiveX clsid access (more info ...) | attempted-user | 2011-3397 | URL | ||
| 20727 | BROWSER-FIREFOX Mozilla Firefox user interface event dispatcher dos attempt (more info ...) | attempted-dos | 2008-4324 | 31476 | ||
| 20729 | BROWSER-FIREFOX Mozilla XBL object init code execution attempt (more info ...) | attempted-user | 2006-1733 | 17516 | ||
| 20730 | BROWSER-FIREFOX Mozilla XBL.method memory corruption attempt (more info ...) | attempted-admin | 2006-1735 | 17516 | ||
| 20736 | BROWSER-WEBKIT Apple Safari x-man-page URI terminal escape attempt (more info ...) | attempted-user | 2005-1342 | 13502 | ||
| 20739 | BROWSER-FIREFOX Mozilla Object.watch parent access attempt (more info ...) | attempted-admin | 2006-1734 | 17516 | ||
| 20742 | BROWSER-FIREFOX Mozilla PLUGINSPAGE javascript execution attempt (more info ...) | attempted-user | 2005-0752 | 13228 | ||
| 20766 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20786 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-admin | 2011-1260 | URL | ||
| 20787 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 20788 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 20789 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 20790 | BROWSER-IE Microsoft Internet Explorer layout-grid-char value exploit attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 20804 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20805 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20806 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20807 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20808 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20809 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20810 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20811 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt (more info ...) | attempted-user | 2011-1255 | URL | ||
| 20814 | BROWSER-FIREFOX Mozilla favicon href javascript execution attempt (more info ...) | attempted-user | 2005-1531 | |||
| 20822 | BROWSER-IE Microsoft Internet Explorer contenteditable corruption attempt malicious string (more info ...) | attempted-user | 2011-1255 | |||
| 20858 | FILE-JAVA Oracle Java getSoundBank overflow Attempt malicious jar file (more info ...) | attempted-user | 2009-3867 | 36881 | ||
| 20998 | FILE-PDF Adobe Acrobat Reader javascript submitform memory corruption attempt (more info ...) | attempted-user | 2011-4371 | URL | ||
| 20999 | BROWSER-WEBKIT Microsoft Windows 7 x64 Apple Safari abnormally long iframe exploit attempt (more info ...) | attempted-dos | 2011-5046 | 51122 | URL | |
| 21037 | INDICATOR-OBFUSCATION randomized javascript encodings detected (more info ...) | policy-violation | URL | |||
| 21039 | INDICATOR-OBFUSCATION potential javascript unescape obfuscation attempt detected (more info ...) | policy-violation | URL | |||
| 21040 | INDICATOR-OBFUSCATION potential javascript unescape obfuscation attempt detected (more info ...) | policy-violation | URL | |||
| 21056 | FILE-JAVA Oracle Java attempt to write in system32 (more info ...) | policy-violation | ||||
| 21086 | BROWSER-IE Microsoft Internet Explorer object clone deletion memory corruption (more info ...) | attempted-user | 2009-0075 | URL | ||
| 21154 | BROWSER-FIREFOX Mozilla products floating point buffer overflow attempt (more info ...) | attempted-user | 2009-0689 | 37078 | ||
| 21155 | BROWSER-FIREFOX Mozilla products floating point buffer overflow attempt (more info ...) | attempted-user | 2009-0689 | 37078 | ||
| 21166 | BROWSER-CHROME Google Chrome https spoofing attempt (more info ...) | attempted-recon | URL | |||
| 21189 | BROWSER-WEBKIT Apple Safari innerHTML use after free exploit attempt (more info ...) | attempted-user | 2011-0221 | 48844 | ||
| 21190 | BROWSER-FIREFOX Mozilla Multiple Products MozOrientation loading attempt (more info ...) | attempted-user | 2011-2980 | 49217 | ||
| 21191 | BROWSER-FIREFOX Mozilla Multiple Products MozOrientation loading attempt (more info ...) | attempted-user | 2011-2980 | 49217 | ||
| 21268 | SERVER-OTHER Oracle Java RMI services remote object execution attempt (more info ...) | misc-attack | 2015-2342 | URL | ||
| 21272 | BROWSER-IE Microsoft Internet Explorer orphan DOM objects memory corruption attempt (more info ...) | attempted-user | 2009-3674 | URL | ||
| 21300 | BROWSER-IE Microsoft Internet Explorer 9 null character in string information disclosure attempt (more info ...) | attempted-recon | 2012-0012 | URL | ||
| 21353 | BROWSER-IE Microsoft Internet Explorer mouse drag hijack (more info ...) | attempted-user | 2004-0841 | URL | ||
| 21363 | BROWSER-FIREFOX Mozilla Firefox appendChild use-after-free attempt (more info ...) | attempted-user | 2010-3765 | |||
| 21387 | FILE-JAVA Oracle Java runtime RMIConnectionImpl deserialization execution attempt (more info ...) | attempted-user | 2010-0094 | |||
| 21392 | BROWSER-IE Microsoft Internet Explorer writing-mode property memory corruption attempt (more info ...) | attempted-user | 2009-2531 | 36616 | ||
| 21394 | BROWSER-FIREFOX Mozilla Firefox null byte file remote code execution attempt (more info ...) | attempted-user | 2007-3285 | 24447 | ||
| 21399 | BROWSER-OTHER Opera Web Browser History Search Input validation vulnerability (more info ...) | attempted-user | 2008-4696 | 31869 | ||
| 21446 | BROWSER-CHROME Google Chrome FileSystemObject clsid access (more info ...) | attempted-user | 2009-3934 | 36947 | ||
| 21447 | BROWSER-CHROME Google Chrome FileSystemObject function call (more info ...) | attempted-user | 2009-3931 | 36947 | ||
| 21462 | FILE-JAVA Oracle Java Plugin security bypass (more info ...) | attempted-user | 2004-1029 | 11726 | ||
| 21501 | FILE-JAVA Oracle JavaScript file upload keystroke hijack attempt (more info ...) | misc-activity | 2006-2900 | 18308 | ||
| 21519 | INDICATOR-OBFUSCATION Dadongs obfuscated javascript (more info ...) | misc-activity | URL | |||
| 21569 | BROWSER-IE Microsoft Internet Explorer toStaticHTML XSS attempt (more info ...) | web-application-activity | 2011-1252 | URL | ||
| 21577 | INDICATOR-OBFUSCATION JavaScript obfuscation - charcode (more info ...) | attempted-user | URL | |||
| 21578 | INDICATOR-OBFUSCATION JavaScript obfuscation - eval (more info ...) | attempted-user | URL | |||
| 21579 | INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (more info ...) | attempted-user | URL | |||
| 21580 | INDICATOR-OBFUSCATION JavaScript obfuscation - fromCharCode (more info ...) | attempted-user | URL | |||
| 21631 | MALWARE-CNC Win.Trojan.Sinowal javascript delivery method (more info ...) | trojan-activity | URL | |||
| 21786 | INDICATOR-OBFUSCATION encoded javascript escape function in POST parameters - likely javascript injection (more info ...) | web-application-attack | URL | |||
| 21787 | INDICATOR-OBFUSCATION encoded javascript escape function in POST parameters - likely javascript injection (more info ...) | web-application-attack | URL | |||
| 21991 | BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (more info ...) | attempted-user | 2009-1547 | URL | ||
| 21992 | BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (more info ...) | attempted-user | 2009-1547 | URL | ||
| 21993 | BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (more info ...) | attempted-user | 2009-1547 | URL | ||
| 21994 | BROWSER-IE Microsoft Internet Explorer 8 DOM memory corruption attempt (more info ...) | attempted-user | 2009-3671 | 37188 | URL | |
| 22003 | BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4704 | URL | ||
| 23015 | BROWSER-CHROME Google Chrome and Apple Safari runin handling use after free attempt (more info ...) | attempted-user | 2011-3068 | |||
| 23054 | BROWSER-FIREFOX Mozilla Firefox nSSVGValue memory corruption attempt (more info ...) | attempted-user | 2011-3658 | 51138 | ||
| 23085 | INDICATOR-OBFUSCATION Obfuscated javascript string - join (more info ...) | bad-unknown | URL | |||
| 23086 | INDICATOR-OBFUSCATION Obfuscated javascript string - push (more info ...) | bad-unknown | URL | |||
| 23087 | INDICATOR-OBFUSCATION Obfuscated javascript string - xval (more info ...) | bad-unknown | URL | |||
| 23088 | INDICATOR-OBFUSCATION Obfuscated javascript string - qweqwe (more info ...) | bad-unknown | URL | |||
| 23089 | INDICATOR-OBFUSCATION Obfuscated javascript strings - obfuscation pattern (more info ...) | bad-unknown | URL | |||
| 23107 | INDICATOR-COMPROMISE BeEF javascript hook.js download attempt (more info ...) | attempted-user | ||||
| 23128 | BROWSER-IE Microsoft Internet Explorer 9 memory disclosure attempt (more info ...) | attempted-recon | 2012-1873 | 53844 | URL | |
| 23160 | INDICATOR-OBFUSCATION Javascript obfuscation - fromCharCode (more info ...) | attempted-user | URL | |||
| 23161 | INDICATOR-OBFUSCATION Javascript obfuscation - eval (more info ...) | attempted-user | URL | |||
| 23217 | INDICATOR-SHELLCODE x86 OS agnostic avoid_utf8_tolower javascript encoder (more info ...) | shellcode-detect | ||||
| 23226 | INDICATOR-OBFUSCATION JavaScript error suppression routine (more info ...) | misc-activity | URL | |||
| 23236 | INDICATOR-SHELLCODE x86 OS agnostic alpha numeric upper case javascript decoder (more info ...) | shellcode-detect | ||||
| 23243 | FILE-JAVA Oracle Java Zip file directory record overflow attempt (more info ...) | attempted-user | 2012-0501 | 52013 | ||
| 23291 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 23389 | MALWARE-CNC Win.Trojan.Java.Arratomref variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23390 | MALWARE-CNC Win.Trojan.Java.Arratomref variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23445 | BROWSER-FIREFOX Mozilla Firefox use-after free remote code execution attempt (more info ...) | attempted-user | 2011-3659 | |||
| 23471 | BROWSER-CHROME Google Chrome net-internals uri fragment identifier XSS attempt (more info ...) | attempted-user | 2010-1503 | 39667 | URL | |
| 23490 | FILE-MULTIMEDIA Oracle Java MixerSequencer RMF MIDI structure handling exploit attempt (more info ...) | attempted-user | 2011-3545 | 39077 | ||
| 23501 | FILE-PDF Adobe Acrobat Reader javascript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 23502 | FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 23503 | FILE-PDF Adobe Acrobat JavaScript getIcon method buffer overflow attempt (more info ...) | attempted-user | 2009-0927 | 34169 | ||
| 23560 | FILE-JAVA Oracle Java Zip file directory record overflow attempt (more info ...) | attempted-user | 2012-0501 | 52013 | ||
| 23617 | APP-DETECT Amazon Kindle chrome-scriptable-plugin attempt (more info ...) | policy-violation | URL | |||
| 23625 | BROWSER-FIREFOX Mozilla Firefox resource URL handling directory traversal attempt (more info ...) | attempted-recon | 2007-3073 | |||
| 23636 | INDICATOR-OBFUSCATION JavaScript built-in function parseInt appears obfuscated - likely packer or encoder (more info ...) | trojan-activity | URL | |||
| 23831 | INDICATOR-OBFUSCATION non-alphanumeric javascript detected (more info ...) | attempted-user | URL | |||
| 23832 | INDICATOR-OBFUSCATION non-alphanumeric javascript detected (more info ...) | attempted-user | URL | |||
| 23897 | FILE-PDF Sending of a PDF with embedded JavaScript - JS string attempt (more info ...) | policy-violation | URL | |||
| 23899 | FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (more info ...) | attempted-user | 2007-5659 | |||
| 23900 | FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (more info ...) | attempted-user | 2007-5659 | |||
| 23901 | FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (more info ...) | attempted-user | 2007-5659 | |||
| 23902 | FILE-PDF Adobe Acrobat Reader Javascript buffer overflow attempt (more info ...) | attempted-user | 2007-5659 | |||
| 24113 | BROWSER-PLUGINS Microsoft Internet Explorer 8 ieframe.dll ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 24210 | BROWSER-IE Microsoft Internet Explorer execCommand use-after-free attempt (more info ...) | attempted-user | URL | |||
| 24386 | BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (more info ...) | attempted-recon | 2012-4192 | URL | ||
| 24387 | BROWSER-FIREFOX Mozilla Multiple Products xdomain object information disclosure attempt (more info ...) | attempted-recon | 2012-4192 | URL | ||
| 24426 | MALWARE-OTHER Java.Trojan.Jacksbot class download (more info ...) | trojan-activity | URL | |||
| 24427 | MALWARE-OTHER Java.Trojan.Jacksbot jar download (more info ...) | trojan-activity | URL | |||
| 24449 | MALWARE-CNC Java.Exploit.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24452 | BROWSER-IE Microsoft Internet Explorer JPEG rendering buffer overflow attempt (more info ...) | attempted-user | 2005-2308 | 14284 | URL | |
| 24498 | FILE-JAVA Oracle Java JNLP parameter argument injection attempt (more info ...) | attempted-user | 2005-0418 | |||
| 24499 | FILE-JAVA Oracle Java JNLP parameter argument injection attempt (more info ...) | attempted-user | 2005-0418 | |||
| 24510 | FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (more info ...) | attempted-user | 2010-4462 | 46394 | ||
| 24511 | FILE-JAVA Oracle Java XGetSamplePtrFromSnd memory corruption attempt (more info ...) | attempted-user | 2010-4462 | 46394 | ||
| 24568 | MALWARE-CNC User-Agent known malicious user agent - Mozilla/00 (more info ...) | trojan-activity | URL | |||
| 24575 | MALWARE-CNC User-Agent known malicious user agent - Opera/9.61 (more info ...) | trojan-activity | URL | |||
| 24869 | BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2011-0094 | 37893 | URL | |
| 24870 | BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2011-0094 | 37893 | URL | |
| 24871 | BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2011-0094 | 37893 | URL | |
| 24872 | BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2011-0094 | 37893 | URL | |
| 24905 | FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (more info ...) | attempted-user | 2008-3111 | 30148 | ||
| 24906 | FILE-JAVA Oracle Java Web Start JNLP j2se key value buffer overflow attempt (more info ...) | attempted-user | 2008-3111 | 30148 | ||
| 25036 | BROWSER-WEBKIT Apple Safari WebKit form elements virtual function DoS attempt (more info ...) | attempted-dos | 2011-2813 | URL | ||
| 25037 | BROWSER-WEBKIT Apple Safari Webkit css title memory corruption attempt (more info ...) | attempted-user | 2012-3684 | URL | ||
| 25039 | BROWSER-WEBKIT Apple Safari Webkit css title memory corruption attempt (more info ...) | attempted-user | 2012-3684 | URL | ||
| 25042 | EXPLOIT-KIT Java User-Agent downloading Portable Executable - Possible exploit kit (more info ...) | trojan-activity | 2012-5076 | URL | ||
| 25225 | BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (more info ...) | attempted-user | 2011-2001 | 49966 | URL | |
| 25226 | BROWSER-IE Microsoft Internet Explorer Marquee stylesheet object removal (more info ...) | attempted-user | 2011-2001 | 49966 | URL | |
| 25227 | BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (more info ...) | attempted-user | 2011-2982 | |||
| 25228 | BROWSER-FIREFOX Mozilla Firefox iframe and xul element reload crash attempt (more info ...) | attempted-user | 2011-2982 | |||
| 25246 | BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (more info ...) | attempted-user | 2012-1876 | URL | ||
| 25272 | SERVER-WEBAPP Microsoft System Center Operations Manager cross site scripting attempt (more info ...) | attempted-user | 2013-0009 | URL | ||
| 25289 | BROWSER-FIREFOX Mozilla Firefox Javascript arbitrary memory reading attempt (more info ...) | attempted-recon | 2011-2983 | |||
| 25290 | BROWSER-FIREFOX Mozilla Firefox Javascript arbitrary memory reading attempt (more info ...) | attempted-recon | 2011-2983 | |||
| 25291 | BROWSER-FIREFOX Mozilla Firefox Javascript arbitrary memory reading attempt (more info ...) | attempted-recon | 2011-2983 | |||
| 25292 | BROWSER-FIREFOX Mozilla Firefox Javascript arbitrary memory reading attempt (more info ...) | attempted-recon | 2011-2983 | |||
| 25329 | BROWSER-IE Microsoft Internet Explorer CSS style memory corruption attempt (more info ...) | attempted-user | 2010-3962 | URL | ||
| 25562 | FILE-JAVA Oracle Java obfuscated jar file download attempt (more info ...) | trojan-activity | URL | |||
| 25621 | BROWSER-OTHER Opera use after free attempt (more info ...) | attempted-user | URL | |||
| 25622 | BROWSER-OTHER Opera use after free attempt (more info ...) | attempted-user | URL | |||
| 25653 | BROWSER-OTHER Opera browser window null pointer dereference attempt (more info ...) | attempted-user | 46872 | |||
| 25657 | SERVER-OTHER HP Data Protector Media Operations directory traversal attempt (more info ...) | attempted-user | 50531 | |||
| 25658 | SERVER-OTHER HP Data Protector Media Operations directory traversal attempt (more info ...) | attempted-user | 50531 | |||
| 25770 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0020 | URL | ||
| 25778 | BROWSER-IE Microsoft Internet Explorer SVG use after free attempt (more info ...) | attempted-user | 2013-0018 | URL | ||
| 25793 | BROWSER-IE Microsoft Internet Explorer invalid Shift_JIS character xss attempt (more info ...) | attempted-user | 2013-0015 | URL | ||
| 25794 | BROWSER-IE Microsoft Internet Explorer invalid Shift_JIS character xss attempt (more info ...) | attempted-user | 2013-0015 | URL | ||
| 25800 | EXPLOIT-KIT Stamp exploit kit Javascript request (more info ...) | trojan-activity | 2013-0431 | URL | ||
| 25853 | BROWSER-IE Microsoft Internet Explorer bitmap BitmapOffset integer overflow attempt (more info ...) | attempted-user | 2004-0566 | 9663 | URL | |
| 26076 | FILE-PDF download of a PDF with embedded JavaScript - JS string attempt (more info ...) | policy-violation | URL | |||
| 26077 | FILE-PDF transfer of a PDF with embedded JavaScript - JavaScript object detected (more info ...) | policy-violation | URL | |||
| 26168 | BROWSER-IE Microsoft Internet Explorer CCaret use after free attempt (more info ...) | attempted-user | 2013-0090 | URL | ||
| 26169 | BROWSER-IE Microsoft Internet Explorer CCaret use after free attempt (more info ...) | attempted-user | 2013-0090 | URL | ||
| 26188 | BROWSER-FIREFOX Mozilla Firefox 3.5 unicode stack overflow attempt (more info ...) | attempted-user | 2009-2479 | 35707 | ||
| 26258 | BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (more info ...) | attempted-user | 2011-1453 | 46677 | URL | |
| 26259 | BROWSER-WEBKIT Apple Safari SVG Markers Memory Use-After-Free attempt (more info ...) | attempted-user | 2011-1453 | 46677 | URL | |
| 26354 | BROWSER-IE Microsoft Internet Explorer expression clause in style tag cross site scripting attempt (more info ...) | web-application-attack | 2013-1289 | URL | ||
| 26439 | FILE-JAVA Oracle Java known malicious jar file download - specific structure (more info ...) | trojan-activity | ||||
| 26440 | INDICATOR-OBFUSCATION Obfuscated javascript/html generated by myobfuscate.com detected (more info ...) | bad-unknown | URL | |||
| 26451 | INDICATOR-OBFUSCATION g01pack Javascript substr function wrapper attempt (more info ...) | trojan-activity | URL | |||
| 26483 | SERVER-WEBAPP JavaScript tag in User-Agent field possible XSS attempt (more info ...) | web-application-attack | URL | |||
| 26484 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26485 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26486 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26487 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26499 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26500 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26513 | FILE-PDF PDF with large embedded JavaScript - JS string attempt (more info ...) | policy-violation | URL | |||
| 26524 | BROWSER-PLUGINS Java security warning bypass through JWS attempt (more info ...) | attempted-user | URL | |||
| 26525 | BROWSER-PLUGINS Java security warning bypass through JWS attempt (more info ...) | attempted-user | URL | |||
| 26549 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26550 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26551 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26552 | FILE-JAVA Oracle Java JRE reflection types public final field overwrite attempt (more info ...) | attempted-user | 2013-2423 | 59162 | URL | |
| 26577 | MALWARE-CNC User-Agent known malicious user agent Opera 10 (more info ...) | trojan-activity | URL | |||
| 26587 | FILE-JAVA Oracle Java runtime JMX findclass sandbox breach attempt (more info ...) | attempted-admin | 2013-0431 | 57563 | ||
| 26588 | FILE-JAVA Oracle Java runtime JMX findclass sandbox breach attempt (more info ...) | attempted-admin | 2013-0431 | 57563 | ||
| 26592 | BROWSER-WEBKIT Apple Safari Webkit libxslt arbitrary file creation attempt (more info ...) | attempted-user | 2011-1774 | 48840 | URL | |
| 26595 | INDICATOR-OBFUSCATION javascript hex character extraction routine detected (more info ...) | policy-violation | URL | |||
| 26596 | INDICATOR-OBFUSCATION javascript fromCharCode xor decryption routine detected (more info ...) | policy-violation | URL | |||
| 26615 | INDICATOR-OBFUSCATION Javascript substr rename attempt (more info ...) | misc-activity | URL | |||
| 26616 | INDICATOR-OBFUSCATION Javascript indexOf rename attempt (more info ...) | misc-activity | URL | |||
| 26624 | BROWSER-IE Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosure attempt (more info ...) | attempted-recon | 2013-1297 | URL | ||
| 26625 | BROWSER-IE Microsoft Internet Explorer 7-9 VBScript JSON reference information disclosure attempt (more info ...) | attempted-recon | 2013-1297 | URL | ||
| 26639 | BROWSER-IE Microsoft Internet Explorer XML digital signature transformation of digest value (more info ...) | misc-activity | 2013-1336 | URL | ||
| 26640 | BROWSER-IE Microsoft Internet Explorer XML digital signature transformation of digest value (more info ...) | misc-activity | 2013-1336 | URL | ||
| 26646 | BROWSER-PLUGINS Java security warning bypass through JWS attempt (more info ...) | attempted-user | URL | |||
| 26647 | BROWSER-PLUGINS Java security warning bypass through JWS attempt (more info ...) | attempted-user | URL | |||
| 26650 | FILE-PDF Adobe Acrobat Reader javascript regex embedded sandbox escape attempt (more info ...) | attempted-user | 2013-2550 | URL | ||
| 26658 | BROWSER-WEBKIT Possible Google Chrome Plugin install from non-trusted source (more info ...) | bad-unknown | URL | |||
| 26659 | BROWSER-FIREFOX Possible Mozilla Firefox Plugin install from non-Mozilla source (more info ...) | bad-unknown | URL | |||
| 26765 | BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX function call access (more info ...) | attempted-user | 2013-2416 | URL | ||
| 26766 | BROWSER-PLUGINS Oracle Java Web Start control launchapp ActiveX clsid access (more info ...) | attempted-user | 2013-2416 | URL | ||
| 26767 | BROWSER-PLUGINS Oracle Java Web Start control launchapp embed access (more info ...) | attempted-user | 2013-2416 | URL | ||
| 26817 | FILE-PDF Adobe Acrobat Reader javascript regex embedded sandbox escape attempt (more info ...) | attempted-user | 2013-2550 | URL | ||
| 26848 | BROWSER-IE Microsoft Internet Explorer 7 emulation via meta tag (more info ...) | attempted-user | ||||
| 26850 | INDICATOR-COMPROMISE Microsoft Internet Explorer IE5 compatibility mode enable attempt (more info ...) | policy-violation | URL | |||
| 26852 | BROWSER-IE Microsoft Internet Explorer create-add range on DOM objects memory corruption attempt (more info ...) | attempted-user | 2013-3124 | URL | ||
| 26853 | BROWSER-IE Microsoft Internet Explorer create-add range on DOM objects memory corruption attempt (more info ...) | attempted-user | 2013-3124 | URL | ||
| 26890 | BROWSER-IE Microsoft Internet Explorer CDocument use after free attempt (more info ...) | attempted-user | 2013-3114 | URL | ||
| 26935 | BROWSER-IE Microsoft Internet Explorer image download spoofing attempt (more info ...) | bad-unknown | 11768 | |||
| 26936 | BROWSER-IE Microsoft Internet Explorer image download spoofing attempt (more info ...) | bad-unknown | 11768 | |||
| 26937 | BROWSER-IE Microsoft Internet Explorer image download spoofing attempt (more info ...) | bad-unknown | 11768 | |||
| 26947 | EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26948 | EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit inbound java exploit download (more info ...) | trojan-activity | 2013-1493 | URL | ||
| 26994 | BROWSER-PLUGINS Oracle Javadoc generated frame replacement attempt (more info ...) | attempted-user | 2013-1571 | |||
| 27063 | BROWSER-IE Microsoft Internet Explorer file type spoofing attempt (more info ...) | bad-unknown | 2004-1331 | 11686 | ||
| 27222 | BROWSER-IE Microsoft Internet Explorer innerHTML against incomplete element heap corruption attempt (more info ...) | attempted-user | 2010-0490 | 39031 | URL | |
| 27260 | MALWARE-CNC Win.Trojan.Java.Agent.NFK variant connection (more info ...) | trojan-activity | URL | |||
| 27531 | BROWSER-IE Microsoft Internet Explorer 9 and 10 information disclosure attempt (more info ...) | attempted-user | URL | |||
| 27593 | INDICATOR-OBFUSCATION Javascript obfuscation - split (more info ...) | attempted-user | URL | |||
| 27663 | BROWSER-IE Microsoft Internet Explorer 9 memory disclosure attempt (more info ...) | attempted-recon | 2012-1873 | 53844 | URL | |
| 27693 | FILE-JAVA Oracle Java 2D ImagingLib BytePackedRaster signed integer overflow attempt (more info ...) | attempted-user | 2013-2549 | URL | ||
| 27694 | FILE-JAVA Oracle Java 2D ImagingLib BytePackedRaster signed integer overflow attempt (more info ...) | attempted-user | 2013-2549 | URL | ||
| 27875 | INDICATOR-OBFUSCATION Javascript obfuscation technique - has been observed in Rmayana/DotkaChef/DotCache exploit kit (more info ...) | trojan-activity | ||||
| 27943 | BROWSER-IE Microsoft Internet Explorer onlosecapture memory corruption attempt (more info ...) | attempted-user | 2013-3893 | 62453 | URL | |
| 27944 | BROWSER-IE Microsoft Internet Explorer onlosecapture memory corruption attempt (more info ...) | attempted-user | 2013-3893 | 62453 | URL | |
| 28043 | OS-MOBILE Android WebKit Java reflection command execution attempt (more info ...) | attempted-user | 2014-0514 | URL | ||
| 28157 | BROWSER-PLUGINS Oracle Java XML digital signature spoofing attempt (more info ...) | attempted-user | 2013-2461 | URL | ||
| 28163 | BROWSER-IE Microsoft Internet Explorer HtmlLayout SmartObject use after free attempt (more info ...) | attempted-user | 2013-3873 | URL | ||
| 28207 | BROWSER-IE Microsoft Internet Explorer swapNode memory corruption attempt (more info ...) | attempted-user | 2013-3897 | 62811 | URL | |
| 28208 | BROWSER-IE Microsoft Internet Explorer swapNode memory corruption attempt (more info ...) | attempted-user | 2013-3897 | 62811 | URL | |
| 28258 | BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (more info ...) | attempted-user | 2011-1345 | 46821 | URL | |
| 28259 | BROWSER-IE Microsoft Internet Explorer object management memory corruption attempt (more info ...) | attempted-user | 2011-1345 | 46821 | URL | |
| 28267 | BROWSER-IE Microsoft Internet Explorer option element use after free attempt (more info ...) | attempted-user | 2011-1995 | URL | ||
| 28268 | BROWSER-IE Microsoft Internet Explorer option element use after free attempt (more info ...) | attempted-user | 2011-1995 | URL | ||
| 28269 | BROWSER-IE Microsoft Internet Explorer option element use after free attempt (more info ...) | attempted-user | 2011-1995 | URL | ||
| 28270 | BROWSER-IE Microsoft Internet Explorer option element use after free attempt (more info ...) | attempted-user | 2011-1995 | URL | ||
| 28271 | BROWSER-IE Microsoft Internet Explorer htmlfile null attribute access attempt (more info ...) | attempted-user | 2011-1995 | 49960 | URL | |
| 28272 | BROWSER-PLUGINS Microsoft Internet Explorer htmlfile ActiveX object access attempt (more info ...) | attempted-user | 2011-1995 | 49960 | URL | |
| 28287 | BROWSER-IE Microsoft Internet Explorer deleted object cells reference memory corruption vulnerability (more info ...) | attempted-user | 2010-0248 | |||
| 28306 | BROWSER-IE Microsoft Internet Explorer CSS expression defined to empty selection attempt (more info ...) | attempted-user | 2011-1261 | 48210 | URL | |
| 28352 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 28353 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 28447 | BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (more info ...) | attempted-dos | 2012-0155 | URL | ||
| 28522 | BROWSER-IE Microsoft Internet Explorer print preview information disclosure attempt (more info ...) | attempted-recon | 2013-3908 | URL | ||
| 28662 | BROWSER-IE Microsoft Internet Explorer address bar spoofing attempt (more info ...) | attempted-user | 2006-1626 | 17404 | ||
| 28663 | BROWSER-IE Microsoft Internet Explorer address bar spoofing attempt (more info ...) | attempted-user | 2006-1626 | 17404 | ||
| 28722 | FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (more info ...) | attempted-user | 2010-4091 | |||
| 28723 | FILE-PDF Adobe Acrobat Reader invalid PDF JavaScript printSeps extension call attempt (more info ...) | attempted-user | 2010-4091 | |||
| 28932 | BROWSER-IE Microsoft Internet Explorer CHM file load attempt (more info ...) | misc-activity | URL | |||
| 28997 | BROWSER-IE Microsoft Internet Explorer print preview information disclosure attempt (more info ...) | attempted-recon | 2013-3908 | URL | ||
| 29037 | BROWSER-PLUGINS Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffectInplace1Input ActiveX function call access (more info ...) | attempted-user | 2006-1303 | 18328 | URL | |
| 29168 | BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (more info ...) | attempted-user | 2013-3192 | URL | ||
| 29214 | FILE-JAVA Oracle Java JPEGImageWriter memory corruption attempt (more info ...) | attempted-user | 2013-2429 | |||
| 29215 | FILE-JAVA Oracle Java sun.awt.image.ImageRepresentation.setPixels integer overflow attempt (more info ...) | attempted-user | 2013-2420 | |||
| 29221 | BROWSER-IE Microsoft Internet Explorer blnmgr clsid access attempt (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29222 | BROWSER-IE Microsoft Internet Explorer devenum clsid access attempt (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29223 | BROWSER-IE Microsoft Internet Explorer msdds clsid access attempt (more info ...) | attempted-user | 2005-2127 | 14594 | URL | |
| 29226 | BROWSER-PLUGINS Microsoft Internet Explorer ACM Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29227 | BROWSER-PLUGINS Microsoft Internet Explorer Address Bar ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29228 | BROWSER-PLUGINS Microsoft Internet Explorer CLSID_ApprenticeICW ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29229 | BROWSER-PLUGINS Microsoft Internet Explorer CLSID_CDIDeviceActionConfigPage ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29230 | BROWSER-PLUGINS Microsoft Internet Explorer CommunicationManager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29231 | BROWSER-PLUGINS Microsoft Internet Explorer Content.mbcontent.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29232 | BROWSER-PLUGINS Microsoft Internet Explorer DiskManagement.Connection ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29233 | BROWSER-PLUGINS Microsoft Internet Explorer Dutch_Dutch Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29234 | BROWSER-PLUGINS Microsoft Internet Explorer English_UK Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29235 | BROWSER-PLUGINS Microsoft Internet Explorer English_US Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29236 | BROWSER-PLUGINS Microsoft Internet Explorer French_French Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29237 | BROWSER-PLUGINS Microsoft Internet Explorer German_German Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29238 | BROWSER-PLUGINS Microsoft Internet Explorer ICM Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29239 | BROWSER-PLUGINS Microsoft Internet Explorer ISSimpleCommandCreator.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29240 | BROWSER-PLUGINS Microsoft Internet Explorer Italian_Italian Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29241 | BROWSER-PLUGINS Microsoft Internet Explorer MidiOut Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29242 | BROWSER-PLUGINS Microsoft Internet Explorer Mslablti.MarshalableTI.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29243 | BROWSER-PLUGINS Microsoft Internet Explorer PostBootReminder object ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29244 | BROWSER-PLUGINS Microsoft Internet Explorer QC.MessageMover.1 ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29245 | BROWSER-PLUGINS Microsoft Internet Explorer ShellFolder for CD Burning ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29246 | BROWSER-PLUGINS Microsoft Internet Explorer Spanish_Modern Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29247 | BROWSER-PLUGINS Microsoft Internet Explorer Swedish_Default Stemmer ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29248 | BROWSER-PLUGINS Microsoft Internet Explorer VFW Capture Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29249 | BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 1 Input ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29250 | BROWSER-PLUGINS Microsoft Internet Explorer Video Effect Class Manager 2 Input ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29251 | BROWSER-PLUGINS Microsoft Internet Explorer WDM Instance Provider ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29252 | BROWSER-PLUGINS Microsoft Internet Explorer WIA FileSystem USD ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29253 | BROWSER-PLUGINS Microsoft Internet Explorer WaveIn Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29254 | BROWSER-PLUGINS Microsoft Internet Explorer WaveOut and DSound Class Manager ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29255 | BROWSER-PLUGINS Microsoft Internet Explorer clbcatex.dll ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29256 | BROWSER-PLUGINS Microsoft Internet Explorer clbcatq.dll ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29257 | BROWSER-PLUGINS Microsoft Internet Explorer syncui.dll ActiveX clsid access (more info ...) | attempted-user | 2005-1990 | 14511 | URL | |
| 29408 | MALWARE-CNC JAVAFOG Java malware backdoor connection to cnc server (more info ...) | trojan-activity | URL | |||
| 29519 | INDICATOR-OBFUSCATION Javascript obfuscation using split reverse join (more info ...) | attempted-user | URL | |||
| 29650 | BROWSER-IE Microsoft Internet Explorer MoveToMarkupPointer call with CControlTracker OnExitTree use-after-free attempt (more info ...) | attempted-user | 2013-3184 | 61668 | URL | |
| 29651 | BROWSER-IE Microsoft Internet Explorer MoveToMarkupPointer call with CControlTracker OnExitTree use-after-free attempt (more info ...) | attempted-user | 2013-3184 | 61668 | URL | |
| 29675 | BROWSER-IE Microsoft Internet Explorer type confusion attempt (more info ...) | attempted-user | 2014-0271 | URL | ||
| 29713 | BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (more info ...) | attempted-user | 2014-0263 | 65393 | URL | |
| 29714 | BROWSER-IE Microsoft Internet Explorer overlapping object boundaries memory corruption attempt (more info ...) | attempted-user | 2014-0263 | 65393 | URL | |
| 29719 | BROWSER-IE Microsoft Internet Explorer SLayoutRun use after free attempt (more info ...) | attempted-user | 2014-0276 | URL | ||
| 29720 | BROWSER-IE Microsoft Internet Explorer SLayoutRun use after free attempt (more info ...) | attempted-user | 2014-0276 | URL | ||
| 29754 | BROWSER-IE Microsoft Internet Explorer style.position use-after-free memory corruption attempt (more info ...) | attempted-dos | 2012-0155 | URL | ||
| 29755 | BROWSER-CHROME Google Chrome and Apple Safari Ruby before and after memory corruption (more info ...) | attempted-user | 2011-1440 | |||
| 29758 | BROWSER-IE Microsoft Internet Explorer 8 Javascript negative option index attack attempt (more info ...) | attempted-user | 2011-1999 | 49964 | URL | |
| 29802 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (more info ...) | attempted-user | 2013-1311 | URL | ||
| 29803 | BROWSER-IE Microsoft Internet Explorer 8 deleted object access via timer memory corruption attempt (more info ...) | attempted-user | 2013-1311 | URL | ||
| 29804 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 29805 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 29806 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 29809 | BROWSER-WEBKIT Google Chrome and Apple Safari CSS float use-after-free attempt (more info ...) | attempted-user | 2011-2790 | 48960 | ||
| 29810 | BROWSER-WEBKIT Google Chrome and Apple Safari CSS float use-after-free attempt (more info ...) | attempted-user | 2011-2790 | 48960 | ||
| 29811 | BROWSER-WEBKIT Google Chrome and Apple Safari CSS float use-after-free attempt (more info ...) | attempted-user | 2011-2790 | 48960 | ||
| 29812 | BROWSER-WEBKIT Google Chrome and Apple Safari CSS float use-after-free attempt (more info ...) | attempted-user | 2011-2790 | 48960 | ||
| 29814 | BROWSER-IE Microsoft Internet Explorer null attribute DoS attempt (more info ...) | attempted-user | 2011-1997 | 49962 | URL | |
| 29969 | FILE-JAVA Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt (more info ...) | attempted-user | 2013-2426 | 59206 | URL | |
| 29970 | FILE-JAVA Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt (more info ...) | attempted-user | 2013-2426 | 59206 | URL | |
| 29971 | FILE-JAVA Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt (more info ...) | attempted-user | 2013-2426 | 59206 | URL | |
| 29972 | FILE-JAVA Oracle Java java.util.concurrent.ConcurrentHashMap memory corruption attempt (more info ...) | attempted-user | 2013-2426 | 59206 | URL | |
| 30102 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 30103 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 30104 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 30105 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 30218 | FILE-JAVA Oracle Java font rendering remote code execution attempt (more info ...) | attempted-user | 2013-1491 | URL | ||
| 30252 | BROWSER-CHROME Google Chrome XSSAuditor filter security policy bypass attempt (more info ...) | attempted-user | 65066 | URL | ||
| 30289 | BROWSER-IE Microsoft Internet Explorer HtmlLayout SmartObject use after free attempt (more info ...) | attempted-user | 2013-3873 | URL | ||
| 30396 | INDICATOR-SHELLCODE Metasploit payload java_jsp_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30397 | INDICATOR-SHELLCODE Metasploit payload java_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30485 | BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (more info ...) | attempted-user | 2010-2753 | URL | ||
| 30486 | BROWSER-FIREFOX Mozilla Firefox nsTreeRange Use After Free attempt (more info ...) | attempted-user | 2010-2753 | URL | ||
| 30490 | BROWSER-IE Microsoft Internet Explorer address bar spoofing with scripting (more info ...) | attempted-user | 2004-2219 | 10943 | ||
| 30491 | BROWSER-IE Microsoft Internet Explorer address bar spoofing with scripting (more info ...) | attempted-user | 2004-2219 | 10943 | ||
| 30508 | BROWSER-IE Microsoft Internet Explorer 7 swapNode use after free attempt (more info ...) | attempted-user | 2014-1752 | URL | ||
| 30509 | BROWSER-IE Microsoft Internet Explorer 7 swapNode use after free attempt (more info ...) | attempted-user | 2014-1752 | URL | ||
| 30849 | BROWSER-IE Microsoft Internet Explorer type confusion attempt (more info ...) | attempted-user | 2014-0271 | URL | ||
| 30850 | BROWSER-IE Microsoft Internet Explorer type confusion attempt (more info ...) | attempted-user | 2014-0271 | URL | ||
| 30851 | BROWSER-IE Microsoft Internet Explorer type confusion attempt (more info ...) | attempted-user | 2014-0271 | URL | ||
| 30878 | EXPLOIT-KIT Goon/Infinity exploit kit mp3 requested by Java (more info ...) | trojan-activity | ||||
| 30918 | MALWARE-CNC User-Agent known malicious user agent - User-Agent User-Agent Mozilla (more info ...) | trojan-activity | URL | |||
| 31192 | BROWSER-IE Microsoft Internet Explorer 11 use after free attempt (more info ...) | attempted-user | 2014-1762 | URL | ||
| 31193 | BROWSER-IE Microsoft Internet Explorer 11 use after free attempt (more info ...) | attempted-user | 2014-1762 | URL | ||
| 31194 | BROWSER-IE Microsoft Internet Explorer onpagehide use after free attempt (more info ...) | attempted-user | 2014-1795 | URL | ||
| 31195 | SERVER-WEBAPP VMTurbo Operations Manager directory traversal attempt (more info ...) | attempted-admin | 2014-3806 | 67292 | ||
| 31200 | BROWSER-IE Microsoft Internet Explorer summary node swap use after free attempt (more info ...) | attempted-user | 2014-1789 | URL | ||
| 31201 | BROWSER-IE Microsoft Internet Explorer summary node swap use after free attempt (more info ...) | attempted-user | 2014-1789 | URL | ||
| 31208 | BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (more info ...) | attempted-user | 2014-1766 | URL | ||
| 31209 | BROWSER-IE Microsoft Internet Explorer CDispNode use after free attempt (more info ...) | attempted-user | 2014-1766 | URL | ||
| 31283 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2014-0517 | URL | ||
| 31285 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2014-0517 | URL | ||
| 31301 | BROWSER-IE Microsoft Internet Explorer XSLT memory corruption attempt (more info ...) | attempted-user | 2011-1963 | 49037 | URL | |
| 31386 | BROWSER-IE Microsoft Internet Explorer CLayout object user after free attempt (more info ...) | attempted-user | 2014-2801 | URL | ||
| 31387 | BROWSER-IE Microsoft Internet Explorer CLayout object user after free attempt (more info ...) | attempted-user | 2014-2801 | URL | ||
| 31390 | BROWSER-IE Microsoft Internet Explorer BSTR use after free attempt (more info ...) | attempted-user | 2014-2804 | URL | ||
| 31391 | BROWSER-IE Microsoft Internet Explorer BSTR use after free attempt (more info ...) | attempted-user | 2014-2804 | URL | ||
| 31402 | BROWSER-IE Microsoft Internet Explorer Unexpected method call remote code execution attempt (more info ...) | attempted-user | 2009-1141 | URL | ||
| 31428 | BROWSER-IE Microsoft Internet Explorer html table column span width increase memory corruption attempt (more info ...) | attempted-user | 2012-1876 | URL | ||
| 31469 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 31471 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 31495 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2014-0519 | URL | ||
| 31496 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2014-0519 | URL | ||
| 31504 | BROWSER-IE Microsoft Internet Explorer outerHTML against incomplete element heap corruption attempt (more info ...) | attempted-user | 2010-0490 | URL | ||
| 31557 | MALWARE-CNC User-Agent known malicious user-agent string - Mozilla/5.0 - Win.Trojan.Upatre (more info ...) | trojan-activity | URL | |||
| 31594 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted object use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 31595 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted object use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 31596 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted embed use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 31597 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted embed use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 31598 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted object use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 31599 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted embed use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 31617 | BROWSER-IE Microsoft Internet Explorer meter element use-after-free attempt (more info ...) | attempted-user | 2012-2548 | URL | ||
| 31618 | BROWSER-IE Microsoft Internet Explorer meter element use-after-free attempt (more info ...) | attempted-user | 2012-2548 | URL | ||
| 31645 | BROWSER-IE Microsoft Internet Explorer 5 XML page object type validation (more info ...) | attempted-user | 2003-0809 | 8565 | ||
| 31646 | BROWSER-IE Microsoft Internet Explorer 5 XML page object type validation (more info ...) | attempted-user | 2003-0809 | 8565 | ||
| 31749 | FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (more info ...) | attempted-user | 2014-0531 | 67962 | URL | |
| 31750 | FILE-FLASH Adobe Flash Player marshallException through JavaScript XSS attempt (more info ...) | attempted-user | 2014-0531 | 67962 | URL | |
| 31796 | BROWSER-IE Microsoft Internet Explorer 11 CTreeNode use after free (more info ...) | attempted-user | 2014-4089 | URL | ||
| 31797 | BROWSER-IE Microsoft Internet Explorer 11 CTreeNode use after free (more info ...) | attempted-user | 2014-4089 | URL | ||
| 31811 | BROWSER-IE Microsoft Internet Explorer CHtmlLayout use after free attempt (more info ...) | attempted-user | 2014-4086 | URL | ||
| 31812 | BROWSER-IE Microsoft Internet Explorer CHtmlLayout use after free attempt (more info ...) | attempted-user | 2014-4086 | URL | ||
| 31821 | FILE-OTHER Mozilla products clipPath element stroke-width buffer overflow attempt (more info ...) | attempted-user | 2007-0776 | |||
| 31822 | FILE-OTHER Mozilla products clipPath element stroke-width buffer overflow attempt (more info ...) | attempted-user | 2007-0776 | |||
| 31887 | BROWSER-IE Microsoft Internet Explorer URL domain spoof attempt (more info ...) | attempted-user | 2003-1025 | URL | ||
| 31888 | BROWSER-IE Microsoft Internet Explorer URL domain spoof attempt (more info ...) | attempted-user | 2003-1025 | URL | ||
| 32133 | BROWSER-FIREFOX Mozilla Firefox XBM image processing buffer overflow attempt (more info ...) | attempted-user | 2005-2701 | 14916 | ||
| 32157 | BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (more info ...) | attempted-user | 2014-4130 | URL | ||
| 32158 | BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (more info ...) | attempted-user | 2014-4130 | URL | ||
| 32163 | BROWSER-IE Microsoft Internet Explorer GetUpdatedLayout partial table declaration use-after-free attempt (more info ...) | attempted-user | 2014-4128 | URL | ||
| 32164 | BROWSER-IE Microsoft Internet Explorer GetUpdatedLayout partial table declaration use-after-free attempt (more info ...) | attempted-user | 2014-4128 | URL | ||
| 32230 | BROWSER-IE Microsoft Internet Explorer address bar spoofing without scripting (more info ...) | attempted-user | 2004-2219 | 10943 | ||
| 32231 | BROWSER-IE Microsoft Internet Explorer address bar spoofing without scripting (more info ...) | attempted-user | 2004-2219 | 10943 | ||
| 32244 | BROWSER-FIREFOX Mozilla 1.0 Javascript arbitrary cookie access attempt (more info ...) | attempted-user | 2002-2314 | 5293 | ||
| 32262 | BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (more info ...) | attempted-user | 2015-1743 | URL | ||
| 32263 | BROWSER-IE Microsoft Internet Explorer Active X installer broker privilege elevation attempt (more info ...) | attempted-user | 2015-1743 | URL | ||
| 32266 | BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (more info ...) | attempted-user | 2014-4140 | URL | ||
| 32267 | BROWSER-IE Microsoft Internet Explorer 11 out of bounds array access attempt (more info ...) | attempted-user | 2014-4140 | URL | ||
| 32319 | BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (more info ...) | attempted-user | 2014-1713 | 66243 | URL | |
| 32320 | BROWSER-CHROME Google Chrome Blink locationAttributeSetter use after free attempt (more info ...) | attempted-user | 2014-1713 | 66243 | URL | |
| 32355 | INDICATOR-OBFUSCATION Javascript variable obfuscation (more info ...) | bad-unknown | URL | |||
| 32394 | MALWARE-CNC Win.Trojan.Orcarat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32395 | MALWARE-CNC Win.Trojan.Orcarat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32396 | MALWARE-CNC Win.Trojan.Orcarat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32397 | MALWARE-CNC Win.Trojan.Orcarat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32436 | BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (more info ...) | attempted-recon | 2014-6340 | URL | ||
| 32437 | BROWSER-IE Microsoft Internet Explorer document.URL override information disclosure attempt (more info ...) | attempted-recon | 2014-6340 | URL | ||
| 32458 | BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (more info ...) | attempted-admin | 2014-6323 | URL | ||
| 32459 | BROWSER-IE Microsoft Internet Explorer clipboardData unauthorized JavaScript read and write attempt (more info ...) | attempted-admin | 2014-6323 | URL | ||
| 32482 | BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (more info ...) | attempted-user | 2014-6339 | URL | ||
| 32483 | BROWSER-IE Microsoft Internet Explorer pasteHTML use after free attempt (more info ...) | attempted-user | 2014-6339 | URL | ||
| 32484 | BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (more info ...) | attempted-user | 2014-6349 | URL | ||
| 32485 | BROWSER-IE Microsoft Internet Explorer immutable application settings sandbox escape attempt (more info ...) | attempted-user | 2014-6349 | URL | ||
| 32491 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | misc-activity | 2014-6346 | URL | ||
| 32492 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | misc-activity | 2014-6346 | URL | ||
| 32499 | FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (more info ...) | attempted-user | 2014-6350 | URL | ||
| 32500 | FILE-OTHER Microsoft Internet Explorer EPM sandbox escape attempt (more info ...) | attempted-user | 2014-6350 | URL | ||
| 32518 | FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (more info ...) | attempted-user | 2014-6322 | URL | ||
| 32519 | FILE-OTHER Microsoft Internet Explorer registry symbolic link attack attempt (more info ...) | attempted-user | 2014-6322 | URL | ||
| 32532 | BROWSER-IE Microsoft Internet Explorer style sheet array memory corruption attempt (more info ...) | attempted-user | 2011-0027 | 40410 | URL | |
| 32641 | EXPLOIT-KIT Sweet Orange exploit kit Oracle Java jnlp file requested on defined port (more info ...) | trojan-activity | ||||
| 32693 | BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (more info ...) | attempted-user | 2014-6368 | URL | ||
| 32694 | BROWSER-IE Microsoft Internet Explorer CSS out-of-bounds buffer access attempt (more info ...) | attempted-user | 2014-6368 | URL | ||
| 32695 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32696 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32697 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32698 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32699 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32700 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32701 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32702 | BROWSER-IE Microsoft Internet Explorer JPEG stack information disclosure attempt (more info ...) | attempted-user | 2014-6355 | URL | ||
| 32710 | BROWSER-IE Microsoft Internet Explorer XSS filter bypass attempt (more info ...) | web-application-attack | 2014-6365 | URL | ||
| 32713 | BROWSER-OTHER Microsoft Internet Explorer cross site scripting filter bypass attempt (more info ...) | attempted-user | 2014-6328 | URL | ||
| 32762 | BROWSER-IE Microsoft Internet Explorer TextRange after free attempt (more info ...) | attempted-user | 2014-0307 | URL | ||
| 32763 | BROWSER-IE Microsoft Internet Explorer TextRange after free attempt (more info ...) | attempted-user | 2014-0307 | URL | ||
| 32777 | BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (more info ...) | attempted-user | 2014-8967 | |||
| 32778 | BROWSER-IE Microsoft Internet Explorer CheaderElement use after free attempt (more info ...) | attempted-user | 2014-8967 | |||
| 32787 | FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (more info ...) | misc-activity | 2014-8448 | URL | ||
| 32788 | FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (more info ...) | misc-activity | 2014-8448 | URL | ||
| 32789 | FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (more info ...) | misc-activity | 2014-8448 | URL | ||
| 32790 | FILE-PDF Adobe Acrobat Reader privileged JavaScript execution attempt (more info ...) | misc-activity | 2014-8448 | URL | ||
| 32840 | BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (more info ...) | attempted-user | 2010-0811 | URL | ||
| 32842 | BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (more info ...) | attempted-user | 2010-0811 | URL | ||
| 32843 | BROWSER-PLUGINS Microsoft Internet Explorer 8 Developer Tool ActiveX clsid access (more info ...) | attempted-user | 2010-0811 | URL | ||
| 32844 | BROWSER-PLUGINS Microsoft Internet Explorer COleSite ActiveX memory corruption attempt (more info ...) | attempted-user | 2010-3340 | URL | ||
| 32993 | BROWSER-FIREFOX Mozilla Firefox XMLSerializer serializeToStream use-after-free attempt (more info ...) | attempted-user | 2013-0753 | 57209 | URL | |
| 32994 | BROWSER-FIREFOX Mozilla Firefox XMLSerializer serializeToStream use-after-free attempt (more info ...) | attempted-user | 2013-0753 | 57209 | URL | |
| 33099 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3871 | URL | ||
| 33162 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2014-0583 | URL | ||
| 33163 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-admin | 2014-0583 | URL | ||
| 33243 | MALWARE-CNC User-Agent known malicious user-agent string - Mozilla - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33244 | MALWARE-CNC User-Agent known malicious user-agent string - Opera - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33245 | MALWARE-CNC User-Agent known malicious user-agent string - Opera10 - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33246 | MALWARE-CNC User-Agent known malicious user-agent string - OperaMini - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33287 | BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (more info ...) | attempted-user | 2016-0005 | URL | ||
| 33288 | BROWSER-IE Microsoft Internet Explorer same origin policy bypass attempt (more info ...) | attempted-user | 2016-0005 | URL | ||
| 33319 | BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (more info ...) | policy-violation | 2015-0055 | 64120 | URL | |
| 33320 | BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (more info ...) | policy-violation | 2015-0055 | URL | ||
| 33321 | BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (more info ...) | policy-violation | 2015-0055 | 64120 | URL | |
| 33322 | BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (more info ...) | policy-violation | 2015-0055 | URL | ||
| 33337 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 33338 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 33352 | BROWSER-IE Microsoft Internet Explorer 9 error handler XSS exploit attempt (more info ...) | attempted-user | 2015-0070 | URL | ||
| 33413 | BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (more info ...) | attempted-user | 2015-0051 | URL | ||
| 33414 | BROWSER-IE Microsoft Internet Explorer unitialized memory access attempt (more info ...) | attempted-user | 2015-0051 | URL | ||
| 33423 | BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (more info ...) | attempted-user | 2014-8967 | URL | ||
| 33424 | BROWSER-IE Microsoft Internet Explorer CHeaderElement object use after free attempt (more info ...) | attempted-user | 2014-8967 | URL | ||
| 33492 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 33493 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 33494 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 33495 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 33513 | MALWARE-CNC User-Agent known malicious user-agent string - XAgent - Operation Pawn Storm (more info ...) | trojan-activity | URL | |||
| 33525 | FILE-OTHER Apple OSX Safari format string validation corruption attempt (more info ...) | attempted-user | 2007-0644 | |||
| 33526 | FILE-OTHER Apple OSX Safari format string validation corruption attempt (more info ...) | attempted-user | 2007-0644 | |||
| 33566 | BROWSER-FIREFOX Mozilla Firefox 3 xsl parsing heap overflow attempt (more info ...) | attempted-user | 2009-1169 | 34235 | URL | |
| 33569 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 33570 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 33588 | FILE-OTHER Oracle Java WebStart JNLP stack buffer overflow attempt (more info ...) | attempted-user | 2007-3655 | |||
| 33605 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 33606 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 33622 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33623 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33624 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33625 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33626 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33627 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33628 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33629 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33630 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33631 | BROWSER-WEBKIT Apple Safari feeds URI null pointer dereference denial of service attempt (more info ...) | denial-of-service | 2009-0744 | |||
| 33638 | BROWSER-IE Microsoft Internet Explorer Java applet denial of service attempt (more info ...) | attempted-dos | 15208 | |||
| 33639 | BROWSER-IE Microsoft Internet Explorer Java applet denial of service attempt (more info ...) | attempted-dos | 15208 | |||
| 33661 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted embed use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 33662 | BROWSER-CHROME Google Chrome NotifyInstanceWasDeleted object use after free attempt (more info ...) | attempted-user | 2013-2912 | 62752 | ||
| 33720 | BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (more info ...) | attempted-user | 2015-1627 | URL | ||
| 33721 | BROWSER-IE Microsoft Internet Explorer 11 sandbox bypass attempt (more info ...) | attempted-user | 2015-1627 | URL | ||
| 33760 | FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (more info ...) | misc-attack | 2015-0080 | URL | ||
| 33761 | FILE-IMAGE Microsoft Internet Explorer PNG tRNS chuck size 1 information disclosure attempt (more info ...) | misc-attack | 2015-0080 | URL | ||
| 33897 | BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (more info ...) | attempted-user | 2016-0005 | URL | ||
| 33898 | BROWSER-IE Microsoft Internet Explorer javascript iframe injection attempt (more info ...) | attempted-user | 2016-0005 | URL | ||
| 33903 | BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (more info ...) | attempted-user | 2014-8636 | 72041 | ||
| 33904 | BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (more info ...) | attempted-user | 2014-8636 | 72041 | ||
| 33962 | BROWSER-CHROME Google Chrome Pepper Flash same-origin-policy bypass attempt (more info ...) | misc-attack | 2015-0337 | |||
| 34064 | BROWSER-IE Microsoft Internet Explorer CMapStringToPtr use after free attempt (more info ...) | attempted-user | 2015-1667 | URL | ||
| 34065 | BROWSER-IE Microsoft Internet Explorer CMapStringToPtr use after free attempt (more info ...) | attempted-user | 2015-1667 | URL | ||
| 34068 | BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (more info ...) | attempted-user | 2015-1661 | URL | ||
| 34069 | BROWSER-IE Microsoft Internet Explorer 11 invalid array element read attempt (more info ...) | attempted-user | 2015-1661 | URL | ||
| 34109 | BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (more info ...) | attempted-user | 2014-8636 | 72041 | ||
| 34110 | BROWSER-FIREFOX Mozilla Firefox proxy prototype privileged javascript execution attempt (more info ...) | attempted-user | 2014-8636 | 72041 | ||
| 34118 | INDICATOR-OBFUSCATION known malicious javascript packer detected (more info ...) | misc-activity | URL | |||
| 34170 | BROWSER-OTHER Opera SVG use after free memory corruption attempt (more info ...) | attempted-dos | 2013-1638 | 57633 | ||
| 34171 | BROWSER-OTHER Opera SVG use after free memory corruption attempt (more info ...) | attempted-dos | 2013-1638 | 57633 | ||
| 34299 | BROWSER-IE Microsoft Internet Explorer onpagehide use after free attempt (more info ...) | attempted-user | 2014-1795 | URL | ||
| 34320 | BROWSER-IE Microsoft Internet Explorer BSTR use after free attempt (more info ...) | attempted-user | 2014-2804 | URL | ||
| 34321 | BROWSER-IE Microsoft Internet Explorer BSTR use after free attempt (more info ...) | attempted-user | 2014-2804 | URL | ||
| 34379 | BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (more info ...) | attempted-user | 2015-1713 | URL | ||
| 34380 | BROWSER-IE Microsoft Internet Explorer protected mode sandbox privilege escalation attempt (more info ...) | attempted-user | 2015-1713 | URL | ||
| 34391 | BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (more info ...) | attempted-user | 2015-1685 | URL | ||
| 34392 | BROWSER-IE Microsoft Internet Explorer TextData out of bounds read attempt (more info ...) | attempted-user | 2015-1685 | URL | ||
| 34393 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 34394 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 34405 | BROWSER-IE Microsoft Internet Explorer improper copy buffer access information disclosure attempt (more info ...) | policy-violation | 2015-1692 | URL | ||
| 34406 | BROWSER-IE Microsoft Internet Explorer improper copy buffer access information disclosure attempt (more info ...) | policy-violation | 2015-1692 | URL | ||
| 34407 | BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (more info ...) | attempted-admin | 2015-1688 | URL | ||
| 34408 | BROWSER-IE Microsoft Internet Explorer protected mode sandbox bypass attempt (more info ...) | attempted-admin | 2015-1688 | URL | ||
| 34416 | INDICATOR-COMPROMISE Microsoft Internet Explorer 8 compatibility mode enable attempt (more info ...) | policy-violation | URL | |||
| 34479 | FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (more info ...) | attempted-user | 2015-3085 | URL | ||
| 34480 | FILE-EXECUTABLE Adobe Flash Player Internet Explorer broker process directory traversal attempt (more info ...) | attempted-user | 2015-3085 | URL | ||
| 34727 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 34728 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 34751 | BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (more info ...) | attempted-user | 2015-1748 | URL | ||
| 34752 | BROWSER-IE Microsoft Internet Explorer ieframe.dll privilege escalation attempt (more info ...) | attempted-user | 2015-1748 | URL | ||
| 34772 | BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (more info ...) | attempted-admin | 2015-1739 | URL | ||
| 34773 | BROWSER-IE Microsoft Internet Explorer MOTW.dll sandbox escape attempt (more info ...) | attempted-admin | 2015-1739 | URL | ||
| 34946 | BROWSER-FIREFOX Mozilla Firefox automatic user click event attempt (more info ...) | attempted-user | 2005-0145 | URL | ||
| 34947 | BROWSER-FIREFOX Mozilla Firefox automatic user click event attempt (more info ...) | attempted-user | 2005-0145 | URL | ||
| 35044 | BROWSER-WEBKIT Apple Safari URI spoofing attempt (more info ...) | policy-violation | 2015-1084 | |||
| 35045 | BROWSER-WEBKIT Apple Safari URI spoofing attempt (more info ...) | policy-violation | 2015-1084 | |||
| 35053 | BROWSER-IE Microsoft Internet Explorer CSVGMarkerElement use after free attempt (more info ...) | attempted-user | 2015-1668 | |||
| 35116 | BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (more info ...) | attempted-user | 2015-2421 | URL | ||
| 35117 | BROWSER-IE Microsoft Internet Explorer svg elements use after free attempt (more info ...) | attempted-user | 2015-2421 | URL | ||
| 35127 | BROWSER-IE Microsoft Internet Explorer local file information disclosure attempt (more info ...) | attempted-user | 2015-2413 | URL | ||
| 35128 | BROWSER-IE Microsoft Internet Explorer local file information disclosure attempt (more info ...) | attempted-user | 2015-2413 | URL | ||
| 35133 | BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (more info ...) | attempted-user | 2015-2412 | URL | ||
| 35134 | BROWSER-IE Microsoft Internet Explorer sandbox read permission bypass attempt (more info ...) | attempted-user | 2015-2412 | URL | ||
| 35160 | FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (more info ...) | attempted-user | 2015-2364 | URL | ||
| 35161 | FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (more info ...) | attempted-user | 2015-2364 | URL | ||
| 35162 | FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (more info ...) | attempted-user | 2015-2364 | URL | ||
| 35163 | FILE-FLASH Microsoft Internet Explorer IDataObject bitmap data conversion integer overflow attempt (more info ...) | attempted-user | 2015-2364 | URL | ||
| 35171 | BROWSER-IE Microsoft Internet Explorer MutationObserver use after free attempt (more info ...) | attempted-user | 2015-2425 | 75745 | URL | |
| 35184 | BROWSER-IE Microsoft Internet Explorer meta tag double free attempt (more info ...) | attempted-user | 2015-2391 | URL | ||
| 35186 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-2417 | URL | ||
| 35187 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-2417 | URL | ||
| 35188 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-2417 | URL | ||
| 35189 | FILE-FLASH Adobe Flash Player Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-2417 | URL | ||
| 35194 | POLICY-OTHER Microsoft Internet Explorer InPrivate mode image information leak attempt (more info ...) | attempted-recon | 2015-2414 | URL | ||
| 35195 | POLICY-OTHER Microsoft Internet Explorer InPrivate mode image information leak attempt (more info ...) | attempted-recon | 2015-2414 | URL | ||
| 35207 | BROWSER-IE Microsoft Internet Explorer JSON stringify double free attempt (more info ...) | attempted-user | 2015-2419 | URL | ||
| 35208 | BROWSER-IE Microsoft Internet Explorer JSON stringify double free attempt (more info ...) | attempted-user | 2015-2419 | URL | ||
| 35215 | BROWSER-IE Microsoft Internet Explorer protected mode atlthunk.dll dll-load exploit attempt (more info ...) | attempted-user | 2015-2368 | URL | ||
| 35216 | BROWSER-IE Microsoft Internet Explorer protected mode request for atlthunk.dll over SMB attempt (more info ...) | attempted-user | 2015-2368 | URL | ||
| 35411 | BROWSER-CHROME Google Chrome XSSAuditor Policy ByPass command injection attempt (more info ...) | attempted-user | URL | |||
| 35412 | BROWSER-CHROME Google Chrome xssauditor policy bypass command injection attempt (more info ...) | attempted-user | URL | |||
| 35438 | BROWSER-FIREFOX Mozilla Firefox JavaScript engine integer overflow attempt (more info ...) | attempted-user | 2005-2705 | 14917 | ||
| 35439 | BROWSER-FIREFOX Mozilla Firefox JavaScript engine integer overflow attempt (more info ...) | attempted-user | 2005-2705 | 14917 | ||
| 35460 | BROWSER-FIREFOX Mozilla Firefox InstallWrapper error handling code execution attempt (more info ...) | attempted-user | 2012-3993 | 56119 | ||
| 35461 | BROWSER-FIREFOX Mozilla Firefox InstallWrapper error handling code execution attempt (more info ...) | attempted-user | 2012-3993 | 56119 | ||
| 35479 | BROWSER-IE Microsoft Internet Explorer RecyclableObject type-confusion remote code execution attempt (more info ...) | attempted-user | 2015-2443 | URL | ||
| 35480 | BROWSER-IE Microsoft Internet Explorer RecyclableObject type-confusion remote code execution attempt (more info ...) | attempted-user | 2015-2443 | URL | ||
| 35507 | BROWSER-IE Microsoft Internet Explorer array prototype type confusion memory corruption attempt (more info ...) | attempted-user | 2015-2448 | URL | ||
| 35508 | BROWSER-IE Microsoft Internet Explorer array prototype type confusion memory corruption attempt (more info ...) | attempted-user | 2015-2448 | URL | ||
| 35675 | BROWSER-FIREFOX Mozilla Firefox PDF.js same origin policy violation attempt (more info ...) | policy-violation | 2015-4495 | URL | ||
| 35676 | BROWSER-FIREFOX Mozilla Firefox PDF.js same origin policy violation attempt (more info ...) | policy-violation | 2015-4495 | URL | ||
| 35739 | FILE-PDF Adobe Reader GoToE javascript execution attempt (more info ...) | web-application-attack | 2015-4449 | URL | ||
| 35740 | FILE-PDF Adobe Reader GoToE javascript execution attempt (more info ...) | web-application-attack | 2015-4449 | URL | ||
| 35881 | FILE-PDF download of a PDF with embedded JavaScript and U3D objects (more info ...) | policy-violation | URL | |||
| 35882 | FILE-PDF transfer of a PDF with embedded JavaScript and U3D objects (more info ...) | policy-violation | URL | |||
| 35998 | BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (more info ...) | attempted-user | 2015-2483 | URL | ||
| 35999 | BROWSER-IE Microsoft Internet Explorer msGetRegionContent memory corruption attempt (more info ...) | attempted-user | 2015-2483 | URL | ||
| 36020 | BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (more info ...) | policy-violation | 2015-2489 | URL | ||
| 36021 | BROWSER-IE Microsoft Internet Explorer EPM SetValue sandbox bypass attempt (more info ...) | policy-violation | 2015-2489 | URL | ||
| 36070 | INDICATOR-OBFUSCATION Javascript obfuscation using split reverse join attempt (more info ...) | attempted-user | URL | |||
| 36360 | OS-MOBILE Android WebKit Java reflection command execution attempt (more info ...) | attempted-user | 2014-0514 | URL | ||
| 36361 | OS-MOBILE Android WebKit Java reflection command execution attempt (more info ...) | attempted-user | 2014-0514 | URL | ||
| 36362 | OS-MOBILE Android WebKit Java reflection command execution attempt (more info ...) | attempted-user | 2014-0514 | URL | ||
| 36377 | BROWSER-OTHER Google Chrome invalid URI denial of service attempt (more info ...) | denial-of-service | URL | |||
| 36378 | BROWSER-OTHER Google Chrome invalid URI denial of service attempt (more info ...) | denial-of-service | URL | |||
| 36411 | BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-6047 | URL | ||
| 36412 | BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-6047 | URL | ||
| 36413 | BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-6047 | URL | ||
| 36414 | BROWSER-IE Microsoft Internet Explorer sandbox escape attempt (more info ...) | attempted-user | 2015-6047 | URL | ||
| 36417 | BROWSER-IE Microsoft Internet Explorer CWindow object use after free attempt (more info ...) | attempted-user | 2015-6042 | URL | ||
| 36431 | BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (more info ...) | attempted-user | 2015-6053 | URL | ||
| 36432 | BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (more info ...) | attempted-user | 2015-6053 | URL | ||
| 36433 | BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0675 | URL | ||
| 36434 | BROWSER-PLUGINS Microsoft Internet Explorer sapi.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-0675 | URL | ||
| 36447 | BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (more info ...) | attempted-admin | 2015-6046 | URL | ||
| 36448 | BROWSER-IE Microsoft Internet Explorer CSharedStyle object out-of-bounds read attempt (more info ...) | attempted-admin | 2015-6046 | URL | ||
| 36453 | BROWSER-IE Microsoft Internet Explorer argument validation in print preview handling exploitation attempt (more info ...) | attempted-user | 2008-2259 | 30612 | URL | |
| 36458 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 36459 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 36494 | BROWSER-IE Microsoft Internet Explorer Script Engine Stack Exhaustion Denial of Service attempt (more info ...) | attempted-dos | 2006-0753 | 16687 | ||
| 36524 | FILE-JAVA Oracle Java TrueType font parsing mort table ligature subtable buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 36525 | FILE-JAVA Oracle Java TrueType font parsing mort table ligature subtable buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 36559 | BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (more info ...) | attempted-user | 2015-6053 | URL | ||
| 36560 | BROWSER-IE Microsoft Internet Explorer arraybuffer entryslice memory corruption attempt (more info ...) | attempted-user | 2015-6053 | URL | ||
| 36585 | BROWSER-WEBKIT Apple Safari user assisted applescript code execution attempt (more info ...) | attempted-user | 2015-7007 | URL | ||
| 36753 | BROWSER-IE Microsoft Internet Explorer CElement JSON write-what-where attempt (more info ...) | attempted-user | 2015-6089 | URL | ||
| 36754 | BROWSER-IE Microsoft Internet Explorer CElement JSON write-what-where attempt (more info ...) | attempted-user | 2015-6089 | URL | ||
| 36772 | BROWSER-PLUGINS Microsoft Internet Explorer Scriptlet Component ActiveX clsid access (more info ...) | attempted-user | 2010-3331 | URL | ||
| 36782 | BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (more info ...) | attempted-user | 2009-2519 | 36280 | URL | |
| 36783 | BROWSER-PLUGINS Microsoft Internet Explorer DHTML Editing ActiveX clsid access (more info ...) | attempted-user | 2009-2519 | 36280 | URL | |
| 36789 | BROWSER-FIREFOX Mozilla Firefox Javascript large regex memory corruption attempt (more info ...) | attempted-user | 2006-1737 | 17516 | ||
| 36791 | BROWSER-IE Microsoft Internet Explorer data stream header remote code execution attempt (more info ...) | attempted-user | 2009-1547 | 36622 | URL | |
| 36968 | BROWSER-IE Microsoft Internet Explorer CTableRow memory corruption attempt (more info ...) | attempted-user | 2015-6083 | URL | ||
| 36969 | BROWSER-IE Microsoft Internet Explorer CTableRow memory corruption attempt (more info ...) | attempted-user | 2015-6083 | URL | ||
| 37310 | BROWSER-CHROME Google Chrome MOTW pageSerializer HTML injection attempt (more info ...) | attempted-dos | 2015-6784 | |||
| 37311 | BROWSER-CHROME Google Chrome MOTW pageSerializer HTML injection attempt (more info ...) | attempted-dos | 2015-6784 | |||
| 37316 | BROWSER-IE Microsoft Internet Explorer corrupted HROW instance write access violation attempt (more info ...) | attempted-user | 2012-1891 | URL | ||
| 37325 | BROWSER-CHROME Google Chrome same origin policy bypass attempt (more info ...) | policy-violation | 2015-6768 | |||
| 37363 | SERVER-OTHER Java Library SpringFramework unauthorized serialized object attempt (more info ...) | attempted-user | 2011-2894 | 49536 | ||
| 37453 | BROWSER-FIREFOX Mozilla Firefox location.hostname DOM modification bypass attempt (more info ...) | attempted-user | 2007-0981 | |||
| 37507 | BROWSER-PLUGINS Microsoft Internet Explorer Media Service Component mdsauth.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2221 | |||
| 37508 | BROWSER-PLUGINS Microsoft Internet Explorer Media Service Component mdsauth.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2221 | |||
| 37509 | BROWSER-PLUGINS Microsoft Internet Explorer Media Service Component mdsauth.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2221 | |||
| 37510 | BROWSER-PLUGINS Microsoft Internet Explorer Media Service Component mdsauth.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2007-2221 | |||
| 37583 | INDICATOR-SHELLCODE Javascript 0xCCCC unicode unescape (more info ...) | shellcode-detect | ||||
| 37715 | BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (more info ...) | attempted-user | 2011-1993 | 49947 | URL | |
| 37716 | BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (more info ...) | attempted-user | 2011-1993 | 49947 | URL | |
| 37724 | BROWSER-IE Microsoft Internet Explorer form selection reset attempt (more info ...) | attempted-user | 2011-1996 | 49961 | URL | |
| 37803 | FILE-JAVA Oracle Java IntegerInterleavedRaster integer overflow attempt (more info ...) | attempted-user | 2013-2471 | 60659 | URL | |
| 37836 | BROWSER-IE Microsoft Internet Explorer swapNode memory corruption attempt (more info ...) | attempted-user | 2013-3897 | 62811 | URL | |
| 37837 | BROWSER-IE Microsoft Internet Explorer swapNode memory corruption attempt (more info ...) | attempted-user | 2013-3897 | 62811 | URL | |
| 37847 | BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (more info ...) | attempted-user | 2012-0172 | 52906 | URL | |
| 37848 | BROWSER-IE Microsoft Internet Explorer vector graphics reference counting use-after-free attempt (more info ...) | attempted-user | 2012-0172 | 52906 | URL | |
| 37881 | BROWSER-IE Microsoft Internet Explorer DOM mergeAttributes memory corruption attempt (more info ...) | misc-activity | 2011-0094 | 37893 | URL | |
| 37888 | BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (more info ...) | attempted-user | 2007-0946 | 23770 | URL | |
| 37889 | BROWSER-IE Microsoft Internet Explorer dynamic page reloading memory corruption attempt (more info ...) | attempted-user | 2007-0946 | 23770 | URL | |
| 37905 | INDICATOR-OBFUSCATION javascript charset concatentation attempt (more info ...) | misc-activity | URL | |||
| 37906 | INDICATOR-OBFUSCATION javascript known obfuscation method attempt (more info ...) | misc-activity | URL | |||
| 37907 | INDICATOR-OBFUSCATION javascript unicode escape variable name attempt (more info ...) | misc-activity | URL | |||
| 37908 | INDICATOR-OBFUSCATION javascript with hex variable names (more info ...) | misc-activity | URL | |||
| 37909 | INDICATOR-OBFUSCATION known javascript packer detected (more info ...) | misc-activity | URL | |||
| 37935 | BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (more info ...) | attempted-user | 2010-2560 | |||
| 37936 | BROWSER-IE Microsoft Internet Explorer malformed table tag memory corruption attempt (more info ...) | attempted-user | 2010-2560 | |||
| 37944 | BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 37945 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 37946 | BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 37947 | BROWSER-IE Microsoft Internet Explorer invalid object access memory corruption attempt (more info ...) | attempted-user | 2010-0249 | URL | ||
| 37948 | INDICATOR-OBFUSCATION known malicious JavaScript decryption routine (more info ...) | attempted-user | URL | |||
| 37954 | BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (more info ...) | attempted-user | 2010-2557 | 42288 | URL | |
| 37955 | BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (more info ...) | attempted-user | 2010-2557 | 42288 | URL | |
| 37956 | BROWSER-IE Microsoft Internet Explorer boundElements arbitrary code execution attempt (more info ...) | attempted-user | 2010-2557 | 42288 | URL | |
| 37961 | BROWSER-IE Microsoft Internet Explorer long URL buffer overflow attempt (more info ...) | attempted-user | 2006-3869 | 19667 | ||
| 37966 | BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 37967 | BROWSER-IE Microsoft Internet Explorer covered object memory corruption attempt (more info ...) | attempted-user | 2011-1260 | URL | ||
| 37969 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 37970 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 37973 | BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (more info ...) | attempted-user | 2011-1993 | 49947 | URL | |
| 37974 | BROWSER-IE Microsoft Internet Explorer onscroll DOS attempt (more info ...) | attempted-user | 2011-1993 | 49947 | URL | |
| 38013 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 38014 | BROWSER-IE Microsoft Internet Explorer getBoundingClientRect incorrect rebalancing attempt (more info ...) | attempted-user | 2012-1880 | URL | ||
| 38104 | INDICATOR-OBFUSCATION Javascript obfuscation double unescape (more info ...) | attempted-user | URL | |||
| 38105 | INDICATOR-OBFUSCATION Javascript obfuscation double unescape (more info ...) | attempted-user | URL | |||
| 38344 | SERVER-OTHER Pidgin MXIT is operation null pointer dereference attempt (more info ...) | attempted-user | 2016-2365 | URL | ||
| 38345 | SERVER-OTHER Pidgin MXIT is operation null pointer dereference attempt (more info ...) | attempted-user | 2016-2365 | URL | ||
| 38363 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 38364 | BROWSER-IE Microsoft Internet Explorer deleted button use after free attempt (more info ...) | attempted-user | 2012-4792 | URL | ||
| 38530 | MALWARE-CNC Obfuscated Javascript Attack runtime detection (more info ...) | trojan-activity | URL | |||
| 38937 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1040 | URL | ||
| 38938 | FILE-PDF Adobe Reader trusted JavaScript function security bypass attempt (more info ...) | attempted-admin | 2016-1040 | URL | ||
| 39067 | SERVER-WEBAPP SAP Netweaver Java Proxy Runtime ProxyServer register cross site scripting attempt (more info ...) | attempted-user | 2016-2387 | |||
| 39068 | SERVER-WEBAPP SAP Netweaver Java Proxy Runtime ProxyServer unregister cross site scripting attempt (more info ...) | attempted-user | 2016-2387 | |||
| 39069 | SERVER-WEBAPP SAP Netweaver Java Proxy Runtime ProxyServer list cross site scripting attempt (more info ...) | attempted-user | 2016-2387 | |||
| 39155 | BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (more info ...) | attempted-user | 2007-5344 | 26817 | ||
| 39156 | BROWSER-IE Microsoft Internet Explorer DOM object cache management memory corruption attempt (more info ...) | attempted-user | 2007-5344 | |||
| 39174 | BROWSER-IE Microsoft Internet Explorer iframe uninitialized memory corruption attempt (more info ...) | attempted-user | 2010-2556 | 42257 | URL | |
| 39175 | BROWSER-IE Microsoft Internet Explorer use-after-free memory corruption attempt (more info ...) | attempted-dos | 2010-2556 | 42257 | URL | |
| 39354 | FILE-JAVA Oracle Java RangeStatisticImpl sandbox breach attempt (more info ...) | attempted-user | 2012-5076 | 56054 | ||
| 39355 | FILE-JAVA Oracle Java RangeStatisticImpl sandbox breach attempt (more info ...) | attempted-user | 2012-5076 | 56054 | ||
| 39488 | INDICATOR-OBFUSCATION obfuscated javascript excessive fromCharCode - potential attack (more info ...) | misc-activity | URL | |||
| 39489 | INDICATOR-OBFUSCATION obfuscated javascript fromCharCode with mixed number bases - potential attack (more info ...) | misc-activity | URL | |||
| 39490 | INDICATOR-OBFUSCATION obfuscated javascript fromCharCode with mixed number bases - potential attack (more info ...) | misc-activity | URL | |||
| 39497 | BROWSER-IE Microsoft Internet Explorer header tag HTML injection remote code execution attempt (more info ...) | attempted-user | 2016-3276 | URL | ||
| 39498 | BROWSER-IE Microsoft Internet Explorer header tag HTML injection remote code execution attempt (more info ...) | attempted-user | 2016-3276 | URL | ||
| 39512 | BROWSER-IE Microsoft Internet Explorer IE7 compatibility mode attempt (more info ...) | attempted-user | 2016-3241 | URL | ||
| 39513 | BROWSER-IE Microsoft Internet Explorer IE7 compatibility mode attempt (more info ...) | attempted-user | 2016-3241 | URL | ||
| 39585 | SERVER-WEBAPP Google Chromecast factory reset attempt (more info ...) | attempted-dos | URL | |||
| 39710 | MALWARE-CNC User-Agent known malicious user-agent string mozilla/2.0 (more info ...) | trojan-activity | ||||
| 39748 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (more info ...) | attempted-user | 2012-1878 | URL | ||
| 39749 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (more info ...) | attempted-user | 2012-1878 | URL | ||
| 39750 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (more info ...) | attempted-user | 2012-1878 | URL | ||
| 39751 | BROWSER-IE Microsoft Internet Explorer 9 CTreeNode use after free attempt (more info ...) | attempted-user | 2012-1878 | URL | ||
| 39820 | BROWSER-IE Microsoft Internet Explorer iframe sandbox file name information disclosure attempt (more info ...) | attempted-recon | 2016-3321 | URL | ||
| 39821 | BROWSER-IE Microsoft Internet Explorer iframe sandbox file name information disclosure attempt (more info ...) | attempted-recon | 2016-3321 | URL | ||
| 39826 | BROWSER-IE Microsoft Internet Explorer CStr internal string use-after-free attempt (more info ...) | attempted-user | 2016-3326 | URL | ||
| 40015 | BROWSER-FIREFOX Mozilla Firefox about field spoofing attempt (more info ...) | attempted-user | 2016-5268 | URL | ||
| 40037 | PUA-ADWARE Google Chrome Google Contacts extension adware (more info ...) | trojan-activity | URL | |||
| 40094 | INDICATOR-SCAN Microsoft Internet Explorer AnchorElement information disclosure attempt (more info ...) | attempted-recon | 2016-3351 | URL | ||
| 40095 | INDICATOR-SCAN Microsoft Internet Explorer AnchorElement information disclosure attempt (more info ...) | attempted-recon | 2016-3351 | URL | ||
| 40280 | BROWSER-FIREFOX Mozilla Firefox file type memory corruption attempt (more info ...) | attempted-user | 2008-5021 | 32281 | URL | |
| 40366 | BROWSER-IE Microsoft Internet Explorer ArraySpeciesCreate type confusion attempt (more info ...) | attempted-user | 2016-7190 | URL | ||
| 40367 | BROWSER-IE Microsoft Internet Explorer ArraySpeciesCreate type confusion attempt (more info ...) | attempted-user | 2016-7190 | URL | ||
| 40404 | BROWSER-IE Microsoft Internet Explorer eval type confusion attempt (more info ...) | attempted-user | 2016-3382 | URL | ||
| 40405 | BROWSER-IE Microsoft Internet Explorer eval type confusion attempt (more info ...) | attempted-user | 2016-3382 | URL | ||
| 40648 | BROWSER-IE Microsoft Edge JavaScript ReverseHelper buffer overrun attempt (more info ...) | attempted-user | 2016-7202 | URL | ||
| 40649 | BROWSER-IE Microsoft Internet Explorer Chakra.dll proxy object prototype return type confusion attempt (more info ...) | attempted-user | 2016-7201 | URL | ||
| 40650 | BROWSER-IE Microsoft Internet Explorer Chakra.dll proxy object prototype return type confusion attempt (more info ...) | attempted-user | 2016-7201 | URL | ||
| 40669 | BROWSER-IE Microsoft Internet Explorer classid remote code execution attempt (more info ...) | attempted-admin | 2016-7195 | URL | ||
| 40670 | BROWSER-IE Microsoft Internet Explorer classid remote code execution attempt (more info ...) | attempted-admin | 2016-7195 | URL | ||
| 41107 | BROWSER-IE Microsoft Internet Explorer layout object use after free attempt (more info ...) | attempted-admin | 2009-1532 | URL | ||
| 41210 | BROWSER-IE Microsoft Internet Explorer classid remote code execution attempt (more info ...) | attempted-admin | 2016-7195 | URL | ||
| 41211 | BROWSER-IE Microsoft Internet Explorer classid remote code execution attempt (more info ...) | attempted-admin | 2016-7195 | URL | ||
| 41377 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41378 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41493 | BROWSER-IE Microsoft Internet Explorer nested SPAN tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | ||
| 41494 | BROWSER-IE Microsoft Internet Explorer nested tag memory corruption attempt (more info ...) | attempted-user | 2008-4844 | 32721 | URL | |
| 41522 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode object use after free attempt (more info ...) | attempted-user | 2015-0025 | URL | ||
| 41523 | BROWSER-IE Microsoft Internet Explorer CGeneratedTreeNode object use after free attempt (more info ...) | attempted-user | 2015-0025 | URL | ||
| 41575 | BROWSER-IE Microsoft Internet Explorer mhtml and res protocol information disclosure attempt (more info ...) | attempted-user | 2017-0008 | URL | ||
| 41576 | BROWSER-IE Microsoft Internet Explorer mhtml and res protocol information disclosure attempt (more info ...) | attempted-user | 2017-0008 | URL | ||
| 41633 | BROWSER-IE Microsoft Internet Explorer 11 Windows Media Player information disclosure attempt (more info ...) | attempted-recon | 2017-0042 | URL | ||
| 41634 | BROWSER-IE Microsoft Internet Explorer 11 Windows Media Player information disclosure attempt (more info ...) | attempted-recon | 2017-0042 | URL | ||
| 41716 | BROWSER-IE Microsoft Internet Explorer malformed iframe buffer overflow attempt (more info ...) | attempted-user | ||||
| 41772 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41773 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41775 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41776 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41777 | BROWSER-IE Microsoft Internet Explorer runtimeStyle use-after-free attempt (more info ...) | attempted-user | 2015-0053 | URL | ||
| 41895 | BROWSER-IE Microsoft Internet Explorer frameset null pointer dereference attempt (more info ...) | attempted-user | URL | |||
| 41896 | BROWSER-IE Microsoft Internet Explorer frameset null pointer dereference attempt (more info ...) | attempted-user | URL | |||
| 41968 | BROWSER-IE Microsoft Edge JavascriptProxy SetPropertyTrap type confusion attempt (more info ...) | attempted-admin | 2017-0094 | URL | ||
| 41969 | BROWSER-IE Microsoft Edge JavascriptProxy SetPropertyTrap type confusion attempt (more info ...) | attempted-admin | 2017-0094 | URL | ||
| 42032 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42033 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42034 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42035 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42036 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42037 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42038 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42039 | BROWSER-IE Microsoft Internet Explorer DataView use-after-free attempt (more info ...) | attempted-user | 2015-1747 | URL | ||
| 42117 | BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt (more info ...) | attempted-user | 2016-7288 | URL | ||
| 42118 | BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt (more info ...) | attempted-user | 2016-7288 | URL | ||
| 42169 | BROWSER-IE Microsoft Internet Explorer classid remote code execution attempt (more info ...) | attempted-admin | 2016-7195 | URL | ||
| 42170 | BROWSER-IE Microsoft Internet Explorer classid remote code execution attempt (more info ...) | attempted-admin | 2016-7195 | URL | ||
| 42292 | INDICATOR-COMPROMISE malicious javascript obfuscation detected (more info ...) | attempted-user | URL | |||
| 42389 | BROWSER-IE Microsoft Internet Explorer uninitialized or deleted object access attempt (more info ...) | misc-activity | 2009-2530 | URL | ||
| 42420 | SERVER-OTHER HP Operations Agent for NonStop server HEALTH packet parsing stack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 42448 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0020 | |||
| 42449 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0020 | |||
| 42450 | BROWSER-IE Microsoft Internet Explorer deleted object access memory corruption attempt (more info ...) | attempted-user | 2013-0020 | URL | ||
| 42960 | SERVER-WEBAPP Java BeanShell Library unauthorized serialized object attempt (more info ...) | attempted-admin | URL | |||
| 42961 | SERVER-WEBAPP Java Groovy Library unauthorized serialized object attempt (more info ...) | attempted-admin | 2015-5377 | URL | ||
| 42962 | SERVER-WEBAPP Java Hibernate Library unauthorized serialized object attempt (more info ...) | attempted-admin | URL | |||
| 42963 | SERVER-WEBAPP Java Mozilla Library unauthorized serialized object attempt (more info ...) | attempted-admin | URL | |||
| 42964 | SERVER-WEBAPP Java MyFaces Library unauthorized serialized object attempt (more info ...) | attempted-admin | URL | |||
| 42965 | SERVER-WEBAPP Java RMI Library unauthorized serialized object attempt (more info ...) | attempted-admin | URL | |||
| 42969 | FILE-PDF Adobe Acrobat Reader javascript engine stack overflow attempt (more info ...) | attempted-user | 2017-3037 | URL | ||
| 42970 | FILE-PDF Adobe Acrobat Reader javascript engine stack overflow attempt (more info ...) | attempted-user | 2017-3037 | URL | ||
| 42971 | FILE-PDF Adobe Acrobat Reader javascript engine stack overflow attempt (more info ...) | attempted-user | 2017-3037 | URL | ||
| 42972 | FILE-PDF Adobe Acrobat Reader javascript engine stack overflow attempt (more info ...) | attempted-user | 2017-3037 | URL | ||
| 43042 | BROWSER-IE Microsoft Internet Explorer JSON strigify double free attempt (more info ...) | attempted-user | 2015-2419 | URL | ||
| 43043 | BROWSER-IE Microsoft Internet Explorer JSON strigify double free attempt (more info ...) | attempted-user | 2015-2419 | URL | ||
| 43069 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 43070 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 43071 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 43072 | BROWSER-IE Microsoft Internet Explorer vbscript regular expression information disclosure attempt (more info ...) | attempted-recon | 2015-6052 | URL | ||
| 43134 | BROWSER-IE Microsoft Internet Explorer CStyleSheetRule array memory corruption attempt (more info ...) | attempted-user | 2010-3328 | 43705 | URL | |
| 43293 | MALWARE-CNC Andr.Adware.Judy malicious java file download attempt (more info ...) | trojan-activity | URL | |||
| 43298 | BROWSER-WEBKIT Apple Safari Webkit WebCore CSSSelector denial of service attempt (more info ...) | denial-of-service | 2010-1029 | |||
| 43358 | BROWSER-IE Microsoft Internet Explorer CSS property method handling memory corruption attempt (more info ...) | attempted-user | 2007-0945 | 23769 | ||
| 43367 | BROWSER-FIREFOX Mozilla Firefox XUL tree element code execution attempt (more info ...) | attempted-user | 2009-1044 | 34181 | ||
| 43398 | BROWSER-IE Microsoft Internet Explorer clone object memory corruption attempt (more info ...) | attempted-user | 2007-3903 | 26816 | ||
| 43515 | BROWSER-IE Microsoft Internet Explorer cross-domain violation via cached object attempt (more info ...) | attempted-user | 2002-1254 | |||
| 43516 | BROWSER-OTHER Apple Safari nested xml tag denial of service attempt (more info ...) | denial-of-service | 2009-1233 | |||
| 43517 | BROWSER-OTHER Apple Safari nested xml tag denial of service attempt (more info ...) | denial-of-service | 2009-1233 | |||
| 43550 | BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | |||
| 43551 | BROWSER-IE Microsoft Internet Explorer span tag memory corruption attempt (more info ...) | attempted-user | 2006-1188 | |||
| 43579 | BROWSER-IE Microsoft Internet Explorer type confusion attempt (more info ...) | attempted-user | 2014-0271 | URL | ||
| 43580 | BROWSER-IE Microsoft Internet Explorer type confusion attempt (more info ...) | attempted-user | 2014-0271 | URL | ||
| 43598 | BROWSER-IE Microsoft Internet Explorer object type confusion remote code execution attempt (more info ...) | attempted-user | 2014-6347 | URL | ||
| 43599 | BROWSER-IE Microsoft Internet Explorer object type confusion remote code execution attempt (more info ...) | attempted-user | 2014-6347 | URL | ||
| 43622 | BROWSER-IE Microsoft Internet Explorer GDI VML gradient size heap overflow attempt (more info ...) | attempted-user | 2007-5348 | URL | ||
| 43635 | BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (more info ...) | attempted-user | 2013-3192 | URL | ||
| 43636 | BROWSER-IE Microsoft Internet Explorer EUC-JP encoding cross site scripting attempt (more info ...) | attempted-user | 2013-3192 | URL | ||
| 43642 | BROWSER-FIREFOX Mozilla Firefox multiple vulnerabilities memory corruption attempt (more info ...) | attempted-user | 2007-3734 | |||
| 43643 | BROWSER-FIREFOX Mozilla Firefox design mode deleted style memory corruption attempt (more info ...) | attempted-user | 2007-3734 | |||
| 43644 | BROWSER-FIREFOX Mozilla Firefox display moz-deck style memory corruption attempt (more info ...) | attempted-user | 2007-3734 | |||
| 43648 | BROWSER-IE Microsoft Internet Explorer CDocument use after free attempt (more info ...) | attempted-user | 2013-3114 | URL | ||
| 43651 | BROWSER-FIREFOX Mozilla Firefox large window null pointer dereference attempt (more info ...) | attempted-admin | URL | |||
| 43652 | BROWSER-FIREFOX Mozilla Firefox large window null pointer dereference attempt (more info ...) | attempted-admin | URL | |||
| 43656 | BROWSER-IE Microsoft Edge JavaScript ReverseHelper buffer overrun attempt (more info ...) | attempted-user | 2016-7202 | URL | ||
| 43657 | BROWSER-IE Microsoft Edge JavaScript ReverseHelper buffer overrun attempt (more info ...) | attempted-user | 2016-7202 | URL | ||
| 43658 | BROWSER-IE Microsoft Edge JavaScript ReverseHelper buffer overrun attempt (more info ...) | attempted-user | 2016-7202 | URL | ||
| 43659 | BROWSER-IE Microsoft Edge JavaScript ReverseHelper buffer overrun attempt (more info ...) | attempted-user | 2016-7202 | URL | ||
| 43664 | BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (more info ...) | attempted-user | 2014-4130 | URL | ||
| 43665 | BROWSER-IE Microsoft Internet Explorer 11 CMarkup GetMarkupTitle use-after-free attempt (more info ...) | attempted-user | 2014-4130 | URL | ||
| 43672 | BROWSER-FIREFOX Mozilla products obfuscated cross site scripting attempt (more info ...) | attempted-admin | 2008-4066 | 31346 | URL | |
| 43673 | BROWSER-FIREFOX Mozilla products obfuscated cross site scripting attempt (more info ...) | attempted-admin | 2008-4066 | 31346 | URL | |
| 43706 | BROWSER-FIREFOX Mozilla Firefox Javascript contentWindow in an iframe exploit attempt (more info ...) | attempted-user | 2006-1993 | 17671 | ||
| 43735 | BROWSER-FIREFOX Mozilla Firefox SVG pathSegList memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43736 | BROWSER-FIREFOX Mozilla Firefox XUL commandDispatcher memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43737 | BROWSER-FIREFOX Mozilla Firefox XUL commandDispatcher memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43738 | BROWSER-FIREFOX Mozilla Firefox SVGZoom memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43739 | BROWSER-FIREFOX Mozilla Firefox SVGZoom memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43740 | BROWSER-FIREFOX Mozilla Firefox frameset memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43741 | BROWSER-FIREFOX Mozilla Firefox frameset memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43742 | BROWSER-FIREFOX Mozilla Firefox lookup property memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43743 | BROWSER-FIREFOX Mozilla Firefox lookup property memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43744 | BROWSER-FIREFOX Mozilla Firefox style display inherit memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43745 | BROWSER-FIREFOX Mozilla Firefox style display inherit memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43746 | BROWSER-FIREFOX Mozilla Firefox frame element memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43747 | BROWSER-FIREFOX Mozilla Firefox frame element memory corruption attempt (more info ...) | attempted-user | 2007-2867 | 24242 | ||
| 43749 | BROWSER-FIREFOX Mozilla Firefox BOM character cross site scripting attempt (more info ...) | attempted-admin | 2008-4065 | |||
| 43761 | BROWSER-FIREFOX Mozilla Firefox wyciwgy domain forgery attempt (more info ...) | attempted-admin | 2007-3656 | |||
| 43763 | BROWSER-FIREFOX Mozilla Firefox XUL tree node removal memory corruption attempt (more info ...) | attempted-admin | 2007-0755 | |||
| 43764 | BROWSER-FIREFOX Mozilla Firefox XUL tree node removal memory corruption attempt (more info ...) | attempted-admin | 2007-0755 | |||
| 43765 | BROWSER-FIREFOX Mozilla Firefox XUL null menu memory corruption attempt (more info ...) | attempted-admin | 2007-0755 | |||
| 43766 | BROWSER-FIREFOX Mozilla Firefox XUL null menu memory corruption attempt (more info ...) | attempted-admin | 2007-0755 | |||
| 43767 | BROWSER-FIREFOX Mozilla Firefox floating layer denial of service attempt (more info ...) | attempted-admin | 2007-0755 | |||
| 43768 | BROWSER-FIREFOX Mozilla Firefox floating layer denial of service attempt (more info ...) | attempted-admin | 2007-0755 | |||
| 43778 | BROWSER-FIREFOX Mozilla Firefox nsTreeContentView double-free memory corruption attempt (more info ...) | attempted-user | 2010-0176 | 39128 | URL | |
| 43789 | SERVER-OTHER Solarwinds Virtualization Manager Java malicious object deserialization attempt (more info ...) | attempted-user | 2016-3642 | |||
| 43826 | BROWSER-OTHER Opera animation element denial of service attempt (more info ...) | denial-of-service | URL | |||
| 43827 | BROWSER-OTHER Opera animation element denial of service attempt (more info ...) | denial-of-service | URL | |||
| 43830 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 43831 | BROWSER-IE Microsoft Internet Explorer CTableLayout memory corruption attempt (more info ...) | attempted-user | 2010-0244 | 37891 | URL | |
| 43832 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-admin | 2014-6351 | |||
| 43833 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-admin | 2014-6351 | |||
| 43837 | INDICATOR-OBFUSCATION obfuscated javascript regex (more info ...) | misc-activity | URL | |||
| 43926 | FILE-PDF Adobe Acrobat Reader XFA javascript use after free exploitation attempt (more info ...) | attempted-user | URL | |||
| 43927 | FILE-PDF Adobe Acrobat Reader XFA javascript use after free exploitation attempt (more info ...) | attempted-user | URL | |||
| 43954 | BROWSER-FIREFOX Mozilla PLUGINSPAGE javascript execution attempt (more info ...) | attempted-user | 2005-0752 | 13228 | ||
| 43955 | BROWSER-CHROME Google Chrome V8 engine integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 43956 | BROWSER-CHROME Google Chrome V8 engine integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 43960 | BROWSER-FIREFOX Mozilla products element style change memory corruption code execution attempt (more info ...) | attempted-user | 2006-0294 | 16476 | ||
| 44009 | BROWSER-FIREFOX Mozilla Firefox empty lookupGetter dangling pointer attempt (more info ...) | attempted-admin | 2010-3183 | |||
| 44010 | BROWSER-FIREFOX Mozilla Firefox empty lookupGetter dangling pointer attempt (more info ...) | attempted-admin | 2010-3183 | |||
| 44035 | BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4704 | URL | ||
| 44036 | BROWSER-PLUGINS Microsoft Internet Explorer WMIScriptUtils.WMIObjectBroker2.1 ActiveX clsid access attempt (more info ...) | attempted-user | 2006-4704 | URL | ||
| 44043 | BROWSER-FIREFOX Mozilla browsers JavaScript argument passing code execution attempt (more info ...) | attempted-user | 2007-0777 | 22694 | ||
| 44044 | BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (more info ...) | attempted-admin | 2007-0777 | |||
| 44045 | BROWSER-FIREFOX Mozilla Firefox invalid watchpoint memory corruption attempt (more info ...) | attempted-admin | 2007-0777 | |||
| 44046 | BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (more info ...) | attempted-admin | 2007-0777 | |||
| 44047 | BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (more info ...) | attempted-admin | 2007-0777 | |||
| 44048 | BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (more info ...) | attempted-admin | 2007-0777 | |||
| 44049 | BROWSER-FIREFOX Mozilla Firefox memory corruption attempt (more info ...) | attempted-admin | 2007-0777 | |||
| 44050 | BROWSER-OTHER Apple Safari document.write buffer overflow attempt (more info ...) | attempted-admin | 2008-2000 | |||
| 44051 | BROWSER-OTHER Apple Safari document.write buffer overflow attempt (more info ...) | attempted-admin | 2008-2000 | |||
| 44081 | BROWSER-IE Microsoft Internet Explorer onBeforeUnload address bar spoofing attempt (more info ...) | misc-activity | 2007-3826 | 24911 | URL | |
| 44088 | BROWSER-PLUGINS Microsoft Internet Explorer CapiCom.Utilities ActiveX control getRandom method access attempt (more info ...) | attempted-user | URL | |||
| 44089 | BROWSER-PLUGINS Microsoft Internet Explorer CapiCom.Utilities ActiveX control getRandom method access attempt (more info ...) | attempted-user | URL | |||
| 44090 | BROWSER-PLUGINS Microsoft Internet Explorer CapiCom.Utilities ActiveX control getRandom method access attempt (more info ...) | attempted-user | URL | |||
| 44091 | BROWSER-PLUGINS Microsoft Internet Explorer CapiCom.Utilities ActiveX control getRandom method access attempt (more info ...) | attempted-user | URL | |||
| 44103 | FILE-PDF Multiple products PDF JavaScript saveAs arbitrary file write attempt (more info ...) | attempted-user | 2017-7442 | URL | ||
| 44104 | FILE-PDF Multiple products PDF JavaScript saveAs arbitrary file write attempt (more info ...) | attempted-user | 2017-7442 | URL | ||
| 44148 | BROWSER-IE Microsoft Internet Explorer malformed loop denial of service attempt (more info ...) | denial-of-service | 2007-0811 | 22408 | ||
| 44149 | BROWSER-IE Microsoft Internet Explorer malformed loop denial of service attempt (more info ...) | denial-of-service | 2007-0811 | 22408 | ||
| 44153 | BROWSER-IE Microsoft Internet Explorer frameBorder denial of service attempt (more info ...) | attempted-admin | 41990 | |||
| 44154 | BROWSER-IE Microsoft Internet Explorer frameBorder denial of service attempt (more info ...) | attempted-admin | 41990 | |||
| 44184 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | attempted-recon | 2002-1186 | |||
| 44185 | BROWSER-IE Microsoft Internet Explorer information disclosure attempt (more info ...) | attempted-recon | 2002-1186 | |||
| 44188 | BROWSER-IE Microsoft Internet Explorer span frontier parsing memory corruption attempt (more info ...) | attempted-user | 2008-2254 | URL | ||
| 44192 | BROWSER-IE Microsoft Internet Explorer frameBorder denial of service attempt (more info ...) | attempted-admin | 41990 | |||
| 44193 | BROWSER-IE Microsoft Internet Explorer frameBorder denial of service attempt (more info ...) | attempted-admin | 41990 | |||
| 44195 | BROWSER-IE Internet Explorer CCaret memory corruption attempt (more info ...) | attempted-user | 2013-0090 | |||
| 44196 | BROWSER-IE Internet Explorer CCaret memory corruption attempt (more info ...) | attempted-user | 2013-0090 | |||
| 44197 | BROWSER-IE Internet Explorer CCaret memory corruption attempt (more info ...) | attempted-user | 2013-0090 | |||
| 44198 | BROWSER-IE Internet Explorer CCaret memory corruption attempt (more info ...) | attempted-user | 2013-0090 | |||
| 44281 | BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (more info ...) | attempted-user | 2006-0003 | URL | ||
| 44282 | BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (more info ...) | attempted-user | 2006-0003 | URL | ||
| 44283 | BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (more info ...) | attempted-user | 2006-0003 | URL | ||
| 44284 | BROWSER-IE Microsoft Internet Explorer MDAC ActiveX clsid access attempt (more info ...) | attempted-user | 2006-0003 | URL | ||
| 44602 | BROWSER-IE Microsoft Internet Explorer SetItem use after free attempt (more info ...) | attempted-user | 2016-0106 | URL | ||
| 44603 | BROWSER-IE Microsoft Internet Explorer SetItem use after free attempt (more info ...) | attempted-user | 2016-0106 | URL | ||
| 44615 | INDICATOR-OBFUSCATION suspicious javascript deobfuscation calls attempt (more info ...) | policy-violation | URL | |||
| 44729 | BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (more info ...) | attempted-admin | 2006-1245 | |||
| 44730 | BROWSER-IE Microsoft Internet Explorer script action handler buffer overflow attempt (more info ...) | attempted-admin | 2006-1245 | |||
| 44736 | BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (more info ...) | attempted-dos | 2013-0088 | URL | ||
| 44737 | BROWSER-IE Microsoft Internet Explorer saveHistory use after free attempt (more info ...) | attempted-dos | 2013-0088 | URL | ||
| 44751 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-admin | 2014-1772 | |||
| 44752 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-admin | 2014-1772 | |||
| 44754 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-admin | 2014-1775 | |||
| 44755 | BROWSER-IE Microsoft Internet Explorer use after free attempt (more info ...) | attempted-admin | 2014-1775 | |||
| 44823 | BROWSER-IE Microsoft Internet Explorer VBScript Join out of bounds memory access attempt (more info ...) | attempted-user | 2017-11869 | |||
| 44824 | BROWSER-IE Microsoft Internet Explorer VBScript Join out of bounds memory access attempt (more info ...) | attempted-user | 2017-11869 | |||
| 44864 | INDICATOR-COMPROMISE Microsoft Internet Explorer OLE auto-open attempt (more info ...) | misc-activity | ||||
| 44865 | INDICATOR-COMPROMISE Microsoft Internet Explorer OLE auto-open attempt (more info ...) | misc-activity | ||||
| 44991 | BROWSER-FIREFOX Mozilla products CSS rendering out-of-bounds array write attempt (more info ...) | attempted-user | 2006-1739 | |||
| 45114 | MALWARE-CNC Catch-All malicious Chrome extension dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 45127 | BROWSER-FIREFOX Mozilla SSL certificate spoofing attempt (more info ...) | misc-attack | 2004-0763 | URL | ||
| 45154 | BROWSER-IE Microsoft Internet Explorer dynamic style update memory corruption attempt (more info ...) | attempted-user | 2009-0076 | URL | ||
| 45173 | BROWSER-FIREFOX Mozilla download directory file deletion attempt (more info ...) | attempted-user | 2004-2225 | URL | ||
| 45174 | BROWSER-FIREFOX Mozilla download directory file deletion attempt (more info ...) | attempted-user | 2004-2225 | URL | ||
| 45176 | BROWSER-FIREFOX Mozilla Firefox nsTreeContentView double-free memory corruption attempt (more info ...) | attempted-user | 2010-0176 | 39128 | URL | |
| 45210 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2016-7283 | URL | ||
| 45211 | BROWSER-IE Microsoft Internet Explorer out of bounds read attempt (more info ...) | attempted-user | 2016-7283 | URL | ||
| 45246 | BROWSER-FIREFOX Mozilla Firefox DOM event handler privilege escalation attempt (more info ...) | attempted-admin | 2007-3737 | |||
| 45247 | BROWSER-FIREFOX Mozilla Firefox DOM event handler privilege escalation attempt (more info ...) | attempted-admin | 2007-3737 | |||
| 45258 | FILE-JAVA Oracle Java strlen denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45259 | FILE-JAVA Oracle Java strlen denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45346 | FILE-JAVA Oracle Java strlen denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45347 | FILE-JAVA Oracle Java strlen denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45348 | FILE-JAVA IBM Java invokeWithClassLoaders method call attempt (more info ...) | attempted-user | 2012-4820 | |||
| 45349 | FILE-JAVA IBM Java invokeWithPrivilege method call attempt (more info ...) | attempted-user | 2012-4820 | |||
| 45350 | FILE-JAVA IBM Java invokeWithClassLoaders method call attempt (more info ...) | attempted-user | 2012-4820 | |||
| 45351 | FILE-JAVA IBM Java invokeWithPrivilege method call attempt (more info ...) | attempted-user | 2012-4820 | |||
| 45354 | BROWSER-OTHER Apple Safari javascript mutlibyte character escaping denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45355 | BROWSER-OTHER Apple Safari javascript mutlibyte character escaping denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45537 | SERVER-OTHER Mozilla Network Security Services heap underflow exploit attempt (more info ...) | attempted-user | 2007-0008 | |||
| 45538 | SERVER-OTHER Mozilla Network Security Services heap underflow exploit attempt (more info ...) | attempted-user | 2007-0008 | |||
| 45539 | SERVER-OTHER Mozilla Network Security Services heap underflow exploit attempt (more info ...) | attempted-user | 2007-0008 | |||
| 45576 | BROWSER-FIREFOX Mozilla Firefox Javascript Function focus overflow attempt (more info ...) | attempted-user | 2006-1993 | 17671 | ||
| 45617 | SERVER-WEBAPP HP IMC WebDM arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-12558 | 101152 | URL | |
| 45732 | BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (more info ...) | attempted-user | 2010-1392 | |||
| 45733 | BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (more info ...) | attempted-user | 2010-1392 | |||
| 45734 | BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (more info ...) | attempted-user | 2010-1392 | |||
| 45735 | BROWSER-WEBKIT Apple Safari Webkit button first-letter style rendering code execution attempt (more info ...) | attempted-user | 2010-1392 | |||
| 45748 | SERVER-WEBAPP HP IMC TopoMsgServlet arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-8966 | URL | ||
| 45760 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45761 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45762 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45763 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45764 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45765 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45766 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45767 | BROWSER-CHROME Google Chrome Blink ImageBitmap integer overflow attempt (more info ...) | attempted-admin | 2016-5182 | |||
| 45795 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45796 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45797 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45798 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45799 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45800 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45801 | SERVER-OTHER Java Library CommonsCollection unauthorized serialized object attempt (more info ...) | attempted-user | ||||
| 45885 | SERVER-WEBAPP HP IMC perfAccessMgrServlet arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-8962 | URL | ||
| 46382 | SERVER-OTHER Micro Focus Operations Orchestration denial of service attempt (more info ...) | denial-of-service | 2018-6490 | URL | ||
| 46383 | SERVER-OTHER Micro Focus Operations Orchestration information disclosure attempt (more info ...) | attempted-user | 2018-6490 | URL | ||
| 46398 | BROWSER-OTHER Mozilla Firefox table object integer underflow (more info ...) | attempted-admin | 2018-5093 | |||
| 46399 | BROWSER-OTHER Mozilla Firefox table object integer underflow (more info ...) | attempted-admin | 2018-5093 | |||
| 46412 | PUA-OTHER Javascript obfuscated by obfuscator.io download attempt (more info ...) | attempted-user | ||||
| 46413 | PUA-OTHER Mineralt JavaScript cryptocurrency mining attempt (more info ...) | misc-attack | URL | |||
| 46424 | BROWSER-IE Microsoft Edge Javascript ParseCatch type confusion attempt (more info ...) | attempted-admin | 2017-11764 | |||
| 46425 | BROWSER-IE Microsoft Edge Javascript ParseCatch type confusion attempt (more info ...) | attempted-admin | 2017-11764 | |||
| 46426 | BROWSER-IE Microsoft Edge Javascript ParseCatch type confusion attempt (more info ...) | attempted-admin | 2017-11764 | |||
| 46427 | BROWSER-IE Microsoft Edge Javascript ParseCatch type confusion attempt (more info ...) | attempted-admin | 2017-11764 | |||
| 46765 | BROWSER-FIREFOX Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt (more info ...) | attempted-admin | 2016-1961 | URL | ||
| 46766 | BROWSER-FIREFOX Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt (more info ...) | attempted-admin | 2016-1961 | URL | ||
| 46767 | BROWSER-FIREFOX Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt (more info ...) | attempted-admin | 2016-1961 | URL | ||
| 46781 | BROWSER-FIREFOX Mozilla Firefox nsHTMLDocument SetBody use-after-free attempt (more info ...) | attempted-admin | 2016-1961 | URL | ||
| 46975 | BROWSER-CHROME Google Chrome Crankshaft type confusion attempt (more info ...) | attempted-user | 2017-5070 | |||
| 46976 | BROWSER-CHROME Google Chrome Crankshaft type confusion attempt (more info ...) | attempted-user | 2017-5070 | |||
| 46977 | BROWSER-CHROME Google Chrome Crankshaft type confusion attempt (more info ...) | attempted-user | 2017-5070 | |||
| 46978 | BROWSER-CHROME Google Chrome Crankshaft type confusion attempt (more info ...) | attempted-user | 2017-5070 | |||
| 47018 | BROWSER-CHROME Google Chrome V8 __defineGetter__ memory corruption attempt (more info ...) | attempted-user | 2014-1705 | |||
| 47019 | BROWSER-CHROME Google Chrome V8 __defineGetter__ memory corruption attempt (more info ...) | attempted-user | 2014-1705 | |||
| 47054 | BROWSER-IE Microsoft Internet Explorer uninitialized pointer attempt (more info ...) | attempted-user | 2016-0191 | URL | ||
| 47463 | BROWSER-IE Microsoft Internet Explorer pre-line use after free attempt (more info ...) | attempted-user | 2015-6050 | URL | ||
| 47761 | BROWSER-IE Microsoft Internet Explorer iframe open redirect attempt (more info ...) | attempted-recon | 2018-8470 | URL | ||
| 47843 | MALWARE-CNC Java.Trojan.Adwind variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48224 | BROWSER-FIREFOX Mozilla Firefox sandbox escape attempt (more info ...) | attempted-user | ||||
| 48225 | BROWSER-FIREFOX Mozilla Firefox sandbox escape attempt (more info ...) | attempted-user | ||||
| 48226 | FILE-PDF Foxit PDF Reader JavaScript annotations use after free attempt (more info ...) | attempted-user | 2018-9958 | URL | ||
| 48227 | FILE-PDF Foxit PDF Reader JavaScript annotations use after free attempt (more info ...) | attempted-user | 2018-9958 | URL | ||
| 48576 | PROTOCOL-SCADA PNIO-CM Connect Operation (more info ...) | protocol-command-decode | URL | |||
| 48577 | PROTOCOL-SCADA PNIO-CM Connect Operation (more info ...) | protocol-command-decode | URL | |||
| 48584 | FILE-PDF Adobe Reader JavaScript resolveNode use-after-free attempt (more info ...) | attempted-user | 2018-19710 | URL | ||
| 48585 | FILE-PDF Adobe Reader JavaScript resolveNode use-after-free attempt (more info ...) | attempted-user | 2018-19710 | URL | ||
| 49008 | PROTOCOL-SCADA PCOM Read Operands binary request (more info ...) | attempted-recon | URL | |||
| 49030 | PROTOCOL-SCADA PCOM Read Operands binary reply (more info ...) | attempted-recon | URL | |||
| 49065 | SERVER-OTHER Robot Operating System aztarna scanner getSystemState attempt (more info ...) | attempted-user | URL | |||
| 49066 | SERVER-OTHER Robot Operating System aztarna scanner fingerprinting attempt (more info ...) | attempted-recon | URL | |||
| 49067 | SERVER-OTHER Robot Operating System aztarna scanner fingerprinting attempt (more info ...) | attempted-user | URL | |||
| 49083 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 49084 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | |||
| 49112 | BROWSER-OTHER Opera GIF parsing buffer underflow attempt (more info ...) | attempted-user | 2012-6470 | |||
| 49113 | BROWSER-OTHER Opera GIF parsing buffer overflow attempt (more info ...) | attempted-user | 2012-6470 | |||
| 49114 | BROWSER-OTHER Opera GIF parsing buffer underflow attempt (more info ...) | attempted-user | 2012-6470 | |||
| 49115 | BROWSER-OTHER Opera GIF parsing buffer overflow attempt (more info ...) | attempted-user | 2012-6470 | |||
| 49116 | FILE-JAVA Oracle Java JPEGImageWriter memory corruption attempt (more info ...) | attempted-user | 2013-2429 | |||
| 49117 | FILE-JAVA Oracle Java JPEGImageWriter memory corruption attempt (more info ...) | attempted-user | 2013-2429 | |||
| 49186 | BROWSER-IE Microsoft Internet Explorer HtmlLayout styling use after free attempt (more info ...) | attempted-user | 2014-4050 | URL | ||
| 49187 | BROWSER-IE Microsoft Internet Explorer HtmlLayout styling use after free attempt (more info ...) | attempted-user | 2014-4050 | URL | ||
| 49374 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 49375 | BROWSER-IE Microsoft Internet Explorer CAnchorElement use after free attempt (more info ...) | attempted-user | 2013-3882 | URL | ||
| 49686 | BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt (more info ...) | attempted-user | 2016-7288 | URL | ||
| 49687 | BROWSER-IE Microsoft Internet Explorer Typed Array use after free attempt (more info ...) | attempted-user | 2016-7288 | URL | ||
| 49811 | BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (more info ...) | attempted-user | 2012-4787 | URL | ||
| 49812 | BROWSER-IE Microsoft Internet Explorer invalid object property memory corruption attempt (more info ...) | attempted-user | 2012-4787 | URL | ||
| 49845 | FILE-JAVA Oracle Java privileged protection domain exploitation attempt (more info ...) | attempted-admin | 2012-4681 | |||
| 49862 | BROWSER-IE Microsoft Internet Explorer eval type confusion attempt (more info ...) | attempted-user | 2016-3382 | URL | ||
| 49863 | BROWSER-IE Microsoft Internet Explorer eval type confusion attempt (more info ...) | attempted-user | 2016-3382 | URL | ||
| 49870 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 49871 | BROWSER-IE Microsoft Internet Explorer CQuotes use-after-free attempt (more info ...) | attempted-user | 2014-6351 | URL | ||
| 49929 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 49930 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 49931 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 49932 | BROWSER-PLUGINS Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt (more info ...) | attempted-user | 2012-1889 | URL | ||
| 49940 | BROWSER-IE Microsoft Internet Explorer VML use after free attempt (more info ...) | attempted-user | 2014-1776 | URL | ||
| 49988 | BROWSER-IE Microsoft Internet Explorer cdomuievent use after free attempt (more info ...) | attempted-user | 2014-2820 | 69116 | URL | |
| 49989 | BROWSER-IE Microsoft Internet Explorer cdomuievent use after free attempt (more info ...) | attempted-user | 2014-2820 | 69116 | URL | |
| 50004 | BROWSER-IE Javascript CollectGarbage use-after-free attempt (more info ...) | attempted-user | 2014-1791 | URL | ||
| 50005 | BROWSER-IE Javascript CollectGarbage use-after-free attempt (more info ...) | attempted-user | 2014-1791 | URL | ||
| 50026 | BROWSER-IE Microsoft Internet Explorer window scroll integer overflow attempt (more info ...) | attempted-user | 2015-2446 | 76193 | URL | |
| 50027 | BROWSER-IE Microsoft Internet Explorer window scroll integer overflow attempt (more info ...) | attempted-user | 2015-2446 | 76193 | URL | |
| 50123 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 50124 | BROWSER-IE Microsoft Internet Explorer CTextElement use after free attempt (more info ...) | attempted-user | 2014-2782 | URL | ||
| 50127 | INDICATOR-OBFUSCATION ActiveXObject javascript obfuscation attempt (more info ...) | attempted-user | ||||
| 50128 | INDICATOR-OBFUSCATION ActiveXObject javascript obfuscation attempt (more info ...) | attempted-user | ||||
| 51427 | BROWSER-CHROME Google Chrome V8 engine object instantiation heap corruption attempt (more info ...) | attempted-user | 2018-6065 | |||
| 51428 | BROWSER-CHROME Google Chrome V8 engine object instantiation heap corruption attempt (more info ...) | attempted-user | 2018-6065 | |||
| 51439 | BROWSER-FIREFOX Mozilla Firefox Custom Elements write-after-free attempt (more info ...) | attempted-user | 2018-18500 | |||
| 51440 | BROWSER-FIREFOX Mozilla Firefox Custom Elements write-after-free attempt (more info ...) | attempted-user | 2018-18500 | |||
| 51826 | BROWSER-PLUGINS Microsoft Internet Explorer NMSA.MediaDescription ActiveX function call access attempt (more info ...) | denial-of-service | 2006-3897 | |||
| 52028 | SERVER-WEBAPP JavaServer Faces Library unauthorized serialized object attempt (more info ...) | web-application-attack | ||||
| 52244 | BROWSER-WEBKIT Apple Safari WebKit handleIntrinsicCall type confusion attempt (more info ...) | attempted-user | 2018-4382 | URL | ||
| 52245 | BROWSER-WEBKIT Apple Safari WebKit handleIntrinsicCall type confusion attempt (more info ...) | attempted-user | 2018-4382 | URL | ||
| 52248 | BROWSER-CHROME Google Chrome Javascript V8 Array.indexOf information leak attempt (more info ...) | attempted-user | 2017-5040 | URL | ||
| 52249 | BROWSER-CHROME Google Chrome Javascript V8 Array.indexOf information leak attempt (more info ...) | attempted-user | 2017-5040 | URL | ||
| 52250 | BROWSER-CHROME Google Chrome Javascript V8 Array.includes information leak attempt (more info ...) | attempted-user | 2017-5040 | URL | ||
| 52251 | BROWSER-CHROME Google Chrome Javascript V8 Array.includes information leak attempt (more info ...) | attempted-user | 2017-5040 | URL | ||
| 52313 | BROWSER-WEBKIT Apple Safari WebKit memory corruption attempt (more info ...) | attempted-user | 2018-4368 | URL | ||
| 52314 | BROWSER-WEBKIT Apple Safari WebKit memory corruption attempt (more info ...) | attempted-user | 2018-4368 | URL | ||
| 52315 | BROWSER-WEBKIT Apple Safari WebKit memory corruption attempt (more info ...) | attempted-user | 2018-4368 | URL | ||
| 52316 | BROWSER-WEBKIT Apple Safari WebKit memory corruption attempt (more info ...) | attempted-user | 2018-4368 | URL | ||
| 52317 | BROWSER-CHROME Google Chrome V8 JavaScript Engine memory corruption attempt (more info ...) | attempted-user | 2017-5115 | |||
| 52318 | BROWSER-CHROME Google Chrome V8 JavaScript Engine memory corruption attempt (more info ...) | attempted-user | 2017-5115 | |||
| 52341 | BROWSER-WEBKIT Apple Safari WebKit out-of-bounds read attempt (more info ...) | attempted-user | 2019-8689 | URL | ||
| 52342 | BROWSER-WEBKIT Apple Safari WebKit out-of-bounds read attempt (more info ...) | attempted-user | 2019-8689 | URL | ||
| 53473 | BROWSER-WEBKIT Apple Safari WebKit JavaScript engine type confusion attempt (more info ...) | attempted-user | 2019-8820 | URL | ||
| 53474 | BROWSER-WEBKIT Apple Safari WebKit JavaScript engine type confusion attempt (more info ...) | attempted-user | 2019-8820 | URL | ||
| 53476 | BROWSER-WEBKIT Apple Safari browser putToPrimitive cross-site scripting attempt (more info ...) | web-application-attack | 2019-8764 | URL | ||
| 53479 | BROWSER-WEBKIT Apple Safari browser putToPrimitive cross-site scripting attempt (more info ...) | web-application-attack | 2019-8764 | URL | ||
| 53580 | BROWSER-FIREFOX Mozilla Firefox potential use after free attempt (more info ...) | attempted-user | 2020-6820 | URL | ||
| 53581 | BROWSER-FIREFOX Mozilla Firefox potential use after free attempt (more info ...) | attempted-user | 2020-6820 | URL | ||
| 54024 | POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (more info ...) | policy-violation | 2020-3280 | URL | ||
| 54025 | POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (more info ...) | policy-violation | 2020-3280 | URL | ||
| 54026 | POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (more info ...) | policy-violation | 2020-3280 | URL | ||
| 54027 | POLICY-OTHER Cisco Unified Contact Center Express vulnerable Java RMI class access detected (more info ...) | policy-violation | 2020-3280 | URL | ||
| 56008 | BROWSER-WEBKIT Apple Safari WebKit JSPropertyNameEnumeration type confusion attempt (more info ...) | attempted-user | 2018-4416 | URL | ||
| 56009 | BROWSER-WEBKIT Apple Safari WebKit JSPropertyNameEnumeration type confusion attempt (more info ...) | attempted-user | 2018-4416 | URL | ||
| 56042 | BROWSER-WEBKIT Apple Safari Webkit attribute child removal code execution attempt (more info ...) | attempted-user | 2010-1119 | 40642 | ||
| 56043 | BROWSER-WEBKIT Apple Safari WebKit Webcore SVGAnimateElementBase use after free attempt (more info ...) | attempted-user | 2018-4314 | |||
| 56044 | BROWSER-WEBKIT Apple Safari WebKit Webcore SVGAnimateElementBase use after free attempt (more info ...) | attempted-user | 2018-4314 | |||
| 56541 | BROWSER-FIREFOX Mozilla Firefox default content process DACL sandbox escape attempt (more info ...) | attempted-user | 2020-12388 | URL | ||
| 56542 | BROWSER-FIREFOX Mozilla Firefox default content process DACL sandbox escape attempt (more info ...) | attempted-user | 2020-12388 | URL | ||
| 57375 | BROWSER-CHROME Google Chrome WebAssembly memory corruption attempt (more info ...) | attempted-user | 2020-15994 | URL | ||
| 57376 | BROWSER-CHROME Google Chrome WebAssembly memory corruption attempt (more info ...) | attempted-user | 2020-15994 | URL | ||
| 57385 | INDICATOR-OBFUSCATION Javascript obfuscation using meaningless bitshift (more info ...) | attempted-user | URL | |||
| 57423 | BROWSER-CHROME Google Chrome V8 JavaScript Engine memory corruption attempt (more info ...) | attempted-user | 2020-16009 | URL | ||
| 57424 | BROWSER-CHROME Google Chrome V8 JavaScript Engine memory corruption attempt (more info ...) | attempted-user | 2020-16009 | URL | ||
| 57433 | POLICY-OTHER VMware vRealize Operations Manager potential maintenceAdmin credentials leak attempt (more info ...) | policy-violation | 2021-21975 | URL | ||
| 57446 | BROWSER-CHROME Google Chrome JavaScript engine use after free attempt (more info ...) | attempted-user | 2020-6550 | |||
| 57447 | BROWSER-CHROME Google Chrome JavaScript engine use after free attempt (more info ...) | attempted-user | 2020-6550 | |||
| 57484 | BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (more info ...) | attempted-user | 2013-1310 | 59751 | URL | |
| 57485 | BROWSER-IE Microsoft Internet Explorer CSS .ipsum layout use-after-free attempt (more info ...) | attempted-user | 2013-1310 | 59751 | URL | |
| 57533 | FILE-JAVA Oracle Java Runtime Environment JAR file processing buffer overflow attempt (more info ...) | attempted-user | 2008-5354 | 32608 | ||
| 57534 | FILE-JAVA Oracle Java Runtime Environment JAR file processing buffer overflow attempt (more info ...) | attempted-user | 2008-5354 | 32608 | ||
| 57568 | SERVER-OTHER Oracle Java PhantomReference object handling memory corruption attempt (more info ...) | attempted-user | 2015-0395 | URL | ||
| 57569 | SERVER-OTHER Oracle Java PhantomReference object handling memory corruption attempt (more info ...) | attempted-user | 2015-0395 | URL | ||
| 57743 | MALWARE-CNC Java.Backdoor.StrRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57797 | INDICATOR-OBFUSCATION Javascript obfuscation using parseInt (more info ...) | attempted-user | URL | |||
| 57808 | SERVER-OTHER Mozilla Network Security Services stack buffer overflow attempt (more info ...) | attempted-user | 2007-0009 | 22694 | URL | |
| 57998 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-34480 | URL | ||
| 57999 | BROWSER-IE Microsoft Internet Explorer memory corruption attempt (more info ...) | attempted-user | 2021-34480 | URL | ||
| 58335 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Java expression language injection attempt (more info ...) | attempted-admin | 2017-12513 | |||
| 58336 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Java expression language injection attempt (more info ...) | attempted-admin | 2017-12513 | |||
| 58389 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center deploySelectBootrom Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58390 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center deploySelectBootrom Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58391 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center reportTaskSelect Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58392 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center reportTaskSelect Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58393 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58394 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center ictExpertCSVDownload Java expression language injection attempt (more info ...) | web-application-attack | ||||
| 58516 | SERVER-WEBAPP SAP NetWeaver AS JAVA XML external entity injection attempt (more info ...) | web-application-attack | 2016-9563 | |||
| 58838 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Index Java expression language injection attempt (more info ...) | attempted-admin | 2017-12525 | |||
| 58839 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Index Java expression language injection attempt (more info ...) | attempted-admin | 2017-12525 | |||
| 58856 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center TopoReqServlet arbitrary Java object deserialization attempt (more info ...) | attempted-admin | 2017-8963 | |||
| 58978 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Java expression language injection attempt (more info ...) | attempted-admin | 2017-12517 | |||
| 58979 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center Java expression language injection attempt (more info ...) | attempted-admin | 2017-12517 | |||
| 59313 | SERVER-WEBAPP HPE Intelligent Management Center PlatNavigationToBean URL Java expression language injection attempt (more info ...) | attempted-admin | 2019-5387 | |||
| 59314 | SERVER-WEBAPP HPE Intelligent Management Center PlatNavigationToBean URL Java expression language injection attempt (more info ...) | attempted-admin | 2019-5387 | |||
| 59445 | MALWARE-CNC Java.Trojan.Verblecon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59446 | MALWARE-CNC Java.Trojan.Verblecon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59463 | INDICATOR-SHELLCODE Java object deserialization exploit attempt (more info ...) | attempted-user | 2020-3280 | URL | ||
| 59552 | FILE-JAVA IBM Java SDK privilege escalation attempt (more info ...) | attempted-user | 2012-4822 | |||
| 59553 | FILE-JAVA IBM Java SDK privilege escalation attempt (more info ...) | attempted-user | 2012-4822 | |||
| 59554 | FILE-JAVA IBM Java SDK privilege escalation attempt (more info ...) | attempted-user | 2012-4822 | |||
| 59555 | FILE-JAVA IBM Java SDK privilege escalation attempt (more info ...) | attempted-user | 2012-4822 | |||
| 59712 | FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | |||
| 59713 | FILE-JAVA Oracle Java Applet ProviderSkeleton sandbox bypass attempt (more info ...) | attempted-user | 2013-2460 | |||
| 60051 | BROWSER-CHROME Google Chrome V8 JavaScript Engine type confusion attempt (more info ...) | attempted-user | 2020-6383 | |||
| 60052 | BROWSER-CHROME Google Chrome V8 JavaScript Engine type confusion attempt (more info ...) | attempted-user | 2020-6383 | |||
| 60220 | BROWSER-CHROME Chrome IPC domDistiller sandbox escape attempt (more info ...) | attempted-user | 2020-6465 | URL | ||
| 60221 | BROWSER-CHROME Chrome IPC domDistiller sandbox escape attempt (more info ...) | attempted-user | 2020-6465 | URL | ||
| 60222 | BROWSER-CHROME V8 WebAssembly remote code execution attempt (more info ...) | attempted-user | 2020-15994 | URL | ||
| 60223 | BROWSER-CHROME V8 WebAssembly remote code execution attempt (more info ...) | attempted-user | 2020-15994 | URL | ||
| 60282 | BROWSER-CHROME Intent handling downgrade attempt (more info ...) | attempted-user | 2022-2856 | URL | ||
| 60290 | BROWSER-CHROME Google Chrome v8 garbage collector use after free attempt (more info ...) | attempted-user | 2021-37975 | |||
| 60295 | MALWARE-CNC Win.Downloader.ChromeLoader outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60354 | BROWSER-CHROME V8 getThis type confusion attempt (more info ...) | attempted-user | 2022-1364 | URL | ||
| 60355 | BROWSER-CHROME V8 getThis type confusion attempt (more info ...) | attempted-user | 2022-1364 | URL | ||
| 60368 | BROWSER-CHROME Chromium V8 Engine remote code execution attempt (more info ...) | attempted-user | 2016-5198 | URL | ||
| 60467 | BROWSER-CHROME Google Chrome V8 engine IterateElements out-of-bounds read attempt (more info ...) | attempted-user | 2016-1646 | |||
| 60468 | BROWSER-CHROME Google Chrome V8 engine IterateElements out-of-bounds read attempt (more info ...) | attempted-user | 2016-1646 | |||
| 60683 | BROWSER-WEBKIT Apple Safari WebCore command cross site scripting attempt (more info ...) | attempted-user | 2019-8720 | URL | ||
| 60684 | BROWSER-WEBKIT Apple Safari WebCore command cross site scripting attempt (more info ...) | attempted-user | 2019-8720 | URL | ||
| 60702 | BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (more info ...) | policy-violation | 2014-2817 | URL | ||
| 60703 | BROWSER-IE Microsoft Internet Explorer EPM MOTWCreateFileW file access bypass attempt (more info ...) | policy-violation | 2014-2817 | URL | ||
| 60711 | FILE-JAVA Oracle Java JNLP progress-class remote code execution attempt (more info ...) | attempted-user | 2015-4902 | URL | ||
| 60712 | FILE-JAVA Oracle Java JNLP progress-class remote code execution attempt (more info ...) | attempted-user | 2015-4902 | URL | ||
| 60915 | BROWSER-CHROME V8 CSS prop type defineProperty interceptor confusion attempt (more info ...) | attempted-user | 2022-1232 | URL | ||
| 60916 | BROWSER-CHROME V8 CSS prop type defineProperty interceptor confusion attempt (more info ...) | attempted-user | 2022-1232 | URL | ||
| 60944 | BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (more info ...) | web-application-attack | 2019-5825 | URL | ||
| 60945 | BROWSER-CHROME Chrome JavaScript Array.map Out-of-Bounds Write attempt (more info ...) | web-application-attack | 2019-5825 | URL | ||
| 60952 | BROWSER-CHROME Google Chrome PDFiumEngine RequestThumbnail use-after-free attempt (more info ...) | attempted-user | 2022-0306 | URL | ||
| 60953 | BROWSER-CHROME Google Chrome PDFiumEngine RequestThumbnail use-after-free attempt (more info ...) | attempted-user | 2022-0306 | URL | ||
| 60986 | FILE-PDF Foxit PhantomPDF JavaScript annotation use-after-free attempt (more info ...) | attempted-user | ||||
| 60987 | FILE-PDF Foxit PhantomPDF JavaScript annotation use-after-free attempt (more info ...) | attempted-user | ||||
| 61029 | BROWSER-CHROME Google Chrome safe_browsing malicious use-after-free attempt (more info ...) | attempted-user | 2022-0289 | URL | ||
| 61030 | BROWSER-CHROME Google Chrome safe_browsing malicious use-after-free attempt (more info ...) | attempted-user | 2022-0289 | URL | ||
| 61031 | BROWSER-CHROME Google Chrome safe_browsing malicious use-after-free attempt (more info ...) | attempted-user | 2022-0289 | URL | ||
| 61032 | BROWSER-CHROME Google Chrome safe_browsing malicious use-after-free attempt (more info ...) | attempted-user | 2022-0289 | URL | ||
| 61165 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2023-1693 attack attempt (more info ...) | attempted-user | URL | |||
| 61166 | BROWSER-CHROME TRUFFLEHUNTER TALOS-2023-1693 attack attempt (more info ...) | attempted-user | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 37131 | FILE-IDENTIFY .wsf attachment file type blocked by Outlook detected (more info ...) | policy-violation | ||||
| 44734 | SERVER-MAIL Microsoft Outlook Express mhtml code execution attempt (more info ...) | attempted-admin | 2004-0380 | |||
| 44735 | SERVER-MAIL Microsoft Outlook Express mhtml code execution attempt (more info ...) | attempted-admin | 2004-0380 | |||
| 62038 | SERVER-WEBAPP Roundcube Webmail Client command injection attempt (more info ...) | web-application-attack | 2020-12641 | URL | ||
| 62039 | SERVER-WEBAPP Roundcube Webmail Client command injection attempt (more info ...) | web-application-attack | 2020-12641 | URL | ||
| 62040 | SERVER-WEBAPP Roundcube Webmail Client command injection attempt (more info ...) | web-application-attack | 2020-12641 | URL | ||
| 62041 | SERVER-WEBAPP Roundcube Webmail Client remote file include attempt (more info ...) | web-application-attack | 2020-12641 | URL | ||
| 62042 | SERVER-WEBAPP Roundcube Webmail Client remote file include attempt (more info ...) | web-application-attack | 2020-12641 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 7005 | BROWSER-PLUGINS OutlookExpress.AddressBook ActiveX function call access (more info ...) | attempted-user | ||||
| 8371 | BROWSER-PLUGINS Outlook.Application ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 8721 | BROWSER-PLUGINS Outlook Data Object ActiveX clsid access (more info ...) | attempted-user | URL | |||
| 9668 | BROWSER-PLUGINS Outlook Recipient Control ActiveX clsid access (more info ...) | attempted-user | 2006-6659 | 21649 | ||
| 9670 | BROWSER-PLUGINS Outlook Recipient Control ActiveX function call access (more info ...) | attempted-user | 2006-6659 | 21649 | ||
| 11236 | BROWSER-PLUGINS OutlookExpress.AddressBook ActiveX clsid access (more info ...) | attempted-user | ||||
| 12390 | POLICY-SOCIAL Yahoo Webmail client chat applet (more info ...) | policy-violation | ||||
| 12391 | POLICY-SOCIAL Google Webmail client chat applet (more info ...) | policy-violation | ||||
| 18590 | OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (more info ...) | attempted-user | 2006-2386 | 17459 | URL | |
| 18811 | FILE-IDENTIFY .ade attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18812 | FILE-IDENTIFY .adp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18813 | FILE-IDENTIFY .app attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18814 | FILE-IDENTIFY .asp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18815 | FILE-IDENTIFY .bas attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18817 | FILE-IDENTIFY .cer attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18818 | FILE-IDENTIFY .chm attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18819 | FILE-IDENTIFY .cmd attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18820 | FILE-IDENTIFY .cnt attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18821 | FILE-IDENTIFY .com attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18822 | FILE-IDENTIFY .cpl attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18823 | FILE-IDENTIFY .crt attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18824 | FILE-IDENTIFY .csh attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18825 | FILE-IDENTIFY .der attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18826 | FILE-IDENTIFY .exe attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18827 | FILE-IDENTIFY .fxp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18828 | FILE-IDENTIFY .gadget attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18829 | FILE-IDENTIFY .hlp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18830 | FILE-IDENTIFY .hpj attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18831 | FILE-IDENTIFY .hta attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18832 | FILE-IDENTIFY .inf attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18833 | FILE-IDENTIFY .ins attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18834 | FILE-IDENTIFY .isp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18835 | FILE-IDENTIFY .its attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18836 | FILE-IDENTIFY .js attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18837 | FILE-IDENTIFY .jse attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18838 | FILE-IDENTIFY .ksh attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18839 | FILE-IDENTIFY .lnk attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18840 | FILE-IDENTIFY .mad attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18841 | FILE-IDENTIFY .maf attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18842 | FILE-IDENTIFY .mag attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18843 | FILE-IDENTIFY .mam attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18844 | FILE-IDENTIFY .maq attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18845 | FILE-IDENTIFY .mar attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18846 | FILE-IDENTIFY .mas attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18847 | FILE-IDENTIFY .mat attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18848 | FILE-IDENTIFY .mau attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18849 | FILE-IDENTIFY .mav attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18850 | FILE-IDENTIFY .maw attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18851 | FILE-IDENTIFY .mda attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18852 | FILE-IDENTIFY .mdb attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18853 | FILE-IDENTIFY .mde attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18854 | FILE-IDENTIFY .mdt attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18855 | FILE-IDENTIFY .mdw attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18856 | FILE-IDENTIFY .mdz attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18857 | FILE-IDENTIFY .msc attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18858 | FILE-IDENTIFY .msh attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18859 | FILE-IDENTIFY .msh1 attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18860 | FILE-IDENTIFY .msh2 attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18861 | FILE-IDENTIFY .mshxml attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18862 | FILE-IDENTIFY .msh1xml attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18863 | FILE-IDENTIFY .msh2xml attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18864 | FILE-IDENTIFY .msi attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18865 | FILE-IDENTIFY .msp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18866 | FILE-IDENTIFY .mst attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18867 | FILE-IDENTIFY .ops attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18868 | FILE-IDENTIFY .osd attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18869 | FILE-IDENTIFY .pcd attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18870 | FILE-IDENTIFY .pif attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18871 | FILE-IDENTIFY .plg attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18872 | FILE-IDENTIFY .prf attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18873 | FILE-IDENTIFY .prg attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18874 | FILE-IDENTIFY .pst attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18875 | FILE-IDENTIFY .reg attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18876 | FILE-IDENTIFY .scf attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18877 | FILE-IDENTIFY .scr attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18878 | FILE-IDENTIFY .sct attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18879 | FILE-IDENTIFY .shb attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18880 | FILE-IDENTIFY .shs attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18881 | FILE-IDENTIFY .ps1 attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18882 | FILE-IDENTIFY .ps1xml attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18883 | FILE-IDENTIFY .ps2 attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18884 | FILE-IDENTIFY .ps2xml attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18885 | FILE-IDENTIFY .psc1 attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18886 | FILE-IDENTIFY .psc2 attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18887 | FILE-IDENTIFY .tmp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18888 | FILE-IDENTIFY .url attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18889 | FILE-IDENTIFY .vb attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18890 | FILE-IDENTIFY .vbe attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18891 | FILE-IDENTIFY .vbp attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18892 | FILE-IDENTIFY .vbs attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18893 | FILE-IDENTIFY .vsmacros attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18894 | FILE-IDENTIFY .vsw attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18895 | FILE-IDENTIFY .ws attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18896 | FILE-IDENTIFY .wsc attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18897 | FILE-IDENTIFY .wsf attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18898 | FILE-IDENTIFY .wsh attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 18899 | FILE-IDENTIFY .xnk attachment file type blocked by Outlook detected (more info ...) | policy-violation | URL | |||
| 26993 | SERVER-WEBAPP Microsoft Outlook Web Access Login URL Redirection attempt (more info ...) | web-application-activity | 2005-0420 | |||
| 32681 | SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (more info ...) | attempted-user | 2014-6325 | URL | ||
| 32682 | SERVER-WEBAPP Microsoft Outlook Web Access parameter cross site scripting attempt (more info ...) | attempted-user | 2014-6325 | URL | ||
| 33198 | OS-WINDOWS Outlook Express WAB file parsing buffer overflow attempt (more info ...) | attempted-user | 2006-2386 | 17459 | URL | |
| 33762 | SERVER-WEBAPP Microsoft Outlook WebAccess msgParam cross site scripting attempt (more info ...) | attempted-user | 2015-1632 | URL | ||
| 36766 | FILE-OTHER Microsoft Outlook for Mac EML file http-equiv refresh url attempt (more info ...) | misc-attack | 2015-6123 | URL | ||
| 36767 | FILE-OTHER Microsoft Outlook for Mac EML file http-equiv refresh url attempt (more info ...) | misc-attack | 2015-6123 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 2420 | FILE-IDENTIFY RealNetworks Realplayer .rmp playlist file download request (more info ...) | misc-activity | URL | |||
| 3088 | FILE-MULTIMEDIA Nullsoft Winamp cda file name overflow attempt (more info ...) | attempted-user | 2004-1119 | 11730 | 15817 | |
| 12454 | FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (more info ...) | misc-activity | URL | |||
| 13520 | SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (more info ...) | attempted-user | 2008-0065 | |||
| 13521 | SERVER-OTHER Nullsoft Winamp Ultravox buffer overflow attempt (more info ...) | attempted-user | 2008-0065 | |||
| 13897 | FILE-MULTIMEDIA Apple Quicktime crgn atom parsing stack buffer overflow attempt (more info ...) | attempted-user | 2008-1017 | 28583 | ||
| 15483 | FILE-IDENTIFY Adobe Shockwave Flash file download request (more info ...) | misc-activity | URL | |||
| 15901 | FILE-MULTIMEDIA Nullsoft Winamp AIFF parsing heap buffer overflow attempt (more info ...) | attempted-user | 2009-0263 | 33226 | ||
| 16219 | FILE-IDENTIFY Adobe Director Movie file download request (more info ...) | misc-activity | URL | |||
| 16371 | BROWSER-PLUGINS NOS Microsystems Adobe atl_getcom ActiveX clsid access (more info ...) | attempted-user | 2009-3958 | 37759 | URL | |
| 16490 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 17116 | FILE-IDENTIFY Microsoft Windows Media ASX file download request (more info ...) | misc-activity | URL | |||
| 17214 | FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2010-0188 | |||
| 17215 | FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2010-0188 | |||
| 17233 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | URL | ||
| 17241 | FILE-IDENTIFY Microsoft Windows Media wmv file download request (more info ...) | misc-activity | ||||
| 17700 | FILE-MULTIMEDIA RealNetworks RealPlayer wav chunk string overflow attempt (more info ...) | attempted-user | 2005-0611 | 12697 | ||
| 17801 | FILE-IDENTIFY Adobe Director Movie file magic detected (more info ...) | misc-activity | URL | |||
| 17802 | FILE-IDENTIFY Adobe Director Movie file download request (more info ...) | misc-activity | URL | |||
| 17809 | FILE-IDENTIFY Apple Quicktime qt file download request (more info ...) | misc-activity | URL | |||
| 18527 | FILE-PDF Adobe Acrobat Reader shell metacharacter code execution attempt (more info ...) | attempted-user | 2004-0630 | 10931 | ||
| 18585 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 18987 | FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 18988 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 18989 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 18990 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 18991 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 19257 | FILE-FLASH Adobe ActionScript float index memory corruption attempt (more info ...) | attempted-user | 2011-2110 | URL | ||
| 19262 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 19263 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 19264 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 19682 | FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (more info ...) | attempted-user | 2011-2416 | 49081 | URL | |
| 20031 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 20110 | SERVER-OTHER Nullsoft Winamp Ultravox streaming malicious metadata (more info ...) | attempted-user | 2008-0065 | |||
| 20131 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20495 | FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 20496 | FILE-IDENTIFY Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 20497 | FILE-IDENTIFY Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 20507 | FILE-IDENTIFY Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 20544 | FILE-IDENTIFY Adobe Flash Player FLV file download request (more info ...) | misc-activity | URL | |||
| 20577 | FILE-PDF Adobe Acrobat Reader malicious TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 20659 | FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (more info ...) | attempted-user | 2011-2462 | URL | ||
| 20767 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 20777 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (more info ...) | attempted-user | 2011-2110 | URL | ||
| 20778 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - economy.rar (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20779 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - dear chu.rar (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20780 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - namelist.xls (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20781 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20782 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - economy.rar (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20783 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - dear chu.rar (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20784 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt - namelist.xls (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20785 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20798 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20799 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20803 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 20900 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 20909 | FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (more info ...) | misc-activity | ||||
| 20910 | FILE-IDENTIFY Microsoft Windows Media ASF file attachment detected (more info ...) | misc-activity | ||||
| 20937 | FILE-IDENTIFY Adobe Shockwave Flash file download request (more info ...) | misc-activity | URL | |||
| 20938 | FILE-IDENTIFY Adobe Shockwave Flash file download request (more info ...) | misc-activity | URL | |||
| 20939 | FILE-IDENTIFY Adobe Shockwave Flash file download request (more info ...) | misc-activity | URL | |||
| 20940 | FILE-IDENTIFY Adobe Shockwave Flash file download request (more info ...) | misc-activity | URL | |||
| 20941 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20942 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20943 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20944 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20945 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20946 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20947 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 20948 | FILE-IDENTIFY Adobe Shockwave Flash file attachment detected (more info ...) | misc-activity | ||||
| 21159 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 21167 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 21253 | FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (more info ...) | attempted-user | 2011-2462 | URL | ||
| 21335 | FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion null dereference attempt (more info ...) | attempted-user | 2012-0752 | URL | ||
| 21336 | FILE-FLASH Adobe Flash ASConstructor insecure calling attempt (more info ...) | attempted-user | 2012-0753 | URL | ||
| 21338 | FILE-FLASH Adobe Flash Player MP4 zero length atom attempt (more info ...) | attempted-user | 2012-0754 | URL | ||
| 21339 | FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom auth field attempt (more info ...) | attempted-user | 2012-0754 | URL | ||
| 21340 | FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom titl field attempt (more info ...) | attempted-user | 2015-0360 | URL | ||
| 21341 | FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom 'dscp' field attempt (more info ...) | attempted-user | 2012-0754 | URL | ||
| 21342 | FILE-MULTIMEDIA Adobe Flash Player MP4 zero length atom cprt field attempt (more info ...) | attempted-user | 2012-0754 | URL | ||
| 21457 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 21458 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption (more info ...) | attempted-user | 2011-2110 | URL | ||
| 21533 | FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (more info ...) | attempted-user | 2012-0768 | URL | ||
| 21534 | FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (more info ...) | attempted-user | 2012-0768 | URL | ||
| 21535 | FILE-FLASH Adobe Flash Player ActionScript Matrix3D.copyRawDataFrom buffer overflow attempt (more info ...) | attempted-user | 2012-0768 | URL | ||
| 21536 | FILE-FLASH Adobe Flash Player ActionScript Stage3D null dereference attempt (more info ...) | attempted-user | 2012-0768 | URL | ||
| 21653 | FILE-FLASH Adobe Flash Player ActionScript getURL target null reference attempt (more info ...) | denial-of-service | 2012-0772 | URL | ||
| 21654 | FILE-FLASH Adobe Flash Video invalid tag type attempt (more info ...) | attempted-user | 2012-0773 | |||
| 21655 | FILE-FLASH Adobe Flash Video invalid tag type attempt (more info ...) | attempted-user | 2012-0773 | |||
| 21740 | FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (more info ...) | misc-activity | URL | |||
| 21741 | FILE-IDENTIFY Microsoft Windows Media asx file attachment detected (more info ...) | misc-activity | URL | |||
| 21858 | FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (more info ...) | attempted-user | 2012-0776 | 52952 | URL | |
| 21859 | FILE-PDF Adobe Acrobat Reader msiexec.exe file load exploit attempt (more info ...) | attempted-user | 2012-0776 | 52952 | URL | |
| 21878 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 21890 | FILE-IDENTIFY Adobe Director Movie file attachment detected (more info ...) | misc-activity | ||||
| 21891 | FILE-IDENTIFY Adobe Director Movie file attachment detected (more info ...) | misc-activity | ||||
| 21892 | FILE-IDENTIFY Adobe Director Movie file attachment detected (more info ...) | misc-activity | ||||
| 21893 | FILE-IDENTIFY Adobe Director Movie file attachment detected (more info ...) | misc-activity | ||||
| 22069 | FILE-FLASH Adobe Flash Player object confusion attempt (more info ...) | attempted-user | 2012-0779 | URL | ||
| 22070 | FILE-FLASH Adobe Flash Player object confusion attempt (more info ...) | attempted-user | 2012-0779 | URL | ||
| 22915 | FILE-FLASH Adobe Flash Player object confusion attempt (more info ...) | attempted-user | 2012-0779 | URL | ||
| 22916 | FILE-FLASH Adobe Flash Player object confusion attempt (more info ...) | attempted-user | 2012-0779 | URL | ||
| 22938 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 23129 | FILE-FLASH Adobe Flash Player SecureSocket use without Connect attempt (more info ...) | attempted-user | 2012-2039 | URL | ||
| 23130 | FILE-FLASH Adobe Flash Player X509 direct instantiation property access attempt (more info ...) | attempted-user | 2012-2039 | URL | ||
| 23131 | FILE-FLASH Adobe Flash Player X500 DistinguishedName property access attempt (more info ...) | attempted-user | 2012-2039 | URL | ||
| 23132 | FILE-FLASH Adobe Flash Player DefineSound tag long recordheader length field attempt (more info ...) | attempted-user | 2012-2037 | URL | ||
| 23133 | FILE-FLASH Adobe Flash Player flash.display.BitmapData constuctor overflow attempt (more info ...) | misc-attack | 2012-2036 | URL | ||
| 23134 | FILE-FLASH Adobe Flash Player broker destructor DoS attempt (more info ...) | attempted-dos | 2012-2035 | URL | ||
| 23135 | FILE-FLASH Adobe Flash Player flash.DisplayObject memory corruption attempt (more info ...) | misc-attack | 2012-2034 | URL | ||
| 23190 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 23191 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23192 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23193 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 23194 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23195 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23196 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 23197 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23198 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23199 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 23200 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23201 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23202 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 23205 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 23206 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23207 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23271 | FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (more info ...) | attempted-user | 2012-0677 | 53933 | ||
| 23272 | FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (more info ...) | attempted-user | 2012-0677 | 53933 | ||
| 23461 | FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23462 | FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23463 | FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23464 | FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23465 | FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23517 | FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2010-0188 | |||
| 23518 | FILE-PDF Adobe Acrobat Reader libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2010-0188 | |||
| 23522 | FILE-PDF Adobe Acrobat Reader malicious TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 23523 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 23524 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | URL | ||
| 23582 | FILE-OTHER Apple Quicktime TeXML Transform attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23583 | FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23584 | FILE-OTHER Apple Quicktime TeXML sampleData attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23585 | FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23586 | FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 23587 | FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (more info ...) | attempted-user | 2012-0677 | 53933 | ||
| 23588 | FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (more info ...) | attempted-user | 2012-0677 | 53933 | ||
| 23679 | FILE-IDENTIFY compressed Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 23680 | FILE-IDENTIFY Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 23681 | FILE-IDENTIFY Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 23687 | FILE-IDENTIFY Adobe Shockwave Flash file magic detected (more info ...) | misc-activity | ||||
| 23698 | FILE-IDENTIFY Microsoft Windows Media ASF file magic detected (more info ...) | misc-activity | URL | |||
| 23724 | FILE-IDENTIFY Adobe Director Movie file magic detected (more info ...) | misc-activity | URL | |||
| 23727 | FILE-IDENTIFY Adobe Flash Video file magic detected (more info ...) | misc-activity | URL | |||
| 23853 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 23854 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 23864 | FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (more info ...) | denial-of-service | 2012-4152 | URL | ||
| 23865 | FILE-PDF Adobe Acrobat Reader invalid font WeightVector attempt (more info ...) | denial-of-service | 2012-4152 | URL | ||
| 23866 | FILE-PDF Adobe Acrobat Reader invalid inline image attempt (more info ...) | denial-of-service | 2012-4151 | URL | ||
| 23867 | FILE-PDF Adobe Acrobat Reader invalid inline image attempt (more info ...) | denial-of-service | 2012-4151 | URL | ||
| 23868 | FILE-PDF Adobe Acrobat Reader invalid inline image attempt (more info ...) | denial-of-service | 2012-4151 | URL | ||
| 23869 | FILE-PDF Adobe Acrobat Reader invalid inline image attempt (more info ...) | denial-of-service | 2012-4151 | URL | ||
| 23870 | FILE-PDF Adobe Acrobat Reader invalid inline image attempt (more info ...) | denial-of-service | 2012-4151 | URL | ||
| 23871 | FILE-PDF Adobe Acrobat Reader invalid inline image attempt (more info ...) | denial-of-service | 2012-4151 | URL | ||
| 23874 | FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (more info ...) | denial-of-service | 2012-4153 | URL | ||
| 23875 | FILE-PDF Adobe Acrobat Reader postscript font execution malformed subroutine entries attempt (more info ...) | denial-of-service | 2012-4153 | URL | ||
| 23879 | FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (more info ...) | attempted-user | 2012-2049 | 55024 | URL | |
| 23880 | FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (more info ...) | attempted-user | 2012-2049 | 55024 | URL | |
| 23881 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2012-4147 | |||
| 23882 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2012-4147 | |||
| 23883 | FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (more info ...) | attempted-admin | 2012-4150 | URL | ||
| 23884 | FILE-PDF Adobe Acrobat Reader JBIG2 encoding invalid symbol in dictionary segment (more info ...) | attempted-admin | 2012-4150 | URL | ||
| 23889 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2012-2050 | URL | ||
| 23890 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2012-2050 | URL | ||
| 23891 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2012-2050 | URL | ||
| 23892 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2012-2050 | URL | ||
| 23939 | SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (more info ...) | web-application-attack | 54839 | |||
| 23940 | SERVER-ORACLE Oracle Business Transaction Management FlashTunnelService directory traversal attempt (more info ...) | web-application-attack | 54839 | |||
| 23967 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt - compressed (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 23985 | BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (more info ...) | attempted-user | 2012-0666 | 53577 | URL | |
| 23986 | BROWSER-PLUGINS Apple Quicktime plugin SetLanguage buffer overflow attempt (more info ...) | attempted-user | 2012-0666 | 53577 | URL | |
| 23996 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (more info ...) | attempted-user | 2011-2110 | URL | ||
| 23997 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (more info ...) | attempted-user | 2011-2110 | URL | ||
| 23999 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 24000 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 24001 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 24002 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | 51292 | URL | |
| 24003 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | URL | ||
| 24138 | FILE-FLASH Adobe Flash malformed RTMP response attempt (more info ...) | protocol-command-decode | 2012-0779 | URL | ||
| 24139 | FILE-FLASH Adobe Flash malformed RTMP response attempt (more info ...) | protocol-command-decode | 2012-0779 | URL | ||
| 24140 | FILE-FLASH Adobe Flash malformed RTMP response attempt (more info ...) | protocol-command-decode | 2012-0779 | URL | ||
| 24142 | FILE-FLASH Adobe Flash Player object confusion attempt (more info ...) | attempted-user | 2012-0779 | URL | ||
| 24148 | FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (more info ...) | attempted-user | 2012-4159 | URL | ||
| 24149 | FILE-PDF Adobe Acrobat Reader malicious charstring stream attempt (more info ...) | attempted-user | 2012-4159 | URL | ||
| 24150 | FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (more info ...) | attempted-user | 2012-4157 | URL | ||
| 24151 | FILE-PDF Adobe Acrobat Reader TrueType font corrupt header attempt (more info ...) | attempted-user | 2012-4157 | URL | ||
| 24152 | FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (more info ...) | attempted-user | 2012-4154 | 55015 | URL | |
| 24153 | FILE-PDF Adobe Acrobat Reader embedded TTF bytecode memory corruption attempt (more info ...) | attempted-user | 2012-4154 | 55015 | URL | |
| 24154 | FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (more info ...) | trojan-activity | 2012-4149 | URL | ||
| 24155 | FILE-PDF Adobe Acrobat Reader free text annotation invalid IT value denial of service attempt (more info ...) | trojan-activity | 2012-4149 | URL | ||
| 24244 | FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (more info ...) | attempted-user | 2012-5054 | 55691 | URL | |
| 24245 | FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (more info ...) | attempted-user | 2012-5054 | 55691 | URL | |
| 24338 | FILE-OTHER Apple Quicktime TeXML Style attribute overflow attempt (more info ...) | attempted-user | 2012-0663 | |||
| 24362 | FILE-FLASH Adobe Flash null reference JIT compilation attempt (more info ...) | denial-of-service | 2012-4165 | URL | ||
| 24363 | FILE-FLASH Adobe Flash null reference JIT compilation attempt (more info ...) | denial-of-service | 2012-4165 | URL | ||
| 24364 | FILE-FLASH Adobe Flash null reference JIT compilation attempt (more info ...) | denial-of-service | 2012-4165 | URL | ||
| 24365 | FILE-FLASH Adobe Flash null reference JIT compilation attempt (more info ...) | denial-of-service | 2012-4165 | URL | ||
| 24366 | FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (more info ...) | denial-of-service | 2012-4163 | URL | ||
| 24367 | FILE-FLASH Adobe Flash malformed record stack exhaustion attempt (more info ...) | denial-of-service | 2012-4163 | URL | ||
| 24412 | FILE-FLASH Adobe Flash Player DRM encrypted file detected (more info ...) | misc-activity | ||||
| 24413 | FILE-FLASH Adobe Flash Player DRM encrypted file detected (more info ...) | misc-activity | ||||
| 24414 | FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (more info ...) | attempted-user | 2012-4167 | URL | ||
| 24415 | FILE-FLASH Adobe Flash Player stsz box heap overflow attempt (more info ...) | attempted-user | 2012-4167 | URL | ||
| 24428 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24429 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24430 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24431 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24506 | FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (more info ...) | denial-of-service | 2012-4148 | URL | ||
| 24549 | FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (more info ...) | attempted-user | 2012-0667 | URL | ||
| 24550 | FILE-MULTIMEDIA Apple QuickTime MOV Atom length buffer overflow attempt (more info ...) | attempted-user | 2012-0667 | URL | ||
| 24694 | FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (more info ...) | attempted-user | 2012-0671 | 53584 | URL | |
| 24695 | FILE-IMAGE Apple QuickTime PICT file opcode corruption attempt (more info ...) | attempted-user | 2012-0671 | 53584 | URL | |
| 24699 | FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (more info ...) | attempted-user | 2012-0664 | |||
| 24700 | FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (more info ...) | attempted-user | 2012-0664 | |||
| 24702 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2030 | |||
| 24703 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2030 | |||
| 24740 | SERVER-WEBAPP Oracle Business Transaction Management flashtunnelservice directory traversal attempt (more info ...) | attempted-user | 54870 | URL | ||
| 24761 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2031 | |||
| 24762 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2031 | |||
| 24810 | FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (more info ...) | attempted-user | 2012-5278 | URL | ||
| 24811 | FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (more info ...) | attempted-user | 2012-5278 | URL | ||
| 24812 | FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (more info ...) | attempted-user | 2012-5278 | URL | ||
| 24813 | FILE-FLASH Adobe Flash Player AS2 privilege escalation attempt (more info ...) | attempted-user | 2012-5278 | URL | ||
| 24874 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24875 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24876 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24877 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 24879 | FILE-FLASH Adobe Flash Player invalid JPEG index attempt (more info ...) | attempted-user | 2012-5267 | URL | ||
| 24882 | FILE-FLASH Adobe Flash Player invalid JPEG index attempt (more info ...) | attempted-user | 2012-5267 | URL | ||
| 24890 | FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 24892 | FILE-FLASH Action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 24893 | FILE-FLASH Action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 24895 | FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (more info ...) | attempted-user | 2012-5270 | URL | ||
| 24896 | FILE-FLASH Adobe Flash Player ActionScript bytecode symbolclass tag type confusion attempt (more info ...) | attempted-user | 2012-5270 | URL | ||
| 24980 | FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (more info ...) | attempted-user | 2012-5266 | URL | ||
| 24981 | FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (more info ...) | attempted-user | 2012-5266 | URL | ||
| 24982 | FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (more info ...) | attempted-user | 2012-5266 | URL | ||
| 24983 | FILE-FLASH Adobe Flash Player actionscript bytecode trait type null pointer dereference attempt (more info ...) | attempted-user | 2012-5266 | URL | ||
| 24984 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (more info ...) | attempted-user | 2012-5677 | |||
| 24985 | FILE-FLASH Adobe Flash Player index overflow attempt (more info ...) | attempted-user | 2012-5676 | URL | ||
| 24986 | FILE-FLASH Adobe Flash Player index overflow attempt (more info ...) | attempted-user | 2012-5676 | URL | ||
| 24989 | FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (more info ...) | attempted-user | 2012-5678 | |||
| 24990 | FILE-FLASH Adobe Flash Player specially invalid traits structure attempt (more info ...) | attempted-user | 2012-5678 | |||
| 24991 | FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (more info ...) | attempted-user | 2012-5268 | URL | ||
| 24992 | FILE-FLASH Adobe Flash Player DoInitAction invalid action overflow attempt (more info ...) | attempted-user | 2012-5268 | URL | ||
| 25373 | FILE-IDENTIFY Apple Quicktime Targa Image file download request (more info ...) | misc-activity | ||||
| 25374 | FILE-IDENTIFY Apple Quicktime Targa Image file attachment detected (more info ...) | misc-activity | ||||
| 25375 | FILE-IDENTIFY Apple Quicktime Targa Image file attachment detected (more info ...) | misc-activity | ||||
| 25376 | FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (more info ...) | attempted-user | 2012-3755 | 56438 | URL | |
| 25378 | FILE-IMAGE Apple QuickTime Targa image file buffer overflow attempt (more info ...) | attempted-user | 2012-3755 | 56438 | URL | |
| 25466 | FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (more info ...) | denial-of-service | 2013-0626 | URL | ||
| 25467 | FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (more info ...) | denial-of-service | 2013-0626 | URL | ||
| 25468 | FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (more info ...) | denial-of-service | 2013-0626 | URL | ||
| 25469 | FILE-PDF Adobe Acrobat Reader structtreeroot children recursive call denial of service attempt (more info ...) | denial-of-service | 2013-0626 | URL | ||
| 25536 | FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (more info ...) | attempted-user | 2013-0623 | URL | ||
| 25537 | FILE-PDF Adobe Acrobat Reader TTF parsing bad cmap format attempt (more info ...) | attempted-user | 2013-0623 | URL | ||
| 25563 | FILE-PDF Adobe Acrobat Reader heap-based buffer overflow attempt (more info ...) | attempted-user | 2013-0603 | 57282 | URL | |
| 25564 | FILE-PDF Adobe Acrobat Reader heap-based buffer overflow attempt (more info ...) | attempted-user | 2013-0603 | 57282 | URL | |
| 25644 | FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (more info ...) | attempted-user | 2012-3758 | 56557 | URL | |
| 25645 | FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (more info ...) | attempted-user | 2012-3752 | 56557 | URL | |
| 25646 | FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (more info ...) | attempted-user | 2012-3752 | 56557 | URL | |
| 25647 | FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (more info ...) | attempted-user | 2012-3752 | 56557 | URL | |
| 25648 | FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (more info ...) | attempted-user | 2012-3758 | 56557 | URL | |
| 25649 | FILE-OTHER Apple QuickTime TeXML style sub-element buffer overflow attempt (more info ...) | attempted-user | 2012-3752 | 56557 | URL | |
| 25676 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 25677 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 25678 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 25679 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 25680 | FILE-IDENTIFY Adobe Flash Player embedded compact font detected (more info ...) | misc-activity | URL | |||
| 25681 | FILE-FLASH Adobe Flash Player CFF FeatureCount integer overflow attempt (more info ...) | attempted-user | 2013-0633 | URL | ||
| 25682 | FILE-IDENTIFY Adobe Flash Player embedded compact font detected (more info ...) | misc-activity | URL | |||
| 25683 | FILE-FLASH Adobe Flash Player CFF FeatureCount integer overflow attempt (more info ...) | attempted-user | 2013-0633 | URL | ||
| 25815 | FILE-FLASH Adobe Flash Player FLV crafted ADPCM stream heap overflow attempt (more info ...) | attempted-user | 2013-0638 | 57907 | URL | |
| 25816 | FILE-FLASH Adobe Flash Player FLV crafted ADPCM stream heap overflow attempt (more info ...) | attempted-user | 2013-0638 | 57907 | URL | |
| 25818 | FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (more info ...) | attempted-admin | 2013-0641 | URL | ||
| 25819 | FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (more info ...) | attempted-admin | 2013-0641 | URL | ||
| 25835 | FILE-FLASH Adobe Flash Player ActionScript 3 integer overflow attempt (more info ...) | attempted-user | 2011-2416 | 49081 | URL | |
| 25976 | POLICY-OTHER Adobe ColdFusion admin API access attempt (more info ...) | policy-violation | 2013-0632 | 57330 | URL | |
| 25977 | POLICY-OTHER Adobe ColdFusion component browser access attempt (more info ...) | policy-violation | 2013-0632 | 57330 | URL | |
| 26008 | FILE-FLASH Adobe Flash Player SWF-based shellcode download attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26009 | FILE-FLASH Adobe Flash Player SWF-based shellcode download attempt (more info ...) | attempted-user | 2013-0648 | 58186 | URL | |
| 26173 | FILE-FLASH Adobe Flash Player sortOn heap overflow attempt (more info ...) | attempted-user | 2013-0646 | URL | ||
| 26429 | FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (more info ...) | attempted-user | 2013-2555 | URL | ||
| 26430 | FILE-FLASH Adobe Flash Player RTMP malformed onStatus message type confusion attempt (more info ...) | attempted-user | 2013-2555 | URL | ||
| 26651 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 26652 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 26687 | FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (more info ...) | attempted-user | 2013-3329 | URL | ||
| 26688 | FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (more info ...) | attempted-user | 2013-3329 | URL | ||
| 26892 | EXPLOIT-KIT Flashpack/Safe/CritX exploit kit jar file download (more info ...) | trojan-activity | URL | |||
| 26893 | EXPLOIT-KIT Flashpack/Safe/CritX exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 26896 | EXPLOIT-KIT Flashpack/Safe/CritX exploit kit Plugin detection response (more info ...) | trojan-activity | URL | |||
| 26897 | EXPLOIT-KIT Flashpack/Safe/CritX exploit kit malware download (more info ...) | trojan-activity | URL | |||
| 26927 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 26928 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 26982 | FILE-FLASH Adobe Flash Player remote memory corruption attempt (more info ...) | attempted-user | 2013-3343 | 60478 | URL | |
| 26983 | FILE-FLASH Adobe Flash Player remote memory corruption attempt (more info ...) | attempted-user | 2013-3343 | 60478 | URL | |
| 27082 | EXPLOIT-KIT Nailed exploit kit flash remote code execution exploit download - autopwn (more info ...) | trojan-activity | 2012-1535 | URL | ||
| 27102 | FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (more info ...) | attempted-user | 2013-0986 | 60099 | URL | |
| 27103 | FILE-MULTIMEDIA Apple QuickTime enof atom parsing heap buffer overflow attempt (more info ...) | attempted-user | 2013-0986 | 60099 | URL | |
| 27224 | SERVER-OTHER Adobe ColdFusion websocket invoke method access (more info ...) | policy-violation | 2013-3350 | 61042 | URL | |
| 27265 | FILE-FLASH Adobe Flash Player heap buffer overflow attempt (more info ...) | attempted-user | 2013-3345 | 61045 | URL | |
| 27266 | FILE-FLASH Adobe Flash Player heap buffer overflow attempt (more info ...) | attempted-user | 2013-3345 | 61045 | URL | |
| 27267 | FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (more info ...) | attempted-user | 2013-3347 | 61048 | URL | |
| 27268 | FILE-FLASH Adobe Flash Player ActionScript user-supplied PCM resampling integer overflow attempt (more info ...) | attempted-user | 2013-3347 | 61048 | URL | |
| 27594 | MALWARE-OTHER Fake Adobe Flash Player update warning enticing clicks to malware payload (more info ...) | trojan-activity | ||||
| 27595 | MALWARE-OTHER Fake Adobe Flash Player malware binary requested (more info ...) | trojan-activity | ||||
| 27754 | FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 27755 | FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 27879 | EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader 8 (more info ...) | trojan-activity | 2010-0188 | URL | ||
| 27880 | EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader 9 (more info ...) | trojan-activity | 2010-0188 | URL | ||
| 27881 | EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Flash Player (more info ...) | trojan-activity | 2010-1297 | URL | ||
| 27882 | EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Flash Player (more info ...) | trojan-activity | 2010-2884 | URL | ||
| 27892 | EXPLOIT-KIT Teletubbies exploit kit exploit attempt for Adobe Acrobat Reader (more info ...) | trojan-activity | 2008-2992 | URL | ||
| 28108 | EXPLOIT-KIT Nuclear/Magnitude exploit kit Adobe Flash exploit download attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 28202 | FILE-OTHER ATMFD Adobe font driver reserved command denial of service attempt (more info ...) | denial-of-service | 2013-3128 | URL | ||
| 28203 | FILE-OTHER ATMFD Adobe font driver reserved command denial of service attempt (more info ...) | denial-of-service | 2013-3128 | URL | ||
| 28252 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 28308 | EXPLOIT-KIT Himan exploit kit payload - Adobe Reader compromise (more info ...) | trojan-activity | 2010-0188 | URL | ||
| 28361 | FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (more info ...) | attempted-user | 2015-3070 | URL | ||
| 28374 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28375 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28376 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28377 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28378 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28379 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28380 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | URL | ||
| 28534 | FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (more info ...) | attempted-user | 2013-1015 | 60110 | URL | |
| 28535 | FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (more info ...) | attempted-user | 2013-1015 | 60110 | URL | |
| 28536 | FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (more info ...) | attempted-user | 2013-1015 | 60110 | URL | |
| 28537 | FILE-OTHER Apple Quicktime TeXML description attribute overflow attempt (more info ...) | attempted-user | 2013-1015 | 60110 | URL | |
| 28567 | FILE-FLASH Adobe Flash Player use after free race condition (more info ...) | attempted-user | 2013-3361 | URL | ||
| 28568 | FILE-FLASH Adobe Flash Player remote memory corruption attempt (more info ...) | attempted-user | 2013-3362 | 62294 | URL | |
| 28569 | FILE-FLASH Adobe Flash Player remote memory corruption attempt (more info ...) | attempted-user | 2013-3362 | 62294 | URL | |
| 28575 | FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (more info ...) | misc-attack | 2013-5325 | 62888 | URL | |
| 28576 | FILE-OTHER Adobe Acrobat Reader FDF submitForm cross-site scripting attempt (more info ...) | misc-attack | 2013-5325 | 62888 | URL | |
| 28577 | FILE-PDF Adobe Acrobat Reader memory disclosure attempt (more info ...) | attempted-user | 2013-3356 | 62436 | URL | |
| 28578 | FILE-PDF Adobe Acrobat Reader memory disclosure attempt (more info ...) | attempted-user | 2013-3356 | 62436 | URL | |
| 28585 | FILE-PDF Adobe Acrobat Reader OTF font head table size overflow attempt (more info ...) | attempted-user | 2013-3353 | URL | ||
| 28586 | FILE-PDF Adobe Acrobat Reader OTF font head table size overflow attempt (more info ...) | attempted-user | 2013-3353 | URL | ||
| 28587 | FILE-FLASH Adobe Flash Player GlyphOffset memory disclosure attempt (more info ...) | attempted-user | 2013-5324 | URL | ||
| 28588 | FILE-FLASH Adobe Flash Player GlyphOffset memory disclosure attempt (more info ...) | attempted-user | 2013-5324 | URL | ||
| 28589 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2013-3363 | URL | ||
| 28590 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2013-3363 | URL | ||
| 28591 | FILE-PDF Adobe Acrobat Reader TTF remote code execution attempt (more info ...) | attempted-user | 2013-3354 | URL | ||
| 28592 | FILE-PDF Adobe Acrobat Reader TTF remote code execution attempt (more info ...) | attempted-user | 2013-3354 | URL | ||
| 28597 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (more info ...) | attempted-user | 2013-3355 | URL | ||
| 28598 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader field dictionary null pointer dereference attempt (more info ...) | attempted-user | 2013-3355 | URL | ||
| 28600 | FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (more info ...) | attempted-user | 2013-3357 | URL | ||
| 28601 | FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (more info ...) | attempted-user | 2013-3357 | URL | ||
| 28602 | FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (more info ...) | attempted-user | 2013-3357 | URL | ||
| 28603 | FILE-PDF Adobe Acrobat Reader badly formatted type 0 font attempt (more info ...) | attempted-user | 2013-3357 | URL | ||
| 28619 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 28620 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 28621 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 28644 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28645 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28646 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28647 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28648 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28649 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28650 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28651 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28652 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28653 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28654 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28655 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28656 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28657 | FILE-PDF Adobe Acrobat Reader TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 28659 | FILE-PDF Adobe Acrobat Reader known malicious variable exploit attempt (more info ...) | attempted-admin | 2013-0641 | URL | ||
| 28687 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 28688 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 28689 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 28690 | FILE-FLASH Adobe Flash Player ActionScript virtual machine opcode verifying code execution attempt (more info ...) | attempted-user | 2012-5271 | URL | ||
| 28695 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 28696 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 28697 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 28698 | FILE-FLASH Adobe Flash Player ActionScript callMethod type confusion attempt (more info ...) | attempted-user | 2011-0611 | 47314 | URL | |
| 28699 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 28701 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 28702 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 28703 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (more info ...) | attempted-user | 2011-2110 | URL | ||
| 28704 | FILE-FLASH Adobe Flash Player ActionScript float index array memory corruption attempt (more info ...) | attempted-user | 2011-2110 | URL | ||
| 28705 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 28706 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 28707 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 28708 | FILE-FLASH Adobe Flash OpenType font memory corruption attempt (more info ...) | attempted-user | 2012-1535 | 55009 | URL | |
| 28710 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 28711 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 28712 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 28713 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 28714 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 28715 | FILE-PDF Adobe Acrobat Reader embedded TTF integer overflow attempt (more info ...) | attempted-user | 2012-0774 | URL | ||
| 28744 | FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (more info ...) | attempted-user | 2012-5054 | 55691 | URL | |
| 28745 | FILE-FLASH Adobe Flash Player Matrix3D copyRawDataTo integer overflow attempt (more info ...) | attempted-user | 2012-5054 | 55691 | URL | |
| 28791 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (more info ...) | attempted-user | 2012-5677 | |||
| 28792 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (more info ...) | attempted-user | 2012-5677 | |||
| 28793 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (more info ...) | attempted-user | 2012-5677 | |||
| 28887 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | 38195 | ||
| 28888 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | 38195 | ||
| 28889 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | 38195 | ||
| 28890 | FILE-PDF Adobe Acrobat Reader malformed TIFF remote code execution attempt (more info ...) | attempted-user | 2010-0188 | 38195 | ||
| 28963 | EXPLOIT-KIT HiMan exploit kit Flash Exploit landing page (more info ...) | trojan-activity | ||||
| 28968 | EXPLOIT-KIT HiMan exploit kit outbound flash exploit retrieval attempt (more info ...) | trojan-activity | ||||
| 29047 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29048 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29049 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29050 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29051 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29052 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29053 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29054 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 29061 | FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2013-5332 | 64201 | URL | |
| 29062 | FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (more info ...) | attempted-user | 2013-3352 | 62431 | URL | |
| 29063 | FILE-PDF Adobe Acrobat Reader malformed JBIG2 decode segment null pointer crash attempt (more info ...) | attempted-user | 2013-3352 | 62431 | URL | |
| 29164 | EXPLOIT-KIT CritX exploit kit outbound flash request (more info ...) | trojan-activity | ||||
| 29182 | FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29183 | FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29184 | FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29185 | FILE-OTHER RealNetworks RealPlayer RMP stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29210 | FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29211 | FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29281 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29282 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29283 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29284 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29285 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29286 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29287 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29288 | FILE-FLASH Adobe Flash Player sharable ByteArray code execution attempt (more info ...) | attempted-user | 2013-5329 | |||
| 29384 | FILE-IDENTIFY Adobe AIR file download request (more info ...) | misc-activity | ||||
| 29385 | FILE-IDENTIFY Adobe AIR file attachment detected (more info ...) | misc-activity | ||||
| 29386 | FILE-IDENTIFY Adobe AIR file attachment detected (more info ...) | misc-activity | ||||
| 29520 | FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (more info ...) | attempted-user | 2007-0466 | 22286 | URL | |
| 29521 | FILE-MULTIMEDIA Flip4Mac Windows media components WMV parsing memory corruption attempt (more info ...) | attempted-user | 2007-0466 | 22286 | URL | |
| 29524 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (more info ...) | attempted-user | 2012-5677 | |||
| 29525 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray bad sample count attempt (more info ...) | attempted-user | 2012-5677 | |||
| 29551 | FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (more info ...) | attempted-user | 2013-5330 | URL | ||
| 29552 | FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (more info ...) | attempted-user | 2013-5330 | URL | ||
| 29553 | FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (more info ...) | attempted-user | 2013-5330 | URL | ||
| 29554 | FILE-FLASH Adobe Flash Player invalid instruction memory corruption attempt (more info ...) | attempted-user | 2013-5330 | URL | ||
| 29631 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 29632 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 29633 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 29634 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 29835 | FILE-FLASH Adobe Flash Player ActionScript bytecode object type confusion information disclosure attempt (more info ...) | attempted-recon | 2014-0492 | URL | ||
| 29836 | FILE-FLASH Adobe Flash Player ActionScript bytecode object type confusion information disclosure attempt (more info ...) | attempted-recon | 2014-0492 | URL | ||
| 29902 | FILE-PDF Adobe Acrobat Reader invalid JPEG stream double free attempt (more info ...) | attempted-user | 2014-0493 | 64802 | URL | |
| 29903 | FILE-PDF Adobe Acrobat Reader invalid JPEG stream double free attempt (more info ...) | attempted-user | 2014-0493 | 64802 | URL | |
| 29904 | FILE-PDF Adobe Acrobat Reader invalid JPEG stream double free attempt (more info ...) | attempted-user | 2014-0493 | 64802 | URL | |
| 29905 | FILE-PDF Adobe Acrobat Reader invalid JPEG stream double free attempt (more info ...) | attempted-user | 2014-0493 | 64802 | URL | |
| 29926 | FILE-FLASH Adobe Flash Player buffer overflow attempt (more info ...) | attempted-user | 2014-0498 | URL | ||
| 29927 | FILE-FLASH Adobe Flash Player buffer overflow attempt (more info ...) | attempted-user | 2014-0498 | URL | ||
| 29928 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 29929 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 29930 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 29931 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 30150 | FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2013-5332 | 64201 | URL | |
| 30151 | FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2013-5332 | 64201 | URL | |
| 30152 | FILE-MULTIMEDIA Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2013-5332 | 64201 | URL | |
| 30240 | FILE-OTHER ATMFD Adobe font driver reserved command denial of service attempt (more info ...) | denial-of-service | 2013-3128 | URL | ||
| 30241 | FILE-OTHER ATMFD Adobe font driver reserved command denial of service attempt (more info ...) | denial-of-service | 2013-3128 | URL | ||
| 30535 | FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (more info ...) | attempted-user | 2014-0506 | 66208 | URL | |
| 30536 | FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (more info ...) | attempted-user | 2014-0506 | 66208 | URL | |
| 30537 | FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (more info ...) | attempted-user | 2014-0506 | 66208 | URL | |
| 30538 | FILE-FLASH Adobe Flash Player malformed HTML text null dereference attempt (more info ...) | attempted-user | 2014-0506 | 66208 | URL | |
| 30564 | FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (more info ...) | attempted-user | 2012-3756 | 56438 | ||
| 30565 | FILE-MULTIMEDIA Apple QuickTime long rnet atom size buffer overflow attempt (more info ...) | attempted-user | 2012-3756 | 56438 | ||
| 30754 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 30755 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 30845 | FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (more info ...) | attempted-user | 2014-0507 | URL | ||
| 30846 | FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (more info ...) | attempted-user | 2014-0507 | URL | ||
| 30876 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 30877 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 30901 | FILE-FLASH known malicious flash actionscript decryption routine (more info ...) | attempted-user | 2014-1776 | URL | ||
| 30967 | EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (more info ...) | trojan-activity | ||||
| 30970 | EXPLOIT-KIT CritX exploit kit outbound request for Adobe Flash landing page (more info ...) | trojan-activity | ||||
| 30976 | EXPLOIT-KIT CritX exploit kit landing page - redirection to Adobe Flash exploit (more info ...) | trojan-activity | ||||
| 31008 | FILE-PDF Adobe Acrobat Reader length-compute UTF-16 string buffer overflow attempt (more info ...) | attempted-user | 2014-0524 | 67369 | URL | |
| 31009 | FILE-PDF Adobe Acrobat Reader length-compute UTF-16 string buffer overflow attempt (more info ...) | attempted-user | 2014-0524 | 67369 | URL | |
| 31011 | FILE-PDF Adobe Acrobat Reader DCT encoded stream null pointer dereference attempt (more info ...) | attempted-user | 2014-0526 | URL | ||
| 31012 | FILE-PDF Adobe Acrobat Reader DCT encoded stream null pointer dereference attempt (more info ...) | attempted-user | 2014-0526 | URL | ||
| 31015 | FILE-PDF Adobe Acrobat Reader integer overflow attempt (more info ...) | attempted-user | 2014-0512 | 66512 | URL | |
| 31016 | FILE-PDF Adobe Acrobat Reader integer overflow attempt (more info ...) | attempted-user | 2014-0512 | 66512 | URL | |
| 31021 | FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (more info ...) | attempted-user | 2014-0525 | 67365 | URL | |
| 31022 | FILE-PDF Adobe Acrobat Reader api call handling arbitrary execution attempt (more info ...) | attempted-user | 2014-0525 | 67365 | URL | |
| 31023 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2014-0510 | URL | ||
| 31024 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2014-0510 | URL | ||
| 31025 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2014-0510 | URL | ||
| 31026 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2014-0510 | URL | ||
| 31029 | FILE-OTHER Adobe Acrobat EMF conversion heap buffer overflow attempt (more info ...) | attempted-user | 2018-16021 | 67632 | URL | |
| 31030 | FILE-OTHER Adobe Acrobat EMF conversion heap buffer overflow attempt (more info ...) | attempted-user | 2018-16021 | 67632 | URL | |
| 31103 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 31104 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 31105 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 31106 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 31229 | EXPLOIT-KIT Bleeding Life exploit kit outbound Adobe Flash exploit request (more info ...) | trojan-activity | ||||
| 31276 | EXPLOIT-KIT CottonCastle exploit kit Adobe flash outbound connection (more info ...) | trojan-activity | 2014-0515 | URL | ||
| 31347 | FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31348 | FILE-FLASH Adobe AS3 pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31349 | FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31350 | FILE-FLASH Adobe AS3 simplified pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31351 | FILE-FLASH Adobe AS3 decompressed pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31352 | FILE-FLASH Adobe AS3 decompressed pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31353 | FILE-FLASH Adobe AS3 decompressed pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31354 | FILE-FLASH Adobe AS3 decompressed pcre assertion out of bounds corruption attempt (more info ...) | attempted-user | 2014-0536 | URL | ||
| 31408 | BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (more info ...) | attempted-user | 2014-0527 | URL | ||
| 31410 | BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (more info ...) | attempted-user | 2014-0527 | URL | ||
| 31519 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 31520 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 31521 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 31522 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 31523 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 31524 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 31555 | FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (more info ...) | attempted-user | 2014-0523 | 67368 | URL | |
| 31612 | FILE-PDF Adobe Acrobat Reader embedded PRC stream NULL dereference denial of service attempt (more info ...) | attempted-dos | 2014-0522 | 67360 | URL | |
| 31613 | FILE-PDF Adobe Acrobat Reader embedded PRC stream NULL dereference denial of service attempt (more info ...) | attempted-dos | 2014-0522 | 67360 | URL | |
| 31678 | FILE-FLASH Adobe Flash valueOf memory leak attempt (more info ...) | attempted-recon | 2014-0540 | URL | ||
| 31679 | FILE-FLASH Adobe Flash valueOf memory leak attempt (more info ...) | attempted-recon | 2014-0540 | URL | ||
| 31686 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 31687 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 31723 | FILE-FLASH Adobe Flash Player memory leak ASLR bypass attempt (more info ...) | policy-violation | 2014-0544 | URL | ||
| 31724 | FILE-FLASH Adobe Flash Player memory leak ASLR bypass attempt (more info ...) | policy-violation | 2014-0544 | URL | ||
| 31725 | FILE-FLASH Adobe Flash Player memory leak ASLR bypass attempt (more info ...) | policy-violation | 2014-0544 | URL | ||
| 31726 | FILE-FLASH Adobe Flash Player memory leak ASLR bypass attempt (more info ...) | policy-violation | 2014-0544 | URL | ||
| 31732 | FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (more info ...) | attempted-user | 2014-0538 | URL | ||
| 31733 | FILE-FLASH Adobe Flash Player MMgc use-after-free attempt (more info ...) | attempted-user | 2014-0538 | URL | ||
| 31740 | FILE-FLASH Adobe Flash Player corrupt image memory leak (more info ...) | attempted-user | 2014-0545 | 69197 | URL | |
| 31839 | FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (more info ...) | attempted-user | 2014-0554 | URL | ||
| 31840 | FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (more info ...) | attempted-user | 2014-0554 | URL | ||
| 31841 | FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (more info ...) | attempted-user | 2014-0554 | URL | ||
| 31842 | FILE-FLASH Adobe Flash Player local-with-file-access security bypass attempt (more info ...) | attempted-user | 2014-0554 | URL | ||
| 31847 | FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (more info ...) | attempted-user | 2014-0559 | URL | ||
| 31848 | FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (more info ...) | attempted-user | 2014-0559 | URL | ||
| 31849 | FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (more info ...) | attempted-user | 2014-0559 | URL | ||
| 31850 | FILE-FLASH Adobe Flash Player RegExp compilation heap overflow attempt (more info ...) | attempted-user | 2014-0559 | URL | ||
| 31899 | EXPLOIT-KIT Angler exploit kit Adobe Flash encoded shellcode detected (more info ...) | trojan-activity | ||||
| 31902 | EXPLOIT-KIT Multiple exploit kit flash file download (more info ...) | trojan-activity | ||||
| 31903 | EXPLOIT-KIT Multiple exploit kit flash file download (more info ...) | trojan-activity | ||||
| 32021 | FILE-PDF Adobe Acrobat Reader U3D format Line Set Continuation out-of-bounds memory access attempt (more info ...) | attempted-user | 2014-0565 | URL | ||
| 32022 | FILE-PDF Adobe Acrobat Reader U3D format Line Set Continuation out-of-bounds memory access attempt (more info ...) | attempted-user | 2014-0565 | URL | ||
| 32024 | FILE-FLASH Adobe Flash Player unsupported bitmapFormat value memory disclosure attempt (more info ...) | attempted-user | 2014-0543 | 69195 | URL | |
| 32025 | FILE-FLASH Adobe Flash Player unsupported bitmapFormat value memory disclosure attempt (more info ...) | attempted-user | 2014-0543 | 69195 | URL | |
| 32077 | FILE-FLASH Adobe Flash Player RTMP ping abort message double free attempt (more info ...) | attempted-user | 2014-0551 | URL | ||
| 32097 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 32098 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 32170 | FILE-PDF Adobe Acrobat Reader string replacement heap overflow attempt (more info ...) | attempted-user | 2014-0567 | 69827 | URL | |
| 32171 | FILE-PDF Adobe Acrobat Reader string replacement heap overflow attempt (more info ...) | attempted-user | 2014-0567 | 69827 | URL | |
| 32226 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 32227 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 32228 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 32229 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 32236 | FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (more info ...) | attempted-user | 2014-0558 | URL | ||
| 32237 | FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (more info ...) | attempted-user | 2014-0558 | URL | ||
| 32238 | FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (more info ...) | attempted-user | 2014-0558 | URL | ||
| 32239 | FILE-FLASH Adobe Flash Player string concatenation memory corruption attempt (more info ...) | attempted-user | 2014-0558 | URL | ||
| 32301 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32302 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32303 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32304 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32305 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32306 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32307 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32308 | FILE-FLASH Adobe Flash Player regex denial of service attempt (more info ...) | attempted-dos | 2014-0564 | URL | ||
| 32337 | FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (more info ...) | attempted-user | 2014-0495 | 64803 | URL | |
| 32359 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 32360 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 32534 | FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (more info ...) | attempted-dos | 2014-0581 | URL | ||
| 32535 | FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (more info ...) | attempted-dos | 2014-0581 | URL | ||
| 32536 | FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (more info ...) | attempted-dos | 2014-0581 | URL | ||
| 32537 | FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (more info ...) | attempted-dos | 2014-0581 | URL | ||
| 32538 | FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (more info ...) | attempted-dos | 2014-0581 | URL | ||
| 32539 | FILE-FLASH Adobe Flash Player AS3 regular expression grouping depth denial of service attempt (more info ...) | attempted-dos | 2014-0581 | URL | ||
| 32540 | FILE-FLASH Adobe Flash Player decompressed microphone object codec denial of service attempt (more info ...) | attempted-dos | 2014-0577 | 71038 | ||
| 32541 | FILE-FLASH Adobe Flash Player decompressed microphone object codec denial of service attempt (more info ...) | attempted-dos | 2014-0577 | 71038 | ||
| 32542 | FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (more info ...) | attempted-dos | 2014-0577 | 71038 | ||
| 32543 | FILE-FLASH Adobe Flash Player compressed microphone object codec denial of service attempt (more info ...) | attempted-dos | 2014-0577 | 71038 | ||
| 32544 | FILE-FLASH Adobe Flash Player HTML focus with no data denial of service attempt (more info ...) | attempted-dos | 2014-8441 | URL | ||
| 32545 | FILE-FLASH Adobe Flash Player HTML focus with no data denial of service attempt (more info ...) | attempted-dos | 2014-8441 | URL | ||
| 32552 | FILE-FLASH Adobe Flash Player incorrect codec denial of service attempt (more info ...) | denial-of-service | 2014-0576 | URL | ||
| 32553 | FILE-FLASH Adobe Flash Player incorrect codec denial of service attempt (more info ...) | denial-of-service | 2014-0576 | URL | ||
| 32558 | FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (more info ...) | attempted-user | 2014-0584 | URL | ||
| 32559 | FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (more info ...) | attempted-user | 2014-0584 | URL | ||
| 32560 | FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (more info ...) | attempted-user | 2014-0584 | URL | ||
| 32561 | FILE-FLASH Adobe Flash Player setglobalslot malformed bytecode remote code execution attempt (more info ...) | attempted-user | 2014-0584 | URL | ||
| 32567 | FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (more info ...) | attempted-user | 2014-0555 | URL | ||
| 32568 | FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (more info ...) | attempted-user | 2014-0555 | URL | ||
| 32569 | FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (more info ...) | attempted-user | 2014-0555 | URL | ||
| 32570 | FILE-FLASH Adobe Flash Player malformed ATF header integer overflow attempt (more info ...) | attempted-user | 2014-0555 | URL | ||
| 32571 | FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (more info ...) | attempted-user | 2014-0550 | 69700 | URL | |
| 32572 | FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (more info ...) | attempted-user | 2014-0550 | 69700 | URL | |
| 32573 | FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (more info ...) | attempted-user | 2014-0550 | 69700 | URL | |
| 32574 | FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (more info ...) | attempted-user | 2014-0550 | 69700 | URL | |
| 32575 | FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (more info ...) | attempted-user | 2014-0550 | 69700 | URL | |
| 32576 | FILE-FLASH Adobe Flash Player string concatenation integer overflow attempt (more info ...) | attempted-user | 2014-0550 | 69700 | URL | |
| 32592 | FILE-FLASH Adobe Flash Player malformed JPEG information leak attempt (more info ...) | attempted-user | 2014-0557 | 69701 | ||
| 32593 | FILE-FLASH Adobe Flash Player malformed JPEG information leak attempt (more info ...) | attempted-user | 2014-0557 | 69701 | ||
| 32668 | FILE-FLASH Adobe Flash Player byteArray.uncompress use after free attempt (more info ...) | attempted-user | 2014-0588 | 71048 | URL | |
| 32669 | FILE-FLASH Adobe Flash Player byteArray.uncompress use after free attempt (more info ...) | attempted-user | 2014-0588 | 71048 | URL | |
| 32749 | FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (more info ...) | attempted-user | 2014-0585 | 71044 | URL | |
| 32750 | FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (more info ...) | attempted-user | 2014-0585 | 71044 | URL | |
| 32751 | FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (more info ...) | attempted-user | 2014-0585 | 71044 | URL | |
| 32752 | FILE-FLASH Adobe Flash Player malformed pushcode type confusion remote code execution attempt (more info ...) | attempted-user | 2014-0585 | 71044 | URL | |
| 32764 | FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (more info ...) | attempted-user | 2014-0586 | URL | ||
| 32765 | FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (more info ...) | attempted-user | 2014-0586 | URL | ||
| 32766 | FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (more info ...) | attempted-user | 2014-0586 | URL | ||
| 32767 | FILE-FLASH Adobe ActionScript malformed pushwith opcode attempt (more info ...) | attempted-user | 2014-0586 | URL | ||
| 32782 | FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (more info ...) | attempted-user | 2014-9163 | URL | ||
| 32783 | FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (more info ...) | attempted-user | 2014-9163 | URL | ||
| 32784 | FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (more info ...) | attempted-user | 2014-9163 | URL | ||
| 32785 | FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (more info ...) | attempted-user | 2014-9163 | URL | ||
| 32786 | FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 32793 | FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (more info ...) | attempted-user | 2014-8449 | 71568 | URL | |
| 32794 | FILE-PDF Adobe Acrobat Reader XRef object integer overflow attempt (more info ...) | attempted-user | 2014-8449 | 71568 | URL | |
| 32795 | FILE-PDF Adobe Acrobat Reader U3D light resource orphaned array use after free attempt (more info ...) | attempted-user | 2014-8445 | URL | ||
| 32796 | FILE-PDF Adobe Acrobat Reader U3D light resource orphaned array use after free attempt (more info ...) | attempted-user | 2014-8445 | URL | ||
| 32801 | FILE-FLASH Adobe Flash Player orphaning MP3 crash attempt (more info ...) | attempted-user | 2014-8443 | URL | ||
| 32802 | FILE-FLASH Adobe Flash Player orphaning MP3 crash attempt (more info ...) | attempted-user | 2014-8443 | URL | ||
| 32813 | FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (more info ...) | attempted-user | 2014-9165 | URL | ||
| 32814 | FILE-PDF Adobe Acrobat Reader malformed U3D object use after free attempt (more info ...) | attempted-user | 2014-9165 | URL | ||
| 32815 | FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (more info ...) | attempted-user | 2014-9158 | URL | ||
| 32816 | FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (more info ...) | attempted-user | 2014-9158 | URL | ||
| 32819 | FILE-PDF Adobe Acrobat Reader JBIG2 row out of bounds memory corruption attempt (more info ...) | attempted-user | 2014-8446 | URL | ||
| 32820 | FILE-PDF Adobe Acrobat Reader JBIG2 row out of bounds memory corruption attempt (more info ...) | attempted-user | 2014-8446 | URL | ||
| 32834 | FILE-PDF Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt (more info ...) | attempted-user | 2014-8460 | URL | ||
| 32835 | FILE-PDF Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt (more info ...) | attempted-user | 2014-8460 | URL | ||
| 32836 | FILE-PDF Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt (more info ...) | attempted-user | 2014-8460 | URL | ||
| 32837 | FILE-PDF Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt (more info ...) | attempted-user | 2014-8460 | URL | ||
| 32856 | FILE-PDF Adobe Acrobat Reader graphics module crash attempt (more info ...) | attempted-user | 2014-8457 | 71566 | URL | |
| 32873 | FILE-FLASH Adobe Flash Player ByteArray crash attempt (more info ...) | attempted-user | 2014-0574 | 71041 | URL | |
| 32874 | FILE-FLASH Adobe Flash Player ByteArray crash attempt (more info ...) | attempted-user | 2014-0574 | 71041 | URL | |
| 32877 | EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (more info ...) | trojan-activity | ||||
| 32878 | EXPLOIT-KIT Nuclear exploit kit outbound Adobe Flash exploit request (more info ...) | trojan-activity | ||||
| 32995 | EXPLOIT-KIT Nuclear exploit kit Adobe Flash download (more info ...) | trojan-activity | ||||
| 33041 | FILE-MULTIMEDIA Apple iTunes Extended M3U playlist record overflow attempt (more info ...) | attempted-user | 2012-0677 | 53933 | ||
| 33077 | FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (more info ...) | attempted-dos | 2015-0309 | URL | ||
| 33078 | FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (more info ...) | attempted-dos | 2015-0309 | URL | ||
| 33079 | FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (more info ...) | attempted-dos | 2015-0309 | URL | ||
| 33080 | FILE-FLASH Adobe Flash Player pre-compile regex length denial of service attempt (more info ...) | attempted-dos | 2015-0309 | URL | ||
| 33091 | FILE-FLASH Adobe Flash Player FlashUtil memory corruption attempt (more info ...) | attempted-user | 2015-0306 | URL | ||
| 33092 | FILE-FLASH Adobe Flash Player FlashUtil memory corruption attempt (more info ...) | attempted-user | 2015-0306 | URL | ||
| 33176 | FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (more info ...) | attempted-user | 2014-0589 | URL | ||
| 33177 | FILE-FLASH Adobe Flash AWM2 out of bounds corruption attempt (more info ...) | attempted-user | 2014-0589 | URL | ||
| 33178 | FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (more info ...) | attempted-user | 2015-0307 | URL | ||
| 33179 | FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (more info ...) | attempted-user | 2015-0307 | URL | ||
| 33180 | FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (more info ...) | attempted-user | 2015-0307 | URL | ||
| 33181 | FILE-FLASH Adobe Flash Player ActionScript out-of-bounds read attempt (more info ...) | attempted-user | 2015-0307 | URL | ||
| 33182 | EXPLOIT-KIT Angler exploit kit outbound Adobe Flash request (more info ...) | trojan-activity | ||||
| 33184 | EXPLOIT-KIT Angler exploit kit Adobe Flash download (more info ...) | trojan-activity | ||||
| 33186 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | URL | |||
| 33187 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | URL | |||
| 33201 | FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (more info ...) | attempted-user | 2015-0305 | URL | ||
| 33202 | FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (more info ...) | attempted-user | 2015-0305 | URL | ||
| 33203 | FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (more info ...) | attempted-user | 2015-0305 | URL | ||
| 33204 | FILE-FLASH Adobe Flash Player class confusion memory corruption compressed file attempt (more info ...) | attempted-user | 2015-0305 | URL | ||
| 33261 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33262 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33263 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33264 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33265 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33266 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33267 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33268 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33269 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33270 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 33271 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | 2015-0311 | |||
| 33272 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | 2015-0311 | |||
| 33273 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | 2015-0311 | |||
| 33274 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | 2015-0311 | |||
| 33286 | EXPLOIT-KIT Angler exploit kit Adobe Flash SWF exploit download (more info ...) | trojan-activity | URL | |||
| 33290 | FILE-FLASH Adobe Flash Player stage object use-after-free attempt (more info ...) | attempted-user | 2015-0308 | URL | ||
| 33291 | FILE-FLASH Adobe Flash Player stage object use-after-free attempt (more info ...) | attempted-user | 2015-0308 | URL | ||
| 33300 | FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (more info ...) | denial-of-service | 2015-0310 | URL | ||
| 33301 | FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (more info ...) | denial-of-service | 2015-0310 | URL | ||
| 33302 | FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (more info ...) | denial-of-service | 2015-0310 | URL | ||
| 33303 | FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (more info ...) | denial-of-service | 2015-0310 | URL | ||
| 33367 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33368 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33369 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33370 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33371 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33372 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33373 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33374 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33375 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33376 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33377 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33378 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33379 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33380 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33381 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33382 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33383 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33384 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33385 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33386 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33387 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33388 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33389 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33390 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33391 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33392 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33393 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33394 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33395 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33396 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33397 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33398 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33399 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33400 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33401 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33402 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33403 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33404 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33405 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33406 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33407 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33408 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33409 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33410 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 33454 | FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (more info ...) | attempted-user | 2014-9161 | URL | ||
| 33455 | FILE-OTHER Adobe Reader CoolType.DLL out-of-bounds memory access attempt (more info ...) | attempted-user | 2014-9161 | URL | ||
| 33458 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 33459 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 33460 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 33461 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 33462 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 33463 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 33465 | FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (more info ...) | attempted-user | 2015-0323 | URL | ||
| 33466 | FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (more info ...) | attempted-user | 2015-0323 | URL | ||
| 33467 | FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (more info ...) | attempted-user | 2015-0323 | URL | ||
| 33468 | FILE-FLASH Adobe Flash Player heap overflow using special characters with regex options attempt (more info ...) | attempted-user | 2015-0323 | URL | ||
| 33469 | FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (more info ...) | attempted-user | 2015-0329 | 72514 | URL | |
| 33470 | FILE-FLASH Adobe Flash Player PCRE regex compilation memory corruption attempt (more info ...) | attempted-user | 2015-0329 | 72514 | URL | |
| 33471 | FILE-FLASH Adobe Flash Player arbitrary code execution attempt (more info ...) | attempted-user | 2015-0329 | 72514 | URL | |
| 33472 | FILE-FLASH Adobe Flash Player arbitrary code execution attempt (more info ...) | attempted-user | 2015-0329 | 72514 | URL | |
| 33473 | FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (more info ...) | attempted-user | 2015-0321 | URL | ||
| 33474 | FILE-MULTIMEDIA Adobe Flash Player MP4 malformed avc atom memory corruption attempt (more info ...) | attempted-user | 2015-0321 | URL | ||
| 33484 | FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (more info ...) | attempted-dos | 2015-0326 | 72514 | URL | |
| 33485 | FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (more info ...) | attempted-dos | 2015-0326 | 72514 | URL | |
| 33486 | FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (more info ...) | attempted-dos | 2015-0326 | 72514 | URL | |
| 33487 | FILE-FLASH Adobe Flash Player URLRequestHeaders null pointer dereference denial of service attempt (more info ...) | attempted-dos | 2015-0326 | 72514 | URL | |
| 33490 | FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (more info ...) | attempted-user | 2015-0330 | URL | ||
| 33491 | FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (more info ...) | attempted-user | 2015-0330 | URL | ||
| 33497 | FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (more info ...) | attempted-dos | 2015-0314 | 72514 | URL | |
| 33498 | FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (more info ...) | attempted-dos | 2015-0314 | 72514 | URL | |
| 33499 | FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (more info ...) | attempted-dos | 2015-0314 | 72514 | URL | |
| 33500 | FILE-FLASH Adobe Flash Player extended BitmapFilter class denial of service attempt (more info ...) | attempted-dos | 2015-0314 | 72514 | URL | |
| 33501 | FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (more info ...) | attempted-user | 2015-0320 | 72514 | URL | |
| 33502 | FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (more info ...) | attempted-user | 2015-0320 | 72514 | URL | |
| 33503 | FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (more info ...) | attempted-user | 2015-0320 | 72514 | URL | |
| 33504 | FILE-FLASH Adobe Flash Player MessageChannel use after free attempt (more info ...) | attempted-user | 2015-0320 | 72514 | URL | |
| 33505 | FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (more info ...) | attempted-user | 2015-0322 | URL | ||
| 33506 | FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (more info ...) | attempted-user | 2015-0322 | URL | ||
| 33507 | FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (more info ...) | attempted-user | 2015-0322 | URL | ||
| 33508 | FILE-FLASH Adobe Flash Player out of scope newclass memory corruption attempt (more info ...) | attempted-user | 2015-0322 | URL | ||
| 33509 | FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (more info ...) | attempted-user | 2015-0327 | URL | ||
| 33510 | FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (more info ...) | attempted-user | 2015-0327 | URL | ||
| 33511 | FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (more info ...) | attempted-user | 2015-0327 | URL | ||
| 33512 | FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (more info ...) | attempted-user | 2015-0327 | URL | ||
| 33533 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 33534 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 33535 | FILE-FLASH Adobe Flash Player PCRE control character - possible denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 33536 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 33537 | FILE-FLASH Adobe Flash Player PCRE control character - possible denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 33538 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 33539 | FILE-FLASH Adobe Flash Player object type confusion attempt (more info ...) | attempted-user | 2015-3086 | URL | ||
| 33540 | FILE-FLASH Adobe Flash Player object type confusion attempt (more info ...) | attempted-user | 2015-3086 | URL | ||
| 33541 | FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (more info ...) | attempted-user | 2015-0319 | URL | ||
| 33542 | FILE-FLASH Adobe Flash Player Compressed File object type confusion attempt (more info ...) | attempted-user | 2015-0319 | URL | ||
| 33554 | FILE-FLASH Adobe Flash Player SWF use-after-free attempt (more info ...) | attempted-user | 2015-0315 | URL | ||
| 33555 | FILE-FLASH Adobe Flash Player SWF use-after-free attempt (more info ...) | attempted-user | 2015-0315 | URL | ||
| 33556 | FILE-FLASH Adobe Flash Player XMLsocket connect arbitrary code execution attempt (more info ...) | attempted-user | 2015-0317 | 72514 | URL | |
| 33557 | FILE-FLASH Adobe Flash Player XMLsocket connect arbitrary code execution attempt (more info ...) | attempted-user | 2015-0317 | 72514 | URL | |
| 33558 | FILE-FLASH Adobe Flash Player XMLsocket connect arbitrary code execution attempt (more info ...) | attempted-user | 2015-0317 | 72514 | URL | |
| 33559 | FILE-FLASH Adobe Flash Player XMLsocket connect arbitrary code execution attempt (more info ...) | attempted-user | 2015-0317 | 72514 | URL | |
| 33571 | FILE-OTHER Adobe Reader ETB baseurl memory corruption attempt (more info ...) | attempted-user | 2004-1153 | |||
| 33572 | FILE-OTHER Adobe Reader ETB baseurl memory corruption attempt (more info ...) | attempted-user | 2004-1153 | |||
| 33601 | FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 33602 | FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | 43057 | URL | |
| 33684 | FILE-OTHER Microsoft Windows Media MIDI file memory corruption attempt (more info ...) | attempted-user | 2012-0003 | URL | ||
| 33899 | FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (more info ...) | attempted-user | 2015-0339 | 73088 | URL | |
| 33900 | FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (more info ...) | attempted-user | 2015-0339 | 73088 | URL | |
| 33901 | FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (more info ...) | attempted-user | 2015-0339 | 73088 | URL | |
| 33902 | FILE-FLASH Adobe Flash Player ActionScript memory corruption attempt (more info ...) | attempted-user | 2015-0339 | 73088 | URL | |
| 33918 | FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (more info ...) | attempted-user | 2015-0341 | URL | ||
| 33919 | FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (more info ...) | attempted-user | 2015-0341 | URL | ||
| 33920 | FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (more info ...) | attempted-user | 2015-0341 | URL | ||
| 33921 | FILE-FLASH Adobe Flash Player AVSegmentedSource caption unlink use-after-free attempt (more info ...) | attempted-user | 2015-0341 | URL | ||
| 33923 | FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (more info ...) | attempted-user | 2015-0338 | URL | ||
| 33924 | FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (more info ...) | attempted-user | 2015-0338 | URL | ||
| 33925 | FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (more info ...) | attempted-user | 2015-0338 | URL | ||
| 33926 | FILE-FLASH Adobe Flash Player paletteMap integer overflow attempt (more info ...) | attempted-user | 2015-0338 | URL | ||
| 33967 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 33968 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 33969 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 33970 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 33975 | FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (more info ...) | attempted-user | 2015-0334 | URL | ||
| 33976 | FILE-FLASH Adobe Flash Player SWF object type mismatch attempt (more info ...) | attempted-user | 2015-0334 | URL | ||
| 33978 | FILE-FLASH Adobe Flash Player BrokerExtTextOutW invalid string and length parameter sandbox escape attempt (more info ...) | attempted-user | 2015-0333 | URL | ||
| 33981 | EXPLOIT-KIT Nuclear exploit kit flash file download (more info ...) | trojan-activity | 2015-0336 | |||
| 33998 | FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (more info ...) | attempted-user | 2015-0332 | URL | ||
| 33999 | FILE-FLASH Adobe Flash Player malformed mp4 tag memory corruption attempt (more info ...) | attempted-user | 2015-0332 | URL | ||
| 34020 | FILE-FLASH Adobe Flash Player mp4 trex tag heap corruption attempt (more info ...) | attempted-user | 2015-0335 | |||
| 34021 | FILE-FLASH Adobe Flash Player mp4 trex tag heap corruption attempt (more info ...) | attempted-user | 2015-0335 | |||
| 34133 | FILE-IMAGE Adobe Flash Player element array stack overflow attempt (more info ...) | attempted-user | 2015-0350 | |||
| 34134 | FILE-IMAGE Adobe Flash Player element array stack overflow attempt (more info ...) | attempted-user | 2015-0350 | |||
| 34151 | FILE-FLASH Adobe Flash Player sound class type confusion attempt (more info ...) | attempted-user | 2015-0356 | |||
| 34152 | FILE-FLASH Adobe Flash Player sound class type confusion attempt (more info ...) | attempted-user | 2015-0356 | |||
| 34153 | FILE-FLASH Adobe Flash Player sound class type confusion attempt (more info ...) | attempted-user | 2015-0356 | |||
| 34154 | FILE-FLASH Adobe Flash Player sound class type confusion attempt (more info ...) | attempted-user | 2015-0356 | |||
| 34156 | FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (more info ...) | attempted-user | 2015-0353 | URL | ||
| 34157 | FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (more info ...) | attempted-user | 2015-0353 | URL | ||
| 34158 | FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (more info ...) | attempted-user | 2015-0353 | URL | ||
| 34159 | FILE-FLASH Adobe Flash Player EAC3 memory corruption attempt (more info ...) | attempted-user | 2015-0353 | URL | ||
| 34162 | FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (more info ...) | attempted-user | 2015-3042 | URL | ||
| 34163 | FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (more info ...) | attempted-user | 2015-3042 | URL | ||
| 34164 | FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (more info ...) | attempted-user | 2015-3042 | URL | ||
| 34165 | FILE-FLASH Adobe Flash Player RegExp zero length assertion heap overflow attempt (more info ...) | attempted-user | 2015-3042 | URL | ||
| 34166 | FILE-FLASH Adobe Flash Player byte array double free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34167 | FILE-FLASH Adobe Flash Player byte array double free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34168 | FILE-FLASH Adobe Flash Player byte array double free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34169 | FILE-FLASH Adobe Flash Player byte array double free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34172 | FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (more info ...) | attempted-user | 2015-0358 | URL | ||
| 34173 | FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (more info ...) | attempted-user | 2015-0358 | URL | ||
| 34174 | FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (more info ...) | attempted-user | 2015-0358 | URL | ||
| 34175 | FILE-FLASH Adobe Flash Player TextField filter use-after-free attempt (more info ...) | attempted-user | 2015-0358 | URL | ||
| 34186 | FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (more info ...) | attempted-user | 2015-0347 | URL | ||
| 34187 | FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (more info ...) | attempted-user | 2015-0347 | URL | ||
| 34188 | FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (more info ...) | attempted-user | 2015-0347 | URL | ||
| 34189 | FILE-FLASH Adobe Flash Player AuthorizedFeaturesLoader object memory corruption attempt (more info ...) | attempted-user | 2015-0347 | URL | ||
| 34190 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 34191 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 34192 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 34193 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 34228 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet arbitrary code execution attempt (more info ...) | attempted-user | 2015-0355 | URL | ||
| 34229 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet arbitrary code execution attempt (more info ...) | attempted-user | 2015-0355 | URL | ||
| 34230 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet arbitrary code execution attempt (more info ...) | attempted-user | 2015-0355 | URL | ||
| 34231 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet arbitrary code execution attempt (more info ...) | attempted-user | 2015-0355 | URL | ||
| 34240 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34241 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34242 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34243 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34244 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34245 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34247 | FILE-FLASH Adobe Flash Player text field mask use after free attempt (more info ...) | attempted-user | 2015-0351 | URL | ||
| 34248 | FILE-FLASH Adobe Flash Player text field mask use after free attempt (more info ...) | attempted-user | 2015-0351 | URL | ||
| 34249 | FILE-FLASH Adobe Flash Player text field mask use after free attempt (more info ...) | attempted-user | 2015-0351 | URL | ||
| 34250 | FILE-FLASH Adobe Flash Player text field mask use after free attempt (more info ...) | attempted-user | 2015-0351 | URL | ||
| 34251 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (more info ...) | attempted-dos | 2015-0354 | URL | ||
| 34252 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (more info ...) | attempted-dos | 2015-0354 | URL | ||
| 34255 | FILE-FLASH Adobe Flash Player flash settings manager double free attempt (more info ...) | attempted-user | 2015-0346 | URL | ||
| 34256 | FILE-FLASH Adobe Flash Player flash settings manager double free attempt (more info ...) | attempted-user | 2015-0346 | URL | ||
| 34257 | FILE-FLASH Adobe Flash Player flash settings manager double free attempt (more info ...) | attempted-user | 2015-0346 | URL | ||
| 34258 | FILE-FLASH Adobe Flash Player flash settings manager double free attempt (more info ...) | attempted-user | 2015-0346 | URL | ||
| 34259 | FILE-FLASH Adobe Flash Player flash settings manager double free attempt (more info ...) | attempted-user | 2015-0346 | URL | ||
| 34260 | FILE-FLASH Adobe Flash Player flash settings manager double free attempt (more info ...) | attempted-user | 2015-0346 | URL | ||
| 34264 | FILE-FLASH Adobe Flash Player AVC parser integer overflow attempt (more info ...) | attempted-user | 2015-0352 | URL | ||
| 34265 | FILE-FLASH Adobe Flash Player AVC parser integer overflow attempt (more info ...) | attempted-user | 2015-0352 | URL | ||
| 34266 | FILE-FLASH Adobe Flash Player AVC parser integer overflow attempt (more info ...) | attempted-user | 2015-0352 | URL | ||
| 34267 | FILE-FLASH Adobe Flash Player AVC parser integer overflow attempt (more info ...) | attempted-user | 2015-0352 | URL | ||
| 34268 | FILE-MULTIMEDIA Adobe Flash Player AVC parser integer overflow attempt (more info ...) | attempted-user | 2015-0352 | URL | ||
| 34269 | FILE-MULTIMEDIA Adobe Flash Player AVC parser integer overflow attempt (more info ...) | attempted-user | 2015-0352 | URL | ||
| 34270 | FILE-FLASH Adobe Flash Player FLV tag datasize buffer overflow attempt (more info ...) | attempted-user | 2015-3043 | URL | ||
| 34271 | FILE-FLASH Adobe Flash Player FLV tag datasize buffer overflow attempt (more info ...) | attempted-user | 2015-3043 | URL | ||
| 34272 | FILE-FLASH Adobe Flash malformed pixel bytecode attempt (more info ...) | attempted-user | 2015-3041 | URL | ||
| 34273 | FILE-FLASH Adobe Flash malformed pixel bytecode attempt (more info ...) | attempted-user | 2015-3041 | URL | ||
| 34274 | FILE-FLASH Adobe Flash malformed pixel bytecode attempt (more info ...) | attempted-user | 2015-3041 | URL | ||
| 34275 | FILE-FLASH Adobe Flash malformed pixel bytecode attempt (more info ...) | attempted-user | 2015-3041 | URL | ||
| 34276 | FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (more info ...) | attempted-user | 2015-0348 | URL | ||
| 34277 | FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (more info ...) | attempted-user | 2015-0348 | URL | ||
| 34278 | FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (more info ...) | attempted-user | 2015-0348 | URL | ||
| 34279 | FILE-FLASH Adobe Flash Player Sound.extract integer overflow attempt (more info ...) | attempted-user | 2015-0348 | URL | ||
| 34302 | FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (more info ...) | attempted-user | 2015-3038 | URL | ||
| 34303 | FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (more info ...) | attempted-user | 2015-3038 | URL | ||
| 34304 | FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (more info ...) | attempted-user | 2015-3038 | URL | ||
| 34305 | FILE-FLASH Adobe Flash Player shared byte array memory corruption attempt (more info ...) | attempted-user | 2015-3038 | URL | ||
| 34330 | EXPLOIT-KIT Fiesta exploit kit Adobe Flash exploit download (more info ...) | trojan-activity | ||||
| 34354 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 34355 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 34356 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 34357 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 34466 | FILE-EXECUTABLE Adobe Reader AcroBroker registry value out of bounds attempt (more info ...) | attempted-user | 2015-3048 | URL | ||
| 34467 | FILE-EXECUTABLE Adobe Reader AcroBroker registry value out of bounds attempt (more info ...) | attempted-user | 2015-3048 | URL | ||
| 34473 | FILE-PDF Adobe Acrobat Reader WillSave action use after free attempt (more info ...) | attempted-user | 2015-3054 | URL | ||
| 34474 | FILE-PDF Adobe Acrobat Reader WillSave action use after free attempt (more info ...) | attempted-user | 2015-3054 | URL | ||
| 34477 | FILE-FLASH Adobe Flash Player object type confusion attempt (more info ...) | attempted-user | 2015-3086 | URL | ||
| 34478 | FILE-FLASH Adobe Flash Player object type confusion attempt (more info ...) | attempted-user | 2015-3086 | URL | ||
| 34492 | FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (more info ...) | attempted-user | 2014-0548 | 69705 | URL | |
| 34493 | FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (more info ...) | attempted-user | 2014-0548 | 69705 | URL | |
| 34494 | FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (more info ...) | attempted-user | 2014-0548 | 69705 | URL | |
| 34495 | FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (more info ...) | attempted-user | 2014-0548 | 69705 | URL | |
| 34502 | FILE-FLASH Adobe Flash Player ActionScript AVSS memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34503 | FILE-FLASH Adobe Flash Player ActionScript AVSS memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34504 | FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34505 | FILE-FLASH Adobe Flash Player setSubscribedTags memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34506 | FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34507 | FILE-FLASH Adobe Flash Player setCuePointTags memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34508 | FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34509 | FILE-FLASH Adobe Flash Player setSubscribedTagsForBackgroundManifest memory corruption attempt (more info ...) | attempted-user | 2015-3088 | URL | ||
| 34510 | FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (more info ...) | attempted-user | 2015-3078 | URL | ||
| 34511 | FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (more info ...) | attempted-user | 2015-3078 | URL | ||
| 34512 | FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (more info ...) | attempted-user | 2015-3078 | URL | ||
| 34513 | FILE-OTHER Adobe Flash Player mp4 avcC atom memory corruption attempt (more info ...) | attempted-user | 2015-3078 | URL | ||
| 34514 | FILE-PDF Adobe Acrobat Reader addAnnot invalid type conversion attempt (more info ...) | attempted-user | 2015-3056 | URL | ||
| 34515 | FILE-PDF Adobe Acrobat Reader addAnnot invalid type conversion attempt (more info ...) | attempted-user | 2015-3056 | URL | ||
| 34516 | FILE-PDF Adobe Acrobat Reader addAnnot invalid type conversion attempt (more info ...) | attempted-user | 2015-3056 | URL | ||
| 34517 | FILE-PDF Adobe Acrobat Reader addAnnot invalid type conversion attempt (more info ...) | attempted-user | 2015-3056 | URL | ||
| 34518 | FILE-OTHER Adobe Flash Player invalid mpd memory corruption attempt (more info ...) | attempted-admin | 2015-3089 | URL | ||
| 34519 | FILE-OTHER Adobe Flash Player invalid mpd memory corruption attempt (more info ...) | attempted-admin | 2015-3089 | URL | ||
| 34520 | FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (more info ...) | attempted-user | 2015-3077 | URL | ||
| 34521 | FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (more info ...) | attempted-user | 2015-3077 | URL | ||
| 34522 | FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (more info ...) | attempted-user | 2015-3077 | URL | ||
| 34523 | FILE-FLASH Adobe Flash Player Button.filters type confusion remote code execution attempt (more info ...) | attempted-user | 2015-3077 | URL | ||
| 34524 | FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (more info ...) | attempted-user | 2015-3052 | 74600 | URL | |
| 34525 | FILE-PDF Adobe Acrobat Reader CoolType blend memory corruption attempt (more info ...) | attempted-user | 2015-3052 | 74600 | URL | |
| 34526 | FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (more info ...) | attempted-user | 2015-3051 | 74600 | URL | |
| 34527 | FILE-PDF Adobe Acrobat Reader Cooltype callother memory corruption attempt (more info ...) | attempted-user | 2015-3051 | 74600 | URL | |
| 34538 | FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (more info ...) | attempted-recon | 2015-3105 | 75086 | URL | |
| 34539 | FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (more info ...) | attempted-recon | 2015-3105 | 75086 | URL | |
| 34542 | FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (more info ...) | attempted-admin | 2015-3093 | URL | ||
| 34543 | FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (more info ...) | attempted-admin | 2015-3093 | URL | ||
| 34544 | FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (more info ...) | attempted-admin | 2015-3093 | URL | ||
| 34545 | FILE-FLASH Adobe Flash Player GIF sprite kernel memory leak attempt (more info ...) | attempted-admin | 2015-3093 | URL | ||
| 34546 | FILE-PDF Adobe Acrobat Reader PCR null pointer dereference attempt (more info ...) | attempted-user | 2015-3046 | URL | ||
| 34547 | FILE-PDF Adobe Acrobat Reader PCR null pointer dereference attempt (more info ...) | attempted-user | 2015-3046 | URL | ||
| 34548 | FILE-PDF Adobe Acrobat Reader 11.0.09 keystroke combobox use after free attempt (more info ...) | attempted-user | 2015-3075 | URL | ||
| 34549 | FILE-PDF Adobe Acrobat Reader 11.0.09 keystroke combobox use after free attempt (more info ...) | attempted-user | 2015-3075 | URL | ||
| 34552 | FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (more info ...) | attempted-user | 2015-3070 | URL | ||
| 34553 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 34554 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 34555 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 34556 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 34559 | FILE-PDF Adobe Acrobat Reader openDoc dangling pointer attempt (more info ...) | attempted-user | 2015-3057 | URL | ||
| 34560 | FILE-PDF Adobe Acrobat Reader openDoc dangling pointer attempt (more info ...) | attempted-user | 2015-3057 | URL | ||
| 34561 | FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (more info ...) | attempted-user | 2015-3090 | URL | ||
| 34562 | FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (more info ...) | attempted-user | 2015-3090 | URL | ||
| 34563 | FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (more info ...) | attempted-user | 2015-3090 | URL | ||
| 34564 | FILE-FLASH Adobe Flash Player asynchronous shader changes memory corruption attempt (more info ...) | attempted-user | 2015-3090 | URL | ||
| 34582 | FILE-FLASH Adobe Flash Player invalid BitmapData use after free attempt (more info ...) | attempted-user | 2015-5127 | URL | ||
| 34583 | FILE-FLASH Adobe Flash Player invalid BitmapData use after free attempt (more info ...) | attempted-user | 2015-5127 | URL | ||
| 34589 | FILE-PDF Adobe Acrobat Reader stateModel use-after-free attempt (more info ...) | attempted-user | 2015-3059 | URL | ||
| 34590 | FILE-PDF Adobe Acrobat Reader stateModel use-after-free attempt (more info ...) | attempted-user | 2015-3059 | URL | ||
| 34591 | FILE-PDF Adobe Acrobat Reader stateModel use-after-free attempt (more info ...) | attempted-user | 2015-3059 | URL | ||
| 34592 | FILE-PDF Adobe Acrobat Reader stateModel use-after-free attempt (more info ...) | attempted-user | 2015-3059 | URL | ||
| 34593 | FILE-PDF Adobe Acrobat Reader stateModel use-after-free attempt (more info ...) | attempted-user | 2015-3059 | URL | ||
| 34594 | FILE-PDF Adobe Acrobat Reader stateModel use-after-free attempt (more info ...) | attempted-user | 2015-3059 | URL | ||
| 34650 | FILE-PDF Adobe Acrobat Reader heap buffer overflow attempt (more info ...) | attempted-user | 2015-3050 | URL | ||
| 34651 | FILE-PDF Adobe Acrobat Reader heap buffer overflow attempt (more info ...) | attempted-user | 2015-3050 | URL | ||
| 34652 | FILE-PDF Adobe Acrobat Reader JS notification object double free attempt (more info ...) | attempted-user | 2015-3076 | URL | ||
| 34653 | FILE-PDF Adobe Acrobat Reader JS notification object double free attempt (more info ...) | attempted-user | 2015-3076 | URL | ||
| 34731 | OS-WINDOWS Microsoft Windows Media Player DataObject buffer overflow attempt (more info ...) | attempted-user | 2015-1728 | URL | ||
| 34732 | OS-WINDOWS Microsoft Windows Media Player DataObject buffer overflow attempt (more info ...) | attempted-user | 2015-1728 | URL | ||
| 34794 | FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (more info ...) | attempted-user | 2015-0324 | 72514 | URL | |
| 34795 | FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (more info ...) | attempted-user | 2015-0324 | 72514 | URL | |
| 34796 | FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (more info ...) | attempted-user | 2015-0324 | 72514 | URL | |
| 34797 | FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (more info ...) | attempted-user | 2015-0324 | 72514 | URL | |
| 34803 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34804 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34805 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34806 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | 74067 | URL | |
| 34807 | FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (more info ...) | attempted-user | 2015-3084 | URL | ||
| 34808 | FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (more info ...) | attempted-user | 2015-3084 | URL | ||
| 34809 | FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (more info ...) | attempted-user | 2015-3084 | URL | ||
| 34810 | FILE-FLASH Adobe Flash Player NetConnection and NetStream type confusion exploit attempt (more info ...) | attempted-user | 2015-3084 | URL | ||
| 34816 | FILE-FLASH Adobe Flash FPU stack corruption attempt (more info ...) | attempted-user | 2015-3100 | URL | ||
| 34817 | FILE-FLASH Adobe Flash FPU stack corruption attempt (more info ...) | attempted-user | 2015-3100 | URL | ||
| 34819 | FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (more info ...) | attempted-user | 2015-3103 | URL | ||
| 34820 | FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (more info ...) | attempted-user | 2015-3103 | URL | ||
| 34821 | FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (more info ...) | attempted-user | 2015-3103 | URL | ||
| 34822 | FILE-FLASH Adobe Flash Player concurrent worker thread terminate use-after-free attempt (more info ...) | attempted-user | 2015-3103 | URL | ||
| 34845 | FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (more info ...) | attempted-user | 2015-3053 | 74602 | URL | |
| 34846 | FILE-PDF Adobe Acrobat Reader setPageAction use after free attempt (more info ...) | attempted-user | 2015-3053 | 74602 | URL | |
| 34848 | FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (more info ...) | attempted-user | 2015-3104 | URL | ||
| 34849 | FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (more info ...) | attempted-user | 2015-3104 | URL | ||
| 34850 | FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (more info ...) | attempted-user | 2015-3104 | URL | ||
| 34851 | FILE-FLASH Adobe Flash Player Shader Channel integer overflow attempt (more info ...) | attempted-user | 2015-3104 | URL | ||
| 34853 | FILE-FLASH Adobe Flash custom TextField filter use after free attempt (more info ...) | attempted-user | 2015-3106 | URL | ||
| 34854 | FILE-FLASH Adobe Flash custom TextField filter use after free attempt (more info ...) | attempted-user | 2015-3106 | URL | ||
| 34855 | FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (more info ...) | attempted-user | 2015-3105 | 75086 | URL | |
| 34856 | FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (more info ...) | attempted-user | 2015-3105 | 75086 | URL | |
| 34988 | FILE-FLASH Adobe Flash Player malformed FLV file buffer overflow attempt (more info ...) | attempted-user | 2015-3113 | URL | ||
| 34989 | FILE-FLASH Adobe Flash Player malformed FLV file buffer overflow attempt (more info ...) | attempted-user | 2015-3113 | URL | ||
| 34990 | MALWARE-OTHER Adobe Flash exploit download attempt - Group 6 (more info ...) | trojan-activity | URL | |||
| 34991 | MALWARE-OTHER Group 6 Adobe Flash exploit download attempt (more info ...) | trojan-activity | URL | |||
| 35048 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 35049 | FILE-FLASH Adobe Flash Player ByteArray uncompress domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 35086 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 35087 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 35088 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 35089 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 35095 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 35096 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 35109 | EXPLOIT-KIT Angler exploit kit obfuscated Flash actionscript classname detected (more info ...) | misc-attack | URL | |||
| 35110 | EXPLOIT-KIT Angler exploit kit obfuscated Flash actionscript classname detected (more info ...) | trojan-activity | URL | |||
| 35217 | FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35218 | FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35219 | FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35220 | FILE-FLASH Adobe Flash Player BitmapData use-after-free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35223 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35224 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35225 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35226 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35227 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35228 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35229 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35230 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35231 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35232 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35233 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35234 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35235 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35236 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35237 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35238 | FILE-FLASH Adobe Flash Player valueOf and toString use after free attempt (more info ...) | attempted-user | 2015-3128 | URL | ||
| 35240 | FILE-PDF Adobe Acrobat Reader mishandling of invalid triangle edge access attempt (more info ...) | attempted-user | 2014-8459 | URL | ||
| 35241 | FILE-PDF Adobe Acrobat Reader mishandling of invalid triangle edge access attempt (more info ...) | attempted-user | 2014-8459 | URL | ||
| 35242 | FILE-PDF Adobe Acrobat Reader mishandling of invalid triangle edge access attempt (more info ...) | attempted-user | 2014-8459 | URL | ||
| 35263 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5122 | URL | ||
| 35266 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5122 | URL | ||
| 35267 | FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (more info ...) | attempted-user | 2015-3118 | URL | ||
| 35268 | FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (more info ...) | attempted-user | 2015-3118 | URL | ||
| 35269 | FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (more info ...) | attempted-user | 2015-3118 | URL | ||
| 35270 | FILE-FLASH Adobe Flash Player textfield filter use-after-free attempt (more info ...) | attempted-user | 2015-3118 | URL | ||
| 35271 | FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (more info ...) | attempted-dos | 2015-3117 | URL | ||
| 35272 | FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (more info ...) | attempted-dos | 2015-3117 | URL | ||
| 35273 | FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (more info ...) | attempted-dos | 2015-3117 | URL | ||
| 35274 | FILE-FLASH Adobe Flash Player buildTraitsBindings null pointer dereference attempt (more info ...) | attempted-dos | 2015-3117 | URL | ||
| 35275 | FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (more info ...) | attempted-user | 2015-3119 | URL | ||
| 35276 | FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (more info ...) | attempted-user | 2015-3119 | URL | ||
| 35277 | FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (more info ...) | attempted-user | 2015-3119 | URL | ||
| 35278 | FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (more info ...) | attempted-user | 2015-3119 | URL | ||
| 35290 | FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (more info ...) | attempted-user | 2015-3127 | URL | ||
| 35291 | FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (more info ...) | attempted-user | 2015-3127 | URL | ||
| 35292 | FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (more info ...) | attempted-user | 2015-3127 | URL | ||
| 35293 | FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (more info ...) | attempted-user | 2015-3127 | URL | ||
| 35294 | FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (more info ...) | attempted-user | 2015-3127 | URL | ||
| 35295 | FILE-FLASH Adobe Flash Player SharedObject array.prototype.push use after free attempt (more info ...) | attempted-user | 2015-3127 | URL | ||
| 35296 | FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (more info ...) | attempted-user | 2015-3121 | URL | ||
| 35297 | FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (more info ...) | attempted-user | 2015-3121 | URL | ||
| 35298 | FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (more info ...) | attempted-user | 2015-3121 | URL | ||
| 35299 | FILE-FLASH Adobe Flash Player SharedObject type confusion attempt (more info ...) | attempted-user | 2015-3121 | URL | ||
| 35308 | FILE-PDF Adobe Reader MakeMeasurement buffer overflow attempt (more info ...) | attempted-user | 2015-5093 | URL | ||
| 35309 | FILE-PDF Adobe Reader MakeMeasurement buffer overflow attempt (more info ...) | attempted-user | 2015-5093 | URL | ||
| 35319 | FILE-PDF Adobe Reader ToolEventHandler use-after-free attempt (more info ...) | attempted-user | 2015-5094 | URL | ||
| 35320 | FILE-PDF Adobe Reader ToolEventHandler use-after-free attempt (more info ...) | attempted-user | 2015-5094 | URL | ||
| 35321 | FILE-PDF Adobe Reader setTimeOut app.launchURL privilege escalation attempt (more info ...) | attempted-user | 2015-4447 | URL | ||
| 35322 | FILE-PDF Adobe Reader setTimeOut app.launchURL privilege escalation attempt (more info ...) | attempted-user | 2015-4447 | URL | ||
| 35323 | FILE-PDF Adobe Acrobat Reader ComboBox field Format action use-after-free attempt (more info ...) | attempted-user | 2015-5113 | 75739 | URL | |
| 35324 | FILE-PDF Adobe Acrobat Reader ComboBox field Format action use-after-free attempt (more info ...) | attempted-user | 2015-5113 | 75739 | URL | |
| 35345 | FILE-PDF Adobe Acrobat Reader Unicode value memory corruption attempt (more info ...) | attempted-user | 2015-5087 | 75740 | URL | |
| 35346 | FILE-PDF Adobe Acrobat Reader Unicode value memory corruption attempt (more info ...) | attempted-user | 2015-5087 | 75740 | URL | |
| 35360 | FILE-IMAGE Adobe Acrobat Reader DC TIFF orientation heap buffer overflow attempt (more info ...) | attempted-user | 2015-5097 | URL | ||
| 35361 | FILE-IMAGE Adobe Acrobat Reader DC TIFF orientation heap buffer overflow attempt (more info ...) | attempted-user | 2015-5097 | URL | ||
| 35362 | FILE-IMAGE Adobe Acrobat Reader DC TIFF orientation heap buffer overflow attempt (more info ...) | attempted-user | 2015-5097 | URL | ||
| 35363 | FILE-IMAGE Adobe Acrobat Reader DC TIFF orientation heap buffer overflow attempt (more info ...) | attempted-user | 2015-5097 | URL | ||
| 35364 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | URL | ||
| 35365 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | URL | ||
| 35366 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | URL | ||
| 35367 | FILE-FLASH Adobe Flash Player thread write double-free attempt (more info ...) | attempted-user | 2015-0359 | URL | ||
| 35407 | FILE-PDF Adobe Reader setItems use-after-free attempt (more info ...) | attempted-admin | 2015-5099 | URL | ||
| 35408 | FILE-PDF Adobe Reader setItems use-after-free attempt (more info ...) | attempted-admin | 2015-5099 | URL | ||
| 35409 | FILE-PDF Adobe Reader setItems use-after-free attempt (more info ...) | attempted-admin | 2015-5099 | URL | ||
| 35410 | FILE-PDF Adobe Reader setItems use-after-free attempt (more info ...) | attempted-admin | 2015-5099 | URL | ||
| 35430 | FILE-PDF Adobe Reader nested events use-after-free attempt (more info ...) | attempted-user | 2015-5095 | URL | ||
| 35431 | FILE-PDF Adobe Reader nested events use-after-free attempt (more info ...) | attempted-user | 2015-5095 | URL | ||
| 35449 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 35450 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 35451 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 35452 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 35453 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 35454 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 35455 | FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (more info ...) | misc-activity | ||||
| 35456 | FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (more info ...) | misc-activity | ||||
| 35457 | FILE-IDENTIFY Adobe LZMA compressed Flash file attachment detected (more info ...) | misc-activity | ||||
| 35458 | FILE-IDENTIFY Adobe LZMA compressed Flash file magic detected (more info ...) | misc-activity | ||||
| 35459 | FILE-IDENTIFY Adobe LZMA compressed Flash file download request (more info ...) | misc-activity | ||||
| 35463 | FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35464 | FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35465 | FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35466 | FILE-FLASH Adobe flash player BitmapData.paletteMap use after free attempt (more info ...) | attempted-user | 2015-5123 | URL | ||
| 35571 | FILE-FLASH Adobe Flash Player SWF dereference attempt (more info ...) | attempted-user | 2015-5546 | URL | ||
| 35572 | FILE-FLASH Adobe Flash Player SWF dereference attempt (more info ...) | attempted-user | 2015-5546 | URL | ||
| 35574 | FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (more info ...) | attempted-recon | 2015-5125 | URL | ||
| 35575 | FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (more info ...) | attempted-recon | 2015-5125 | URL | ||
| 35576 | FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (more info ...) | attempted-recon | 2015-5125 | URL | ||
| 35577 | FILE-FLASH Adobe Flash Player secret cookie location disclosure attempt (more info ...) | attempted-recon | 2015-5125 | URL | ||
| 35578 | FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (more info ...) | attempted-user | 2015-5541 | URL | ||
| 35579 | FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (more info ...) | attempted-user | 2015-5541 | URL | ||
| 35580 | FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (more info ...) | attempted-user | 2015-5541 | URL | ||
| 35581 | FILE-FLASH Adobe Flash Player BitmapData applyFilter heap overflow attempt (more info ...) | attempted-user | 2015-5541 | URL | ||
| 35582 | FILE-FLASH Adobe Flash Player button pointer exploit attempt (more info ...) | attempted-user | 2015-5547 | URL | ||
| 35583 | FILE-FLASH Adobe Flash Player button pointer exploit attempt (more info ...) | attempted-user | 2015-5547 | URL | ||
| 35584 | FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (more info ...) | attempted-user | 2015-5559 | 76288 | URL | |
| 35585 | FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (more info ...) | attempted-user | 2015-5559 | 76288 | URL | |
| 35586 | FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (more info ...) | attempted-user | 2015-5559 | 76288 | URL | |
| 35587 | FILE-FLASH Adobe Flash Player BitmapData object use after free attempt (more info ...) | attempted-user | 2015-5559 | 76288 | URL | |
| 35592 | FILE-FLASH Adobe Flash Player tag length buffer overflow attempt (more info ...) | attempted-user | 2015-5131 | |||
| 35593 | FILE-FLASH Adobe Flash Player tag length buffer overflow attempt (more info ...) | attempted-user | 2015-5131 | |||
| 35599 | FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (more info ...) | attempted-user | 2015-5565 | URL | ||
| 35600 | FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (more info ...) | attempted-user | 2015-5565 | URL | ||
| 35601 | FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (more info ...) | attempted-user | 2015-5565 | URL | ||
| 35602 | FILE-FLASH Adobe Flash Player NetConnection use-after-free attempt (more info ...) | attempted-user | 2015-5565 | URL | ||
| 35603 | FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (more info ...) | attempted-user | 2015-5555 | URL | ||
| 35604 | FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (more info ...) | attempted-user | 2015-5555 | URL | ||
| 35605 | FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (more info ...) | attempted-user | 2015-5555 | URL | ||
| 35606 | FILE-FLASH Adobe Flash Player setAdvancedAntialiasingTable type confusion attempt (more info ...) | attempted-user | 2015-5555 | URL | ||
| 35607 | FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (more info ...) | attempted-user | 2015-5556 | URL | ||
| 35608 | FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (more info ...) | attempted-user | 2015-5556 | URL | ||
| 35609 | FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (more info ...) | attempted-user | 2015-5556 | URL | ||
| 35610 | FILE-FLASH Adobe Flash Player CreateTextField use-after-free attempt (more info ...) | attempted-user | 2015-5556 | URL | ||
| 35618 | FILE-FLASH Adobe Flash Player slow script invalid pointer dereference attempt (more info ...) | attempted-user | 2015-5545 | 76283 | URL | |
| 35619 | FILE-FLASH Adobe Flash Player slow script invalid pointer dereference attempt (more info ...) | attempted-user | 2015-5545 | 76283 | URL | |
| 35624 | FILE-MULTIMEDIA Apple Quicktime invalid samr atom out of bounds read attempt (more info ...) | attempted-user | 2015-7087 | URL | ||
| 35625 | FILE-MULTIMEDIA Apple Quicktime invalid samr atom out of bounds read attempt (more info ...) | attempted-user | 2015-7087 | URL | ||
| 35626 | FILE-MULTIMEDIA Apple Quicktime invalid samr atom out of bounds read attempt (more info ...) | attempted-user | 2015-7087 | URL | ||
| 35627 | FILE-MULTIMEDIA Apple Quicktime invalid samr atom out of bounds read attempt (more info ...) | attempted-user | 2015-7087 | URL | ||
| 35632 | FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (more info ...) | attempted-user | 2015-5566 | URL | ||
| 35633 | FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (more info ...) | attempted-user | 2015-5566 | URL | ||
| 35634 | FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (more info ...) | attempted-user | 2015-5566 | URL | ||
| 35635 | FILE-FLASH Adobe Flash Player NetMonitor use-after-free attempt (more info ...) | attempted-user | 2015-5566 | URL | ||
| 35642 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5134 | |||
| 35643 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5134 | |||
| 35644 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5134 | |||
| 35645 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5134 | |||
| 35646 | FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (more info ...) | attempted-user | 2015-5548 | URL | ||
| 35647 | FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (more info ...) | attempted-user | 2015-5548 | URL | ||
| 35649 | FILE-FLASH Adobe Flash Player XML pointer wrong parent reference (more info ...) | attempted-user | 2015-8443 | URL | ||
| 35650 | FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (more info ...) | attempted-user | 2015-5561 | URL | ||
| 35651 | FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (more info ...) | attempted-user | 2015-8450 | URL | ||
| 35652 | FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (more info ...) | attempted-user | 2015-5561 | URL | ||
| 35653 | FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (more info ...) | attempted-user | 2015-8450 | URL | ||
| 35654 | FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (more info ...) | attempted-user | 2015-5549 | URL | ||
| 35655 | FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (more info ...) | attempted-user | 2015-5549 | URL | ||
| 35656 | FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (more info ...) | attempted-user | 2015-5549 | URL | ||
| 35657 | FILE-FLASH Adobe Flash Player XML property delete out of bounds memory write attempt (more info ...) | attempted-user | 2015-5549 | URL | ||
| 35658 | FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (more info ...) | attempted-user | 2015-5558 | URL | ||
| 35659 | FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (more info ...) | attempted-user | 2015-5558 | URL | ||
| 35660 | FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (more info ...) | attempted-user | 2015-5558 | URL | ||
| 35661 | FILE-FLASH Adobe Flash Player FileReference constructor type confusion attempt (more info ...) | attempted-user | 2015-5558 | URL | ||
| 35662 | FILE-FLASH Adobe Flash Player corrupt glyph array out of bounds attempt (more info ...) | attempted-user | 2015-5133 | |||
| 35663 | FILE-FLASH Adobe Flash Player corrupt glyph array out of bounds attempt (more info ...) | attempted-user | 2015-5133 | |||
| 35666 | FILE-FLASH Adobe Flash Player bitmap handling memory corruption attempt (more info ...) | attempted-user | 2015-5544 | URL | ||
| 35667 | FILE-FLASH Adobe Flash Player bitmap handling memory corruption attempt (more info ...) | attempted-user | 2015-5544 | URL | ||
| 35671 | FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (more info ...) | attempted-user | 2015-5553 | URL | ||
| 35672 | FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (more info ...) | attempted-user | 2015-5553 | URL | ||
| 35673 | FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (more info ...) | attempted-user | 2015-5553 | URL | ||
| 35674 | FILE-FLASH Adobe Flash Player incorrect reference to IExternalizable object attempt (more info ...) | attempted-user | 2015-5553 | URL | ||
| 35691 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5557 | URL | ||
| 35692 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5557 | URL | ||
| 35693 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5557 | URL | ||
| 35694 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5557 | URL | ||
| 35695 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5557 | URL | ||
| 35696 | FILE-FLASH Adobe Flash Player ASnative previously set SharedObject variable set attempt (more info ...) | attempted-user | 2015-5557 | URL | ||
| 35711 | FILE-MULTIMEDIA Apple Quicktime invalid alis atom out of bounds read attempt (more info ...) | attempted-user | 2015-7117 | URL | ||
| 35712 | FILE-MULTIMEDIA Apple Quicktime invalid alis atom out of bounds read attempt (more info ...) | attempted-user | 2015-7117 | URL | ||
| 35713 | FILE-MULTIMEDIA Apple Quicktime invalid dref atom out of bounds read attempt (more info ...) | attempted-user | 2015-7090 | URL | ||
| 35714 | FILE-MULTIMEDIA Apple Quicktime invalid dref atom out of bounds read attempt (more info ...) | attempted-user | 2015-7090 | URL | ||
| 35715 | FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (more info ...) | attempted-user | 2015-7088 | URL | ||
| 35716 | FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (more info ...) | attempted-user | 2015-7088 | URL | ||
| 35717 | FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (more info ...) | attempted-user | 2015-7089 | URL | ||
| 35718 | FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (more info ...) | attempted-user | 2015-7089 | URL | ||
| 35741 | FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (more info ...) | attempted-user | 2015-5126 | URL | ||
| 35742 | FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (more info ...) | attempted-user | 2015-5126 | URL | ||
| 35743 | FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (more info ...) | attempted-user | 2015-5126 | URL | ||
| 35744 | FILE-FLASH Adobe Flash Player raster pointer null pointer dereference attempt (more info ...) | attempted-user | 2015-5126 | URL | ||
| 35751 | FILE-IMAGE Adobe Acrobat GIF to PDF conversion heap overflow attempt (more info ...) | attempted-user | 2015-5096 | URL | ||
| 35752 | FILE-IMAGE Adobe Acrobat GIF to PDF conversion heap overflow attempt (more info ...) | attempted-user | 2015-5096 | URL | ||
| 35753 | FILE-FLASH Adobe Flash Player SharedObject use after free attempt (more info ...) | attempted-user | 2015-5539 | |||
| 35754 | FILE-FLASH Adobe Flash Player SharedObject use after free attempt (more info ...) | attempted-user | 2015-5539 | |||
| 35755 | FILE-FLASH Adobe Flash Player SharedObject use after free attempt (more info ...) | attempted-user | 2015-5539 | |||
| 35756 | FILE-FLASH Adobe Flash Player SharedObject use after free attempt (more info ...) | attempted-user | 2015-5539 | |||
| 35759 | FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (more info ...) | attempted-user | 2015-5554 | |||
| 35760 | FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (more info ...) | attempted-user | 2015-5554 | |||
| 35761 | FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (more info ...) | attempted-user | 2015-5554 | |||
| 35762 | FILE-FLASH Adobe Flash Player XMLSocket destroy function type confusion attempt (more info ...) | attempted-user | 2015-5554 | |||
| 35767 | FILE-PDF Adobe Reader CBBBRInvite privilege escalation attempt (more info ...) | attempted-user | 2015-4441 | URL | ||
| 35768 | FILE-PDF Adobe Reader CBBBRInvite privilege escalation attempt (more info ...) | attempted-user | 2015-4441 | URL | ||
| 35779 | FILE-PDF Adobe Reader XML XSL transform exploitation attempt (more info ...) | attempted-recon | 2017-11243 | URL | ||
| 35780 | FILE-PDF Adobe Reader XML XSL transform exploitation attempt (more info ...) | attempted-recon | 2017-11243 | URL | ||
| 35798 | FILE-IMAGE Adobe Acrobat malformed PCX one-byte heap overwrite attempt (more info ...) | attempted-user | 2015-5105 | URL | ||
| 35799 | FILE-IMAGE Adobe Acrobat malformed PCX one-byte heap overwrite attempt (more info ...) | attempted-user | 2015-5105 | URL | ||
| 35813 | FILE-FLASH Adobe Flash Player loadSound type confusion attempt (more info ...) | attempted-user | 2015-5562 | URL | ||
| 35814 | FILE-FLASH Adobe Flash Player loadSound type confusion attempt (more info ...) | attempted-user | 2015-5562 | URL | ||
| 35815 | FILE-FLASH Adobe Flash Player loadSound type confusion attempt (more info ...) | attempted-user | 2015-5562 | URL | ||
| 35816 | FILE-FLASH Adobe Flash Player loadSound type confusion attempt (more info ...) | attempted-user | 2015-5562 | URL | ||
| 35821 | FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (more info ...) | attempted-user | 2015-5564 | |||
| 35823 | FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (more info ...) | attempted-user | 2015-5564 | |||
| 35824 | FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (more info ...) | attempted-user | 2015-5564 | |||
| 35825 | FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (more info ...) | attempted-user | 2015-5564 | |||
| 35861 | FILE-FLASH Adobe Flash Player swapDepths use after free attempt (more info ...) | attempted-admin | 2015-5550 | URL | ||
| 35862 | FILE-FLASH Adobe Flash Player swapDepths use after free attempt (more info ...) | attempted-admin | 2015-5550 | URL | ||
| 35863 | FILE-FLASH Adobe Flash Player swapDepths use after free attempt (more info ...) | attempted-admin | 2015-5550 | URL | ||
| 35864 | FILE-FLASH Adobe Flash Player swapDepths use after free attempt (more info ...) | attempted-admin | 2015-5550 | URL | ||
| 35935 | FILE-FLASH Adobe Flash Player attachMovie use after free attempt (more info ...) | attempted-admin | 2015-5551 | URL | ||
| 35936 | FILE-FLASH Adobe Flash Player attachMovie use after free attempt (more info ...) | attempted-admin | 2015-5551 | URL | ||
| 35937 | FILE-FLASH Adobe Flash Player attachMovie use after free attempt (more info ...) | attempted-admin | 2015-5551 | URL | ||
| 35938 | FILE-FLASH Adobe Flash Player attachMovie use after free attempt (more info ...) | attempted-admin | 2015-5551 | URL | ||
| 35945 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35946 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35947 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35948 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35949 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35950 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35951 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35952 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35953 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35954 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 35983 | FILE-OTHER Microsoft Windows Media Center link file code execution attempt (more info ...) | attempted-user | 2016-0185 | 90023 | URL | |
| 36113 | FILE-MULTIMEDIA Adobe Flash Player ID3 tag integer overflow attempt (more info ...) | attempted-user | 2015-5560 | 76289 | URL | |
| 36114 | FILE-MULTIMEDIA Adobe Flash Player ID3 tag integer overflow attempt (more info ...) | attempted-user | 2015-5560 | 76289 | URL | |
| 36120 | FILE-FLASH Adobe Flash Player regexp heap buffer overflow attempt (more info ...) | attempted-admin | 2015-5129 | URL | ||
| 36121 | FILE-FLASH Adobe Flash Player regexp heap buffer overflow attempt (more info ...) | attempted-admin | 2015-5129 | URL | ||
| 36122 | FILE-FLASH Adobe Flash Player regexp heap buffer overflow attempt (more info ...) | attempted-admin | 2015-5129 | URL | ||
| 36123 | FILE-FLASH Adobe Flash Player regexp heap buffer overflow attempt (more info ...) | attempted-admin | 2015-5129 | URL | ||
| 36124 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36125 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36126 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36127 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36128 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36129 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36135 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36136 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36137 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36138 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36139 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36140 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36141 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36142 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36143 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-7659 | 73084 | URL | |
| 36144 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 36145 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-7659 | 73084 | URL | |
| 36146 | FILE-FLASH Adobe Flash Player NetConnection AS2 arbitrary code execution attempt (more info ...) | attempted-user | 2015-0336 | 73084 | URL | |
| 36149 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36150 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36151 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36152 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 36154 | FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 36155 | FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 36156 | FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 36157 | FILE-FLASH Adobe Flash Player ByteArray domainMemory use after free attempt (more info ...) | attempted-user | 2015-0311 | 72283 | URL | |
| 36160 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36161 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36162 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36163 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36164 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36165 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36166 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36167 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36168 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36169 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36170 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36171 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36172 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36173 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36174 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36175 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36176 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36177 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 36187 | FILE-FLASH Adobe Flash Player display list use after free attempt (more info ...) | attempted-user | 2015-5543 | URL | ||
| 36188 | FILE-FLASH Adobe Flash Player display list use after free attempt (more info ...) | attempted-user | 2015-5543 | URL | ||
| 36189 | FILE-FLASH Adobe Flash Player display list use after free attempt (more info ...) | attempted-user | 2015-5543 | URL | ||
| 36190 | FILE-FLASH Adobe Flash Player display list use after free attempt (more info ...) | attempted-user | 2015-5543 | URL | ||
| 36193 | FILE-FLASH Adobe Flash Player Exploit Kit decryption key detected (more info ...) | attempted-user | 2015-5119 | URL | ||
| 36208 | FILE-MULTIMEDIA Apple Quicktime invalid url atom out of bounds read attempt (more info ...) | attempted-user | 2015-3788 | URL | ||
| 36209 | FILE-MULTIMEDIA Apple Quicktime invalid url atom out of bounds read attempt (more info ...) | attempted-user | 2015-3788 | URL | ||
| 36229 | FILE-FLASH Adobe Flash Player On2 VP6 video codec fragment read access violation attempt (more info ...) | denial-of-service | 2015-3788 | URL | ||
| 36230 | FILE-FLASH Adobe Flash Player On2 VP6 video codec fragment read access violation attempt (more info ...) | denial-of-service | 2015-3788 | URL | ||
| 36257 | FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (more info ...) | attempted-user | 2015-6676 | URL | ||
| 36258 | FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (more info ...) | attempted-user | 2015-6676 | URL | ||
| 36259 | FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (more info ...) | attempted-user | 2015-6676 | URL | ||
| 36260 | FILE-FLASH Adobe Flash Player ByteArray writeByte buffer overflow attempt (more info ...) | attempted-user | 2015-6676 | URL | ||
| 36263 | FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (more info ...) | attempted-user | 2015-5573 | URL | ||
| 36264 | FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (more info ...) | attempted-user | 2015-5573 | URL | ||
| 36265 | FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (more info ...) | attempted-user | 2015-5573 | URL | ||
| 36266 | FILE-FLASH Adobe Flash Player URLStreamObject out of bounds read attempt (more info ...) | attempted-user | 2015-5573 | URL | ||
| 36287 | FILE-FLASH Adobe Flash Player avc_core out of bounds memory access attempt (more info ...) | attempted-user | 2015-5579 | URL | ||
| 36288 | FILE-FLASH Adobe Flash Player avc_core out of bounds memory access attempt (more info ...) | attempted-user | 2015-5579 | URL | ||
| 36289 | FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (more info ...) | attempted-user | 2015-6682 | URL | ||
| 36290 | FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (more info ...) | attempted-user | 2015-6682 | URL | ||
| 36291 | FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (more info ...) | attempted-user | 2015-6682 | URL | ||
| 36292 | FILE-FLASH Adobe Flash Player NetStream.appendBytes use after free attempt (more info ...) | attempted-user | 2015-6682 | URL | ||
| 36295 | FILE-FLASH Adobe Flash Player movie signed integer memory corruption attempt (more info ...) | attempted-user | 2015-5582 | URL | ||
| 36296 | FILE-FLASH Adobe Flash Player movie signed integer memory corruption attempt (more info ...) | attempted-user | 2015-5582 | URL | ||
| 36297 | FILE-FLASH Adobe Flash Player video decode use after free attempt (more info ...) | attempted-user | 2015-5584 | URL | ||
| 36298 | FILE-FLASH Adobe Flash Player video decode use after free attempt (more info ...) | attempted-user | 2015-5584 | URL | ||
| 36299 | FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (more info ...) | attempted-user | 2015-3105 | 75086 | URL | |
| 36300 | FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (more info ...) | attempted-user | 2015-3105 | 75086 | URL | |
| 36301 | FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (more info ...) | attempted-user | 2015-3105 | 75086 | URL | |
| 36302 | FILE-FLASH Adobe Flash Player ShaderParameter out of bounds write attempt (more info ...) | attempted-user | 2015-3105 | 75086 | URL | |
| 36311 | FILE-FLASH Adobe Flash Player class scope bypass attempt (more info ...) | attempted-user | 2015-5588 | URL | ||
| 36312 | FILE-FLASH Adobe Flash Player class scope bypass attempt (more info ...) | attempted-user | 2015-5588 | URL | ||
| 36313 | FILE-FLASH Adobe Flash Player class scope bypass attempt (more info ...) | attempted-user | 2015-5588 | URL | ||
| 36314 | FILE-FLASH Adobe Flash Player class scope bypass attempt (more info ...) | attempted-user | 2015-5588 | URL | ||
| 36318 | FILE-FLASH Adobe Flash Player Netstream Video null pointer dereference attempt (more info ...) | attempted-user | 2015-5575 | URL | ||
| 36319 | FILE-FLASH Adobe Flash Player Netstream Video null pointer dereference attempt (more info ...) | attempted-user | 2015-5575 | URL | ||
| 36321 | FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (more info ...) | attempted-user | 2015-5581 | URL | ||
| 36322 | FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (more info ...) | attempted-user | 2015-5581 | URL | ||
| 36323 | FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (more info ...) | attempted-user | 2015-5581 | URL | ||
| 36324 | FILE-FLASH Adobe Flash Player removeChildren use-after-free attempt (more info ...) | attempted-user | 2015-5581 | URL | ||
| 36338 | MALWARE-OTHER Apple iTunes Connect HTTP response phishing attempt (more info ...) | trojan-activity | URL | |||
| 36339 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36340 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36341 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36342 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36343 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36344 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36345 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36346 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36347 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36348 | FILE-FLASH Adobe Flash Player DisplayList memory corruption attempt (more info ...) | attempted-user | 2015-5587 | URL | ||
| 36351 | FILE-FLASH Adobe Flash Player AVSS null pointer attempt (more info ...) | attempted-user | 2015-5570 | URL | ||
| 36352 | FILE-FLASH Adobe Flash Player AVSS null pointer attempt (more info ...) | attempted-user | 2015-5567 | URL | ||
| 36353 | FILE-FLASH Adobe Flash Player AVSS null pointer attempt (more info ...) | attempted-user | 2015-5567 | URL | ||
| 36354 | FILE-FLASH Adobe Flash Player AVSS null pointer attempt (more info ...) | attempted-user | 2015-5570 | URL | ||
| 36355 | FILE-FLASH Adobe Flash Player AVSS null pointer attempt (more info ...) | attempted-user | 2015-5567 | URL | ||
| 36356 | FILE-FLASH Adobe Flash Player AVSS null pointer attempt (more info ...) | attempted-user | 2015-5567 | URL | ||
| 36357 | FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (more info ...) | attempted-user | 2015-5567 | URL | ||
| 36358 | FILE-FLASH Adobe Flash Player AVSegmentedSource null pointer attempt (more info ...) | attempted-user | 2015-5567 | URL | ||
| 36367 | FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (more info ...) | attempted-user | 2015-6678 | URL | ||
| 36368 | FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (more info ...) | attempted-user | 2015-6678 | URL | ||
| 36369 | FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (more info ...) | attempted-user | 2015-6678 | URL | ||
| 36370 | FILE-FLASH Adobe Flash Player DefineText buffer overflow attempt (more info ...) | attempted-user | 2015-6678 | URL | ||
| 36371 | FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (more info ...) | attempted-user | 2015-5568 | URL | ||
| 36372 | FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (more info ...) | attempted-user | 2015-5568 | URL | ||
| 36373 | FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (more info ...) | attempted-user | 2015-5568 | URL | ||
| 36374 | FILE-FLASH Adobe Flash Player invalid vector length memory corruption attempt (more info ...) | attempted-user | 2015-5568 | URL | ||
| 36398 | FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (more info ...) | attempted-user | 2015-0330 | URL | ||
| 36399 | FILE-FLASH Adobe Flash Player Ovector out of bounds stack corruption attempt (more info ...) | attempted-user | 2015-0330 | URL | ||
| 36502 | FILE-FLASH Adobe Flash Player scrollRect property use after free attempt (more info ...) | attempted-admin | 2015-5130 | URL | ||
| 36503 | FILE-FLASH Adobe Flash Player scrollRect property use after free attempt (more info ...) | attempted-admin | 2015-5130 | URL | ||
| 36504 | FILE-FLASH Adobe Flash Player scrollRect property use after free attempt (more info ...) | attempted-admin | 2015-5130 | URL | ||
| 36505 | FILE-FLASH Adobe Flash Player scrollRect property use after free attempt (more info ...) | attempted-admin | 2015-5130 | URL | ||
| 36507 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 36508 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 36509 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 36510 | FILE-FLASH Adobe Flash Player ActionScript worker use after free attempt (more info ...) | attempted-user | 2015-0313 | 72429 | URL | |
| 36512 | FILE-MULTIMEDIA Adobe Flash Player malformed mp4 CABAC encoding out of bounds read attempt (more info ...) | attempted-user | 2015-5580 | URL | ||
| 36513 | FILE-MULTIMEDIA Adobe Flash Player malformed mp4 CABAC encoding out of bounds read attempt (more info ...) | attempted-user | 2015-5580 | URL | ||
| 36527 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 36528 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 36529 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 36530 | FILE-FLASH Adobe Flash Player and AIR type confusion remote code execution attempt (more info ...) | attempted-user | 2013-5331 | 64199 | URL | |
| 36549 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36550 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7647 | URL | ||
| 36551 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7647 | URL | ||
| 36552 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36553 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36554 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36555 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36556 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36573 | FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (more info ...) | attempted-user | 2015-7625 | URL | ||
| 36574 | FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (more info ...) | attempted-user | 2015-7625 | URL | ||
| 36575 | FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (more info ...) | attempted-user | 2015-7625 | URL | ||
| 36576 | FILE-FLASH Adobe Flash Player recursion check stack overflow attempt (more info ...) | attempted-user | 2015-7625 | URL | ||
| 36581 | FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (more info ...) | attempted-user | 2015-7633 | URL | ||
| 36582 | FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (more info ...) | attempted-user | 2015-7633 | URL | ||
| 36583 | FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (more info ...) | attempted-user | 2015-7633 | URL | ||
| 36584 | FILE-FLASH Adobe Flash Player PCRE engine find_recurse out-of-bounds read attempt (more info ...) | attempted-user | 2015-7633 | URL | ||
| 36586 | FILE-FLASH Adobe Flash Player message handler array length overflow attempt (more info ...) | attempted-user | 2015-7629 | URL | ||
| 36587 | FILE-FLASH Adobe Flash Player message handler array length overflow attempt (more info ...) | attempted-user | 2015-7629 | URL | ||
| 36588 | FILE-FLASH Adobe Flash Player message handler array length overflow attempt (more info ...) | attempted-user | 2015-7629 | URL | ||
| 36589 | FILE-FLASH Adobe Flash Player message handler array length overflow attempt (more info ...) | attempted-user | 2015-7629 | URL | ||
| 36590 | FILE-FLASH Adobe Flash Player textLine use-after-free attempt (more info ...) | attempted-user | 2015-7631 | URL | ||
| 36591 | FILE-FLASH Adobe Flash Player textLine use-after-free attempt (more info ...) | attempted-user | 2015-7631 | URL | ||
| 36592 | FILE-FLASH Adobe Flash Player textLine use-after-free attempt (more info ...) | attempted-user | 2015-7631 | URL | ||
| 36593 | FILE-FLASH Adobe Flash Player textLine use-after-free attempt (more info ...) | attempted-user | 2015-7631 | URL | ||
| 36597 | FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (more info ...) | attempted-user | 2015-7627 | URL | ||
| 36598 | FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (more info ...) | attempted-user | 2015-7627 | URL | ||
| 36599 | FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (more info ...) | attempted-user | 2015-7627 | URL | ||
| 36600 | FILE-FLASH Adobe Flash Player assertion out of bounds corruption attempt (more info ...) | attempted-user | 2015-7627 | URL | ||
| 36755 | FILE-FLASH Adobe Flash Player loadBytes buffer overflow remote code execution attempt (more info ...) | attempted-admin | 2015-7632 | URL | ||
| 36756 | FILE-FLASH Adobe Flash Player loadBytes buffer overflow remote code execution attempt (more info ...) | attempted-admin | 2015-7632 | URL | ||
| 36757 | FILE-FLASH Adobe Flash Player loadBytes buffer overflow remote code execution attempt (more info ...) | attempted-admin | 2015-7632 | URL | ||
| 36758 | FILE-FLASH Adobe Flash Player loadBytes buffer overflow remote code execution attempt (more info ...) | attempted-admin | 2015-7632 | URL | ||
| 36819 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36820 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36821 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36822 | FILE-FLASH Adobe Flash Player AS3 opaqueBackground use-after-free attempt (more info ...) | attempted-user | 2015-5122 | 75712 | URL | |
| 36827 | FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (more info ...) | attempted-user | 2015-7655 | URL | ||
| 36828 | FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (more info ...) | attempted-user | 2015-7655 | URL | ||
| 36829 | FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (more info ...) | attempted-user | 2015-7655 | URL | ||
| 36830 | FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (more info ...) | attempted-user | 2015-7655 | URL | ||
| 36831 | FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (more info ...) | attempted-user | 2015-7655 | URL | ||
| 36832 | FILE-FLASH Adobe Flash Player AS2 actionExtends use-after-free attempt (more info ...) | attempted-user | 2015-7655 | URL | ||
| 36836 | FILE-FLASH Adobe Flash Player toString with script objects use after free attempt (more info ...) | attempted-user | 2015-8042 | URL | ||
| 36837 | FILE-FLASH Adobe Flash Player toString with script objects use after free attempt (more info ...) | attempted-user | 2015-8042 | URL | ||
| 36838 | FILE-FLASH Adobe Flash Player file API validation bypass attempt (more info ...) | attempted-user | 2015-7662 | URL | ||
| 36839 | FILE-FLASH Adobe Flash Player file API validation bypass attempt (more info ...) | attempted-user | 2015-7662 | URL | ||
| 36842 | FILE-FLASH Adobe Flash Player MovieClip object corruption use after free attempt (more info ...) | attempted-user | 2015-7660 | URL | ||
| 36843 | FILE-FLASH Adobe Flash Player MovieClip object corruption use after free attempt (more info ...) | attempted-user | 2015-7660 | URL | ||
| 36844 | FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (more info ...) | attempted-user | 2015-7652 | URL | ||
| 36845 | FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (more info ...) | attempted-user | 2015-7652 | URL | ||
| 36846 | FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (more info ...) | attempted-user | 2015-7652 | URL | ||
| 36847 | FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (more info ...) | attempted-user | 2015-7652 | URL | ||
| 36848 | FILE-FLASH Adobe Flash Player GetConsoleMode input action variable corruption attempt (more info ...) | attempted-user | 2015-7651 | URL | ||
| 36849 | FILE-FLASH Adobe Flash Player GetConsoleMode input action variable corruption attempt (more info ...) | attempted-user | 2015-7651 | URL | ||
| 36850 | FILE-FLASH Adobe Flash Player globalToLocal use-after-free attempt (more info ...) | attempted-user | 2015-7653 | URL | ||
| 36851 | FILE-FLASH Adobe Flash Player globalToLocal use-after-free attempt (more info ...) | attempted-user | 2015-7653 | URL | ||
| 36852 | FILE-FLASH Adobe Flash Player globalToLocal use-after-free attempt (more info ...) | attempted-user | 2015-7653 | URL | ||
| 36853 | FILE-FLASH Adobe Flash Player globalToLocal use-after-free attempt (more info ...) | attempted-user | 2015-7653 | URL | ||
| 36858 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36859 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36860 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 36861 | FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (more info ...) | attempted-user | 2015-7654 | |||
| 36862 | FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (more info ...) | attempted-user | 2015-7654 | |||
| 36863 | FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (more info ...) | attempted-user | 2015-7654 | |||
| 36864 | FILE-FLASH Adobe Flash Player attachsound use-after-free attempt (more info ...) | attempted-user | 2015-7654 | |||
| 36873 | FILE-FLASH Adobe Flash Player AS2 valueOf function assignment with removeTextField use after free attempt (more info ...) | attempted-user | 2015-8447 | URL | ||
| 36874 | FILE-FLASH Adobe Flash Player AS2 valueOf function assignment with removeTextField use after free attempt (more info ...) | attempted-user | 2015-8447 | URL | ||
| 36875 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 36876 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 36878 | FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (more info ...) | attempted-user | 2015-0327 | URL | ||
| 36879 | FILE-FLASH Adobe Flash Player SWF buffer overflow attempt (more info ...) | attempted-user | 2015-0327 | URL | ||
| 36880 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 36881 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 36882 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 36883 | FILE-FLASH Adobe Flash Player byte array uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 36885 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | 42203 | URL | |
| 36886 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | 42203 | URL | |
| 36897 | FILE-FLASH Adobe Flash Player ActionScript ProgressBar use after free attempt (more info ...) | attempted-user | 2015-7663 | URL | ||
| 36898 | FILE-FLASH Adobe Flash Player ActionScript ProgressBar use after free attempt (more info ...) | attempted-user | 2015-7663 | URL | ||
| 37069 | FILE-FLASH Adobe Flash Player object Filters type confusion use after free attempt (more info ...) | attempted-user | 2015-8442 | URL | ||
| 37070 | FILE-FLASH Adobe Flash Player object Filters type confusion use after free attempt (more info ...) | attempted-user | 2015-8442 | URL | ||
| 37071 | FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (more info ...) | attempted-user | 2015-8445 | URL | ||
| 37072 | FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (more info ...) | attempted-user | 2015-8445 | URL | ||
| 37073 | FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (more info ...) | attempted-user | 2015-8445 | URL | ||
| 37074 | FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (more info ...) | attempted-user | 2015-8445 | URL | ||
| 37075 | FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (more info ...) | attempted-user | 2015-8445 | URL | ||
| 37076 | FILE-FLASH Adobe Flash Player ShaderParameter integer overflow attempt (more info ...) | attempted-user | 2015-8445 | URL | ||
| 37079 | FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (more info ...) | attempted-user | 2015-8438 | URL | ||
| 37080 | FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (more info ...) | attempted-user | 2015-8438 | URL | ||
| 37081 | FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (more info ...) | attempted-user | 2015-8438 | URL | ||
| 37082 | FILE-FLASH Adobe Flash Player String length heap buffer overflow attempt (more info ...) | attempted-user | 2015-8438 | URL | ||
| 37083 | FILE-FLASH Adobe Flash Player byte array memory corruption attempt (more info ...) | attempted-user | 2015-8060 | URL | ||
| 37084 | FILE-FLASH Adobe Flash Player byte array memory corruption attempt (more info ...) | attempted-user | 2015-8060 | URL | ||
| 37085 | FILE-FLASH Adobe Flash Player byte array memory corruption attempt (more info ...) | attempted-user | 2015-8060 | URL | ||
| 37086 | FILE-FLASH Adobe Flash Player byte array memory corruption attempt (more info ...) | attempted-user | 2015-8060 | URL | ||
| 37088 | FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (more info ...) | attempted-user | 2015-8436 | URL | ||
| 37089 | FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (more info ...) | attempted-user | 2015-8436 | URL | ||
| 37090 | FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (more info ...) | attempted-user | 2015-8436 | URL | ||
| 37091 | FILE-FLASH Adobe Flash Player PrintJob object use-after-free attempt (more info ...) | attempted-user | 2015-8436 | URL | ||
| 37092 | FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (more info ...) | attempted-user | 2015-8408 | 78710 | URL | |
| 37093 | FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (more info ...) | attempted-user | 2015-8408 | 78710 | URL | |
| 37094 | FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (more info ...) | attempted-user | 2015-8408 | 78710 | URL | |
| 37095 | FILE-FLASH Adobe Flash Player SoundURLStream memory corruption attempt (more info ...) | attempted-user | 2015-8408 | 78710 | URL | |
| 37103 | FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (more info ...) | attempted-user | 2015-8449 | URL | ||
| 37104 | FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (more info ...) | attempted-user | 2015-8449 | URL | ||
| 37105 | FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (more info ...) | attempted-user | 2015-8449 | URL | ||
| 37106 | FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (more info ...) | attempted-user | 2015-8449 | URL | ||
| 37107 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2015-8437 | URL | ||
| 37108 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2015-8437 | URL | ||
| 37109 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2015-8437 | URL | ||
| 37110 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2015-8437 | URL | ||
| 37111 | FILE-FLASH Adobe Flash Player PCRE parsing out of bounds read attempt (more info ...) | attempted-user | 2015-8418 | 78710 | URL | |
| 37112 | FILE-FLASH Adobe Flash Player PCRE parsing out of bounds read attempt (more info ...) | attempted-user | 2015-8418 | 78710 | URL | |
| 37113 | FILE-FLASH Adobe Flash Player PCRE parsing out of bounds read attempt (more info ...) | attempted-user | 2015-8418 | 78710 | URL | |
| 37114 | FILE-FLASH Adobe Flash Player PCRE parsing out of bounds read attempt (more info ...) | attempted-user | 2015-8418 | 78710 | URL | |
| 37115 | FILE-FLASH Adobe Flash Player DisplacementMapFilter mapBitmap use after free attempt (more info ...) | attempted-user | 2015-8448 | |||
| 37116 | FILE-FLASH Adobe Flash Player DisplacementMapFilter mapBitmap use after free attempt (more info ...) | attempted-user | 2015-8448 | |||
| 37118 | FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (more info ...) | attempted-user | 2015-8450 | URL | ||
| 37119 | FILE-FLASH Adobe Flash Player TextField filters use-after-free attempt (more info ...) | attempted-user | 2015-8450 | URL | ||
| 37121 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37122 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37123 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37124 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37125 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37126 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37128 | FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (more info ...) | attempted-user | 2015-8447 | URL | ||
| 37129 | FILE-FLASH Adobe Flash Player AS2 setTransform use-after-free attempt (more info ...) | attempted-user | 2015-8447 | URL | ||
| 37142 | FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (more info ...) | attempted-user | 2015-8439 | URL | ||
| 37143 | FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (more info ...) | attempted-user | 2015-8439 | URL | ||
| 37144 | FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (more info ...) | attempted-user | 2015-8439 | URL | ||
| 37145 | FILE-FLASH Adobe Flash Player SetSlot type confusion attempt (more info ...) | attempted-user | 2015-8439 | URL | ||
| 37149 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37150 | FILE-FLASH Adobe Flash Player MP3 ID3 data parsing heap buffer overflow attempt (more info ...) | attempted-user | 2015-8446 | 78712 | URL | |
| 37156 | FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (more info ...) | attempted-user | 2015-8407 | URL | ||
| 37157 | FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (more info ...) | attempted-user | 2015-8407 | URL | ||
| 37158 | FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (more info ...) | attempted-user | 2015-8407 | URL | ||
| 37159 | FILE-FLASH Adobe Flash Player SharedObject send stack buffer overflow attempt (more info ...) | attempted-user | 2015-8407 | URL | ||
| 37160 | FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (more info ...) | attempted-user | 2015-8419 | URL | ||
| 37161 | FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (more info ...) | attempted-user | 2015-8419 | URL | ||
| 37162 | FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (more info ...) | attempted-user | 2015-8419 | URL | ||
| 37163 | FILE-FLASH Adobe Flash Player oversize source bitmap memory corruption attempt (more info ...) | attempted-user | 2015-8419 | URL | ||
| 37165 | FILE-FLASH Adobe Flash Player URLStream use after free attempt (more info ...) | attempted-user | 2015-8048 | URL | ||
| 37166 | FILE-FLASH Adobe Flash Player URLStream use after free attempt (more info ...) | attempted-user | 2015-8048 | URL | ||
| 37167 | FILE-FLASH Adobe Flash Player URLStream use after free attempt (more info ...) | attempted-user | 2015-8048 | URL | ||
| 37168 | FILE-FLASH Adobe Flash Player URLStream use after free attempt (more info ...) | attempted-user | 2015-8048 | URL | ||
| 37169 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37170 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37171 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37172 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37173 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37174 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37175 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37176 | FILE-FLASH Adobe Flash Player heap memory disclosure via custom valueOf handler attempt (more info ...) | attempted-recon | 2015-8414 | URL | ||
| 37177 | FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (more info ...) | attempted-user | 2015-8457 | URL | ||
| 37178 | FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (more info ...) | attempted-user | 2015-8457 | URL | ||
| 37179 | FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (more info ...) | attempted-user | 2015-8457 | URL | ||
| 37180 | FILE-FLASH Adobe Flash Player M3U8 parser logic memory corruption attempt (more info ...) | attempted-user | 2015-8457 | URL | ||
| 37182 | FILE-FLASH Adobe Flash Player String null check memory corruption attempt (more info ...) | attempted-user | 2015-8444 | URL | ||
| 37183 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37184 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37185 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37186 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37187 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37188 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37189 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37190 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37191 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37192 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37193 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37194 | FILE-FLASH Adobe Flash Player TextFormat.tabStops use after free attempt (more info ...) | attempted-user | 2015-8435 | URL | ||
| 37199 | FILE-FLASH Adobe Flash Player multiple script render display use after free attempt (more info ...) | attempted-user | 2015-8635 | URL | ||
| 37200 | FILE-FLASH Adobe Flash Player multiple script render display use after free attempt (more info ...) | attempted-user | 2015-8635 | URL | ||
| 37201 | FILE-FLASH Adobe Flash Standalone Player ASSetPropFlags use after free attempt (more info ...) | attempted-user | 2015-8646 | URL | ||
| 37202 | FILE-FLASH Adobe Flash Standalone Player ASSetPropFlags use after free attempt (more info ...) | attempted-user | 2015-8646 | URL | ||
| 37203 | FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (more info ...) | attempted-user | 2015-8640 | URL | ||
| 37204 | FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (more info ...) | attempted-user | 2015-8640 | URL | ||
| 37205 | FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (more info ...) | attempted-user | 2015-8640 | URL | ||
| 37206 | FILE-FLASH Adobe Flash Player object.addProperty method use after free attempt (more info ...) | attempted-user | 2015-8640 | URL | ||
| 37208 | FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (more info ...) | attempted-user | 2015-8650 | URL | ||
| 37209 | FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (more info ...) | attempted-user | 2015-8650 | URL | ||
| 37210 | FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (more info ...) | attempted-user | 2015-8650 | URL | ||
| 37211 | FILE-FLASH Adobe Flash Player LoadVars decode use after free attempt (more info ...) | attempted-user | 2015-8650 | URL | ||
| 37216 | FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (more info ...) | attempted-user | 2015-8648 | URL | ||
| 37217 | FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (more info ...) | attempted-user | 2015-8648 | URL | ||
| 37218 | FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (more info ...) | attempted-user | 2015-8648 | URL | ||
| 37219 | FILE-FLASH Adobe Flash Player MovieClip setMask use after free attempt (more info ...) | attempted-user | 2015-8648 | URL | ||
| 37220 | FILE-FLASH Adobe Flash Player Date with invalid parameter toTimeString attempt (more info ...) | attempted-user | 2015-8645 | URL | ||
| 37221 | FILE-FLASH Adobe Flash Player Date with invalid parameter toTimeString attempt (more info ...) | attempted-user | 2015-8645 | URL | ||
| 37223 | FILE-FLASH Adobe Flash Player overly large bitmap integer overflow attempt (more info ...) | attempted-user | 2015-8460 | URL | ||
| 37224 | FILE-FLASH Adobe Flash Player overly large bitmap integer overflow attempt (more info ...) | attempted-user | 2015-8460 | URL | ||
| 37229 | FILE-FLASH Adobe Flash Player MovieClip method use after free attempt (more info ...) | attempted-user | 2016-7862 | URL | ||
| 37230 | FILE-FLASH Adobe Flash Player MovieClip method use after free attempt (more info ...) | attempted-user | 2016-7862 | URL | ||
| 37231 | FILE-FLASH Adobe Flash Player getBounds method use after free attempt (more info ...) | attempted-user | 2015-8638 | URL | ||
| 37232 | FILE-FLASH Adobe Flash Player getBounds method use after free attempt (more info ...) | attempted-user | 2015-8638 | URL | ||
| 37234 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2016-1017 | URL | ||
| 37235 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2016-1017 | URL | ||
| 37236 | FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (more info ...) | attempted-user | 2015-8649 | URL | ||
| 37237 | FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (more info ...) | attempted-user | 2015-8649 | URL | ||
| 37238 | FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (more info ...) | attempted-user | 2015-8649 | URL | ||
| 37239 | FILE-FLASH Adobe Flash Player object hasOwnProperty use after free attempt (more info ...) | attempted-user | 2015-8649 | URL | ||
| 37240 | FILE-FLASH Adobe Flash Player canvas out of bounds read attempt (more info ...) | attempted-user | 2015-8636 | URL | ||
| 37241 | FILE-FLASH Adobe Flash Player canvas out of bounds read attempt (more info ...) | attempted-user | 2015-8636 | URL | ||
| 37247 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2015-8642 | URL | ||
| 37248 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2015-8641 | URL | ||
| 37249 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2015-8643 | URL | ||
| 37250 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2015-8642 | URL | ||
| 37251 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2015-8641 | URL | ||
| 37252 | FILE-FLASH Adobe Flash Player removeMovieClip use after free attempt (more info ...) | attempted-user | 2015-8643 | URL | ||
| 37254 | FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (more info ...) | attempted-user | 2015-8459 | URL | ||
| 37256 | FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (more info ...) | attempted-user | 2015-8459 | URL | ||
| 37344 | FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (more info ...) | attempted-user | 2015-8459 | URL | ||
| 37345 | FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (more info ...) | attempted-user | 2015-8459 | URL | ||
| 37346 | FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (more info ...) | attempted-user | 2015-8459 | URL | ||
| 37347 | FILE-FLASH Adobe Flash Player improper display list handling memory corruption attempt (more info ...) | attempted-user | 2015-8459 | URL | ||
| 37350 | FILE-FLASH Adobe Flash Player invalid parent pointer use after free attempt (more info ...) | attempted-user | 2015-8634 | URL | ||
| 37351 | FILE-FLASH Adobe Flash Player invalid parent pointer use after free attempt (more info ...) | attempted-user | 2015-8634 | URL | ||
| 37352 | FILE-FLASH Adobe Flash Player SimpleButton constructor type confusion attempt (more info ...) | attempted-user | 2015-8644 | URL | ||
| 37353 | FILE-FLASH Adobe Flash Player SimpleButton constructor type confusion attempt (more info ...) | attempted-user | 2015-8644 | URL | ||
| 37397 | FILE-PDF Adobe Acrobat Reader malformed UTF-16 string memory corruption attempt (more info ...) | attempted-user | 2016-0939 | URL | ||
| 37398 | FILE-PDF Adobe Acrobat Reader malformed UTF-16 string memory corruption attempt (more info ...) | attempted-user | 2016-0939 | URL | ||
| 37399 | FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (more info ...) | attempted-user | 2016-0938 | URL | ||
| 37400 | FILE-PDF Adobe Acrobat Reader custom string length function memory corruption attempt (more info ...) | attempted-user | 2016-0938 | URL | ||
| 37424 | FILE-PDF Adobe Acrobat Reader ExtGState double free attempt (more info ...) | attempted-user | 2016-0935 | URL | ||
| 37425 | FILE-PDF Adobe Acrobat Reader ExtGState double free attempt (more info ...) | attempted-user | 2016-0935 | URL | ||
| 37433 | FILE-PDF Adobe Reader setPersistent use after free attempt (more info ...) | attempted-user | 2016-0941 | 80358 | URL | |
| 37434 | FILE-PDF Adobe Reader setPersistent use after free attempt (more info ...) | attempted-user | 2016-0941 | 80358 | URL | |
| 37448 | FILE-PDF Adobe Acrobat U3D Bone Weight Modifier memory corruption attempt (more info ...) | attempted-user | 2016-0933 | URL | ||
| 37449 | FILE-PDF Adobe Acrobat U3D Bone Weight Modifier memory corruption attempt (more info ...) | attempted-user | 2016-0933 | URL | ||
| 37450 | FILE-PDF Adobe Reader JPEG2000 chroma sub-pattern memory corruption attempt (more info ...) | attempted-user | 2016-0936 | URL | ||
| 37451 | FILE-PDF Adobe Reader JPEG2000 chroma sub-pattern memory corruption attempt (more info ...) | attempted-user | 2016-0936 | URL | ||
| 37454 | FILE-PDF Adobe Acrobat CoolType malformed font memory corruption attempt (more info ...) | attempted-dos | 2016-0945 | URL | ||
| 37455 | FILE-PDF Adobe Acrobat CoolType malformed font memory corruption attempt (more info ...) | attempted-dos | 2016-0945 | URL | ||
| 37458 | FILE-PDF Adobe Acrobat CoolType font representation decoding memory corruption attempt (more info ...) | attempted-dos | 2016-0944 | URL | ||
| 37459 | FILE-PDF Adobe Acrobat CoolType font representation decoding memory corruption attempt (more info ...) | attempted-dos | 2016-0944 | URL | ||
| 37460 | FILE-PDF Adobe Reader Graphic State Parameter Dictionaries use after free attempt (more info ...) | attempted-user | 2016-0940 | 80358 | URL | |
| 37461 | FILE-PDF Adobe Reader Graphic State Parameter Dictionaries use after free attempt (more info ...) | attempted-user | 2016-0940 | 80358 | URL | |
| 37469 | FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (more info ...) | denial-of-service | 2016-0946 | URL | ||
| 37470 | FILE-PDF Adobe Acrobat Reader null pointer dereference attempt (more info ...) | attempted-dos | 2016-0946 | URL | ||
| 37530 | FILE-PDF Adobe Acrobat Reader pdfshell preview mode - possible denial of service attempt (more info ...) | attempted-dos | 2016-0942 | URL | ||
| 37531 | FILE-PDF Adobe Acrobat Reader pdfshell preview mode - possible denial of service attempt (more info ...) | attempted-dos | 2016-0942 | URL | ||
| 37532 | FILE-PDF Adobe Acrobat Reader pdfshell preview mode - possible denial of service attempt (more info ...) | attempted-dos | 2016-0942 | URL | ||
| 37533 | FILE-PDF Adobe Acrobat Reader pdfshell preview mode - possible denial of service attempt (more info ...) | attempted-dos | 2016-0942 | URL | ||
| 37629 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | |||
| 37630 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | |||
| 37631 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | |||
| 37632 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | |||
| 37638 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 37639 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 37640 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 37641 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 37644 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 37645 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 37652 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray exception null pointer access attempt (more info ...) | attempted-user | 2016-0984 | URL | ||
| 37653 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray exception null pointer access attempt (more info ...) | attempted-user | 2016-0984 | URL | ||
| 37668 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 37669 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 37670 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 37671 | FILE-FLASH Adobe Flash Player convolution filter use-after-free attempt (more info ...) | attempted-user | 2015-0349 | URL | ||
| 37679 | FILE-FLASH Adobe Flash player ASNative textField use after free attempt (more info ...) | attempted-user | 2016-0982 | URL | ||
| 37680 | FILE-FLASH Adobe Flash player ASNative textField use after free attempt (more info ...) | attempted-user | 2016-0982 | URL | ||
| 37684 | FILE-FLASH Adobe Flash Player worker shared object user-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 37685 | FILE-FLASH Adobe Flash Player worker shared object user-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 37688 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 37689 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-admin | 2015-5119 | URL | ||
| 37708 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 37709 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 37710 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 37711 | FILE-FLASH Adobe Flash copyPixelsToByteArray integer overflow attempt (more info ...) | attempted-user | 2014-0556 | URL | ||
| 37720 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37721 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37722 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37723 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37734 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0976 | URL | ||
| 37735 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0976 | URL | ||
| 37736 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0976 | URL | ||
| 37737 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0976 | URL | ||
| 37738 | FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (more info ...) | attempted-user | 2016-0964 | URL | ||
| 37739 | FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (more info ...) | attempted-user | 2016-0964 | URL | ||
| 37740 | FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (more info ...) | attempted-user | 2016-0964 | URL | ||
| 37741 | FILE-FLASH Adobe Flash Player BlurFilter memory corruption attempt (more info ...) | attempted-user | 2016-0964 | URL | ||
| 37742 | FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (more info ...) | attempted-user | 2016-0966 | URL | ||
| 37743 | FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (more info ...) | attempted-user | 2016-0966 | URL | ||
| 37744 | FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (more info ...) | attempted-user | 2016-0966 | URL | ||
| 37745 | FILE-FLASH Adobe Flash Player TextLine memory corruption attempt (more info ...) | attempted-user | 2016-0966 | URL | ||
| 37746 | FILE-FLASH Adobe Flash Player list filter memory corruption attempt (more info ...) | attempted-user | 2016-0965 | URL | ||
| 37747 | FILE-FLASH Adobe Flash Player list filter memory corruption attempt (more info ...) | attempted-user | 2016-0965 | URL | ||
| 37748 | FILE-FLASH Adobe Flash Player TextField object Type Confusion Attempt (more info ...) | attempted-user | 2016-0985 | URL | ||
| 37749 | FILE-FLASH Adobe Flash Player TextField object Type Confusion Attempt (more info ...) | attempted-user | 2016-0985 | URL | ||
| 37750 | FILE-FLASH Adobe Flash Player FLV invalid reference frame count memory corruption attempt (more info ...) | attempted-user | 2016-0972 | URL | ||
| 37751 | FILE-FLASH Adobe Flash Player FLV invalid reference frame count memory corruption attempt (more info ...) | attempted-user | 2016-0972 | URL | ||
| 37752 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0979 | URL | ||
| 37753 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0979 | URL | ||
| 37754 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0979 | URL | ||
| 37755 | FILE-FLASH Adobe Flash Player Point object integer overflow attempt (more info ...) | attempted-user | 2016-0979 | URL | ||
| 37756 | FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (more info ...) | attempted-user | 2018-16030 | URL | ||
| 37757 | FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (more info ...) | attempted-user | 2016-0968 | URL | ||
| 37758 | FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (more info ...) | attempted-user | 2016-0968 | URL | ||
| 37759 | FILE-FLASH Adobe Flash Player invalid sourceRect copyPixels heap corruption attempt (more info ...) | attempted-user | 2018-16030 | URL | ||
| 37760 | FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (more info ...) | attempted-user | 2016-0977 | URL | ||
| 37761 | FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (more info ...) | attempted-user | 2016-0977 | URL | ||
| 37762 | FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (more info ...) | attempted-user | 2016-0977 | URL | ||
| 37763 | FILE-FLASH Adobe Flash Player rectangle auxiliary method integer overflow attempt (more info ...) | attempted-user | 2016-0977 | URL | ||
| 37764 | FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (more info ...) | attempted-user | 2016-0969 | URL | ||
| 37765 | FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (more info ...) | attempted-user | 2016-0969 | URL | ||
| 37766 | FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (more info ...) | attempted-user | 2016-0969 | URL | ||
| 37767 | FILE-FLASH Adobe Flash Player BitmapData method memory corruption attempt (more info ...) | attempted-user | 2016-0969 | URL | ||
| 37768 | FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (more info ...) | attempted-user | 2016-0983 | URL | ||
| 37769 | FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (more info ...) | attempted-user | 2016-0983 | URL | ||
| 37770 | FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (more info ...) | attempted-user | 2016-0983 | URL | ||
| 37771 | FILE-FLASH Adobe Flash Player ASnative custom getter use after free attempt (more info ...) | attempted-user | 2016-0983 | URL | ||
| 37772 | FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (more info ...) | attempted-user | 2016-0975 | URL | ||
| 37773 | FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (more info ...) | attempted-user | 2016-0975 | URL | ||
| 37774 | FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (more info ...) | attempted-user | 2016-0975 | URL | ||
| 37775 | FILE-FLASH Adobe Flash Player ActionScript constructor use after free attempt (more info ...) | attempted-user | 2016-0975 | URL | ||
| 37776 | FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (more info ...) | attempted-user | 2016-0974 | URL | ||
| 37777 | FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (more info ...) | attempted-user | 2016-0974 | URL | ||
| 37778 | FILE-OTHER Adobe Flash Player unsupported video encoding remote code execution attempt (more info ...) | attempted-user | 2016-0967 | |||
| 37779 | FILE-OTHER Adobe Flash Player unsupported video encoding remote code execution attempt (more info ...) | attempted-user | 2016-0967 | |||
| 37780 | FILE-FLASH Adobe Flash Player ASnative memory corruption attempt (more info ...) | attempted-user | 2016-0981 | URL | ||
| 37781 | FILE-FLASH Adobe Flash Player ASnative memory corruption attempt (more info ...) | attempted-user | 2016-0981 | URL | ||
| 37782 | FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (more info ...) | attempted-user | 2016-0971 | URL | ||
| 37783 | FILE-FLASH Adobe Flash Player malformed Adobe Texture Format heap overflow attempt (more info ...) | attempted-user | 2016-0971 | URL | ||
| 37784 | FILE-IDENTIFY Adobe Texture Format file magic detected (more info ...) | misc-activity | ||||
| 37785 | FILE-IDENTIFY Adobe Texture Format file attachment detected (more info ...) | misc-activity | ||||
| 37786 | FILE-IDENTIFY Adobe Texture Format file attachment detected (more info ...) | misc-activity | ||||
| 37787 | FILE-IDENTIFY Adobe Texture Format file magic detected (more info ...) | misc-activity | ||||
| 37788 | FILE-IDENTIFY Adobe Texture Format file download request (more info ...) | misc-activity | ||||
| 37789 | FILE-FLASH Adobe Flash Player ASnative use after free attempt (more info ...) | attempted-user | 2016-0959 | |||
| 37790 | FILE-FLASH Adobe Flash Player ASnative use after free attempt (more info ...) | attempted-user | 2016-0959 | |||
| 37791 | FILE-FLASH Adobe Flash Player ASnative use after free attempt (more info ...) | attempted-user | 2016-0959 | |||
| 37792 | FILE-FLASH Adobe Flash Player ASnative use after free attempt (more info ...) | attempted-user | 2016-0959 | |||
| 37793 | FILE-FLASH Adobe Flash Player ActionScript 3 URLRequest class use after free attempt (more info ...) | misc-attack | 2016-0973 | URL | ||
| 37794 | FILE-FLASH Adobe Flash Player ActionScript 3 URLRequest class use after free attempt (more info ...) | misc-attack | 2016-0973 | URL | ||
| 37795 | FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (more info ...) | attempted-user | 2016-0978 | URL | ||
| 37796 | FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (more info ...) | attempted-user | 2016-0978 | URL | ||
| 37797 | FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (more info ...) | attempted-user | 2016-0978 | URL | ||
| 37798 | FILE-FLASH Adobe Flash Player rectangle memory access violation attempt (more info ...) | attempted-user | 2016-0978 | URL | ||
| 37806 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 37807 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 37808 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 37809 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 37828 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 37829 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 37839 | FILE-FLASH Adobe Flash Player AAC audio memory corruption attempt (more info ...) | attempted-user | 2016-0970 | URL | ||
| 37840 | FILE-FLASH Adobe Flash Player AAC audio memory corruption attempt (more info ...) | attempted-user | 2016-0970 | URL | ||
| 37925 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37926 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37927 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37930 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37931 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37932 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37933 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 37937 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 37938 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 37939 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 37940 | FILE-MULTIMEDIA Adobe Flash pixel bender buffer overflow attempt (more info ...) | attempted-user | 2014-0515 | 67092 | ||
| 38165 | FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (more info ...) | attempted-user | 2016-0963 | URL | ||
| 38166 | FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (more info ...) | attempted-user | 2016-0963 | URL | ||
| 38167 | FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (more info ...) | attempted-user | 2016-0963 | URL | ||
| 38168 | FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (more info ...) | attempted-user | 2016-0963 | URL | ||
| 38169 | FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (more info ...) | attempted-user | 2016-0963 | URL | ||
| 38170 | FILE-FLASH Adobe Flash Player hitTest BitmapData object integer overflow attempt (more info ...) | attempted-user | 2016-0963 | URL | ||
| 38171 | FILE-OTHER Adobe Acrobat request for updaternotifications.dll over SMB attempt (more info ...) | attempted-user | 2016-1008 | URL | ||
| 38173 | FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (more info ...) | attempted-user | 2016-0990 | |||
| 38174 | FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (more info ...) | attempted-user | 2016-0990 | |||
| 38175 | FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (more info ...) | attempted-user | 2016-0990 | |||
| 38176 | FILE-FLASH Adobe Standalone Flash Player texfield getter use after free attempt (more info ...) | attempted-user | 2016-0990 | |||
| 38177 | FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (more info ...) | attempted-user | 2016-0991 | |||
| 38178 | FILE-FLASH Microsoft Standalone Flash Player asNative object use after free attempt (more info ...) | attempted-user | 2016-0991 | |||
| 38179 | FILE-FLASH Adobe Standalone Flash Player ASnative object use after free attempt (more info ...) | attempted-user | 2016-0991 | |||
| 38180 | FILE-FLASH Microsoft Standalone Flash Player asNative object use after free attempt (more info ...) | attempted-user | 2016-0991 | |||
| 38181 | FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (more info ...) | attempted-user | 2016-0989 | URL | ||
| 38182 | FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (more info ...) | attempted-user | 2016-0989 | URL | ||
| 38183 | FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (more info ...) | attempted-user | 2016-0989 | URL | ||
| 38184 | FILE-FLASH Adobe Flash Player AS3 multiple axis attributes integer overflow attempt (more info ...) | attempted-user | 2016-0989 | URL | ||
| 38185 | FILE-FLASH Adobe Flash Player AS2 setInterval use after free attempt (more info ...) | attempted-user | 2016-0988 | URL | ||
| 38186 | FILE-FLASH Adobe Flash Player AS2 setInterval use after free attempt (more info ...) | attempted-user | 2016-0988 | URL | ||
| 38187 | FILE-FLASH Adobe Flash Player AS2 setInterval use after free attempt (more info ...) | attempted-user | 2016-0988 | URL | ||
| 38188 | FILE-FLASH Adobe Flash Player AS2 setInterval use after free attempt (more info ...) | attempted-user | 2016-0988 | URL | ||
| 38189 | FILE-FLASH Adobe Flash Player si32 integer overflow attempt (more info ...) | attempted-user | 2016-0993 | 72283 | URL | |
| 38190 | FILE-FLASH Adobe Flash Player si32 integer overflow attempt (more info ...) | attempted-user | 2016-0993 | URL | ||
| 38191 | FILE-FLASH Adobe Flash Player si32 integer overflow attempt (more info ...) | attempted-user | 2016-0993 | 72283 | URL | |
| 38192 | FILE-FLASH Adobe Flash Player si32 integer overflow attempt (more info ...) | attempted-user | 2016-0993 | 72283 | URL | |
| 38193 | FILE-FLASH Adobe Flash Player setInterval use-after-free memory corruption attempt (more info ...) | attempted-user | 2016-0996 | |||
| 38194 | FILE-FLASH Adobe Flash Player setInterval use-after-free memory corruption attempt (more info ...) | attempted-user | 2016-0996 | |||
| 38195 | FILE-FLASH Adobe Flash Player htmlText method use-after-free memory corruption attempt (more info ...) | attempted-user | 2016-0995 | |||
| 38196 | FILE-FLASH Adobe Flash Player htmlText method use-after-free memory corruption attempt (more info ...) | attempted-user | 2016-0995 | |||
| 38197 | FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (more info ...) | attempted-user | 2016-0986 | URL | ||
| 38198 | FILE-FLASH Adobe Flash Player recursion calls stack overflow attempt (more info ...) | attempted-user | 2016-0986 | URL | ||
| 38199 | FILE-FLASH Adobe Flash Player BitmapData.copyChannel access violation attempt (more info ...) | attempted-user | 2016-0960 | URL | ||
| 38200 | FILE-FLASH Adobe Flash Player BitmapData.copyChannel access violation attempt (more info ...) | attempted-user | 2016-0960 | URL | ||
| 38201 | FILE-MULTIMEDIA Adobe Flash Player MP4 length tag out of bounds read attempt (more info ...) | attempted-user | 2015-8652 | URL | ||
| 38202 | FILE-MULTIMEDIA Adobe Flash Player MP4 length tag out of bounds read attempt (more info ...) | attempted-user | 2015-8652 | URL | ||
| 38203 | FILE-FLASH Adobe Flash Player BitmapData.applyFilter access violation attempt (more info ...) | attempted-user | 2016-0961 | URL | ||
| 38204 | FILE-FLASH Adobe Flash Player BitmapData.applyFilter access violation attempt (more info ...) | attempted-user | 2016-0961 | URL | ||
| 38205 | FILE-FLASH Adobe Flash Player MPD use-after-free attempt (more info ...) | attempted-user | 2016-1006 | URL | ||
| 38206 | FILE-FLASH Adobe Flash Player MPD use-after-free attempt (more info ...) | attempted-user | 2016-1006 | URL | ||
| 38207 | FILE-FLASH Adobe Flash Player MPD use-after-free attempt (more info ...) | attempted-user | 2016-1006 | URL | ||
| 38208 | FILE-FLASH Adobe Flash Player MPD use-after-free attempt (more info ...) | attempted-user | 2016-1006 | URL | ||
| 38209 | FILE-MULTIMEDIA Adobe Flash Player malformed mp4 out of bounds write attempt (more info ...) | attempted-user | 2015-8658 | URL | ||
| 38210 | FILE-MULTIMEDIA Adobe Flash Player malformed mp4 out of bounds write attempt (more info ...) | attempted-user | 2015-8658 | URL | ||
| 38211 | FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (more info ...) | attempted-user | 2016-1009 | URL | ||
| 38212 | FILE-PDF Adobe Reader JPEG 2000 chrominance subsampling memory corruption attempt (more info ...) | attempted-user | 2016-1009 | URL | ||
| 38213 | FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (more info ...) | attempted-user | 2016-0962 | URL | ||
| 38214 | FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (more info ...) | attempted-user | 2016-0962 | URL | ||
| 38215 | FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (more info ...) | attempted-user | 2016-0962 | URL | ||
| 38216 | FILE-FLASH Adobe Flash Player BitmapData.paletteMap size mismatch integer overflow attempt (more info ...) | attempted-user | 2016-0962 | URL | ||
| 38217 | FILE-MULTIMEDIA Adobe Flash Player malformed mp4 atom use-after-free attempt (more info ...) | attempted-user | 2015-8655 | URL | ||
| 38218 | FILE-MULTIMEDIA Adobe Flash Player malformed MP4 atom use-after-free attempt (more info ...) | attempted-user | 2015-8655 | URL | ||
| 38219 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-user | 2016-0987 | URL | ||
| 38220 | FILE-FLASH Adobe Flash Player use after free (more info ...) | attempted-user | 2016-0987 | URL | ||
| 38221 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-user | 2016-0987 | URL | ||
| 38222 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-user | 2016-0987 | URL | ||
| 38223 | FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (more info ...) | attempted-user | 2016-1007 | URL | ||
| 38224 | FILE-PDF Adobe Acrobat Reader annotation oversized array memory corruption attempt (more info ...) | attempted-user | 2016-1007 | URL | ||
| 38225 | FILE-FLASH Adobe Flash Player invalid FLV header out of bounds write attempt (more info ...) | attempted-user | 2017-2935 | URL | ||
| 38226 | FILE-FLASH Adobe Flash Player invalid FLV header out of bounds write attempt (more info ...) | attempted-user | 2017-2935 | URL | ||
| 38227 | FILE-FLASH Adobe Flash Player mp4 size memory corruption attempt (more info ...) | attempted-user | 2016-1005 | URL | ||
| 38238 | FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (more info ...) | attempted-user | 2016-1010 | URL | ||
| 38239 | FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (more info ...) | attempted-user | 2016-1010 | URL | ||
| 38240 | FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (more info ...) | attempted-user | 2016-1010 | URL | ||
| 38241 | FILE-FLASH Adobe Flash Player rectangle width integer overflow attempt (more info ...) | attempted-user | 2016-1010 | URL | ||
| 38244 | EXPLOIT-KIT Angler exploit kit Flash exploit file download (more info ...) | trojan-activity | ||||
| 38245 | EXPLOIT-KIT Angler exploit kit Flash exploit file download (more info ...) | trojan-activity | ||||
| 38285 | EXPLOIT-KIT Angler exploit kit Flash exploit file download attempt (more info ...) | attempted-user | ||||
| 38310 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 38311 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 38334 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 38335 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 38401 | FILE-FLASH Adobe Flash Player multiple scripts display rendering use-after-free attempt (more info ...) | attempted-user | 2016-1011 | URL | ||
| 38402 | FILE-FLASH Adobe Flash Player multiple scripts display rendering use-after-free attempt (more info ...) | attempted-user | 2016-1011 | URL | ||
| 38403 | FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (more info ...) | attempted-user | 2016-1016 | URL | ||
| 38404 | FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (more info ...) | attempted-user | 2016-1016 | URL | ||
| 38405 | FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (more info ...) | attempted-user | 2016-1016 | URL | ||
| 38406 | FILE-FLASH Adobe Flash Player Transform Class Matrix AS2 use after free attempt (more info ...) | attempted-user | 2016-1016 | URL | ||
| 38407 | FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (more info ...) | attempted-user | 2016-1018 | URL | ||
| 38408 | FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (more info ...) | attempted-user | 2016-1018 | URL | ||
| 38409 | FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (more info ...) | attempted-user | 2016-1018 | URL | ||
| 38410 | FILE-FLASH Adobe Flash Player JPEG-XR decode buffer overflow attempt (more info ...) | attempted-user | 2016-1018 | URL | ||
| 38411 | FILE-FLASH Adobe Flash Player duplicateMovieClip use after free attempt (more info ...) | attempted-user | 2016-1013 | URL | ||
| 38412 | FILE-FLASH Adobe Flash Player duplicateMovieClip use after free attempt (more info ...) | attempted-user | 2016-1013 | URL | ||
| 38413 | FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (more info ...) | attempted-user | 2016-1015 | URL | ||
| 38414 | FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (more info ...) | attempted-user | 2016-1015 | URL | ||
| 38415 | FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (more info ...) | attempted-user | 2016-1015 | URL | ||
| 38416 | FILE-FLASH Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt (more info ...) | attempted-user | 2016-1015 | URL | ||
| 38417 | FILE-FLASH Adobe Flash Player ClbCatQ.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38418 | FILE-FLASH Adobe Flash Player HNetCfg.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38419 | FILE-FLASH Adobe Flash Player RASMan.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38420 | FILE-FLASH Adobe Flash Player setupapi.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38421 | FILE-FLASH Adobe Flash Player request for ClbCatQ.dll over SMB attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38422 | FILE-FLASH Adobe Flash Player request for HNetCfg.dll over SMB attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38423 | FILE-FLASH Adobe Flash Player request for RASMan.dll over SMB attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38424 | FILE-FLASH Adobe Flash Player request for setupapi.dll over SMB attempt (more info ...) | attempted-user | 2016-1014 | URL | ||
| 38425 | FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (more info ...) | attempted-user | 2016-1012 | URL | ||
| 38426 | FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (more info ...) | attempted-user | 2016-1012 | URL | ||
| 38427 | FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (more info ...) | attempted-user | 2016-1012 | URL | ||
| 38428 | FILE-FLASH Adobe Flash Player ExportAssets count memory corruption attempt (more info ...) | attempted-user | 2016-1012 | URL | ||
| 38429 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38430 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38431 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38432 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38433 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38434 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38455 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38456 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 38532 | FILE-FLASH Rig Exploit Kit exploitation attempt (more info ...) | attempted-user | ||||
| 38533 | FILE-FLASH Rig Exploit Kit exploitation attempt (more info ...) | attempted-user | ||||
| 38534 | FILE-FLASH Rig Exploit Kit exploitation attempt (more info ...) | attempted-user | ||||
| 38535 | FILE-FLASH Rig Exploit Kit exploitation attempt (more info ...) | attempted-user | ||||
| 38576 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 38577 | FILE-FLASH Adobe Flash Player dangling bytearray pointer code execution attempt (more info ...) | attempted-user | 2014-8439 | URL | ||
| 38629 | FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38630 | FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38631 | FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38632 | FILE-FLASH Angler exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38633 | FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38634 | FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38635 | FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38636 | FILE-FLASH Nuclear exploit kit Adobe Flash SWF exploit download (more info ...) | attempted-user | URL | |||
| 38730 | EXPLOIT-KIT Neutrino Exploit Kit Flash exploit download attempt (more info ...) | trojan-activity | ||||
| 38758 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 38778 | FILE-OTHER Microsoft Windows Media Center link file code execution attempt (more info ...) | attempted-user | 2016-0185 | 90023 | URL | |
| 38779 | FILE-OTHER Microsoft Windows Media Center link file code execution attempt (more info ...) | attempted-user | 2016-0185 | 90023 | URL | |
| 38792 | FILE-FLASH Adobe Flash Player ASSetNativeAccessor use after free attempt (more info ...) | attempted-user | 2016-1110 | URL | ||
| 38793 | FILE-FLASH Adobe Flash Player ASSetNativeAccessor use after free attempt (more info ...) | attempted-user | 2016-1110 | URL | ||
| 38799 | FILE-PDF Adobe Acrobat FileAttachment use-after-free attempt (more info ...) | attempted-user | 2016-1065 | URL | ||
| 38800 | FILE-PDF Adobe Acrobat FileAttachment use-after-free attempt (more info ...) | attempted-user | 2016-1065 | URL | ||
| 38818 | FILE-PDF Adobe Acrobat Reader XFA engine memory leak - possible code instrumentation detected (more info ...) | policy-violation | 2016-1092 | URL | ||
| 38819 | FILE-PDF Adobe Acrobat Reader XFA engine memory leak ASLR bypass attempt (more info ...) | policy-violation | 2016-1092 | URL | ||
| 38820 | FILE-PDF Adobe Acrobat Reader XFA engine memory leak - possible code instrumentation detected (more info ...) | policy-violation | 2016-1092 | URL | ||
| 38821 | FILE-PDF Adobe Acrobat Reader XFA engine memory leak ASLR bypass attempt (more info ...) | policy-violation | 2016-1092 | URL | ||
| 38824 | FILE-FLASH Adobe Flash Player removeMovieClip callback use after free attempt (more info ...) | attempted-user | 2016-1107 | URL | ||
| 38825 | FILE-FLASH Adobe Flash Player removeMovieClip callback use after free attempt (more info ...) | attempted-user | 2016-1107 | URL | ||
| 38826 | FILE-FLASH Adobe Flash Player removeMovieClip callback use after free attempt (more info ...) | attempted-user | 2016-1107 | URL | ||
| 38827 | FILE-FLASH Adobe Flash Player removeMovieClip callback use after free attempt (more info ...) | attempted-user | 2016-1107 | URL | ||
| 38830 | FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (more info ...) | attempted-user | 2016-1098 | URL | ||
| 38831 | FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (more info ...) | attempted-user | 2016-1098 | URL | ||
| 38832 | FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (more info ...) | attempted-user | 2016-1098 | URL | ||
| 38833 | FILE-FLASH Adobe Flash Player ContentFactory memory corruption attempt (more info ...) | attempted-user | 2016-1098 | URL | ||
| 38835 | FILE-FLASH Adobe Flash Player bitmap heap overflow attempt (more info ...) | attempted-user | 2017-3078 | URL | ||
| 38836 | FILE-FLASH Adobe Flash Player bitmap heap overflow attempt (more info ...) | attempted-user | 2017-3078 | URL | ||
| 38837 | FILE-FLASH Adobe Flash Player faulty x64 support out of bounds read attempt (more info ...) | attempted-user | 2016-1096 | URL | ||
| 38838 | FILE-FLASH Adobe Flash Player faulty x64 support out of bounds read attempt (more info ...) | attempted-user | 2016-1096 | URL | ||
| 38845 | FILE-PDF Adobe Reader out of bounds memory access violation attempt (more info ...) | attempted-user | 2016-6941 | URL | ||
| 38846 | FILE-PDF Adobe Reader out of bounds memory access violation attempt (more info ...) | attempted-user | 2016-6941 | URL | ||
| 38847 | FILE-FLASH Adobe Flash Player loadSound method use-after-free memory corruption attempt (more info ...) | attempted-user | 2016-1108 | URL | ||
| 38848 | FILE-FLASH Adobe Flash Player loadSound method use-after-free memory corruption attempt (more info ...) | attempted-user | 2016-1108 | URL | ||
| 38872 | FILE-FLASH Adobe Flash Player request for MSIMG32.dll over SMB attempt (more info ...) | attempted-user | 2016-4116 | URL | ||
| 38873 | FILE-FLASH Adobe Flash Player MSIMG32.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-4116 | URL | ||
| 38881 | FILE-FLASH Adobe Flash Player FileReference type confusion attempt (more info ...) | attempted-user | 2016-1105 | URL | ||
| 38882 | FILE-FLASH Adobe Flash Player FileReference type confusion attempt (more info ...) | attempted-user | 2016-1105 | URL | ||
| 38883 | FILE-FLASH Adobe Flash Player FileReference type confusion attempt (more info ...) | attempted-user | 2016-1105 | URL | ||
| 38884 | FILE-FLASH Adobe Flash Player FileReference type confusion attempt (more info ...) | attempted-user | 2016-1105 | URL | ||
| 38895 | FILE-PDF Adobe Reader XFA prePrint use after free attempt (more info ...) | attempted-user | 2016-1048 | URL | ||
| 38896 | FILE-PDF Adobe Reader XFA prePrint use after free attempt (more info ...) | attempted-user | 2016-1048 | URL | ||
| 38899 | FILE-PDF Adobe Reader PDF defineGetter execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1062 | URL | ||
| 38900 | FILE-PDF Adobe Reader PDF onEvent execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1060 | URL | ||
| 38901 | FILE-PDF Adobe Reader PDF setAction execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1069 | URL | ||
| 38902 | FILE-PDF Adobe Reader PDF setPageAction execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1050 | URL | ||
| 38903 | FILE-PDF Adobe Reader PDF defineGetter execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1062 | URL | ||
| 38904 | FILE-PDF Adobe Reader PDF onEvent execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1060 | URL | ||
| 38905 | FILE-PDF Adobe Reader PDF setAction execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1069 | URL | ||
| 38906 | FILE-PDF Adobe Reader PDF setPageAction execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1050 | URL | ||
| 38907 | FILE-PDF Adobe Reader PDF execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1047 | URL | ||
| 38908 | FILE-PDF Adobe Reader PDF execMenuItem use after free attempt (more info ...) | attempted-user | 2016-1047 | URL | ||
| 38931 | FILE-PDF Adobe Reader submitForm read out of bounds attempt (more info ...) | attempted-user | 2016-1064 | URL | ||
| 38932 | FILE-PDF Adobe Reader submitForm read out of bounds attempt (more info ...) | attempted-user | 2016-1064 | URL | ||
| 38954 | FILE-OTHER Adobe Acrobat DC invalid TIFF tagtype out of bounds read attempt (more info ...) | attempted-user | 2016-1080 | URL | ||
| 38955 | FILE-OTHER Adobe Acrobat DC invalid TIFF tagtype out of bounds read attempt (more info ...) | attempted-user | 2016-1080 | URL | ||
| 38956 | FILE-OTHER Adobe Acrobat DC invalid TIFF tagtype out of bounds read attempt (more info ...) | attempted-user | 2016-1080 | URL | ||
| 38957 | FILE-OTHER Adobe Acrobat DC invalid TIFF tagtype out of bounds read attempt (more info ...) | attempted-user | 2016-1080 | URL | ||
| 38959 | FILE-PDF Adobe Reader malformed Universal 3D stream memory corruption attempt (more info ...) | attempted-user | 2016-1037 | URL | ||
| 38960 | FILE-PDF Adobe Reader malformed Universal 3D stream memory corruption attempt (more info ...) | attempted-user | 2016-1037 | URL | ||
| 38966 | FILE-PDF Adobe Reader malformed JPEG2000 image invalid NumberComponents out of bounds read attempt (more info ...) | attempted-user | 2016-1078 | URL | ||
| 38967 | FILE-PDF Adobe Reader malformed JPEG2000 image invalid NumberComponents out of bounds read attempt (more info ...) | attempted-user | 2016-1078 | URL | ||
| 38971 | FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (more info ...) | attempted-user | 2016-1100 | URL | ||
| 38972 | FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (more info ...) | attempted-user | 2016-1100 | URL | ||
| 38973 | FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (more info ...) | attempted-user | 2016-1100 | URL | ||
| 38974 | FILE-FLASH Adobe Flash Player OpportunityGenerator.update memory corruption attempt (more info ...) | attempted-user | 2016-1100 | URL | ||
| 38975 | FILE-PDF Adobe Reader clearGlobalSecurityStore information leak attempt (more info ...) | attempted-recon | 2016-1086 | URL | ||
| 38976 | FILE-PDF Adobe Reader clearGlobalSecurityStore information leak attempt (more info ...) | attempted-recon | 2016-1086 | URL | ||
| 38977 | FILE-PDF Adobe Acrobat memory corruption vulnerability attempt (more info ...) | attempted-user | 2016-1081 | URL | ||
| 38978 | FILE-PDF Adobe Acrobat memory corruption vulnerability attempt (more info ...) | attempted-user | 2016-1081 | URL | ||
| 38980 | FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (more info ...) | attempted-user | 2016-1094 | URL | ||
| 38981 | FILE-PDF Adobe Acrobat Reader malformed FlateDecode stream use after free attempt (more info ...) | attempted-user | 2016-1094 | URL | ||
| 38982 | FILE-FLASH Adobe Flash Player corrupt PNG image load out of bounds memory access attempt (more info ...) | attempted-user | 2016-1104 | URL | ||
| 38983 | FILE-FLASH Adobe Flash Player corrupt PNG image load out of bounds memory access attempt (more info ...) | attempted-user | 2016-1104 | URL | ||
| 38996 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-user | 2016-4108 | URL | ||
| 38997 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-user | 2016-4108 | URL | ||
| 38998 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-user | 2016-4108 | URL | ||
| 38999 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-user | 2016-4108 | URL | ||
| 39007 | FILE-PDF Adobe Reader XFA form use-after-free attempt (more info ...) | attempted-user | 2016-1046 | URL | ||
| 39008 | FILE-PDF Adobe Reader XFA form use-after-free attempt (more info ...) | attempted-user | 2016-1046 | URL | ||
| 39009 | FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (more info ...) | attempted-user | 2016-1099 | URL | ||
| 39010 | FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (more info ...) | attempted-user | 2016-1099 | URL | ||
| 39011 | FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (more info ...) | attempted-user | 2016-1099 | URL | ||
| 39012 | FILE-FLASH Adobe Flash Player setMetadata memory corruption attempt (more info ...) | attempted-user | 2016-1099 | URL | ||
| 39013 | FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (more info ...) | attempted-user | 2016-1077 | URL | ||
| 39014 | FILE-PDF Adobe Reader CTJPEGDecoderReadNextTile out of bounds read attempt (more info ...) | attempted-user | 2016-1077 | URL | ||
| 39015 | FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (more info ...) | attempted-user | 2016-1066 | URL | ||
| 39016 | FILE-PDF Adobe Reader AcroForm dictionary object use after free attempt (more info ...) | attempted-user | 2016-1066 | URL | ||
| 39017 | FILE-PDF Adobe Reader XFA FormInstanceManager use after free attempt (more info ...) | attempted-user | 2016-1045 | URL | ||
| 39018 | FILE-PDF Adobe Reader XFA FormInstanceManager use after free attempt (more info ...) | attempted-user | 2016-1045 | URL | ||
| 39019 | FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (more info ...) | attempted-user | 2016-1097 | URL | ||
| 39020 | FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (more info ...) | attempted-user | 2016-1097 | URL | ||
| 39021 | FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (more info ...) | attempted-user | 2016-1097 | URL | ||
| 39022 | FILE-FLASH Adobe Flash Player PSDK use-after-free attempt (more info ...) | attempted-user | 2016-1097 | URL | ||
| 39023 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2016-1109 | URL | ||
| 39024 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2016-1109 | URL | ||
| 39025 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2016-1109 | URL | ||
| 39026 | FILE-FLASH Adobe Flash Player selection.setFocus use after free attempt (more info ...) | attempted-user | 2016-1109 | URL | ||
| 39028 | FILE-PDF Adobe Reader JPEG 2000 memory corruption attempt (more info ...) | attempted-user | 2016-1095 | URL | ||
| 39029 | FILE-PDF Adobe Reader JPEG 2000 memory corruption attempt (more info ...) | attempted-user | 2016-1095 | URL | ||
| 39030 | FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (more info ...) | attempted-user | 2016-1106 | URL | ||
| 39031 | FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (more info ...) | attempted-user | 2016-1106 | URL | ||
| 39032 | FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (more info ...) | attempted-user | 2016-1106 | URL | ||
| 39033 | FILE-FLASH Adobe Flash Player ASSetNative use-after-free attempt (more info ...) | attempted-user | 2016-1106 | URL | ||
| 39061 | FILE-PDF Adobe Reader XFA API preOpen use after free attempt (more info ...) | attempted-user | 2016-1049 | URL | ||
| 39062 | FILE-PDF Adobe Reader XFA API preOpen use after free attempt (more info ...) | attempted-user | 2016-1049 | URL | ||
| 39076 | FILE-PDF Adobe Reader XFA API preOpen use after free attempt (more info ...) | attempted-user | 2016-1049 | URL | ||
| 39077 | FILE-PDF Adobe Reader XFA API preOpen use after free attempt (more info ...) | attempted-user | 2016-1049 | URL | ||
| 39098 | FILE-PDF Adobe Reader double memory free call remote code execution attempt (more info ...) | attempted-user | 2016-1111 | URL | ||
| 39099 | FILE-PDF Adobe Reader double memory free call remote code execution attempt (more info ...) | attempted-user | 2016-1111 | URL | ||
| 39101 | FILE-PDF Adobe Reader Universal 3D engine out of bounds memory access violation attempt (more info ...) | attempted-user | 2016-1071 | URL | ||
| 39102 | FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (more info ...) | attempted-user | 2016-1088 | URL | ||
| 39103 | FILE-PDF Adobe Reader PDF embedded JPEG memory corruption attempt (more info ...) | attempted-user | 2016-1088 | URL | ||
| 39104 | FILE-PDF Adobe Reader Universal 3D engine out of bounds memory access violation attempt (more info ...) | attempted-user | 2016-1074 | URL | ||
| 39105 | FILE-PDF Adobe Reader Universal 3D engine out of bounds memory access violation attempt (more info ...) | attempted-user | 2016-1074 | URL | ||
| 39112 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39113 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39114 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39115 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39131 | FILE-PDF Adobe Acrobat Reader Acroform engine memory corruption attempt (more info ...) | attempted-user | 2016-1093 | URL | ||
| 39132 | FILE-PDF Adobe Acrobat Reader Acroform engine memory corruption attempt (more info ...) | attempted-user | 2016-1093 | URL | ||
| 39136 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39137 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39138 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39139 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39140 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39141 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39142 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39143 | FILE-IMAGE Adobe Pro DC Exif ModifyDate metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39144 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39145 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39146 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39147 | FILE-IMAGE Adobe Pro DC Exif Software metadata memory corruption attempt (more info ...) | attempted-user | 2016-1076 | URL | ||
| 39153 | FILE-PDF Adobe Acrobat Reader XObject image object use after free attempt (more info ...) | attempted-user | 2016-1075 | URL | ||
| 39154 | FILE-PDF Adobe Acrobat Reader XObject image object use after free attempt (more info ...) | attempted-user | 2016-1075 | URL | ||
| 39269 | FILE-FLASH Adobe Flash TextFormat.setTabStops use-after-free attempt (more info ...) | attempted-user | 2016-4142 | URL | ||
| 39270 | FILE-FLASH Adobe Flash TextFormat.setTabStops use-after-free attempt (more info ...) | attempted-user | 2016-4142 | URL | ||
| 39271 | FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (more info ...) | attempted-user | 2016-4150 | URL | ||
| 39272 | FILE-FLASH Adobe Flash Player ShimContentFactory uninitialized pointer use attempt (more info ...) | attempted-user | 2016-4150 | URL | ||
| 39273 | FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (more info ...) | attempted-user | 2017-2927 | URL | ||
| 39274 | FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (more info ...) | attempted-user | 2017-2927 | URL | ||
| 39275 | FILE-FLASH Adobe Flash Player loadSound use after free attempt (more info ...) | attempted-user | 2016-4143 | URL | ||
| 39276 | FILE-FLASH Adobe Flash Player loadSound use after free attempt (more info ...) | attempted-user | 2016-4143 | URL | ||
| 39277 | FILE-OTHER Adobe Flash Player malformed JPEG XR heap overflow attempt (more info ...) | attempted-user | 2016-4136 | URL | ||
| 39278 | FILE-OTHER Adobe Flash Player malformed JPEG XR heap overflow attempt (more info ...) | attempted-user | 2016-4136 | URL | ||
| 39279 | FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (more info ...) | attempted-user | 2016-4149 | URL | ||
| 39280 | FILE-FLASH Adobe Primetime SDK object type confusion overflow attempt (more info ...) | attempted-user | 2016-4149 | URL | ||
| 39281 | FILE-FLASH Adobe Flash Player malformed JPEG-XR out of bounds memory access attempt (more info ...) | attempted-user | 2016-4141 | URL | ||
| 39282 | FILE-FLASH Adobe Flash Player malformed JPEG-XR out of bounds memory access attempt (more info ...) | attempted-user | 2016-4141 | URL | ||
| 39283 | FILE-FLASH Adobe Flash Player loadSound use after free attempt (more info ...) | attempted-user | 2016-4147 | URL | ||
| 39284 | FILE-FLASH Adobe Flash Player loadSound use after free attempt (more info ...) | attempted-user | 2016-4147 | URL | ||
| 39285 | FILE-FLASH Adobe Flash Player loadSound use after free attempt (more info ...) | attempted-user | 2016-4147 | URL | ||
| 39286 | FILE-FLASH Adobe Flash Player loadSound use after free attempt (more info ...) | attempted-user | 2016-4147 | URL | ||
| 39287 | FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4155 | URL | ||
| 39288 | FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4155 | URL | ||
| 39289 | FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4156 | URL | ||
| 39290 | FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4156 | URL | ||
| 39291 | FILE-FLASH Adobe Flash Player NetConnection object type confusion overflow attempt (more info ...) | attempted-user | 2016-4144 | URL | ||
| 39292 | FILE-FLASH Adobe Flash Player NetConnection object type confusion overflow attempt (more info ...) | attempted-user | 2016-4144 | URL | ||
| 39293 | FILE-FLASH Adobe Flash Player apphelp.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-4140 | URL | ||
| 39294 | FILE-FLASH Adobe Flash Player dbghelp.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-4140 | URL | ||
| 39295 | FILE-FLASH Adobe Flash Player request for apphelp.dll over SMB attempt (more info ...) | attempted-user | 2016-4140 | URL | ||
| 39296 | FILE-FLASH Adobe Flash Player request for dbghelp.dll over SMB attempt (more info ...) | attempted-user | 2016-4140 | URL | ||
| 39297 | FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (more info ...) | attempted-user | 2016-4151 | URL | ||
| 39298 | FILE-FLASH Adobe Flash player retrieveResolvers memory corruption attempt (more info ...) | attempted-user | 2016-4151 | URL | ||
| 39299 | FILE-FLASH Adobe Flash Player malformed regular expression use after free attempt (more info ...) | attempted-user | 2016-4121 | URL | ||
| 39300 | FILE-FLASH Adobe Flash Player malformed regular expression use after free attempt (more info ...) | attempted-user | 2016-4121 | URL | ||
| 39301 | FILE-FLASH Adobe Flash Player ExecPolicy invalid string table lookup attempt (more info ...) | attempted-user | 2016-4171 | URL | ||
| 39302 | FILE-FLASH Adobe Flash Player ExecPolicy invalid string table lookup attempt (more info ...) | attempted-user | 2016-4171 | URL | ||
| 39304 | FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4154 | URL | ||
| 39305 | FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4154 | URL | ||
| 39306 | FILE-FLASH Adobe Flash Player sound object use-after-free attempt (more info ...) | attempted-user | 2016-4148 | URL | ||
| 39307 | FILE-FLASH Adobe Flash Player sound object use-after-free attempt (more info ...) | attempted-user | 2016-4148 | URL | ||
| 39308 | FILE-FLASH Adobe Flash Player malformed ATF file length load buffer overflow attempt (more info ...) | attempted-user | 2017-2933 | URL | ||
| 39309 | FILE-FLASH Adobe Flash Player malformed ATF file length load buffer overflow attempt (more info ...) | attempted-user | 2017-2933 | URL | ||
| 39310 | FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (more info ...) | attempted-user | 2016-4139 | URL | ||
| 39311 | FILE-FLASH Adobe Flash Player same origin policy security bypass attempt (more info ...) | attempted-user | 2016-4139 | URL | ||
| 39312 | FILE-FLASH Adobe Flash Player malformed Adobe Texture Format image load memory corruption attempt (more info ...) | attempted-user | 2016-4137 | URL | ||
| 39313 | FILE-FLASH Adobe Flash Player malformed Adobe Texture Format image load memory corruption attempt (more info ...) | attempted-user | 2016-4137 | URL | ||
| 39314 | FILE-FLASH Adobe Flash Player RegExp numbered backreference out of bounds read attempt (more info ...) | attempted-user | 2016-4133 | URL | ||
| 39315 | FILE-FLASH Adobe Flash Player RegExp numbered backreference out of bounds read attempt (more info ...) | attempted-user | 2016-4133 | URL | ||
| 39317 | FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (more info ...) | attempted-user | 2016-4146 | URL | ||
| 39318 | FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (more info ...) | attempted-user | 2016-4153 | URL | ||
| 39319 | FILE-FLASH Adobe Flash Player ShimOpportunityGenerator out of bounds memory access attempt (more info ...) | attempted-user | 2016-4153 | URL | ||
| 39438 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 39439 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 39440 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 39441 | FILE-FLASH Adobe Flash Player integer overflow attempt (more info ...) | attempted-user | 2015-3087 | URL | ||
| 39454 | FILE-PDF Adobe Acrobat Reader U3D e3_bone object out of bounds memory access attempt (more info ...) | attempted-user | 2016-1116 | URL | ||
| 39455 | FILE-PDF Adobe Acrobat Reader U3D e3_bone object out of bounds memory access attempt (more info ...) | attempted-user | 2016-1116 | URL | ||
| 39457 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 39458 | FILE-FLASH Adobe Flash Player integer underflow attempt (more info ...) | attempted-user | 2014-0497 | |||
| 39532 | FILE-PDF Adobe Acrobat Reader XSL multi-dimensional array memory corruption attempt (more info ...) | attempted-user | 2016-4202 | URL | ||
| 39533 | FILE-PDF Adobe Acrobat Reader XSL multi-dimensional array memory corruption attempt (more info ...) | attempted-user | 2016-4202 | URL | ||
| 39534 | FILE-PDF Adobe Acrobat Reader embedded TTF name record out of bounds read attempt (more info ...) | attempted-user | 2016-4203 | URL | ||
| 39535 | FILE-PDF Adobe Acrobat Reader embedded TTF name record out of bounds read attempt (more info ...) | attempted-user | 2016-4203 | URL | ||
| 39536 | FILE-PDF Adobe Acrobat Reader JPEG handling memory corruption attempt (more info ...) | attempted-user | 2016-4252 | URL | ||
| 39537 | FILE-PDF Adobe Acrobat Reader JPEG handling memory corruption attempt (more info ...) | attempted-user | 2016-4252 | URL | ||
| 39538 | FILE-FLASH Adobe Flash Player malformed tag out of bounds read attempt (more info ...) | attempted-user | 2016-4176 | URL | ||
| 39539 | FILE-FLASH Adobe Flash Player malformed tag out of bounds read attempt (more info ...) | attempted-user | 2016-4176 | URL | ||
| 39540 | FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (more info ...) | attempted-user | 2016-4178 | URL | ||
| 39541 | FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (more info ...) | attempted-user | 2016-4178 | URL | ||
| 39542 | FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (more info ...) | attempted-user | 2016-4178 | URL | ||
| 39543 | FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (more info ...) | attempted-user | 2016-4178 | URL | ||
| 39544 | FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (more info ...) | attempted-user | 2016-4178 | URL | ||
| 39545 | FILE-FLASH Adobe Flash Player local-with-filesystem security bypass attempt (more info ...) | attempted-user | 2016-4178 | URL | ||
| 39546 | FILE-PDF Adobe Reader embedded TTF heap overflow attempt (more info ...) | attempted-user | 2016-4204 | URL | ||
| 39547 | FILE-PDF Adobe Reader embedded TTF heap overflow attempt (more info ...) | attempted-user | 2016-4204 | URL | ||
| 39548 | FILE-FLASH Adobe Flash Player AdTimelineItem object memory corruption attempt (more info ...) | attempted-user | 2016-4223 | URL | ||
| 39549 | FILE-FLASH Adobe Flash Player AdTimelineItem object memory corruption attempt (more info ...) | attempted-user | 2016-4223 | URL | ||
| 39550 | FILE-FLASH Adobe Flash Player MovieClip method loop use-after-free attempt (more info ...) | attempted-user | 2016-4231 | URL | ||
| 39551 | FILE-FLASH Adobe Flash Player MovieClip method loop use-after-free attempt (more info ...) | attempted-user | 2016-4231 | URL | ||
| 39552 | FILE-FLASH Adobe Flash Player ByteArray type confusion memory corruption attempt (more info ...) | attempted-user | 2016-4249 | URL | ||
| 39553 | FILE-FLASH Adobe Flash Player ByteArray type confusion memory corruption attempt (more info ...) | attempted-user | 2016-4249 | URL | ||
| 39554 | FILE-FLASH Adobe Flash Player AdBreakPlacement object memory corruption attempt (more info ...) | attempted-user | 2016-4225 | URL | ||
| 39555 | FILE-FLASH Adobe Flash Player AdBreakPlacement object memory corruption attempt (more info ...) | attempted-user | 2016-4225 | URL | ||
| 39557 | FILE-PDF Adobe Acrobat Reader PostScript font parsing memory corruption attempt (more info ...) | attempted-user | 2016-4251 | URL | ||
| 39558 | FILE-FLASH Adobe Flash Player Stage align use aftre free attempt (more info ...) | attempted-user | 2016-4226 | URL | ||
| 39559 | FILE-FLASH Adobe Flash Player Stage align use aftre free attempt (more info ...) | attempted-user | 2016-4226 | URL | ||
| 39560 | FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (more info ...) | denial-of-service | 2015-0310 | URL | ||
| 39561 | FILE-FLASH Adobe Flash Player AS3 regex sign-extension denial of service attempt (more info ...) | denial-of-service | 2015-0310 | URL | ||
| 39563 | FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (more info ...) | attempted-user | 2016-4188 | URL | ||
| 39564 | FILE-FLASH Adobe Flash Player TimedEvent memory corruption attempt (more info ...) | attempted-user | 2016-4188 | URL | ||
| 39565 | FILE-FLASH Adobe Flash Player malformed tag parsing memory corruption attempt (more info ...) | attempted-user | 2016-4177 | URL | ||
| 39566 | FILE-FLASH Adobe Flash Player malformed tag parsing memory corruption attempt (more info ...) | attempted-user | 2016-4177 | URL | ||
| 39567 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray exception null pointer access attempt (more info ...) | attempted-user | 2016-0984 | URL | ||
| 39568 | FILE-FLASH Adobe Flash Player loadPCMFromByteArray exception null pointer access attempt (more info ...) | attempted-user | 2016-0984 | URL | ||
| 39569 | FILE-PDF Adobe Acrobat Reader JPEG parsing out of bounds read attempt (more info ...) | attempted-user | 2016-4192 | URL | ||
| 39570 | FILE-PDF Adobe Acrobat Reader JPEG parsing out of bounds read attempt (more info ...) | attempted-user | 2016-4192 | URL | ||
| 39571 | FILE-FLASH Adobe Flash Player Transform object use after free attempt (more info ...) | attempted-user | 2016-4173 | URL | ||
| 39572 | FILE-FLASH Adobe Flash Player Transform object use after free attempt (more info ...) | attempted-user | 2016-4173 | URL | ||
| 39591 | FILE-FLASH Adobe Flash Player malformed TagTypeAndLength field attempt (more info ...) | attempted-user | 2016-4175 | URL | ||
| 39592 | FILE-FLASH Adobe Flash Player malformed TagTypeAndLength field attempt (more info ...) | attempted-user | 2016-4175 | URL | ||
| 39643 | FILE-PDF Adobe Reader malformed CID identity-H font file out of bounds read attempt (more info ...) | attempted-user | 2016-4206 | URL | ||
| 39644 | FILE-PDF Adobe Reader malformed CID identity-H font file out of bounds read attempt (more info ...) | attempted-user | 2016-4206 | URL | ||
| 39651 | FILE-FLASH Adobe Flash Player swapDepths use after free attempt (more info ...) | attempted-user | 2016-0999 | URL | ||
| 39652 | FILE-FLASH Adobe Flash Player swapDepths use after free attempt (more info ...) | attempted-user | 2016-0999 | URL | ||
| 39656 | FILE-FLASH Adobe Flash Player JPEG handling memory corruption attempt (more info ...) | attempted-user | 2016-4229 | URL | ||
| 39657 | FILE-FLASH Adobe Flash Player JPEG handling memory corruption attempt (more info ...) | attempted-user | 2016-4229 | URL | ||
| 39658 | FILE-FLASH Adobe Flash Player Transform getter use after free attempt (more info ...) | attempted-user | 2016-4230 | URL | ||
| 39659 | FILE-FLASH Adobe Flash Player Transform getter use after free attempt (more info ...) | attempted-user | 2016-4230 | URL | ||
| 39687 | FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (more info ...) | attempted-user | 2016-4205 | URL | ||
| 39688 | FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (more info ...) | attempted-user | 2016-4205 | URL | ||
| 39689 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39690 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39691 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39692 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39693 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39694 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39695 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39696 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39697 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39698 | FILE-FLASH Adobe Flash Player ABRControlParameters access memory corruption attempt (more info ...) | attempted-user | 2016-4185 | URL | ||
| 39699 | FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (more info ...) | attempted-user | 2016-4201 | URL | ||
| 39700 | FILE-PDF Adobe Acrobat Reader malformed embeded TTF file memory corruption attempt (more info ...) | attempted-user | 2016-4201 | URL | ||
| 39701 | FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (more info ...) | attempted-user | 2016-4182 | URL | ||
| 39702 | FILE-FLASH Adobe Flash Player MediaPlayerItemLoader out of bounds memory access attempt (more info ...) | attempted-user | 2016-4182 | URL | ||
| 39703 | FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (more info ...) | attempted-user | 2016-4227 | URL | ||
| 39704 | FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (more info ...) | attempted-user | 2016-4227 | URL | ||
| 39711 | FILE-FLASH Adobe Flash Player PrintJobOptions use-after-free attempt (more info ...) | attempted-user | 2016-4222 | URL | ||
| 39712 | FILE-FLASH Adobe Flash Player PrintJobOptions use-after-free attempt (more info ...) | attempted-user | 2016-4222 | URL | ||
| 39727 | FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (more info ...) | attempted-user | 2016-4228 | URL | ||
| 39728 | FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (more info ...) | attempted-user | 2016-4228 | URL | ||
| 39731 | FILE-PDF Adobe Reader malformed CID identity-H font file out of bounds read attempt (more info ...) | attempted-user | 2016-4206 | URL | ||
| 39732 | FILE-PDF Adobe Reader malformed CID identity-H font file out of bounds read attempt (more info ...) | attempted-user | 2016-4206 | URL | ||
| 39752 | FILE-PDF Adobe Reader malformed ICC profile memory corruption attempt (more info ...) | attempted-user | 2016-4191 | URL | ||
| 39753 | FILE-PDF Adobe Reader malformed ICC profile memory corruption attempt (more info ...) | attempted-user | 2016-4191 | URL | ||
| 39788 | FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (more info ...) | attempted-user | 2015-7652 | URL | ||
| 39789 | FILE-FLASH Adobe Flash Player AS2 TextField gridFitType use after free attempt (more info ...) | attempted-user | 2015-7652 | URL | ||
| 39798 | FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (more info ...) | attempted-user | 2014-9158 | URL | ||
| 39799 | FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (more info ...) | attempted-user | 2014-9158 | URL | ||
| 39802 | EXPLOIT-KIT Neutrino Exploit Kit Flash exploit download attempt (more info ...) | trojan-activity | ||||
| 39864 | FILE-PDF Adobe Reader CoolType engine FlateDecode use-after-free attempt (more info ...) | attempted-user | 2016-4255 | URL | ||
| 39865 | FILE-PDF Adobe Reader CoolType engine FlateDecode use-after-free attempt (more info ...) | attempted-user | 2016-4255 | URL | ||
| 39889 | FILE-PDF Adobe Acrobat invalid embedded font memory corruption attempt (more info ...) | attempted-recon | 2016-4208 | URL | ||
| 39890 | FILE-PDF Adobe Acrobat invalid embedded font memory corruption attempt (more info ...) | attempted-user | 2016-4208 | URL | ||
| 39922 | FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (more info ...) | attempted-user | 2014-9158 | URL | ||
| 39923 | FILE-PDF Adobe Acrobat Reader raster image memory corruption attempt (more info ...) | attempted-user | 2014-9158 | URL | ||
| 39954 | FILE-FLASH Adobe Flash Player attachMovie use after free attempt (more info ...) | attempted-admin | 2015-5551 | URL | ||
| 39955 | FILE-FLASH Adobe Flash Player attachMovie use after free attempt (more info ...) | attempted-admin | 2015-5551 | URL | ||
| 39956 | FILE-FLASH Adobe Flash Player FileReference type confusion attempt (more info ...) | attempted-user | 2016-1105 | URL | ||
| 39957 | FILE-FLASH Adobe Flash Player FileReference type confusion attempt (more info ...) | attempted-user | 2016-1105 | URL | ||
| 40009 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 40010 | FILE-FLASH Adobe Flash Player atomicCompareAndSwapLength integer overflow attempt (more info ...) | attempted-user | 2014-0569 | URL | ||
| 40151 | FILE-FLASH Adobe Flash Player DRMManager memory corruption attempt (more info ...) | attempted-admin | 2016-4285 | URL | ||
| 40153 | FILE-FLASH Adobe Flash Player malformed VideoFrame memory corruption attempt (more info ...) | attempted-user | 2016-4274 | URL | ||
| 40154 | FILE-FLASH Adobe Flash Player malformed VideoFrame memory corruption attempt (more info ...) | attempted-user | 2016-4274 | URL | ||
| 40155 | FILE-FLASH Adobe Flash AVC Decoder Memory Corruption attempt (more info ...) | attempted-user | 2016-4275 | URL | ||
| 40156 | FILE-FLASH Adobe Flash AVC Decoder Memory Corruption attempt (more info ...) | attempted-user | 2016-4275 | URL | ||
| 40157 | FILE-FLASH Adobe Flash Player malformed placeObject2 memory corruption attempt (more info ...) | attempted-user | 2016-4276 | URL | ||
| 40158 | FILE-FLASH Adobe Flash Player malformed placeObject2 memory corruption attempt (more info ...) | attempted-user | 2016-4276 | URL | ||
| 40159 | FILE-FLASH Adobe Flash Player NetStream type confusion attempt (more info ...) | attempted-user | 2016-4280 | URL | ||
| 40160 | FILE-FLASH Adobe Flash Player NetStream type confusion attempt (more info ...) | attempted-user | 2016-4280 | URL | ||
| 40166 | FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4283 | URL | ||
| 40167 | FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2016-4283 | URL | ||
| 40168 | FILE-FLASH Adobe Flash Player DisplacementMapFilter use-after-free attempt (more info ...) | attempted-user | 2016-4272 | URL | ||
| 40169 | FILE-FLASH Adobe Flash Player DisplacementMapFilter use-after-free attempt (more info ...) | attempted-user | 2016-4272 | URL | ||
| 40176 | FILE-FLASH Adobe Flash ContextMenu Clone memory corruption vulnerability attempt (more info ...) | attempted-user | 2016-4284 | URL | ||
| 40177 | FILE-FLASH Adobe Flash ContextMenu Clone memory corruption vulnerability attempt (more info ...) | attempted-user | 2016-4284 | URL | ||
| 40178 | FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (more info ...) | attempted-user | 2016-4271 | URL | ||
| 40179 | FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (more info ...) | attempted-user | 2016-4271 | URL | ||
| 40180 | FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (more info ...) | attempted-user | 2016-4271 | URL | ||
| 40181 | FILE-FLASH Adobe Flash Player local-with-filesystem sandbox escape attempt (more info ...) | attempted-user | 2016-4271 | URL | ||
| 40218 | FILE-FLASH Adobe Flash Player AS2 custom getter addProperty use after free attempt (more info ...) | attempted-user | 2016-4232 | URL | ||
| 40219 | FILE-FLASH Adobe Flash Player AS2 custom getter addProperty use after free attempt (more info ...) | attempted-user | 2016-4232 | URL | ||
| 40236 | FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (more info ...) | attempted-user | 2016-4207 | URL | ||
| 40237 | FILE-PDF Adobe Reader embedded font out of bounds memory access attempt (more info ...) | attempted-user | 2016-4207 | URL | ||
| 40323 | SERVER-OTHER Adobe ColdFusion RDS admin bypass attempt (more info ...) | attempted-admin | 2013-0632 | 57330 | URL | |
| 40431 | FILE-PDF Adobe Acrobat Reader XFA app.setTimeOut memory corruption attempt (more info ...) | attempted-admin | 2017-2961 | 57931 | URL | |
| 40435 | FILE-FLASH Adobe Flash Player malformed ActionConstantPool memory corruption attempt (more info ...) | attempted-user | 2016-4273 | URL | ||
| 40436 | FILE-PDF Adobe Acrobat Reader XSLT substring memory corruption attempt (more info ...) | attempted-user | 2016-6978 | URL | ||
| 40437 | FILE-PDF Adobe Acrobat Reader XSLT substring memory corruption attempt (more info ...) | attempted-user | 2016-6978 | URL | ||
| 40438 | FILE-FLASH Adobe Standalone Flash Player AS3 NetStream object use after free attempt (more info ...) | attempted-user | 2016-6981 | |||
| 40439 | FILE-FLASH Adobe Standalone Flash Player AS3 NetStream object use after free attempt (more info ...) | attempted-user | 2016-6981 | |||
| 40440 | FILE-PDF Adobe Reader TrueType font file numberofmetrics out of bounds read attempt (more info ...) | attempted-user | 2016-6954 | URL | ||
| 40441 | FILE-PDF Adobe Reader TrueType font file numberofmetrics out of bounds read attempt (more info ...) | attempted-user | 2016-6954 | URL | ||
| 40442 | FILE-FLASH Adobe Flash Player FrameLabel memory corruption attempt (more info ...) | attempted-user | 2016-6986 | URL | ||
| 40443 | FILE-FLASH Adobe Flash Player FrameLabel memory corruption attempt (more info ...) | attempted-user | 2016-6986 | URL | ||
| 40452 | FILE-FLASH Adobe Standalone Flash Player AS3 Primetime timeline ShimContentResolver out of bounds read attempt (more info ...) | attempted-user | 2016-6983 | |||
| 40453 | FILE-FLASH Adobe Standalone Flash Player AS3 Primetime timeline ShimContentResolver out of bounds read attempt (more info ...) | attempted-user | 2016-6983 | |||
| 40455 | FILE-PDF Adobe Acrobat Reader JPEG engine spurious object reference use after free attempt (more info ...) | attempted-user | 2016-1089 | URL | ||
| 40456 | FILE-PDF Adobe Acrobat Reader JPEG engine spurious object reference use after free attempt (more info ...) | attempted-user | 2016-1089 | URL | ||
| 40495 | FILE-FLASH Adobe Standalone Flash Player PSDK FlashRuntime mediaplayer pause attempt (more info ...) | attempted-user | 2016-6982 | URL | ||
| 40496 | FILE-FLASH Adobe Standalone Flash Player PSDK FlashRuntime mediaplayer pause attempt (more info ...) | attempted-user | 2016-6982 | URL | ||
| 40502 | FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (more info ...) | attempted-user | 2016-6984 | URL | ||
| 40503 | FILE-FLASH Adobe Flash Player QOSProvider use-after-free attempt (more info ...) | attempted-user | 2016-6984 | URL | ||
| 40505 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6961 | URL | ||
| 40506 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6961 | URL | ||
| 40507 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6962 | URL | ||
| 40508 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6962 | URL | ||
| 40509 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6963 | URL | ||
| 40510 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6963 | URL | ||
| 40511 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6964 | URL | ||
| 40512 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6964 | URL | ||
| 40513 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6965 | URL | ||
| 40514 | FILE-PDF Adobe Reader XSLT Transform use after free attempt (more info ...) | attempted-user | 2016-6965 | URL | ||
| 40515 | FILE-PDF Adobe Acrobat Reader malformed unicode font name code execution attempt (more info ...) | attempted-user | 2016-6956 | URL | ||
| 40516 | FILE-PDF Adobe Acrobat Reader malformed unicode font name code execution attempt (more info ...) | attempted-user | 2016-6956 | URL | ||
| 40544 | FILE-FLASH Adobe Standalone Flash Player IExternalizable deserialization use after free attempt (more info ...) | attempted-user | 2016-7855 | URL | ||
| 40545 | FILE-FLASH Adobe Standalone Flash Player IExternalizable deserialization use after free attempt (more info ...) | attempted-user | 2016-7855 | URL | ||
| 40557 | FILE-PDF Adobe Acrobat Reader malformed object stream memory corruption attempt (more info ...) | attempted-user | 2016-6948 | URL | ||
| 40558 | FILE-PDF Adobe Acrobat Reader malformed object stream memory corruption attempt (more info ...) | attempted-user | 2016-6948 | URL | ||
| 40569 | FILE-PDF Adobe Acrobat Reader XFA relayoutPageArea memory corruption attempt (more info ...) | attempted-user | 2016-6952 | URL | ||
| 40570 | FILE-PDF Adobe Acrobat Reader XFA relayoutPageArea memory corruption attempt (more info ...) | attempted-user | 2016-6952 | URL | ||
| 40571 | FILE-PDF Adobe Reader corrupt bookmark use after free attempt (more info ...) | attempted-user | 2016-1091 | URL | ||
| 40572 | FILE-PDF Adobe Reader corrupt bookmark use after free attempt (more info ...) | attempted-user | 2016-1091 | URL | ||
| 40573 | FILE-PDF Adobe Acrobat Reader XFA resolveNode memory corruption attempt (more info ...) | attempted-user | 2017-2967 | URL | ||
| 40574 | FILE-PDF Adobe Acrobat Reader XFA resolveNode memory corruption attempt (more info ...) | attempted-user | 2017-2967 | URL | ||
| 40581 | FILE-FLASH Adobe Flash Player sentEvent use after free attempt (more info ...) | attempted-user | 2016-6987 | URL | ||
| 40582 | FILE-FLASH Adobe Flash Player sentEvent use after free attempt (more info ...) | attempted-user | 2016-6987 | URL | ||
| 40583 | FILE-FLASH Adobe Flash Player event handler out of bounds memory access attempt (more info ...) | attempted-user | 2016-6985 | URL | ||
| 40584 | FILE-FLASH Adobe Flash Player event handler out of bounds memory access attempt (more info ...) | attempted-user | 2016-6985 | URL | ||
| 40585 | FILE-PDF Adobe Acrobat Reader SaveAs use-after-free attempt (more info ...) | attempted-user | 2016-6945 | URL | ||
| 40586 | FILE-PDF Adobe Acrobat Reader SaveAs use-after-free attempt (more info ...) | attempted-user | 2016-6945 | URL | ||
| 40587 | FILE-PDF Adobe Reader XLST parsing engine use after free attempt (more info ...) | attempted-user | 2016-6979 | URL | ||
| 40588 | FILE-PDF Adobe Reader XLST parsing engine use after free attempt (more info ...) | attempted-user | 2016-6979 | URL | ||
| 40618 | FILE-PDF Adobe Reader XML Metadata memory corruption attempt (more info ...) | attempted-user | 2016-6943 | URL | ||
| 40619 | FILE-PDF Adobe Reader XML Metadata memory corruption attempt (more info ...) | attempted-user | 2016-6943 | URL | ||
| 40639 | FILE-PDF Adobe Acrobat Reader XFA addInstance use after free attempt (more info ...) | attempted-user | 2016-6953 | URL | ||
| 40640 | FILE-PDF Adobe Acrobat Reader XFA addInstance use after free attempt (more info ...) | attempted-user | 2016-6953 | URL | ||
| 40695 | FILE-PDF Adobe Reader parser object use-after-free attempt (more info ...) | attempted-admin | 2016-6949 | URL | ||
| 40696 | FILE-PDF Adobe Reader parser object use-after-free attempt (more info ...) | attempted-admin | 2016-6949 | URL | ||
| 40697 | FILE-PDF Adobe Reader MakeAccessible plugin heap overflow attempt (more info ...) | attempted-admin | 2016-6939 | URL | ||
| 40698 | FILE-PDF Adobe Reader MakeAccessible plugin heap overflow attempt (more info ...) | attempted-admin | 2016-6939 | URL | ||
| 40699 | FILE-PDF Adobe Reader MakeAccessible plugin heap overflow attempt (more info ...) | attempted-admin | 2016-6939 | URL | ||
| 40700 | FILE-PDF Adobe Reader MakeAccessible plugin heap overflow attempt (more info ...) | attempted-admin | 2016-6939 | URL | ||
| 40734 | FILE-FLASH Adobe Flash MovieClip proto chain manipulation targeting constructor use after free attempt (more info ...) | attempted-user | 2016-7865 | URL | ||
| 40735 | FILE-FLASH Adobe Flash MovieClip proto chain manipulation targeting constructor use after free attempt (more info ...) | attempted-user | 2016-7865 | URL | ||
| 40736 | FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (more info ...) | attempted-admin | 2016-7860 | URL | ||
| 40737 | FILE-FLASH Adobe Flash Player Primetime SDK AdvertisingMetadata type confustion attempt (more info ...) | attempted-admin | 2016-7860 | URL | ||
| 40738 | FILE-FLASH Adobe Adobe Flash Player ActionExtends use after free attempt (more info ...) | attempted-admin | 2016-7859 | URL | ||
| 40739 | FILE-FLASH Adobe Flash Player ActionExtends use after free attempt (more info ...) | attempted-admin | 2016-7859 | URL | ||
| 40740 | FILE-FLASH Adobe Flash Player addCallback use after free attempt (more info ...) | attempted-user | 2016-7858 | URL | ||
| 40741 | FILE-FLASH Adobe Flash Player addCallback use after free attempt (more info ...) | attempted-user | 2016-7858 | URL | ||
| 40742 | FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (more info ...) | attempted-user | 2016-7857 | URL | ||
| 40743 | FILE-FLASH Adobe Flash Player AVSegmentedSource use after free attempt (more info ...) | attempted-user | 2016-7857 | URL | ||
| 40744 | FILE-FLASH Adobe Primetime SDK setObject type confusion attempt (more info ...) | attempted-recon | 2016-7861 | URL | ||
| 40745 | FILE-FLASH Adobe Primetime SDK setObject type confusion attempt (more info ...) | attempted-recon | 2016-7861 | URL | ||
| 40746 | FILE-FLASH Adobe Flash Player TextField use after free attempt (more info ...) | attempted-user | 2016-7863 | URL | ||
| 40747 | FILE-FLASH Adobe Flash Player TextField use after free attempt (more info ...) | attempted-user | 2016-7863 | URL | ||
| 40748 | FILE-FLASH Adobe Flash Player ASnative setFocus use after free attempt (more info ...) | attempted-user | 2016-7864 | URL | ||
| 40749 | FILE-FLASH Adobe Flash Player ASnative setFocus use after free attempt (more info ...) | attempted-user | 2016-7864 | URL | ||
| 40755 | FILE-FLASH Adobe Flash EnableDebugger2 obfuscation attempt (more info ...) | attempted-user | URL | |||
| 40780 | FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (more info ...) | attempted-user | 2016-0974 | URL | ||
| 40781 | FILE-FLASH Adobe Flash Player LoadVars use-after-free attempt (more info ...) | attempted-user | 2016-0974 | URL | ||
| 40798 | FILE-FLASH Adobe Standalone Flash Player IExternalizable deserialization use after free attempt (more info ...) | attempted-user | 2016-7855 | URL | ||
| 40799 | FILE-FLASH Adobe Standalone Flash Player IExternalizable deserialization use after free attempt (more info ...) | attempted-user | 2016-7855 | URL | ||
| 40818 | FILE-FLASH Adobe Flash Player TextField text use after free attempt (more info ...) | attempted-admin | 2015-8430 | URL | ||
| 40819 | FILE-FLASH Adobe Flash Player TextField text use after free attempt (more info ...) | attempted-admin | 2015-8430 | URL | ||
| 40996 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7867 | URL | ||
| 40997 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7867 | URL | ||
| 40998 | FILE-FLASH Adobe Flash Player NetConnection proxyType invalid value out of bounds read attempt (more info ...) | attempted-user | 2016-7874 | URL | ||
| 40999 | FILE-FLASH Adobe Flash Player NetConnection proxyType invalid value out of bounds read attempt (more info ...) | attempted-user | 2016-7874 | URL | ||
| 41000 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7869 | URL | ||
| 41001 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7869 | URL | ||
| 41002 | FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (more info ...) | attempted-user | 2016-7873 | URL | ||
| 41003 | FILE-FLASH Adobe Flash Player Primetime SDK out of bounds read attempt (more info ...) | attempted-user | 2016-7873 | URL | ||
| 41004 | FILE-FLASH Adobe Flash Player Primetime MediaPlayerItemLoader QOSProvider object use after free attempt (more info ...) | attempted-user | 2018-4877 | URL | ||
| 41005 | FILE-FLASH Adobe Flash Player Primetime MediaPlayerItemLoader QOSProvider object use after free attempt (more info ...) | attempted-user | 2018-4877 | URL | ||
| 41006 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7870 | URL | ||
| 41007 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7870 | URL | ||
| 41008 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7868 | URL | ||
| 41009 | INDICATOR-COMPROMISE Adobe Flash Player ActionScript vulnerable RegExp verb usage detected (more info ...) | attempted-user | 2016-7868 | URL | ||
| 41010 | FILE-FLASH Adobe Flash Player BitmapData applyFilter integer overflow attempt (more info ...) | attempted-user | 2016-7875 | URL | ||
| 41011 | FILE-FLASH Adobe Flash Player BitmapData applyFilter integer overflow attempt (more info ...) | attempted-user | 2016-7875 | URL | ||
| 41012 | FILE-FLASH Adobe Flash Player NetConnection use after free attempt (more info ...) | attempted-user | 2016-7879 | URL | ||
| 41013 | FILE-FLASH Adobe Flash Player NetConnection use after free attempt (more info ...) | attempted-user | 2016-7879 | URL | ||
| 41014 | FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (more info ...) | attempted-user | 2016-7871 | URL | ||
| 41015 | FILE-FLASH Acrobat Flash WorkerDomain memory corruption attempt (more info ...) | attempted-user | 2016-7871 | URL | ||
| 41016 | FILE-FLASH Adobe Flash Player writeDynamicProperties use-after-free attempt (more info ...) | attempted-user | 2016-7877 | URL | ||
| 41017 | FILE-FLASH Adobe Flash Player writeDynamicProperties use-after-free attempt (more info ...) | attempted-user | 2016-7877 | URL | ||
| 41020 | FILE-FLASH Adobe Flash Player onSetFocus movie clip use after free attempt (more info ...) | attempted-user | 2016-7892 | URL | ||
| 41021 | FILE-FLASH Adobe Flash Player onSetFocus movie clip use after free attempt (more info ...) | attempted-user | 2016-7892 | URL | ||
| 41022 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-admin | 2016-7872 | URL | ||
| 41023 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-admin | 2016-7872 | URL | ||
| 41024 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-admin | 2016-7872 | URL | ||
| 41025 | FILE-FLASH Adobe Flash Player addProperty use after free attempt (more info ...) | attempted-admin | 2016-7872 | URL | ||
| 41045 | FILE-FLASH Adobe Flash Player TextField setter use after free attempt (more info ...) | attempted-admin | 2015-8434 | URL | ||
| 41046 | FILE-FLASH Adobe Flash Player TextField setter use after free attempt (more info ...) | attempted-admin | 2015-8434 | URL | ||
| 41138 | FILE-FLASH Adobe Flash Player display list structure memory corruption attempt (more info ...) | attempted-user | 2017-2930 | URL | ||
| 41139 | FILE-FLASH Adobe Flash Player display list structure memory corruption attempt (more info ...) | attempted-user | 2017-2930 | URL | ||
| 41142 | FILE-PDF Adobe Acrobat animateSyncButton use after free attempt (more info ...) | attempted-user | 2017-2958 | URL | ||
| 41143 | FILE-PDF Adobe Acrobat animateSyncButton use after free attempt (more info ...) | attempted-user | 2017-2958 | URL | ||
| 41144 | FILE-IMAGE Adobe Reader malformed app13 marker memory corruption attempt (more info ...) | attempted-user | 2017-2964 | URL | ||
| 41145 | FILE-IMAGE Adobe Reader malformed app13 marker memory corruption attempt (more info ...) | attempted-user | 2017-2964 | URL | ||
| 41146 | FILE-IMAGE Adobe Reader malformed app13 marker memory corruption attempt (more info ...) | attempted-user | 2017-2964 | URL | ||
| 41147 | FILE-IMAGE Adobe Reader malformed app13 marker memory corruption attempt (more info ...) | attempted-user | 2017-2964 | URL | ||
| 41148 | FILE-IMAGE Adobe Reader malformed app13 marker memory corruption attempt (more info ...) | attempted-user | 2017-2964 | URL | ||
| 41149 | FILE-IMAGE Adobe Reader malformed app13 marker memory corruption attempt (more info ...) | attempted-user | 2017-2964 | URL | ||
| 41154 | FILE-PDF Adobe Acrobat Reader malformed CFF global subroutine memory corruption attempt (more info ...) | attempted-admin | 2017-2941 | URL | ||
| 41155 | FILE-PDF Adobe Acrobat Reader malformed CFF global subroutine memory corruption attempt (more info ...) | attempted-admin | 2017-2941 | URL | ||
| 41156 | FILE-FLASH Adobe Flash Player malformed ATF file length heap overflow attempt (more info ...) | attempted-user | 2017-2934 | URL | ||
| 41157 | FILE-FLASH Adobe Flash Player malformed ATF file length heap overflow attempt (more info ...) | attempted-user | 2017-2934 | URL | ||
| 41158 | FILE-FLASH Adobe Flash Player visual blend out of bounds read attempt (more info ...) | attempted-user | 2017-2928 | URL | ||
| 41159 | FILE-FLASH Adobe Flash Player visual blend out of bounds read attempt (more info ...) | attempted-user | 2017-2928 | URL | ||
| 41160 | FILE-FLASH Acrobat Flash FileReference class use-after-free memory corruption attempt (more info ...) | attempted-user | 2017-2937 | URL | ||
| 41161 | FILE-FLASH Acrobat Flash FileReference class use-after-free memory corruption attempt (more info ...) | attempted-user | 2017-2937 | URL | ||
| 41163 | FILE-PDF Adobe Acrobat Reader XSL stylesheet heap overflow attempt (more info ...) | attempted-user | 2017-2949 | URL | ||
| 41164 | FILE-PDF Adobe Acrobat Reader XSL stylesheet heap overflow attempt (more info ...) | attempted-user | 2017-2949 | URL | ||
| 41165 | FILE-FLASH Acrobat Flash FileReference class use-after-free memory corruption attempt (more info ...) | attempted-user | 2017-2936 | URL | ||
| 41166 | FILE-FLASH Acrobat Flash FileReference class use-after-free memory corruption attempt (more info ...) | attempted-user | 2017-2936 | URL | ||
| 41181 | FILE-IMAGE Adobe Acrobat TIFF PhotometricInterpretation heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 41182 | FILE-IMAGE Adobe Acrobat TIFF PhotometricInterpretation heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 41183 | FILE-IMAGE Adobe Acrobat TIFF PhotometricInterpretation heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 41184 | FILE-IMAGE Adobe Acrobat TIFF PhotometricInterpretation heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 41193 | FILE-PDF Adobe Acrobat XFA engine stack buffer overflow attempt (more info ...) | attempted-user | 2017-2948 | URL | ||
| 41194 | FILE-PDF Adobe Acrobat XFA engine stack buffer overflow attempt (more info ...) | attempted-user | 2017-2948 | URL | ||
| 41198 | FILE-IMAGE Adobe Acrobat TIFF Software tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2965 | URL | ||
| 41199 | FILE-IMAGE Adobe Acrobat TIFF Software tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2965 | URL | ||
| 41200 | FILE-IMAGE Adobe Acrobat TIFF Software tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2965 | URL | ||
| 41201 | FILE-IMAGE Adobe Acrobat TIFF Software tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2965 | URL | ||
| 41202 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP2 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2959 | URL | ||
| 41203 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP2 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2959 | URL | ||
| 41214 | FILE-FLASH Adobe Flash Player onSetFocus movieclip use after free attempt (more info ...) | attempted-user | 2017-2932 | URL | ||
| 41215 | FILE-FLASH Adobe Flash Player onSetFocus movie clip use after free attempt (more info ...) | attempted-user | 2017-2932 | URL | ||
| 41319 | FILE-PDF Adobe Acrobat Reader cross reference table memory corruption attempt (more info ...) | attempted-user | 2016-2939 | URL | ||
| 41320 | FILE-PDF Adobe Acrobat Reader cross reference table memory corruption attempt (more info ...) | attempted-user | 2016-2939 | URL | ||
| 41325 | FILE-PDF Adobe Acrobat XFA Engine use after free attempt (more info ...) | attempted-user | 2017-2950 | URL | ||
| 41326 | FILE-PDF Adobe Acrobat XFA Engine use after free attempt (more info ...) | attempted-user | 2017-2950 | URL | ||
| 41329 | FILE-PDF Adobe Acrobat Reader APP13 heap overflow attempt (more info ...) | attempted-user | 2016-2946 | URL | ||
| 41330 | FILE-PDF Adobe Acrobat Reader APP13 heap overflow attempt (more info ...) | attempted-user | 2016-2946 | URL | ||
| 41332 | FILE-FLASH Adobe Flash Player FileReferenceList.browse type confusion attempt (more info ...) | attempted-admin | 2015-3120 | URL | ||
| 41333 | FILE-FLASH Adobe Flash Player FileReferenceList.browse type confusion attempt (more info ...) | attempted-admin | 2015-3120 | URL | ||
| 41338 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2960 | URL | ||
| 41339 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2960 | URL | ||
| 41340 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2960 | URL | ||
| 41341 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2960 | URL | ||
| 41342 | FILE-MULTIMEDIA Adobe Flash Player MP4 stsz atom memory corruption attempt (more info ...) | attempted-user | 2017-2926 | URL | ||
| 41343 | FILE-MULTIMEDIA Adobe Flash Player MP4 stsz atom memory corruption attempt (more info ...) | attempted-user | 2017-2926 | URL | ||
| 41353 | FILE-FLASH Adobe Flash Player StyleSheets use after free attempt (more info ...) | attempted-user | 2016-4174 | URL | ||
| 41354 | FILE-FLASH Adobe Flash Player StyleSheets use after free attempt (more info ...) | attempted-user | 2016-4174 | URL | ||
| 41357 | FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (more info ...) | attempted-user | 2016-4152 | URL | ||
| 41358 | FILE-FLASH Adobe Flash Player Primetime SDK ShimContentResolver memory corruption attempt (more info ...) | attempted-user | 2016-4152 | URL | ||
| 41391 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41392 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41393 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41394 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41395 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41396 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41397 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41398 | FILE-IMAGE Adobe Acrobat TIFF ICC tag heap buffer overflow attempt (more info ...) | attempted-user | 2017-2963 | URL | ||
| 41399 | FILE-PDF Adobe Acrobat Reader xfa subform use after free attempt (more info ...) | attempted-user | 2019-8225 | URL | ||
| 41400 | FILE-PDF Adobe Acrobat Reader xfa subform use after free attempt (more info ...) | attempted-user | 2019-8225 | URL | ||
| 41412 | FILE-FLASH Adobe Flash Player custom toString function attempt (more info ...) | attempted-user | 2017-2951 | URL | ||
| 41418 | FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (more info ...) | attempted-user | 2015-4433 | |||
| 41419 | FILE-FLASH Adobe Flash Player NetConnection type confusion attempt (more info ...) | attempted-user | 2015-4433 | |||
| 41472 | FILE-FLASH Adobe Flash Player broker arbitrary file write attempt (more info ...) | attempted-user | 2015-0301 | URL | ||
| 41473 | FILE-FLASH Adobe Flash Player broker arbitrary file write attempt (more info ...) | attempted-user | 2015-0301 | URL | ||
| 41479 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 41480 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 41481 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 41482 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2015-5122 | URL | ||
| 41486 | FILE-FLASH Adobe Flash Player AS2 TextField antiAliasType use after free attempt (more info ...) | attempted-user | 2015-8046 | URL | ||
| 41513 | FILE-PDF Adobe Reader setPersistent use after free attempt (more info ...) | attempted-user | 2016-1061 | 80358 | URL | |
| 41514 | FILE-PDF Adobe Reader setPersistent use after free attempt (more info ...) | attempted-user | 2016-1061 | 80358 | URL | |
| 41611 | FILE-OTHER Adobe Flash Player h264 decoder luminance adjustment out of bounds memory access attempt (more info ...) | attempted-user | 2017-2991 | URL | ||
| 41612 | FILE-OTHER Adobe Flash Player h264 decoder luminance adjustment out of bounds memory access attempt (more info ...) | attempted-user | 2017-2991 | URL | ||
| 41613 | FILE-OTHER Adobe Flash Player h264 decoder heap overflow attempt (more info ...) | attempted-user | 2017-2984 | URL | ||
| 41614 | FILE-OTHER Adobe Flash Player h264 decoder heap overflow attempt (more info ...) | attempted-user | 2017-2984 | URL | ||
| 41615 | FILE-OTHER Adobe Flash Player h264 decoder heap overflow attempt (more info ...) | attempted-user | 2017-2984 | URL | ||
| 41616 | FILE-OTHER Adobe Flash Player h264 decoder heap overflow attempt (more info ...) | attempted-user | 2017-2984 | URL | ||
| 41617 | FILE-OTHER Adobe Flash Player h264 decoder heap overflow attempt (more info ...) | attempted-user | 2017-2984 | URL | ||
| 41618 | FILE-OTHER Adobe Flash Player h264 decoder heap overflow attempt (more info ...) | attempted-user | 2017-2984 | URL | ||
| 41619 | FILE-FLASH Adobe Flash Player addEventListener use after free attempt (more info ...) | attempted-user | 2017-2982 | URL | ||
| 41620 | FILE-FLASH Adobe Flash Player addEventListener use after free attempt (more info ...) | attempted-user | 2017-2982 | URL | ||
| 41621 | FILE-FLASH Adobe Flash malformed FLV heap overflow attempt (more info ...) | attempted-recon | 2017-2986 | URL | ||
| 41622 | FILE-FLASH Adobe Flash malformed FLV heap overflow attempt (more info ...) | attempted-recon | 2017-2986 | URL | ||
| 41623 | FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (more info ...) | attempted-admin | 2017-2995 | URL | ||
| 41624 | FILE-FLASH Adobe Flash Player MessageChannel type confusion attempt (more info ...) | attempted-admin | 2017-2995 | URL | ||
| 41627 | FILE-FLASH Adobe Flash Player garbage collection use after free attempt (more info ...) | attempted-user | 2017-2988 | URL | ||
| 41628 | FILE-FLASH Adobe Flash Player garbage collection use after free attempt (more info ...) | attempted-user | 2017-2988 | URL | ||
| 41629 | FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (more info ...) | attempted-user | 2017-2994 | URL | ||
| 41630 | FILE-FLASH Adobe Flash Player PSDK EventDispatch removeEventListener use after free attempt (more info ...) | attempted-user | 2017-2994 | URL | ||
| 41631 | FILE-OTHER Adobe Flash Player mp4 h264 decompression routine out of bounds read attempt (more info ...) | attempted-user | 2017-2990 | URL | ||
| 41632 | FILE-OTHER Adobe Flash Player mp4 h264 decompression routine out of bounds read attempt (more info ...) | attempted-user | 2017-2990 | URL | ||
| 41635 | FILE-OTHER Adobe AcrobatDC EMF buffer underflow attempt (more info ...) | attempted-user | 2015-5098 | URL | ||
| 41636 | FILE-OTHER Adobe AcrobatDC EMF buffer underflow attempt (more info ...) | attempted-user | 2015-5098 | URL | ||
| 41644 | FILE-FLASH Adobe Flash Player malformed DefineSprite tag memory corruption attempt (more info ...) | attempted-admin | 2015-3123 | URL | ||
| 41645 | FILE-FLASH Adobe Flash Player malformed DefineSprite tag memory corruption attempt (more info ...) | attempted-admin | 2015-3123 | URL | ||
| 41673 | FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (more info ...) | attempted-user | 2017-2993 | URL | ||
| 41674 | FILE-FLASH Adobe Flash Player TextField object event handler use after free attempt (more info ...) | attempted-user | 2017-2993 | URL | ||
| 41679 | FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2017-2996 | URL | ||
| 41680 | FILE-FLASH Adobe Flash Player ShimContentResolver out of bounds memory access attempt (more info ...) | attempted-user | 2017-2996 | URL | ||
| 41705 | FILE-FLASH Adobe Flash Player invalid package script information use after free attempt (more info ...) | attempted-user | 2015-4430 | URL | ||
| 41706 | FILE-FLASH Adobe Flash Player invalid package script information use after free attempt (more info ...) | attempted-user | 2015-4430 | URL | ||
| 41708 | FILE-FLASH Adobe Flash Player custom valueOf function attempt (more info ...) | attempted-user | 2015-3130 | URL | ||
| 41709 | FILE-FLASH Adobe Flash Player custom valueOf function attempt (more info ...) | attempted-user | 2015-3130 | URL | ||
| 41740 | FILE-FLASH Adobe Flash Player custom toString and valueOf function attempt (more info ...) | attempted-user | 2015-3129 | URL | ||
| 41741 | FILE-FLASH Adobe Flash Player custom toString and valueOf function attempt (more info ...) | attempted-user | 2015-3129 | URL | ||
| 42006 | FILE-FLASH Adobe Flash Player Camera use after free attempt (more info ...) | attempted-user | 2017-3003 | URL | ||
| 42007 | FILE-FLASH Adobe Flash Player Camera use after free attempt (more info ...) | attempted-user | 2017-3003 | URL | ||
| 42010 | FILE-FLASH Adobe Flash Player TextField use after free attempt (more info ...) | attempted-user | 2017-3002 | URL | ||
| 42011 | FILE-FLASH Adobe Flash Player TextField use after free attempt (more info ...) | attempted-user | 2017-3002 | URL | ||
| 42012 | FILE-FLASH Adobe Flash Player AuditudeSettings stack overflow attempt (more info ...) | attempted-user | 2017-2997 | URL | ||
| 42013 | FILE-FLASH Adobe Flash Player AuditudeSettings stack overflow attempt (more info ...) | attempted-user | 2017-2997 | URL | ||
| 42044 | FILE-FLASH Adobe Flash Player custom object garbage collection use after free attempt (more info ...) | attempted-user | 2017-3059 | URL | ||
| 42045 | FILE-FLASH Adobe Flash Player custom object garbage collection use after free attempt (more info ...) | attempted-user | 2017-3059 | URL | ||
| 42046 | FILE-FLASH Adobe Flash Player custom object garbage collection use after free (more info ...) | attempted-user | 2017-3001 | URL | ||
| 42047 | FILE-FLASH Adobe Flash Player custom object garbage collection use after free (more info ...) | attempted-user | 2017-3001 | URL | ||
| 42052 | FILE-FLASH Adobe Flash Player Primetime TVSDK memory corruption attempt (more info ...) | attempted-user | 2017-2999 | 96866 | URL | |
| 42053 | FILE-FLASH Adobe Flash Player Primetime TVSDK memory corruption attempt (more info ...) | attempted-user | 2017-2999 | 96866 | URL | |
| 42096 | FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (more info ...) | attempted-user | 2017-2998 | URL | ||
| 42097 | FILE-FLASH Adobe Flash Player Resolution Opportunity parameter memory corruption attempt (more info ...) | attempted-user | 2017-2998 | URL | ||
| 42206 | FILE-FLASH Adobe Flash Player allocator use-after-free attempt (more info ...) | attempted-user | 2017-3062 | URL | ||
| 42207 | FILE-FLASH Adobe Flash Player allocator use-after-free attempt (more info ...) | attempted-user | 2017-3062 | URL | ||
| 42212 | FILE-PDF Adobe Acrobat Reader embedded JPEG 2000 flst heap overflow attempt (more info ...) | attempted-admin | 2017-3055 | URL | ||
| 42213 | FILE-PDF Adobe Acrobat Reader embedded JPEG 2000 flst heap overflow attempt (more info ...) | attempted-admin | 2017-3055 | URL | ||
| 42214 | FILE-FLASH Adobe Flash Player NetStream use after free attempt (more info ...) | attempted-user | 2017-3036 | URL | ||
| 42215 | FILE-FLASH Adobe Flash Player NetStream use after free attempt (more info ...) | attempted-user | 2017-3063 | URL | ||
| 42216 | FILE-OTHER Adobe Acrobat Reader pcx planes memory corruption attempt (more info ...) | attempted-user | 2017-3036 | URL | ||
| 42217 | FILE-OTHER Adobe Acrobat Reader pcx planes memory corruption attempt (more info ...) | attempted-user | 2017-3036 | URL | ||
| 42218 | FILE-IMAGE Adobe Acrobat Pro malformed GIF memory corruption attempt (more info ...) | attempted-user | 2017-3050 | URL | ||
| 42219 | FILE-IMAGE Adobe Acrobat Pro malformed TIF memory corruption attempt (more info ...) | attempted-user | 2017-3050 | URL | ||
| 42275 | FILE-PDF Adobe Reader JPEG2000 pclr tag out of bounds read attempt (more info ...) | attempted-user | 2017-3045 | URL | ||
| 42276 | FILE-PDF Adobe Reader JPEG2000 pclr tag out of bounds read attempt (more info ...) | attempted-user | 2017-3045 | URL | ||
| 42296 | FILE-PDF Adobe Acrobat Reader malformed PRC file out of bounds read attempt (more info ...) | attempted-user | 2017-3019 | URL | ||
| 42297 | FILE-PDF Adobe Acrobat Reader malformed PRC file out of bounds read attempt (more info ...) | attempted-user | 2017-3019 | URL | ||
| 42299 | FILE-PDF Adobe PDF PPKLite security handler memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-3039 | URL | ||
| 42309 | FILE-PDF Adobe Acrobat embedded JPEG2000 invalid header out of bounds memory access attempt (more info ...) | attempted-user | 2017-3022 | URL | ||
| 42310 | FILE-PDF Adobe Acrobat embedded JPEG2000 invalid header out of bounds memory access attempt (more info ...) | attempted-user | 2017-3022 | URL | ||
| 42324 | FILE-IMAGE Adobe Acrobat Reader overly large segment size out of bounds read attempt (more info ...) | attempted-user | 2017-3051 | URL | ||
| 42325 | FILE-IMAGE Adobe Acrobat Reader overly large segment size out of bounds read attempt (more info ...) | attempted-user | 2017-3051 | URL | ||
| 42412 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2031 | |||
| 42413 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2031 | |||
| 42422 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2030 | |||
| 42423 | FILE-OTHER Adobe Director rcsL chunk parsing denial of service attempt (more info ...) | denial-of-service | 2012-2030 | |||
| 42788 | FILE-PDF Adobe Reader malformed app13 tag information disclosure attempt (more info ...) | attempted-user | 2017-3053 | URL | ||
| 42789 | FILE-PDF Adobe Reader malformed app13 tag information disclosure attempt (more info ...) | attempted-user | 2017-3053 | URL | ||
| 42790 | FILE-PDF Adobe Reader invalid object reference use after free attempt (more info ...) | attempted-user | 2017-3026 | URL | ||
| 42791 | FILE-PDF Adobe Reader invalid object reference use after free attempt (more info ...) | attempted-user | 2017-3026 | URL | ||
| 42792 | FILE-FLASH Adobe Flash Player FLV invalid tag buffer overflow attempt (more info ...) | attempted-user | 2017-3068 | URL | ||
| 42793 | FILE-FLASH Adobe Flash Player FLV invalid tag buffer overflow attempt (more info ...) | attempted-user | 2017-3068 | URL | ||
| 42794 | FILE-FLASH Adobe Flash Player beginGradientFill color array out of bounds read attempt (more info ...) | attempted-user | 2017-3074 | URL | ||
| 42795 | FILE-FLASH Adobe Flash Player beginGradientFill color array out of bounds read attempt (more info ...) | attempted-user | 2017-3074 | URL | ||
| 42796 | FILE-FLASH Adobe Flash Player ConvolutionFilter memory corruption attempt (more info ...) | attempted-user | 2017-3070 | URL | ||
| 42797 | FILE-FLASH Adobe Flash Player ConvolutionFilter memory corruption attempt (more info ...) | attempted-user | 2017-3070 | URL | ||
| 42800 | FILE-FLASH Adobe Flash Player ActionPush out of bounds read attempt (more info ...) | attempted-user | 2017-3060 | URL | ||
| 42801 | FILE-FLASH Adobe Flash Player ActionPush out of bounds read attempt (more info ...) | attempted-user | 2017-3060 | URL | ||
| 42802 | FILE-PDF Adobe Acrobat Reader malformed AES key memory corruption attempt (more info ...) | attempted-user | 2017-3030 | URL | ||
| 42803 | FILE-PDF Adobe Acrobat Reader malformed AES key memory corruption attempt (more info ...) | attempted-user | 2017-3030 | URL | ||
| 42807 | FILE-FLASH Adobe Standalone Flash Player BlendMode memory corruption attempt (more info ...) | attempted-user | 2017-3069 | URL | ||
| 42808 | FILE-FLASH Adobe Standalone Flash Player BlendMode memory corruption attempt (more info ...) | attempted-user | 2017-3069 | URL | ||
| 42809 | FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (more info ...) | attempted-user | 2017-3072 | URL | ||
| 42810 | FILE-FLASH Adobe Flash Player BitmapData out of bounds memory access attempt (more info ...) | attempted-user | 2017-3072 | URL | ||
| 42813 | FILE-PDF Adobe Acrobat Reader malformed URI information disclosure attempt (more info ...) | attempted-user | 2017-3020 | 97554 | URL | |
| 42814 | FILE-PDF Adobe Acrobat Reader malformed URI information disclosure attempt (more info ...) | attempted-user | 2017-3020 | 97554 | URL | |
| 42815 | FILE-FLASH Adobe Flash Player display object mask use after free attempt (more info ...) | attempted-user | 2017-3073 | URL | ||
| 42816 | FILE-FLASH Adobe Flash Player display object mask use after free attempt (more info ...) | attempted-user | 2017-3073 | URL | ||
| 42817 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3071 | URL | ||
| 42818 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3071 | URL | ||
| 42844 | FILE-IMAGE Adobe Acrobat Pro malformed TIF heap overflow attempt (more info ...) | attempted-user | 2017-3049 | URL | ||
| 42845 | FILE-IMAGE Adobe Acrobat Pro malformed TIF heap overflow attempt (more info ...) | attempted-user | 2017-3049 | URL | ||
| 42859 | FILE-PDF Adobe Reader PDF memory corruption attempt (more info ...) | attempted-user | 2017-3017 | URL | ||
| 42860 | FILE-PDF Adobe Reader PDF memory corruption attempt (more info ...) | attempted-user | 2017-3017 | URL | ||
| 42868 | FILE-PDF Adobe Acrobat Reader XFA forms engine use after free attempt (more info ...) | attempted-user | 2018-16011 | URL | ||
| 42869 | FILE-PDF Adobe Acrobat Reader XFA forms engine use after free attempt (more info ...) | attempted-user | 2018-16011 | URL | ||
| 42888 | FILE-PDF Adobe Acrobat JP2 parser information disclosure attempt (more info ...) | attempted-user | 2017-3021 | URL | ||
| 42889 | FILE-PDF Adobe Acrobat JP2 parser information disclosure attempt (more info ...) | attempted-user | 2017-3021 | URL | ||
| 42896 | FILE-PDF Adobe Acrobat Reader CTJPEGWriter null pointer dereference attempt (more info ...) | attempted-user | 2017-3025 | URL | ||
| 42897 | FILE-PDF Adobe Acrobat Reader CTJPEGWriter null pointer dereference attempt (more info ...) | attempted-user | 2017-3025 | URL | ||
| 42930 | FILE-FLASH Adobe Flash Player DefineBitsJPEG2 invalid length memory corruption attempt (more info ...) | attempted-user | 2016-4179 | URL | ||
| 42931 | FILE-FLASH Adobe Flash Player DefineBitsJPEG2 invalid length memory corruption attempt (more info ...) | attempted-user | 2016-4179 | URL | ||
| 42942 | FILE-PDF Adobe Reader XFA large array use after free attempt (more info ...) | attempted-user | 2017-3014 | URL | ||
| 42943 | FILE-PDF Adobe Reader XFA large array use after free attempt (more info ...) | attempted-user | 2017-3014 | URL | ||
| 43048 | FILE-FLASH Adobe Flash Player JSON stringify memory corruption attempt (more info ...) | attempted-user | 2015-0324 | 72514 | URL | |
| 43058 | FILE-FLASH Adobe Flash Player invalid DefinedEditText tag memory corruption attempt (more info ...) | attempted-user | 2017-3061 | URL | ||
| 43059 | FILE-FLASH Adobe Flash Player invalid DefinedEditText tag memory corruption attempt (more info ...) | attempted-user | 2017-3061 | URL | ||
| 43382 | FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (more info ...) | attempted-user | 2017-3084 | URL | ||
| 43383 | FILE-FLASH Adobe Flash Player AdvertisingMetadata use after free attempt (more info ...) | attempted-user | 2017-3084 | URL | ||
| 43393 | FILE-FLASH Adobe Flash Player MPEG-4 AVC decoding out of bounds read attempt (more info ...) | attempted-user | 2017-3076 | URL | ||
| 43394 | FILE-FLASH Adobe Flash Player MPEG-4 AVC decoding out of bounds read attempt (more info ...) | attempted-user | 2017-3076 | URL | ||
| 43395 | FILE-FLASH Adobe Acrobat Reader profile use after free attempt (more info ...) | attempted-user | 2017-3083 | URL | ||
| 43396 | FILE-FLASH Adobe Acrobat Reader profile use after free attempt (more info ...) | attempted-user | 2017-3083 | URL | ||
| 43405 | FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (more info ...) | attempted-user | 2017-3082 | URL | ||
| 43406 | FILE-FLASH Adobe Flash Player determinePreferredLocales out of bounds memory read attempt (more info ...) | attempted-user | 2017-3082 | URL | ||
| 43410 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3081 | URL | ||
| 43411 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3081 | URL | ||
| 43412 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3081 | URL | ||
| 43413 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3081 | URL | ||
| 43414 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3081 | URL | ||
| 43415 | FILE-FLASH Adobe Flash Player DisplayObject use after free attempt (more info ...) | attempted-user | 2017-3081 | URL | ||
| 43416 | FILE-FLASH Adobe Flash Player BitmapData object out of bounds access attempt (more info ...) | attempted-user | 2017-3079 | 99025 | URL | |
| 43417 | FILE-FLASH Adobe Flash Player BitmapData object out of bounds access attempt (more info ...) | attempted-user | 2017-3079 | 99025 | URL | |
| 43418 | FILE-FLASH Adobe Flash Player BitmapData object out of bounds access attempt (more info ...) | attempted-user | 2017-3079 | 99025 | URL | |
| 43419 | FILE-FLASH Adobe Flash Player BitmapData object out of bounds access attempt (more info ...) | attempted-user | 2017-3079 | 99025 | URL | |
| 43420 | FILE-FLASH Adobe Flash Player custom toString function attempt (more info ...) | attempted-user | 2017-3075 | URL | ||
| 43421 | FILE-FLASH Adobe Flash Player custom toString function attempt (more info ...) | attempted-user | 2017-3075 | URL | ||
| 43433 | FILE-PDF Adobe Acrobat Reader Annotations memory corruption attempt (more info ...) | attempted-user | 2017-3024 | URL | ||
| 43434 | FILE-PDF Adobe Acrobat Reader Annotations memory corruption attempt (more info ...) | attempted-user | 2017-3024 | URL | ||
| 43453 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 43454 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 43455 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 43479 | FILE-FLASH Adobe Flash Player applyFilter memory corruption attempt (more info ...) | attempted-user | 2017-3100 | |||
| 43480 | FILE-FLASH Adobe Flash Player applyFilter memory corruption attempt (more info ...) | attempted-user | 2017-3100 | |||
| 43528 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2017-3099 | URL | ||
| 43529 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2017-3099 | URL | ||
| 43530 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2017-3099 | URL | ||
| 43531 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2017-3099 | URL | ||
| 43532 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2017-3099 | URL | ||
| 43533 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2017-3099 | URL | ||
| 43865 | FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (more info ...) | attempted-user | 2017-3123 | URL | ||
| 43866 | FILE-IMAGE Adobe Reader EMF EMR_MOVETOEX memory corruption attempt (more info ...) | attempted-user | 2017-3123 | URL | ||
| 43867 | FILE-PDF Adobe Acrobat Reader malformed TTF memory corruption attempt (more info ...) | attempted-user | 2017-3116 | URL | ||
| 43868 | FILE-PDF Adobe Acrobat Reader malformed TTF memory corruption attempt (more info ...) | attempted-user | 2017-3116 | URL | ||
| 43869 | FILE-PDF Adobe Acrobat Reader malformed TTF memory corruption attempt (more info ...) | attempted-user | 2017-3116 | URL | ||
| 43870 | FILE-PDF Adobe Acrobat Reader malformed TTF memory corruption attempt (more info ...) | attempted-user | 2017-3116 | URL | ||
| 43875 | FILE-OTHER Adobe Acrobat EMF with malformed embedded JPEG memory corruption attempt (more info ...) | attempted-user | 2017-11259 | |||
| 43876 | FILE-OTHER Adobe Acrobat EMF with malformed embedded JPEG memory corruption attempt (more info ...) | attempted-user | 2017-11259 | |||
| 43881 | FILE-PDF Adobe PDF file annotation plugin use after free memory corruption attempt (more info ...) | attempted-user | 2017-11231 | URL | ||
| 43882 | FILE-PDF Adobe PDF file annotation plugin use after free memory corruption attempt (more info ...) | attempted-user | 2017-11231 | URL | ||
| 43886 | FILE-PDF Adobe Acrobat Reader malformed UTF-16 string memory corruption attempt (more info ...) | attempted-user | 2017-11236 | URL | ||
| 43887 | FILE-PDF Adobe Acrobat Reader malformed UTF-16 string memory corruption attempt (more info ...) | attempted-user | 2017-11236 | URL | ||
| 43888 | FILE-MULTIMEDIA Adobe Professional EMF malformed EMR_BITBLT record out of bounds access attempt (more info ...) | attempted-user | 2018-15942 | URL | ||
| 43889 | FILE-MULTIMEDIA Adobe Professional EMF malformed EMR_BITBLT record out of bounds access attempt (more info ...) | attempted-user | 2018-15942 | URL | ||
| 43893 | FILE-OTHER Adobe Acrobat EMF file GIF LZW coding table memory corruption attempt (more info ...) | attempted-user | 2017-11258 | |||
| 43894 | FILE-OTHER Adobe Acrobat EMF file GIF LZW coding table memory corruption attempt (more info ...) | attempted-user | 2017-11258 | |||
| 43900 | FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (more info ...) | attempted-user | 2017-11210 | URL | ||
| 43901 | FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (more info ...) | attempted-user | 2017-11210 | URL | ||
| 43902 | FILE-IMAGE Adobe Reader EMF EMR_STROKEPATH memory corruption attempt (more info ...) | attempted-user | 2018-15986 | URL | ||
| 43903 | FILE-IMAGE Adobe Reader EMF EMR_STROKEPATH memory corruption attempt (more info ...) | attempted-user | 2018-15986 | URL | ||
| 43904 | FILE-PDF Adobe Reader execMenuItem buffer overflow attempt (more info ...) | attempted-user | 2017-11220 | URL | ||
| 43905 | FILE-PDF Adobe Reader execMenuItem buffer overflow attempt (more info ...) | attempted-user | 2017-11220 | URL | ||
| 43906 | FILE-PDF Adobe Reader XFA loadXML use after free attempt (more info ...) | attempted-user | 2017-11224 | URL | ||
| 43907 | FILE-PDF Adobe Reader XFA loadXML use after free attempt (more info ...) | attempted-user | 2017-11224 | URL | ||
| 43908 | FILE-IMAGE Adobe Acrobat Reader JPEG 2000 tile memory corruption attempt (more info ...) | attempted-user | 2017-11226 | URL | ||
| 43909 | FILE-IMAGE Adobe Acrobat Reader JPEG 2000 tile memory corruption attempt (more info ...) | attempted-user | 2017-11226 | URL | ||
| 43910 | FILE-IMAGE Adobe Acrobat Reader JPEG 2000 tile memory corruption attempt (more info ...) | attempted-user | 2017-11226 | URL | ||
| 43911 | FILE-IMAGE Adobe Acrobat Reader JPEG 2000 tile memory corruption attempt (more info ...) | attempted-user | 2017-11226 | URL | ||
| 43912 | FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (more info ...) | attempted-user | 2017-11209 | URL | ||
| 43913 | FILE-OTHER Adobe Acrobat Professional XPS2PDF memory corruption attempt (more info ...) | attempted-user | 2017-11209 | URL | ||
| 43916 | FILE-OTHER Adobe Acrobat EMF file GIF sub-block memory corruption attempt (more info ...) | attempted-user | 2017-11260 | URL | ||
| 43917 | FILE-OTHER Adobe Acrobat EMF file GIF sub-block memory corruption attempt (more info ...) | attempted-user | 2017-11260 | URL | ||
| 43924 | FILE-PDF Adobe Acrobat Reader duplicate U3D header memory corruption attempt (more info ...) | attempted-user | 2017-11222 | URL | ||
| 43925 | FILE-PDF Adobe Acrobat Reader duplicate U3D header memory corruption attempt (more info ...) | attempted-user | 2017-11222 | URL | ||
| 43932 | EXPLOIT-KIT TERROR exploit kit FlashVars parameter shellcode (more info ...) | attempted-user | ||||
| 43940 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_COMMENT record out of bounds access attempt (more info ...) | attempted-user | 2017-11227 | URL | ||
| 43941 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_COMMENT record out of bounds access attempt (more info ...) | attempted-user | 2017-11227 | URL | ||
| 43948 | FILE-PDF Adobe Acrobat XFA engine heap memory corruption attempt (more info ...) | attempted-user | 2018-4888 | URL | ||
| 43949 | FILE-PDF Adobe Acrobat XFA engine heap memory corruption attempt (more info ...) | attempted-user | 2018-4888 | URL | ||
| 43963 | FILE-OTHER Adobe Acrobat EMF file kerning data memory corruption attempt (more info ...) | attempted-user | 2017-11239 | URL | ||
| 43964 | FILE-OTHER Adobe Acrobat EMF file kerning data memory corruption attempt (more info ...) | attempted-user | 2017-11239 | URL | ||
| 43968 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (more info ...) | attempted-user | 2017-11238 | URL | ||
| 43973 | FILE-OTHER Adobe Acrobat Pro malformed EMF comment memory corruption attempt (more info ...) | attempted-user | 2018-12857 | URL | ||
| 43974 | FILE-OTHER Adobe Acrobat Pro malformed EMF comment memory corruption attempt (more info ...) | attempted-user | 2018-12857 | URL | ||
| 43977 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11265 | URL | ||
| 43978 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11265 | URL | ||
| 43979 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11265 | URL | ||
| 43980 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11265 | URL | ||
| 43983 | FILE-OTHER Adobe Professional JPEG APP1 memory corruption attempt (more info ...) | attempted-user | 2017-11246 | URL | ||
| 43984 | FILE-OTHER Adobe Professional JPEG APP1 memory corruption attempt (more info ...) | attempted-user | 2017-11246 | URL | ||
| 43991 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11252 | URL | ||
| 43992 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11252 | URL | ||
| 43993 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11252 | URL | ||
| 43994 | FILE-PDF Adobe Acrobat Reader graphics engine memory corruption attempt (more info ...) | attempted-user | 2017-11252 | URL | ||
| 43995 | FILE-FLASH Adobe Flash Player overly large cpool index out of bounds read attempt (more info ...) | attempted-user | 2017-3106 | URL | ||
| 43996 | FILE-FLASH Adobe Flash Player overly large cpool index out of bounds read attempt (more info ...) | attempted-user | 2017-3106 | URL | ||
| 43997 | FILE-PDF Adobe Acrobat Reader malformed TrueType font memory corruption attempt (more info ...) | attempted-user | 2017-11237 | URL | ||
| 43998 | FILE-PDF Adobe Acrobat Reader malformed TrueType font memory corruption attempt (more info ...) | attempted-user | 2017-11237 | URL | ||
| 43999 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed brush object attempt (more info ...) | attempted-user | 2017-11232 | URL | ||
| 44000 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed brush object attempt (more info ...) | attempted-user | 2017-11232 | URL | ||
| 44002 | FILE-FLASH Adobe Flash Player SMB sandbox bypass attempt (more info ...) | attempted-user | 2017-3085 | URL | ||
| 44003 | FILE-FLASH Adobe Flash Player SMB sandbox bypass attempt (more info ...) | attempted-user | 2017-3085 | URL | ||
| 44013 | FILE-PDF Adobe Acrobat Reader exportAsXFAStr use after free attempt (more info ...) | attempted-user | 2017-3113 | 100182 | URL | |
| 44014 | FILE-PDF Adobe Acrobat Reader exportAsXFAStr use after free attempt (more info ...) | attempted-user | 2017-3113 | 100182 | URL | |
| 44016 | FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (more info ...) | attempted-user | 2016-4228 | URL | ||
| 44017 | FILE-FLASH Adobe Flash Player Rectangle constructor use after free attempt (more info ...) | attempted-user | 2016-4228 | URL | ||
| 44023 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2018-15927 | URL | ||
| 44025 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2017-16396 | URL | ||
| 44033 | FILE-OTHER Adobe Acrobat Professional EMF file JPEG Huffman table memory corrupt attempt (more info ...) | attempted-user | 2017-11268 | URL | ||
| 44034 | FILE-OTHER Adobe Acrobat Professional EMF file JPEG Huffman table memory corrupt attempt (more info ...) | attempted-user | 2017-11268 | URL | ||
| 44053 | FILE-PDF Adobe Professional JPEG file invalid quantization table use-after-free attempt (more info ...) | attempted-user | 2017-11235 | URL | ||
| 44054 | FILE-PDF Adobe Professional JPEG file invalid quantization table use-after-free attempt (more info ...) | attempted-user | 2017-11235 | URL | ||
| 44059 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2018-15955 | URL | ||
| 44060 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2018-15955 | URL | ||
| 44061 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2019-7037 | URL | ||
| 44062 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2019-7037 | URL | ||
| 44072 | FILE-PDF Adobe Acrobat Reader SubmitForm URL spoofing attempt (more info ...) | attempted-recon | 2017-3115 | URL | ||
| 44073 | FILE-PDF Adobe Acrobat Reader SubmitForm URL spoofing attempt (more info ...) | attempted-recon | 2017-3115 | URL | ||
| 44074 | FILE-PDF Adobe Acrobat Reader SubmitForm URL spoofing attempt (more info ...) | attempted-recon | 2017-3115 | URL | ||
| 44075 | FILE-PDF Adobe Acrobat Reader SubmitForm URL spoofing attempt (more info ...) | attempted-recon | 2017-3115 | URL | ||
| 44083 | FILE-PDF Adobe Acrobat XFA field initialization memory corruption attempt (more info ...) | attempted-user | 2017-11218 | URL | ||
| 44084 | FILE-PDF Adobe Acrobat XFA field initialization memory corruption attempt (more info ...) | attempted-user | 2017-11218 | URL | ||
| 44086 | FILE-OTHER Adobe Acrobat EMF line segments memory corruption attempt (more info ...) | attempted-user | 2017-11242 | URL | ||
| 44087 | FILE-OTHER Adobe Acrobat EMF line segments memory corruption attempt (more info ...) | attempted-user | 2017-11242 | URL | ||
| 44094 | FILE-MULTIMEDIA Adobe Professional EMF malformed EMR_STRETCHDIBITS record memory corruption attempt (more info ...) | attempted-user | 2017-11271 | URL | ||
| 44095 | FILE-MULTIMEDIA Adobe Professional EMF malformed EMR_STRETCHDIBITS record memory corruption attempt (more info ...) | attempted-user | 2017-11271 | URL | ||
| 44099 | FILE-MULTIMEDIA Adobe Professional EMF malformed EMR_STRETCHDIBITS record out of bounds access attempt (more info ...) | attempted-user | 2017-11270 | URL | ||
| 44100 | FILE-MULTIMEDIA Adobe Professional EMF malformed EMR_STRETCHDIBITS record out of bounds access attempt (more info ...) | attempted-user | 2017-11270 | URL | ||
| 44144 | FILE-PDF Adobe Reader XFA event use after free attempt (more info ...) | attempted-user | 2017-11223 | URL | ||
| 44145 | FILE-PDF Adobe Reader XFA event use after free attempt (more info ...) | attempted-user | 2017-11223 | URL | ||
| 44173 | FILE-FLASH Adobe Flash Player SharedObject use after free attempt (more info ...) | attempted-user | 2015-3132 | |||
| 44174 | FILE-FLASH Adobe Flash Player SharedObject use after free attempt (more info ...) | attempted-user | 2015-3132 | |||
| 44345 | FILE-FLASH Adobe Flash Player MP4 atom parser memory corruption attempt (more info ...) | attempted-user | 2017-11281 | |||
| 44346 | FILE-FLASH Adobe Flash Player MP4 atom parser memory corruption attempt (more info ...) | attempted-user | 2017-11281 | |||
| 44347 | FILE-FLASH Adobe Flash Player MP4 atom parser memory corruption attempt (more info ...) | attempted-user | 2017-11281 | |||
| 44348 | FILE-FLASH Adobe Flash Player MP4 atom parser memory corruption attempt (more info ...) | attempted-user | 2017-11281 | |||
| 44351 | FILE-FLASH Adobe Flash Player text handling memory corruption attempt (more info ...) | attempted-user | 2017-11282 | URL | ||
| 44352 | FILE-FLASH Adobe Flash Player text handling memory corruption attempt (more info ...) | attempted-user | 2017-11282 | URL | ||
| 44550 | FILE-IMAGE Adobe Acrobat Pro malformed EMF memory corruption attempt (more info ...) | attempted-user | 2017-11248 | URL | ||
| 44551 | FILE-IMAGE Adobe Acrobat Pro malformed EMF memory corruption attempt (more info ...) | attempted-user | 2017-11248 | URL | ||
| 44552 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 44553 | FILE-FLASH Adobe Flash Player toString type confusion memory corruption attempt (more info ...) | attempted-user | 2016-1019 | URL | ||
| 44583 | FILE-FLASH Adobe Flash Player array type confusion attempt (more info ...) | attempted-user | 2017-11292 | URL | ||
| 44584 | FILE-FLASH Adobe Flash Player array type confusion attempt (more info ...) | attempted-user | 2017-11292 | URL | ||
| 44793 | FILE-PDF Adobe Acrobat Reader JPEG2000 codestream memory corruption attempt (more info ...) | attempted-user | 2017-11227 | URL | ||
| 44794 | FILE-PDF Adobe Acrobat Reader JPEG2000 codestream memory corruption attempt (more info ...) | attempted-user | 2017-11227 | URL | ||
| 44853 | FILE-PDF Adobe Acrobat Reader malformed TTF buffer over-read attempt (more info ...) | attempted-user | 2017-16365 | URL | ||
| 44854 | FILE-PDF Adobe Acrobat Reader malformed TTF buffer over-read attempt (more info ...) | attempted-user | 2017-16365 | URL | ||
| 44859 | FILE-OTHER Adobe Acrobat Pro PNG file buffer over-read vulnerability attempt (more info ...) | attempted-user | 2017-16384 | URL | ||
| 44860 | FILE-OTHER Adobe Acrobat Pro PNG file buffer over-read vulnerability attempt (more info ...) | attempted-user | 2017-16384 | URL | ||
| 44861 | FILE-IMAGE Adobe Acrobat Pro malformed CommentExtension attempt (more info ...) | attempted-user | 2017-16410 | URL | ||
| 44862 | FILE-IMAGE Adobe Acrobat Pro malformed CommentExtension attempt (more info ...) | attempted-user | 2017-16410 | URL | ||
| 44871 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2017-16365 | URL | ||
| 44872 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2017-16365 | URL | ||
| 44873 | FILE-PDF Adobe Acrobat addAnnot object untrusted pointer dereference attempt (more info ...) | denial-of-service | 2017-16371 | URL | ||
| 44874 | FILE-PDF Adobe Acrobat addAnnot object untrusted pointer dereference attempt (more info ...) | denial-of-service | 2017-16371 | URL | ||
| 44880 | FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (more info ...) | attempted-user | 2017-16406 | URL | ||
| 44881 | FILE-IMAGE Adobe Acrobat Pro EMF EMR_STRETCHDIBITS memory corruption attempt (more info ...) | attempted-user | 2017-16406 | URL | ||
| 44882 | FILE-PDF Adobe Acrobat acrobat URI handler security bypass (more info ...) | attempted-user | 2017-16366 | URL | ||
| 44883 | FILE-PDF Adobe Acrobat acrobat URI handler security bypass (more info ...) | attempted-user | 2017-16366 | URL | ||
| 44884 | FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (more info ...) | attempted-user | 2017-16399 | URL | ||
| 44885 | FILE-IMAGE Adobe Acrobat XPS unicode glyph pointer out of bounds (more info ...) | attempted-user | 2017-16399 | URL | ||
| 44887 | FILE-FLASH Adobe Flash Player bitmap hitTest integer overflow attempt (more info ...) | attempted-admin | 2017-11213 | URL | ||
| 44888 | FILE-FLASH Adobe Flash Player bitmap hitTest integer overflow attempt (more info ...) | attempted-admin | 2017-11213 | URL | ||
| 44891 | FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (more info ...) | attempted-user | 2017-3114 | URL | ||
| 44892 | FILE-FLASH Adobe Flash Player determinePreferredLocales memory corruption attempt (more info ...) | attempted-user | 2017-3114 | URL | ||
| 44893 | FILE-OTHER Adobe Professional EMF out of bounds read attempt (more info ...) | attempted-user | 2017-16409 | URL | ||
| 44894 | FILE-OTHER Adobe Professional EMF out of bounds read attempt (more info ...) | attempted-user | 2017-16409 | URL | ||
| 44902 | FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (more info ...) | attempted-user | 2017-3112 | URL | ||
| 44903 | FILE-FLASH Adobe Flash Player PSDK Metadata memory corruption attempt (more info ...) | attempted-user | 2017-3112 | URL | ||
| 44912 | FILE-IMAGE Adobe Acrobat Pro invalid APP13 marker size attempt (more info ...) | attempted-user | 2017-16386 | URL | ||
| 44913 | FILE-IMAGE Adobe Acrobat Pro invalid APP13 marker size attempt (more info ...) | attempted-user | 2017-16386 | URL | ||
| 44923 | FILE-OTHER Adobe Acrobat EMF Bezier curve out of bounds read attempt (more info ...) | attempted-user | 2017-16403 | URL | ||
| 44924 | FILE-OTHER Adobe Acrobat EMF Bezier curve out of bounds read attempt (more info ...) | attempted-user | 2017-16403 | URL | ||
| 44925 | FILE-PDF Adobe Acrobat thermometer object untrusted pointer dereference attempt (more info ...) | denial-of-service | 2017-16372 | URL | ||
| 44926 | FILE-PDF Adobe Acrobat thermometer object untrusted pointer dereference attempt (more info ...) | denial-of-service | 2017-16372 | URL | ||
| 44927 | FILE-OTHER Adobe Acrobat Pro WebCapture out of bounds read attempt (more info ...) | misc-activity | 2017-16411 | URL | ||
| 44928 | FILE-OTHER Adobe Acrobat Pro WebCapture out of bounds read attempt (more info ...) | misc-activity | 2017-16411 | URL | ||
| 44929 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (more info ...) | attempted-user | 2017-16406 | URL | ||
| 44930 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds write attempt (more info ...) | attempted-user | 2017-16406 | URL | ||
| 44933 | FILE-PDF Adobe Acrobat Reader untrusted pointer dereference attempt (more info ...) | attempted-user | 2017-16364 | URL | ||
| 44934 | FILE-PDF Adobe Acrobat Reader untrusted pointer dereference attempt (more info ...) | attempted-user | 2017-16364 | URL | ||
| 44937 | FILE-OTHER Adobe Acrobat EMFPlus out of bounds buffer overflow attempt (more info ...) | attempted-user | 2017-16404 | URL | ||
| 44938 | FILE-OTHER Adobe Acrobat EMFPlus out of bounds buffer overflow attempt (more info ...) | attempted-user | 2017-16404 | URL | ||
| 44939 | FILE-PDF Adobe Acrobat field dictionary value Unicode buffer overflow attempt (more info ...) | attempted-user | 2017-16368 | URL | ||
| 44940 | FILE-PDF Adobe Acrobat field dictionary value Unicode buffer overflow attempt (more info ...) | attempted-user | 2017-16368 | URL | ||
| 44951 | FILE-FLASH Adobe Flash Player Primetime SDK use after free attempt (more info ...) | attempted-user | 2017-11215 | URL | ||
| 44952 | FILE-FLASH Adobe Flash Player Primetime SDK use after free attempt (more info ...) | attempted-user | 2017-11215 | URL | ||
| 44953 | FILE-OTHER Adobe Acrobat EMF out of bounds buffer overflow attempt (more info ...) | attempted-user | 2017-16397 | URL | ||
| 44954 | FILE-OTHER Adobe Acrobat EMF out of bounds buffer overflow attempt (more info ...) | attempted-user | 2017-16397 | URL | ||
| 44959 | FILE-IMAGE Adobe Acrobat TIFF malformed YCbCrCoefficients values memory corruption attempt (more info ...) | attempted-user | 2017-16382 | URL | ||
| 44960 | FILE-IMAGE Adobe Acrobat TIFF malformed YCbCrCoefficients values memory corruption attempt (more info ...) | attempted-user | 2017-16382 | URL | ||
| 44961 | FILE-PDF Adobe Acrobat Reader untrusted pointer dereference attempt (more info ...) | attempted-user | 2017-16375 | URL | ||
| 44962 | FILE-PDF Adobe Acrobat Reader untrusted pointer dereference attempt (more info ...) | attempted-user | 2017-16375 | URL | ||
| 44963 | FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (more info ...) | attempted-user | 2017-11225 | URL | ||
| 44964 | FILE-FLASH Adobe Flash Player tvsdk object use after free attempt (more info ...) | attempted-user | 2017-11225 | URL | ||
| 44965 | FILE-OTHER Adobe Acrobat Pro security bypass attempt (more info ...) | attempted-user | 2017-16369 | URL | ||
| 44966 | FILE-OTHER Adobe Acrobat Pro security bypass attempt (more info ...) | attempted-user | 2017-16369 | URL | ||
| 44969 | FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (more info ...) | attempted-user | 2017-16416 | URL | ||
| 44970 | FILE-IMAGE Adobe Acrobat Pro EMF EmfPlusFont memory corruption attempt (more info ...) | attempted-user | 2017-16416 | URL | ||
| 44976 | FILE-PDF Adobe Reader ActualText attribute type confusion attempt (more info ...) | attempted-admin | 2017-16367 | URL | ||
| 44977 | FILE-PDF Adobe Reader ActualText attribute type confusion attempt (more info ...) | attempted-admin | 2017-16367 | URL | ||
| 44983 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2017-16385 | URL | ||
| 44984 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2017-16385 | URL | ||
| 44988 | FILE-PDF Adobe Acrobat PDF font character encoding out of bounds write attempt (more info ...) | attempted-user | 2017-16415 | URL | ||
| 45031 | FILE-OTHER Adobe Acrobat JPEG2000 out of bounds buffer overflow attempt (more info ...) | attempted-user | 2017-16400 | URL | ||
| 45032 | FILE-OTHER Adobe Acrobat JPEG2000 out of bounds buffer overflow attempt (more info ...) | attempted-user | 2017-16400 | URL | ||
| 45035 | FILE-PDF Adobe Acrobat Reader Annotation use after free attempt (more info ...) | attempted-user | 2017-16388 | URL | ||
| 45036 | FILE-PDF Adobe Acrobat Reader Annotation use after free attempt (more info ...) | attempted-user | 2017-16388 | URL | ||
| 45040 | FILE-PDF Adobe Acrobat Reader Annotation use after free attempt (more info ...) | attempted-user | 2018-4959 | URL | ||
| 45041 | FILE-PDF Adobe Acrobat Reader Annotation use after free attempt (more info ...) | attempted-user | 2018-4959 | URL | ||
| 45044 | FILE-PDF Adobe Reader out of bounds memory access violation attempt (more info ...) | attempted-user | 2017-16405 | URL | ||
| 45045 | FILE-PDF Adobe Reader out of bounds memory access violation attempt (more info ...) | attempted-user | 2017-16405 | URL | ||
| 45309 | FILE-FLASH Adobe Flash Player ConvolutionFilter Matrix use after free attempt (more info ...) | attempted-user | 2015-3039 | |||
| 45310 | FILE-FLASH Adobe Flash Player ConvolutionFilter Matrix use after free attempt (more info ...) | attempted-user | 2015-3039 | |||
| 45404 | FILE-FLASH Adobe Flash Player malformed ATF buffer overflow attempt (more info ...) | attempted-user | 2018-4871 | URL | ||
| 45405 | FILE-FLASH Adobe Flash Player malformed ATF buffer overflow attempt (more info ...) | attempted-user | 2018-4871 | URL | ||
| 45459 | FILE-FLASH Adobe Flash Player movieclip attachbitmap use-after-free attempt (more info ...) | attempted-user | 2015-8410 | URL | ||
| 45500 | FILE-FLASH Adobe Flash Player movieclip startdrag use-after-free attempt (more info ...) | attempted-user | 2015-8411 | URL | ||
| 45501 | FILE-FLASH Adobe Flash Player movieclip startdrag use-after-free attempt (more info ...) | attempted-user | 2015-8411 | URL | ||
| 45546 | FILE-FLASH Adobe Flash Player DefineFont3 tag overly large NumGlyphs out of bounds read attempt (more info ...) | attempted-user | 2017-3064 | |||
| 45547 | FILE-FLASH Adobe Flash Player DefineFont3 tag overly large NumGlyphs out of bounds read attempt (more info ...) | attempted-user | 2017-3064 | |||
| 45593 | FILE-FLASH Adobe PSDK DRM Manager memory corruption attempt (more info ...) | attempted-user | 2018-4878 | URL | ||
| 45594 | FILE-FLASH Adobe PSDK DRM Manager memory corruption attempt (more info ...) | attempted-user | 2018-4878 | URL | ||
| 45595 | FILE-FLASH Adobe PSDK DRM Manager memory corruption attempt (more info ...) | attempted-user | 2018-4878 | URL | ||
| 45613 | FILE-FLASH Adobe Flash Player Selection.SetSelection use-after-free attempt (more info ...) | attempted-user | 2015-8413 | URL | ||
| 45614 | FILE-FLASH Adobe Flash Player Selection.SetSelection use-after-free attempt (more info ...) | attempted-user | 2015-8413 | URL | ||
| 45615 | FILE-FLASH Adobe Flash Player movieclip duplicateMovieClip use-after-free attempt (more info ...) | attempted-user | 2015-8412 | URL | ||
| 45616 | FILE-FLASH Adobe Flash Player movieclip duplicateMovieClip use-after-free attempt (more info ...) | attempted-user | 2015-8412 | URL | ||
| 45661 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-recon | 2018-4912 | URL | ||
| 45662 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-recon | 2018-4912 | URL | ||
| 45663 | FILE-OTHER Adobe Acrobat Pro malformed EMF EmfPlustDrawImagePoints out of bounds read attempt (more info ...) | attempted-user | 2018-4906 | URL | ||
| 45664 | FILE-OTHER Adobe Acrobat Pro malformed EMF EmfPlustDrawImagePoints out of bounds read attempt (more info ...) | attempted-user | 2018-4906 | URL | ||
| 45665 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45666 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45667 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45668 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45678 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-4879 | URL | ||
| 45679 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-4879 | URL | ||
| 45680 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-4879 | URL | ||
| 45681 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-4879 | URL | ||
| 45683 | FILE-FLASH Adobe PSDK DRM Manager memory corruption attempt (more info ...) | attempted-user | 2018-4878 | URL | ||
| 45691 | FILE-OTHER Adobe Acrobat Pro tiff parser out of bounds read attempt (more info ...) | attempted-recon | 2018-4891 | URL | ||
| 45692 | FILE-OTHER Adobe Acrobat Pro tiff parser out of bounds read attempt (more info ...) | attempted-recon | 2018-4891 | URL | ||
| 45723 | FILE-PDF Adobe Acrobat Reader byte order mark out of bounds read attempt (more info ...) | attempted-user | 2018-4882 | URL | ||
| 45724 | FILE-PDF Adobe Acrobat Reader byte order mark out of bounds read attempt (more info ...) | attempted-user | 2018-4882 | URL | ||
| 45725 | FILE-PDF Adobe Acrobat Reader byte order mark out of bounds read attempt (more info ...) | attempted-user | 2018-4882 | URL | ||
| 45726 | FILE-PDF Adobe Acrobat Reader byte order mark out of bounds read attempt (more info ...) | attempted-user | 2018-4882 | URL | ||
| 45727 | FILE-PDF Adobe Acrobat Reader byte order mark out of bounds read attempt (more info ...) | attempted-user | 2018-4882 | URL | ||
| 45728 | FILE-PDF Adobe Acrobat Reader byte order mark out of bounds read attempt (more info ...) | attempted-user | 2018-4882 | URL | ||
| 45736 | FILE-PDF Adobe Acrobat Reader JBIG2 decoder use after free attempt (more info ...) | attempted-user | 2018-4892 | URL | ||
| 45737 | FILE-PDF Adobe Acrobat Reader JBIG2 decoder use after free attempt (more info ...) | attempted-user | 2018-4892 | URL | ||
| 45744 | FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (more info ...) | attempted-recon | 2015-3105 | 75086 | URL | |
| 45786 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45787 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45788 | FILE-IMAGE Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45789 | FILE-IMAGE Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-4903 | URL | ||
| 45791 | FILE-IMAGE Adobe Acrobat TIFF malformed YCbCrCoefficients values attempt (more info ...) | attempted-user | 2018-4905 | URL | ||
| 45792 | FILE-IMAGE Adobe Acrobat TIFF malformed YCbCrCoefficients values attempt (more info ...) | attempted-user | 2018-4905 | URL | ||
| 45793 | FILE-OTHER Adobe Acrobat Pro nested IFD out of bounds read attempt (more info ...) | attempted-user | 2018-4897 | URL | ||
| 45794 | FILE-OTHER Adobe Acrobat Pro nested IFD out of bounds read attempt (more info ...) | attempted-user | 2018-4897 | URL | ||
| 45814 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG tag data buffer overflow attempt (more info ...) | attempted-user | 2018-4909 | URL | ||
| 45815 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG tag data buffer overflow attempt (more info ...) | attempted-user | 2018-4909 | URL | ||
| 45849 | FILE-OTHER Adobe Acrobat Pro EMF malformed bitmap rectangle destination out of bounds read attempt (more info ...) | attempted-user | 2018-4886 | URL | ||
| 45850 | FILE-OTHER Adobe Acrobat Pro EMF malformed bitmap rectangle destination out of bounds read attempt (more info ...) | attempted-user | 2018-4886 | URL | ||
| 45852 | FILE-OTHER Adobe Acrobat Pro EMF malformed bitmap rectangle destination out of bounds read attempt (more info ...) | attempted-user | 2018-4886 | URL | ||
| 45855 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (more info ...) | attempted-user | 2018-4895 | URL | ||
| 45856 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (more info ...) | attempted-user | 2018-4895 | URL | ||
| 45860 | FILE-OTHER Adobe Acrobat Pro XPS malformed TIFF data out of bounds access attempt (more info ...) | attempted-user | 2018-4907 | URL | ||
| 45861 | FILE-OTHER Adobe Acrobat Pro XPS malformed TIFF data out of bounds access attempt (more info ...) | attempted-user | 2018-4907 | URL | ||
| 45862 | FILE-PDF Adobe Acrobat Reader bookmarkRoot memory corruption attempt (more info ...) | attempted-user | 2018-4911 | URL | ||
| 45863 | FILE-PDF Adobe Acrobat Reader bookmarkRoot memory corruption attempt (more info ...) | attempted-user | 2018-4911 | URL | ||
| 45864 | FILE-PDF Adobe Acrobat Reader bookmarkRoot memory corruption attempt (more info ...) | attempted-user | 2018-4911 | URL | ||
| 45865 | FILE-PDF Adobe Acrobat Reader bookmarkRoot memory corruption attempt (more info ...) | attempted-user | 2018-4911 | URL | ||
| 45866 | FILE-PDF Adobe Acrobat Reader invalid trailer memory corruption attempt (more info ...) | attempted-user | 2018-4901 | URL | ||
| 45867 | FILE-PDF Adobe Acrobat Reader invalid trailer memory corruption attempt (more info ...) | attempted-user | 2018-4901 | URL | ||
| 45868 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2018-4902 | URL | ||
| 45869 | FILE-PDF Adobe Acrobat Reader getAnnotsRichMedia return type confusion attempt (more info ...) | attempted-dos | 2018-4902 | URL | ||
| 45989 | FILE-OTHER Adobe Acrobat Pro path element out of bounds memory access attempt (more info ...) | attempted-admin | 2018-4898 | URL | ||
| 45990 | FILE-OTHER Adobe Acrobat Pro path element out of bounds memory access attempt (more info ...) | attempted-user | 2018-4898 | URL | ||
| 46101 | PROTOCOL-SNMP Cisco IOS SNMP ciscoFlashFileEntry OID denial of service attempt (more info ...) | attempted-dos | 2018-0161 | URL | ||
| 46247 | FILE-FLASH Adobe Flash Player Primetime MediaPlayerItemLoader BlurFilter object out of bounds write attempt (more info ...) | attempted-user | 2018-4937 | URL | ||
| 46248 | FILE-FLASH Adobe Flash Player Primetime MediaPlayerItemLoader BlurFilter object out of bounds write attempt (more info ...) | attempted-user | 2018-4937 | URL | ||
| 46254 | FILE-FLASH Adobe Flash Player corrupt PNG image load out of bounds memory access attempt (more info ...) | attempted-user | 2018-4934 | URL | ||
| 46255 | FILE-FLASH Adobe Flash Player corrupt PNG image load out of bounds memory access attempt (more info ...) | attempted-user | 2018-4934 | URL | ||
| 46260 | FILE-FLASH Adobe Flash Player malformed DefineSound tag heap overflow attempt (more info ...) | attempted-user | 2018-4936 | URL | ||
| 46261 | FILE-FLASH Adobe Flash Player malformed DefineSound tag heap overflow attempt (more info ...) | attempted-user | 2018-4936 | URL | ||
| 46262 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-admin | 2018-4932 | URL | ||
| 46263 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-admin | 2018-4932 | URL | ||
| 46264 | FILE-OTHER Adobe Flash Player ATF image file out of bounds read attempt (more info ...) | attempted-user | 2018-4933 | URL | ||
| 46265 | FILE-OTHER Adobe Flash Player ATF image file out of bounds read attempt (more info ...) | attempted-user | 2018-4933 | URL | ||
| 46324 | FILE-FLASH Adobe PSDK DRM Manager memory corruption attempt (more info ...) | attempted-user | 2018-4878 | URL | ||
| 46404 | BROWSER-PLUGINS RealPlayer rmoc3260.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2008-1309 | |||
| 46405 | BROWSER-PLUGINS RealPlayer rmoc3260.dll ActiveX clsid access attempt (more info ...) | attempted-user | 2008-1309 | |||
| 46490 | FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (more info ...) | attempted-user | 2016-4227 | URL | ||
| 46491 | FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (more info ...) | attempted-user | 2016-4227 | URL | ||
| 46598 | FILE-FLASH Adobe Flash Player ASnative MovieClip type confusion attempt (more info ...) | attempted-user | 2018-4945 | URL | ||
| 46599 | FILE-FLASH Adobe Flash Player ASnative MovieClip type confusion attempt (more info ...) | attempted-user | 2018-4945 | URL | ||
| 46638 | FILE-PDF Adobe Acrobat Reader DC OCG setIntent memory corruption attempt (more info ...) | attempted-user | 2018-4962 | URL | ||
| 46639 | FILE-PDF Adobe Acrobat Reader DC OCG setIntent memory corruption attempt (more info ...) | attempted-user | 2018-4962 | URL | ||
| 46645 | FILE-PDF Adobe Reader XFA node manipulation use-after-free attempt (more info ...) | attempted-user | 2018-4977 | URL | ||
| 46646 | FILE-PDF Adobe Reader XFA node manipulation use-after-free attempt (more info ...) | attempted-user | 2018-4977 | URL | ||
| 46647 | FILE-OTHER Adobe Acrobat EMF EmfPlusDrawBeziers buffer over-read attempt (more info ...) | attempted-recon | 2018-4949 | URL | ||
| 46648 | FILE-OTHER Adobe Acrobat EMF EmfPlusDrawBeziers buffer over-read attempt (more info ...) | attempted-recon | 2018-4949 | URL | ||
| 46649 | FILE-PDF Adobe Acrobat Reader XFA form use after free attempt (more info ...) | attempted-user | 2018-4974 | URL | ||
| 46650 | FILE-PDF Adobe Acrobat Reader XFA form use after free attempt (more info ...) | attempted-user | 2018-4974 | URL | ||
| 46651 | FILE-OTHER Adobe Acrobat Pro PDX malformed index out of bounds memory read attempt (more info ...) | attempted-user | 2018-4984 | URL | ||
| 46652 | FILE-OTHER Adobe Acrobat Pro PDX malformed index out of bounds memory read attempt (more info ...) | attempted-user | 2018-4984 | URL | ||
| 46655 | FILE-OTHER Adobe Acrobat XPS2PDF conversion buffer over-read attempt (more info ...) | attempted-recon | 2018-4960 | URL | ||
| 46656 | FILE-OTHER Adobe Acrobat XPS2PDF conversion buffer over-read attempt (more info ...) | attempted-recon | 2018-4960 | URL | ||
| 46660 | FILE-OTHER Adobe Acrobat Reader jp2 double free attempt (more info ...) | attempted-user | 2018-4990 | URL | ||
| 46662 | EXPLOIT-KIT FakeFlash update attempt (more info ...) | attempted-user | ||||
| 46675 | FILE-PDF Adobe Acrobat Reader go-to action NTLM credential disclosure attempt (more info ...) | attempted-recon | 2018-4993 | URL | ||
| 46676 | FILE-PDF Adobe Acrobat Reader go-to action NTLM credential disclosure attempt (more info ...) | attempted-recon | 2018-4993 | URL | ||
| 46677 | FILE-PDF Adobe Acrobat Reader go-to action NTLM credential disclosure attempt (more info ...) | attempted-recon | 2018-4993 | URL | ||
| 46678 | FILE-PDF Adobe Acrobat Reader go-to action NTLM credential disclosure attempt (more info ...) | attempted-recon | 2018-4993 | URL | ||
| 46680 | FILE-PDF Adobe Acrobat Reader security bypass attempt (more info ...) | attempted-admin | 2018-4979 | URL | ||
| 46681 | FILE-PDF Adobe Acrobat Reader security bypass attempt (more info ...) | attempted-admin | 2018-4979 | URL | ||
| 46686 | FILE-PDF Adobe Acrobat XFA field type confusion overflow attempt (more info ...) | attempted-user | 2018-4953 | URL | ||
| 46687 | FILE-PDF Adobe Acrobat XFA field type confusion overflow attempt (more info ...) | attempted-user | 2018-4953 | URL | ||
| 46688 | FILE-IMAGE Adobe Acrobat XPS out-of-bounds read attempt (more info ...) | attempted-user | 2018-4955 | URL | ||
| 46689 | FILE-IMAGE Adobe Acrobat XPS out-of-bounds read attempt (more info ...) | attempted-user | 2018-4955 | URL | ||
| 46690 | FILE-OTHER Adobe Acrobat Pro path rendertransform out of bound write attempt (more info ...) | attempted-user | 2018-4967 | URL | ||
| 46691 | FILE-OTHER Adobe Acrobat Pro path rendertransform out of bound write attempt (more info ...) | attempted-user | 2018-4967 | URL | ||
| 46692 | FILE-IMAGE Adobe Acrobat EmfPlusDrawCurve out of bounds read attempt (more info ...) | attempted-user | 2018-4976 | URL | ||
| 46693 | FILE-IMAGE Adobe Acrobat EmfPlusDrawCurve out of bounds read attempt (more info ...) | attempted-user | 2018-4976 | URL | ||
| 46694 | FILE-OTHER Adobe Acrobat Pro EMF embedded GIF memory corruption attempt (more info ...) | attempted-user | 2018-4966 | URL | ||
| 46695 | FILE-OTHER Adobe Acrobat Pro EMF embedded GIF memory corruption attempt (more info ...) | attempted-user | 2018-4966 | URL | ||
| 46696 | FILE-PDF Adobe Acrobat Reader XFA use after free attempt (more info ...) | attempted-user | 2018-4952 | URL | ||
| 46697 | FILE-PDF Adobe Acrobat Reader XFA use after free attempt (more info ...) | attempted-user | 2018-4952 | URL | ||
| 46698 | FILE-OTHER Adobe Acrobat EMF embedded DIB out of bound read attempt (more info ...) | attempted-user | 2018-4968 | URL | ||
| 46699 | FILE-OTHER Adobe Acrobat EMF embedded DIB out of bound read attempt (more info ...) | attempted-user | 2018-4968 | URL | ||
| 46701 | FILE-IMAGE Adobe Acrboat EMF invalid EMR_STRETCHDIBITS record out-of-bounds read attempt (more info ...) | attempted-recon | 2018-4963 | URL | ||
| 46702 | FILE-IMAGE Adobe Acrboat EMF invalid EMR_STRETCHDIBITS record out-of-bounds read attempt (more info ...) | attempted-recon | 2018-4963 | URL | ||
| 46703 | FILE-OTHER Adobe Acrobat Pro EMF EMR_STRETCHDIBITS size out of bounds read attempt (more info ...) | attempted-user | 2018-4964 | URL | ||
| 46704 | FILE-OTHER Adobe Acrobat Pro EMF EMR_STRETCHDIBITS size out of bounds read attempt (more info ...) | attempted-user | 2018-4964 | URL | ||
| 46705 | FILE-PDF Adobe Acrobat ADBCAnnotEnumerator use after free attempt (more info ...) | attempted-user | 2018-4980 | URL | ||
| 46706 | FILE-PDF Adobe Acrobat ADBCAnnotEnumerator use after free attempt (more info ...) | attempted-user | 2018-4980 | URL | ||
| 46707 | FILE-OTHER Adobe Acrobat EMF malformed EmfPlusPointF object buffer overflow attempt (more info ...) | attempted-user | 2018-4965 | URL | ||
| 46708 | FILE-OTHER Adobe Acrobat EMF malformed EmfPlusPointF object buffer overflow attempt (more info ...) | attempted-user | 2018-4965 | URL | ||
| 46709 | FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (more info ...) | attempted-user | 2018-4982 | URL | ||
| 46710 | FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (more info ...) | attempted-user | 2018-4982 | URL | ||
| 46717 | FILE-IMAGE Adobe Acrobat Pro EMF file EMFPlusPath object heap overflow attempt (more info ...) | attempted-user | 2018-4978 | URL | ||
| 46719 | FILE-IMAGE Adobe Acrobat Pro EMF file EMFPlusPath object heap overflow attempt (more info ...) | attempted-user | 2018-4978 | URL | ||
| 46720 | FILE-IMAGE Adobe Acrobat Pro EMF file EMFPlusPath object heap overflow attempt (more info ...) | attempted-user | 2018-4978 | URL | ||
| 46723 | FILE-PDF Adobe Acrobat Reader pointer dereference attempt (more info ...) | attempted-user | 2018-4987 | URL | ||
| 46724 | FILE-PDF Adobe Acrobat Reader pointer dereference attempt (more info ...) | attempted-user | 2018-4987 | URL | ||
| 46727 | FILE-OTHER Adobe Acrobat EMF embedded GIF LZW compression out of bound read attempt (more info ...) | attempted-user | 2018-4969 | URL | ||
| 46728 | FILE-OTHER Adobe Acrobat EMF embedded GIF LZW compression out of bound read attempt (more info ...) | attempted-user | 2018-4969 | URL | ||
| 46731 | FILE-PDF Adobe Reader malformed JPEG2000 image invalid colr size out of bounds read attempt (more info ...) | attempted-user | 2018-4985 | URL | ||
| 46732 | FILE-PDF Adobe Reader malformed JPEG2000 image invalid colr size out of bounds read attempt (more info ...) | attempted-user | 2018-4985 | URL | ||
| 46733 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-4986 | URL | ||
| 46734 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-4986 | URL | ||
| 46809 | FILE-PDF Adobe Acrobat Reader font enumeration use after free attempt (more info ...) | attempted-user | 2018-4971 | URL | ||
| 46810 | FILE-PDF Adobe Acrobat Reader font enumeration use after free attempt (more info ...) | attempted-user | 2018-4971 | URL | ||
| 46812 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-4972 | URL | ||
| 46813 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-4972 | URL | ||
| 46856 | FILE-PDF ADOBE ActiveX Browser Plugin client side request injection attempt (more info ...) | attempted-user | 2018-4995 | URL | ||
| 46857 | FILE-PDF ADOBE ActiveX Browser Plugin client side request injection attempt (more info ...) | attempted-user | 2018-4995 | URL | ||
| 46875 | FILE-IMAGE Adobe Acrobat Pro EMF file EMFPlusPath object out of bounds read attempt (more info ...) | attempted-user | 2018-4970 | URL | ||
| 46876 | FILE-IMAGE Adobe Acrobat Pro EMF file EMFPlusPath object out of bounds read attempt (more info ...) | attempted-user | 2018-4970 | URL | ||
| 46917 | FILE-FLASH Adobe Flash Player out of bounds write attempt (more info ...) | attempted-user | 2018-5002 | |||
| 46918 | FILE-FLASH Adobe Flash Player out of bounds write attempt (more info ...) | attempted-user | 2018-5002 | |||
| 46919 | FILE-FLASH Adobe Flash Player out of bounds write attempt (more info ...) | attempted-user | 2018-5002 | |||
| 46920 | FILE-FLASH Adobe Flash Player out of bounds write attempt (more info ...) | attempted-user | 2018-5002 | |||
| 46949 | FILE-FLASH Adobe Flash Player out of bounds memory access attempt (more info ...) | attempted-user | 2018-5001 | URL | ||
| 46950 | FILE-FLASH Adobe Flash Player out of bounds memory access attempt (more info ...) | attempted-user | 2018-5001 | URL | ||
| 47123 | FILE-OTHER Adobe Acrobat Pro XPS embedded JPEG with malformed copyright tag heap overflow attempt (more info ...) | attempted-user | 2018-5028 | URL | ||
| 47124 | FILE-OTHER Adobe Acrobat Pro XPS embedded JPEG with malformed copyright tag heap overflow attempt (more info ...) | attempted-user | 2018-5028 | URL | ||
| 47125 | FILE-OTHER Adobe Acrobat Pro XPS embedded JPEG with malformed copyright tag heap overflow attempt (more info ...) | attempted-user | 2018-5028 | URL | ||
| 47126 | FILE-OTHER Adobe Acrobat Pro XPS embedded JPEG with malformed copyright tag heap overflow attempt (more info ...) | attempted-user | 2018-5028 | URL | ||
| 47127 | FILE-FLASH Adobe Flash Player malformed ActionSetTarget record information disclosure attempt (more info ...) | attempted-user | 2018-5008 | URL | ||
| 47128 | FILE-FLASH Adobe Flash Player malformed ActionSetTarget record information disclosure attempt (more info ...) | attempted-user | 2018-5008 | URL | ||
| 47132 | FILE-OTHER Adobe Acrobat Pro EMF Alphablend memory corruption attempt (more info ...) | attempted-user | 2018-5062 | URL | ||
| 47149 | FILE-PDF Adobe Acrobat Reader removeLinks use after free attempt (more info ...) | attempted-user | 2018-12797 | URL | ||
| 47150 | FILE-PDF Adobe Acrobat Reader removeLinks use after free attempt (more info ...) | attempted-user | 2018-12797 | URL | ||
| 47162 | FILE-PDF Adobe Reader XFA nested subforms out-of-bounds read attempt (more info ...) | attempted-user | 2018-12757 | URL | ||
| 47163 | FILE-PDF Adobe Reader XFA nested subforms out-of-bounds read attempt (more info ...) | attempted-user | 2018-12757 | URL | ||
| 47164 | FILE-PDF Adobe Acrobat Pro HTML image input element use-after-free attempt (more info ...) | attempted-user | 2018-12770 | URL | ||
| 47165 | FILE-PDF Adobe Acrobat Pro HTML image input element use-after-free attempt (more info ...) | attempted-user | 2018-12770 | URL | ||
| 47167 | FILE-PDF Adobe Acrobat Reader PageLabels heap buffer overflow attempt (more info ...) | attempted-user | 2018-12798 | URL | ||
| 47168 | FILE-PDF Adobe Acrobat Reader PageLabels heap buffer overflow attempt (more info ...) | attempted-user | 2018-12798 | URL | ||
| 47169 | FILE-PDF Adobe Acrobat Reader PageLabels heap buffer overflow attempt (more info ...) | attempted-user | 2018-12798 | URL | ||
| 47170 | FILE-PDF Adobe Acrobat Reader PageLabels heap buffer overflow attempt (more info ...) | attempted-user | 2018-12798 | URL | ||
| 47179 | FILE-OTHER Adobe Acrobat Pro EMF invalid EmfPlusFillRects out-of-bounds read attempt (more info ...) | attempted-user | 2018-5010 | URL | ||
| 47180 | FILE-OTHER Adobe Acrobat Pro EMF invalid EmfPlusFillRects out-of-bounds read attempt (more info ...) | attempted-user | 2018-5010 | URL | ||
| 47181 | FILE-OTHER Adobe Acrobat Pro EMF file uninitialized pointer dereference attempt (more info ...) | attempted-user | 2018-5012 | URL | ||
| 47182 | FILE-OTHER Adobe Acrobat Pro EMF file uninitialized pointer dereference attempt (more info ...) | attempted-user | 2018-5012 | URL | ||
| 47183 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusFillRects type confusion attempt (more info ...) | attempted-user | 2018-5057 | URL | ||
| 47184 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusFillRects type confusion attempt (more info ...) | attempted-user | 2018-5057 | URL | ||
| 47185 | FILE-PDF Adobe Acrobat Pro EMF EmfPlusDrawLines heap overflow attempt (more info ...) | attempted-user | 2018-5067 | URL | ||
| 47186 | FILE-PDF Adobe Acrobat Pro EMF EmfPlusDrawLines heap overflow attempt (more info ...) | attempted-user | 2018-5067 | URL | ||
| 47191 | FILE-FLASH Adobe Flash Player ActionScript NetConnection type confusion attempt (more info ...) | attempted-user | 2018-5007 | URL | ||
| 47192 | FILE-FLASH Adobe Flash Player ActionScript NetConnection type confusion attempt (more info ...) | attempted-user | 2018-5007 | URL | ||
| 47193 | FILE-OTHER Adobe Acrobat Pro EMF use-after-free attempt (more info ...) | attempted-user | 2018-12796 | URL | ||
| 47194 | FILE-OTHER Adobe Acrobat Pro EMF use-after-free attempt (more info ...) | attempted-user | 2018-12796 | URL | ||
| 47197 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-12781 | URL | ||
| 47198 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-12781 | URL | ||
| 47208 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds read attempt (more info ...) | attempted-recon | 2018-5016 | URL | ||
| 47209 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds read attempt (more info ...) | attempted-recon | 2018-5016 | URL | ||
| 47210 | FILE-IMAGE Adobe Acrobat Pro EMF file EmfPlusDrawImagePoints heap overflow attempt (more info ...) | attempted-user | 2018-5032 | URL | ||
| 47211 | FILE-IMAGE Adobe Acrobat Pro EMF file EmfPlusDrawImagePoints heap overflow attempt (more info ...) | attempted-user | 2018-5032 | URL | ||
| 47217 | FILE-OTHER Adobe Acrobat Pro XPS heap overflow attempt (more info ...) | attempted-user | 2018-5015 | URL | ||
| 47218 | FILE-OTHER Adobe Acrobat Pro XPS heap overflow attempt (more info ...) | attempted-user | 2018-5015 | URL | ||
| 47223 | FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (more info ...) | attempted-user | 2016-4227 | URL | ||
| 47224 | FILE-PDF Adobe Flash Player ActionScript setFocus use after free attempt (more info ...) | attempted-user | 2016-4227 | URL | ||
| 47225 | FILE-PDF Adobe Reader annotated page object out-of-bounds read attempt (more info ...) | attempted-user | 2018-5026 | URL | ||
| 47226 | FILE-PDF Adobe Reader annotated page object out-of-bounds read attempt (more info ...) | attempted-user | 2018-5026 | URL | ||
| 47237 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds read attempt (more info ...) | attempted-user | 2018-5017 | URL | ||
| 47238 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds read attempt (more info ...) | attempted-user | 2018-5017 | URL | ||
| 47239 | FILE-PDF Adobe Acrobat Reader U3D data stream heap overflow attempt (more info ...) | attempted-user | 2018-5049 | URL | ||
| 47240 | FILE-PDF Adobe Acrobat Reader U3D data stream heap overflow attempt (more info ...) | attempted-user | 2018-5049 | URL | ||
| 47247 | FILE-IMAGE Adobe Acrobat Pro crafted GIF file out-of-bounds read attempt (more info ...) | attempted-user | 2018-5050 | URL | ||
| 47248 | FILE-IMAGE Adobe Acrobat Pro crafted GIF file out-of-bounds read attempt (more info ...) | attempted-user | 2018-5050 | URL | ||
| 47283 | FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (more info ...) | attempted-user | 2018-12877 | URL | ||
| 47284 | FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (more info ...) | attempted-user | 2018-12877 | URL | ||
| 47297 | FILE-PDF Adobe Acrobat Reader use-after-free attempt (more info ...) | attempted-user | 2018-5009 | URL | ||
| 47298 | FILE-PDF Adobe Acrobat Reader use-after-free attempt (more info ...) | attempted-user | 2018-5009 | URL | ||
| 47306 | FILE-OTHER Adobe Acrobat Distiller PostScript pdfmark out-of-bounds write attempt (more info ...) | attempted-user | 2018-12758 | URL | ||
| 47307 | FILE-OTHER Adobe Acrobat Distiller PostScript pdfmark out-of-bounds write attempt (more info ...) | attempted-user | 2018-12758 | URL | ||
| 47308 | FILE-OTHER Adobe Acrobat Pro EMF RegionNodeCount out-of-bounds write attempt (more info ...) | attempted-user | 2018-5020 | URL | ||
| 47309 | FILE-OTHER Adobe Acrobat Pro EMF RegionNodeCount out-of-bounds write attempt (more info ...) | attempted-user | 2018-5020 | URL | ||
| 47316 | FILE-OTHER Adobe Acrobat Pro EmfPlusDrawPie out-of-bounds write attempt (more info ...) | attempted-user | 2018-12760 | |||
| 47317 | FILE-OTHER Adobe Acrobat Pro EmfPlusDrawPie out-of-bounds write attempt (more info ...) | attempted-user | 2018-12760 | |||
| 47345 | FILE-OTHER Adobe Acrobat Pro EMF EMR_CREATEDIBPATTERNBRUSHPT record buffer overflow attempt (more info ...) | attempted-user | 2018-5034 | URL | ||
| 47346 | FILE-OTHER Adobe Acrobat Pro EMF EMR_CREATEDIBPATTERNBRUSHPT record buffer overflow attempt (more info ...) | attempted-user | 2018-5034 | URL | ||
| 47355 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawPath out of bounds read attempt (more info ...) | attempted-recon | ||||
| 47371 | FILE-PDF Adobe Acrobat Reader XSLT engine use after free attempt (more info ...) | attempted-user | 2018-5065 | URL | ||
| 47372 | FILE-PDF Adobe Acrobat Reader XSLT engine use after free attempt (more info ...) | attempted-user | 2018-5065 | URL | ||
| 47396 | FILE-IMAGE Adobe Acrobat Reader malformed JPEG quantization table out-of-bounds write attempt (more info ...) | attempted-user | 2018-5069 | URL | ||
| 47397 | FILE-IMAGE Adobe Acrobat Reader malformed JPEG quantization table out-of-bounds write attempt (more info ...) | attempted-user | 2018-5069 | URL | ||
| 47438 | FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (more info ...) | misc-activity | 2018-15929 | URL | ||
| 47439 | FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (more info ...) | misc-activity | 2018-15929 | URL | ||
| 47529 | FILE-MULTIMEDIA Adobe Flash Player malformed COMM ID3 frame out-of-bounds read attempt (more info ...) | attempted-user | 2018-12824 | URL | ||
| 47530 | FILE-MULTIMEDIA Adobe Flash Player malformed COMM ID3 frame out-of-bounds read attempt (more info ...) | attempted-user | 2018-12824 | URL | ||
| 47531 | FILE-FLASH Adobe Flash Player Vector.String class out-of-bounds read attempt (more info ...) | attempted-user | 2018-12826 | URL | ||
| 47532 | FILE-FLASH Adobe Flash Player Vector.String class out-of-bounds read attempt (more info ...) | attempted-user | 2018-12826 | URL | ||
| 47533 | FILE-MULTIMEDIA Adobe Flash Player malformed MP4-AVC out-of-bounds read attempt (more info ...) | attempted-user | 2018-12827 | URL | ||
| 47534 | FILE-MULTIMEDIA Adobe Flash Player malformed MP4-AVC out-of-bounds read attempt (more info ...) | attempted-user | 2018-12827 | URL | ||
| 47574 | FILE-PDF Adobe Acrobat Reader PDF out of bound write attempt (more info ...) | attempted-user | 2018-12808 | URL | ||
| 47575 | FILE-PDF Adobe Acrobat Reader PDF out of bound write attempt (more info ...) | attempted-user | 2018-12808 | URL | ||
| 47623 | FILE-PDF Adobe Acrobat Reader JBIG engine crafted symbol dictionary out-of-bounds read attempt (more info ...) | attempted-user | 2018-12765 | URL | ||
| 47624 | FILE-PDF Adobe Acrobat Reader JBIG engine crafted symbol dictionary out-of-bounds read attempt (more info ...) | attempted-user | 2018-12765 | URL | ||
| 47628 | FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (more info ...) | attempted-user | 2018-4982 | URL | ||
| 47629 | FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (more info ...) | attempted-user | 2018-4982 | URL | ||
| 47630 | FILE-OTHER Adobe Acrobat Pro untrusted pointer dereference attempt (more info ...) | attempted-user | 2018-12799 | URL | ||
| 47631 | FILE-OTHER Adobe Acrobat Pro untrusted pointer dereference attempt (more info ...) | attempted-user | 2018-12799 | URL | ||
| 47647 | FILE-PDF Adobe Acrobat Reader JBIG2 symbol header out of bounds read attempt (more info ...) | attempted-user | 2018-12768 | URL | ||
| 47648 | FILE-PDF Adobe Acrobat Reader JBIG2 symbol header out of bounds read attempt (more info ...) | attempted-user | 2018-12768 | URL | ||
| 47666 | FILE-PDF Adobe Acrobat Reader JBIG malformed adaptive template pixel out-of-bounds read attempt (more info ...) | attempted-user | 2018-12764 | URL | ||
| 47667 | FILE-PDF Adobe Acrobat Reader JBIG malformed adaptive template pixel out-of-bounds read attempt (more info ...) | attempted-user | 2018-12764 | URL | ||
| 47682 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusRegionNodePath out of bounds read attempt (more info ...) | attempted-user | 2018-12762 | URL | ||
| 47683 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusRegionNodePath out of bounds read attempt (more info ...) | attempted-user | 2018-12762 | URL | ||
| 47699 | FILE-PDF Adobe Acrobat Reader JBIG malformed data out-of-bounds read attempt (more info ...) | attempted-user | 2018-12767 | URL | ||
| 47700 | FILE-PDF Adobe Acrobat Reader JBIG malformed data out-of-bounds read attempt (more info ...) | attempted-user | 2018-12767 | URL | ||
| 47774 | FILE-PDF Adobe Acrobat Pro malformed embedded TTF file memory corruption attempt (more info ...) | attempted-user | 2018-5031 | URL | ||
| 47775 | FILE-PDF Adobe Acrobat Pro malformed embedded TTF file memory corruption attempt (more info ...) | attempted-user | 2018-5031 | URL | ||
| 47776 | FILE-PDF Adobe Acrobat Pro malformed embedded TTF file memory corruption attempt (more info ...) | attempted-user | 2018-5031 | URL | ||
| 47777 | FILE-PDF Adobe Acrobat Pro malformed embedded TTF file memory corruption attempt (more info ...) | attempted-user | 2018-5031 | URL | ||
| 47786 | FILE-FLASH Adobe Flash Player out of bounds write attempt (more info ...) | attempted-user | 2018-5002 | URL | ||
| 47787 | FILE-FLASH Adobe Flash Player out of bounds write attempt (more info ...) | attempted-user | 2018-5002 | |||
| 47827 | FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (more info ...) | attempted-user | 2018-5035 | URL | ||
| 47828 | FILE-IMAGE Adobe Acrobat EmfPlusDrawImagePoints out of bounds read attempt (more info ...) | attempted-user | 2018-5035 | URL | ||
| 47833 | FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (more info ...) | attempted-user | 2018-15967 | URL | ||
| 47834 | FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt (more info ...) | attempted-user | 2018-15967 | URL | ||
| 47852 | FILE-OTHER Adobe Acrobat Pro HTML invalid pointer offset out-of-bounds read attempt (more info ...) | attempted-user | 2018-12775 | URL | ||
| 47853 | FILE-OTHER Adobe Acrobat Pro HTML invalid pointer offset out-of-bounds read attempt (more info ...) | attempted-user | URL | |||
| 47854 | FILE-OTHER Adobe Acrobat HTML invalid pointer out-of-bounds read attempt (more info ...) | attempted-user | 2018-12778 | URL | ||
| 47855 | FILE-OTHER Adobe Acrobat HTML invalid pointer out-of-bounds read attempt (more info ...) | attempted-user | 2018-12778 | URL | ||
| 47856 | FILE-IMAGE Adobe Acrobat Pro EMF file object out of bounds write attempt (more info ...) | attempted-user | 2018-12848 | URL | ||
| 47857 | FILE-IMAGE Adobe Acrobat Pro EMF file object out of bounds write attempt (more info ...) | attempted-user | 2018-12848 | URL | ||
| 47891 | FILE-IMAGE Adobe Acrobat Pro EMF file EMFPlusPath object out of bounds read attempt (more info ...) | attempted-user | 2018-16014 | URL | ||
| 47911 | FILE-IMAGE Adobe Acrobat Reader EMF file JPEG Huffman table heap overflow attempt (more info ...) | attempted-user | 2018-12785 | URL | ||
| 47912 | FILE-IMAGE Adobe Acrobat Reader EMF file JPEG Huffman table heap overflow attempt (more info ...) | attempted-user | 2018-12785 | URL | ||
| 47920 | FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (more info ...) | attempted-user | 2018-12829 | URL | ||
| 47921 | FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (more info ...) | attempted-user | 2018-12829 | URL | ||
| 47922 | FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (more info ...) | attempted-user | 2018-12829 | URL | ||
| 47923 | FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (more info ...) | attempted-user | 2018-12829 | URL | ||
| 47926 | FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (more info ...) | attempted-user | 2018-12860 | URL | ||
| 47927 | FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (more info ...) | attempted-user | 2018-12860 | URL | ||
| 47932 | FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (more info ...) | attempted-user | 2018-15931 | URL | ||
| 47933 | FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (more info ...) | attempted-user | 2018-15931 | URL | ||
| 47937 | FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (more info ...) | attempted-user | 2018-12831 | URL | ||
| 47938 | FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (more info ...) | attempted-user | 2018-12831 | URL | ||
| 47941 | FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (more info ...) | attempted-user | 2018-12837 | URL | ||
| 47942 | FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (more info ...) | attempted-user | 2018-12837 | URL | ||
| 47949 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-15926 | URL | ||
| 47950 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-15926 | URL | ||
| 47951 | FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (more info ...) | attempted-admin | 2018-12833 | URL | ||
| 47952 | FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (more info ...) | attempted-admin | 2018-12833 | URL | ||
| 47953 | FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (more info ...) | attempted-user | 2018-12867 | URL | ||
| 47954 | FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (more info ...) | attempted-user | 2018-12867 | URL | ||
| 47955 | FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (more info ...) | attempted-user | 2018-12867 | URL | ||
| 47956 | FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (more info ...) | attempted-user | 2018-12867 | URL | ||
| 47957 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (more info ...) | attempted-user | 2018-12842 | URL | ||
| 47958 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (more info ...) | attempted-user | 2018-12842 | URL | ||
| 47959 | FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (more info ...) | attempted-user | 2018-12865 | URL | ||
| 47960 | FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (more info ...) | attempted-user | 2018-12865 | URL | ||
| 47967 | FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (more info ...) | attempted-user | 2018-12839 | URL | ||
| 47968 | FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (more info ...) | attempted-user | 2018-12839 | URL | ||
| 47969 | FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (more info ...) | attempted-user | 2018-12839 | URL | ||
| 47970 | FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (more info ...) | attempted-user | 2018-12839 | URL | ||
| 47971 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12845 | URL | ||
| 47972 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12845 | URL | ||
| 47975 | FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (more info ...) | attempted-user | 2018-15951 | URL | ||
| 47976 | FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (more info ...) | attempted-user | 2018-15951 | URL | ||
| 47977 | FILE-PDF Adobe Acrobat Pro heap overflow attempt (more info ...) | attempted-user | 2018-12847 | URL | ||
| 47978 | FILE-PDF Adobe Acrobat Pro heap overflow attempt (more info ...) | attempted-user | 2018-12847 | URL | ||
| 47979 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12843 | URL | ||
| 47980 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12843 | URL | ||
| 47981 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12844 | URL | ||
| 47982 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12844 | URL | ||
| 47983 | FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (more info ...) | attempted-user | 2018-12880 | URL | ||
| 47984 | FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (more info ...) | attempted-user | 2018-12880 | URL | ||
| 47986 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (more info ...) | attempted-user | 2018-15945 | URL | ||
| 47987 | FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (more info ...) | attempted-user | 2018-15948 | URL | ||
| 47988 | FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (more info ...) | attempted-user | 2018-15948 | URL | ||
| 47991 | FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (more info ...) | attempted-user | 2018-12876 | URL | ||
| 47992 | FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (more info ...) | attempted-user | 2018-12876 | URL | ||
| 47993 | FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (more info ...) | attempted-user | 2018-12878 | URL | ||
| 47994 | FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (more info ...) | attempted-user | 2018-12878 | URL | ||
| 47995 | FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (more info ...) | attempted-user | 2018-15944 | URL | ||
| 47996 | FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (more info ...) | attempted-user | 2018-15944 | URL | ||
| 47997 | FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (more info ...) | attempted-user | 2018-15943 | URL | ||
| 47998 | FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (more info ...) | attempted-user | 2018-15943 | URL | ||
| 48002 | FILE-IMAGE Adobe Acrobat Pro Universal 3D engine untrusted pointer dereference attempt (more info ...) | attempted-user | 2018-15937 | URL | ||
| 48003 | FILE-IMAGE Adobe Acrobat Pro Universal 3D engine untrusted pointer dereference attempt (more info ...) | attempted-user | 2018-15937 | URL | ||
| 48009 | FILE-IMAGE Adobe Acrobat Pro integer overflow attempt (more info ...) | attempted-user | 2018-12881 | URL | ||
| 48010 | FILE-IMAGE Adobe Acrobat Pro integer overflow attempt (more info ...) | attempted-user | 2018-12881 | URL | ||
| 48031 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12879 | URL | ||
| 48032 | FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12879 | URL | ||
| 48033 | FILE-OTHER Adobe Acrobat Pro EMF file use-after-free attempt (more info ...) | attempted-user | 2018-12863 | URL | ||
| 48034 | FILE-OTHER Adobe Acrobat Pro EMF file use-after-free attempt (more info ...) | attempted-user | 2018-12863 | URL | ||
| 48041 | FILE-PDF Adobe Acrobat Reader XLST parsing engine use after free attempt (more info ...) | attempted-user | 2018-12853 | URL | ||
| 48042 | FILE-PDF Adobe Acrobat Reader XLST parsing engine use after free attempt (more info ...) | attempted-user | 2018-12853 | URL | ||
| 48043 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP2 marker memory corruption attempt (more info ...) | attempted-user | 2018-19703 | URL | ||
| 48044 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP2 marker memory corruption attempt (more info ...) | attempted-user | 2018-19703 | URL | ||
| 48074 | FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds read attempt (more info ...) | attempted-user | 2018-12866 | URL | ||
| 48075 | FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds read attempt (more info ...) | attempted-user | 2018-12866 | URL | ||
| 48100 | FILE-PDF Adobe Acrobat Reader JPEG Huffman table memory corruption attempt (more info ...) | attempted-user | 2018-12754 | URL | ||
| 48101 | FILE-PDF Adobe Acrobat Reader JPEG Huffman table memory corruption attempt (more info ...) | attempted-user | 2018-12754 | URL | ||
| 48102 | FILE-PDF Adobe Acrobat Reader JPEG Huffman table memory corruption attempt (more info ...) | attempted-user | 2018-12754 | URL | ||
| 48103 | FILE-PDF Adobe Acrobat Reader JPEG Huffman table memory corruption attempt (more info ...) | attempted-user | 2018-12754 | URL | ||
| 48107 | FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (more info ...) | attempted-user | 2018-12862 | URL | ||
| 48108 | FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (more info ...) | attempted-user | 2018-12862 | URL | ||
| 48124 | FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (more info ...) | attempted-user | 2018-12861 | URL | ||
| 48125 | FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (more info ...) | attempted-user | 2018-12861 | URL | ||
| 48217 | FILE-OTHER Adobe Acrobat Reader U3D engine memory corruption attempt (more info ...) | attempted-user | 2018-5038 | URL | ||
| 48218 | FILE-OTHER Adobe Acrobat Reader U3D engine memory corruption attempt (more info ...) | attempted-user | 2018-5038 | URL | ||
| 48219 | FILE-IMAGE Adobe Acrobat Pro JPEG Huffman table memory corruption attempt (more info ...) | attempted-user | 2018-5060 | URL | ||
| 48220 | FILE-IMAGE Adobe Acrobat Pro JPEG Huffman table memory corruption attempt (more info ...) | attempted-user | 2018-5060 | URL | ||
| 48242 | FILE-OTHER Adobe Acrobat Pro malformed EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12857 | URL | ||
| 48243 | FILE-OTHER Adobe Acrobat Pro malformed EMF out of bounds read attempt (more info ...) | attempted-user | 2018-12857 | URL | ||
| 48289 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-12761 | URL | ||
| 48290 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-12761 | URL | ||
| 48291 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-12761 | URL | ||
| 48292 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawString out of bounds read attempt (more info ...) | attempted-user | 2018-12761 | URL | ||
| 48293 | FILE-PDF Adobe Acrobat Reader RegExp out of bounds read attempt (more info ...) | attempted-user | 2019-8183 | URL | ||
| 48294 | FILE-PDF Adobe Acrobat Reader RegExp out of bounds read attempt (more info ...) | attempted-user | 2019-8183 | URL | ||
| 48359 | SERVER-OTHER Adobe ColdFusion unauthenticated file upload attempt (more info ...) | attempted-admin | 2018-15961 | URL | ||
| 48425 | FILE-FLASH Adobe Flash Player AVM type confusion attempt (more info ...) | attempted-user | 2018-15981 | URL | ||
| 48426 | FILE-FLASH Adobe Flash Player AVM type confusion attempt (more info ...) | attempted-user | 2018-15981 | URL | ||
| 48491 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48492 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48493 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48494 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48495 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48496 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48511 | FILE-PDF Adobe Acrobat Pro PDF file use-after-free attempt (more info ...) | attempted-user | 2018-5011 | URL | ||
| 48512 | FILE-PDF Adobe Acrobat Pro PDF file use-after-free attempt (more info ...) | attempted-user | 2018-5011 | URL | ||
| 48566 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48567 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48578 | FILE-PDF Adobe Acrobat Reader xfa use after free attempt (more info ...) | attempted-user | 2018-16036 | URL | ||
| 48579 | FILE-PDF Adobe Acrobat Reader xfa use after free attempt (more info ...) | attempted-user | 2018-16036 | URL | ||
| 48580 | FILE-OTHER Adobe Acrobat Pro XPS ODTTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-19712 | URL | ||
| 48581 | FILE-OTHER Adobe Acrobat Pro XPS ODTTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-19712 | URL | ||
| 48582 | FILE-PDF Adobe Acrobat Reader removeLinks use after free attempt (more info ...) | attempted-user | 2018-16029 | URL | ||
| 48583 | FILE-PDF Adobe Acrobat Reader removeLinks use after free attempt (more info ...) | attempted-user | 2018-16029 | URL | ||
| 48586 | FILE-OTHER Adobe Acrobat EMF out of bounds write attempt (more info ...) | attempted-user | 2018-15988 | URL | ||
| 48587 | FILE-OTHER Adobe Acrobat EMF out of bounds write attempt (more info ...) | attempted-user | 2018-15988 | URL | ||
| 48594 | FILE-PDF Adobe Acrobat Pro XSLT out-of-bounds read attempt (more info ...) | attempted-user | 2018-16024 | URL | ||
| 48595 | FILE-PDF Adobe Acrobat Pro XSLT out-of-bounds read attempt (more info ...) | attempted-user | 2018-16024 | URL | ||
| 48598 | FILE-PDF Adobe Acrobat index file parsing memory corruption attempt (more info ...) | attempted-user | 2018-19720 | URL | ||
| 48599 | FILE-PDF Adobe Acrobat index file parsing memory corruption attempt (more info ...) | attempted-user | 2018-19720 | URL | ||
| 48604 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-16035 | URL | ||
| 48605 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-16035 | URL | ||
| 48608 | FILE-OTHER Adobe Acrobat Pro XPS ODTTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-16028 | URL | ||
| 48609 | FILE-OTHER Adobe Acrobat Pro XPS ODTTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-16028 | URL | ||
| 48610 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-recon | 2018-16033 | URL | ||
| 48611 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-recon | 2018-16033 | |||
| 48622 | FILE-OTHER Adobe Acrobat Pro malformed XPS JPEG out of bounds read attempt (more info ...) | attempted-user | 2018-19703 | URL | ||
| 48623 | FILE-OTHER Adobe Acrobat Pro integer overflow vulnerability attempt (more info ...) | attempted-user | 2018-15995 | URL | ||
| 48624 | FILE-OTHER Adobe Acrobat Pro integer overflow vulnerability attempt (more info ...) | attempted-user | 2018-15995 | URL | ||
| 48627 | FILE-PDF Adobe Acrobat integer overflow attempt (more info ...) | attempted-user | 2018-16009 | URL | ||
| 48628 | FILE-PDF Adobe Acrobat integer overflow attempt (more info ...) | attempted-user | 2018-16009 | URL | ||
| 48629 | FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (more info ...) | attempted-user | 2018-19714 | URL | ||
| 48630 | FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (more info ...) | attempted-user | 2018-19714 | URL | ||
| 48631 | FILE-PDF Adobe Acrobat PDF XFA node use-after-free attempt (more info ...) | attempted-user | 2018-19699 | URL | ||
| 48632 | FILE-PDF Adobe Acrobat PDF XFA node use-after-free attempt (more info ...) | attempted-user | 2018-19699 | URL | ||
| 48633 | FILE-OTHER Adobe Acrobat EMF EMR_CREATEMONOBRUSH out-of-bounds write attempt (more info ...) | attempted-user | 2018-16016 | URL | ||
| 48634 | FILE-OTHER Adobe Acrobat EMF EMR_CREATEMONOBRUSH out-of-bounds write attempt (more info ...) | attempted-user | 2018-16016 | URL | ||
| 48636 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2018-16034 | URL | ||
| 48637 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2018-16034 | URL | ||
| 48640 | FILE-OTHER Adobe Acrobat EMF out-of-bounds read attempt (more info ...) | attempted-user | 2018-16022 | URL | ||
| 48641 | FILE-OTHER Adobe Acrobat EMF out-of-bounds read attempt (more info ...) | attempted-user | 2018-16022 | URL | ||
| 48643 | FILE-OTHER Adobe Acrobat EMF out of bounds read attempt (more info ...) | attempted-user | 2018-16017 | URL | ||
| 48645 | FILE-OTHER Adobe Acrobat Pro XPS file font-load out-of-bounds read attempt (more info ...) | attempted-user | 2018-19711 | URL | ||
| 48646 | FILE-OTHER Adobe Acrobat Pro XPS file font-load out-of-bounds read attempt (more info ...) | attempted-user | 2018-19711 | URL | ||
| 48703 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-15985 | URL | ||
| 48704 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-15985 | URL | ||
| 48705 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-15989 | URL | ||
| 48706 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-15989 | URL | ||
| 48707 | FILE-PDF Adobe Acrobat Reader heap overflow attempt (more info ...) | attempted-user | 2018-12830 | URL | ||
| 48708 | FILE-PDF Adobe Acrobat Reader heap overflow attempt (more info ...) | attempted-user | 2018-12830 | URL | ||
| 48709 | FILE-OTHER Adobe Acrobat Pro XPS file image-load out-of-bounds read attempt (more info ...) | attempted-user | 2018-19704 | URL | ||
| 48710 | FILE-OTHER Adobe Acrobat Pro XPS file image-load out-of-bounds read attempt (more info ...) | attempted-user | 2018-19704 | URL | ||
| 48711 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-16013 | URL | ||
| 48712 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-16013 | URL | ||
| 48738 | FILE-PDF Adobe Acrobat Pro memory corruption attempt (more info ...) | attempted-user | 2018-16027 | URL | ||
| 48739 | FILE-PDF Adobe Acrobat Pro memory corruption attempt (more info ...) | attempted-user | 2018-16027 | URL | ||
| 48745 | FILE-OTHER Adobe Acrobat Pro XPS TTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-16001 | URL | ||
| 48746 | FILE-OTHER Adobe Acrobat Pro XPS TTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-16001 | URL | ||
| 48748 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-15997 | URL | ||
| 48749 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-15997 | URL | ||
| 48752 | FILE-PDF Adobe Acrobat Reader XFA resolveNode use after free attempt (more info ...) | attempted-user | 2018-19700 | URL | ||
| 48753 | FILE-PDF Adobe Acrobat Reader XFA resolveNode use after free attempt (more info ...) | attempted-user | 2018-19700 | URL | ||
| 48754 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-16012 | URL | ||
| 48755 | FILE-OTHER Adobe Acrobat Pro TIFF embedded XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-16012 | URL | ||
| 48758 | FILE-OTHER Adobe Acrobat Pro XPS memory corruption attempt (more info ...) | attempted-user | 2018-16015 | URL | ||
| 48759 | FILE-OTHER Adobe Acrobat Pro XPS memory corruption attempt (more info ...) | attempted-user | 2018-16015 | URL | ||
| 48760 | FILE-OTHER Adobe Acrobat Pro EmfPlusFillPath out of bounds read attempt (more info ...) | attempted-user | 2018-12763 | URL | ||
| 48761 | FILE-OTHER Adobe Acrobat Pro EmfPlusFillPath out of bounds read attempt (more info ...) | attempted-user | 2018-12763 | URL | ||
| 48774 | FILE-OTHER Adobe Acrobat Pro XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-16002 | URL | ||
| 48775 | FILE-OTHER Adobe Acrobat Pro XPS file out of bounds read attempt (more info ...) | attempted-user | 2018-16002 | URL | ||
| 48801 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2018-15984 | URL | ||
| 48802 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2018-15984 | URL | ||
| 48824 | FILE-OTHER Adobe Acrobat Pro WebCapture use after free attempt (more info ...) | attempted-user | 2018-15993 | URL | ||
| 48825 | FILE-OTHER Adobe Acrobat Pro WebCapture use after free attempt (more info ...) | attempted-user | 2018-15993 | URL | ||
| 48827 | FILE-PDF Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-19698 | URL | ||
| 48828 | FILE-PDF Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-19698 | URL | ||
| 48888 | FILE-PDF Adobe Acrobat PDF out-of-bounds read attempt (more info ...) | attempted-user | 2018-19717 | URL | ||
| 48889 | FILE-PDF Adobe Acrobat PDF out-of-bounds read attempt (more info ...) | attempted-user | 2018-19717 | URL | ||
| 48890 | FILE-PDF Adobe Reader XPS embedded font out-of-bounds vulnerability attempt (more info ...) | attempted-user | 2018-15996 | URL | ||
| 48891 | FILE-PDF Adobe Reader XPS embedded font out-of-bounds vulnerability attempt (more info ...) | attempted-user | 2018-15996 | URL | ||
| 48892 | FILE-PDF Adobe Reader XPS embedded font out-of-bounds vulnerability attempt (more info ...) | attempted-user | 2018-15996 | URL | ||
| 48893 | FILE-PDF Adobe Reader XPS embedded font out-of-bounds vulnerability attempt (more info ...) | attempted-user | 2018-15996 | URL | ||
| 48896 | FILE-PDF Adobe Acrobat PDF getLegalWarnings use-after-free attempt (more info ...) | attempted-user | 2018-19715 | URL | ||
| 48897 | FILE-PDF Adobe Acrobat PDF getLegalWarnings use-after-free attempt (more info ...) | attempted-user | 2018-19715 | URL | ||
| 48973 | FILE-PDF Adobe Acrobat PDF calculate tag use-after-free attempt (more info ...) | attempted-user | 2018-19713 | URL | ||
| 48974 | FILE-PDF Adobe Acrobat PDF calculate tag use-after-free attempt (more info ...) | attempted-user | 2018-19713 | URL | ||
| 49036 | FILE-PDF Adobe Acrobat Reader XFA engine memory corruption attempt (more info ...) | attempted-user | 2018-16041 | URL | ||
| 49037 | FILE-PDF Adobe Acrobat Reader XFA engine memory corruption attempt (more info ...) | attempted-user | 2018-16041 | URL | ||
| 49192 | FILE-PDF Adobe Acrobat Reader XFA engine memory corruption attempt (more info ...) | attempted-user | 2019-7021 | URL | ||
| 49193 | FILE-PDF Adobe Acrobat Reader XFA engine memory corruption attempt (more info ...) | attempted-user | 2019-7021 | URL | ||
| 49225 | FILE-PDF Adobe Acrobat Reader TIF orientation out of bounds read attempt (more info ...) | attempted-user | 2019-7036 | URL | ||
| 49226 | FILE-PDF Adobe Acrobat Reader TIF orientation out of bounds read attempt (more info ...) | attempted-user | 2019-7036 | URL | ||
| 49231 | FILE-FLASH Adobe Flash Player drawTriangles out-of-bounds read attempt (more info ...) | attempted-user | 2019-7090 | URL | ||
| 49232 | FILE-FLASH Adobe Flash Player drawTriangles out-of-bounds read attempt (more info ...) | attempted-user | 2019-7090 | URL | ||
| 49242 | FILE-OTHER Adobe Acrobat PostScript parsing type confusion attempt (more info ...) | attempted-user | 2019-7087 | URL | ||
| 49243 | FILE-OTHER Adobe Acrobat PostScript parsing type confusion attempt (more info ...) | attempted-user | 2019-7087 | URL | ||
| 49244 | FILE-OTHER Adobe Acrobat PostScript parsing arbitrary code execution attempt (more info ...) | attempted-user | 2019-7085 | URL | ||
| 49245 | FILE-OTHER Adobe Acrobat PostScript parsing arbitrary code execution attempt (more info ...) | attempted-user | 2019-7085 | URL | ||
| 49250 | FILE-PDF Adobe Acrobat Pro out of bounds write attempt (more info ...) | attempted-user | 2019-7039 | URL | ||
| 49251 | FILE-PDF Adobe Acrobat Pro out of bounds write attempt (more info ...) | attempted-user | 2019-7039 | URL | ||
| 49258 | FILE-OTHER Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7049 | URL | ||
| 49259 | FILE-OTHER Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7049 | URL | ||
| 49260 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7024 | URL | ||
| 49261 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7024 | URL | ||
| 49262 | FILE-PDF Adobe Acrobat malformed embedded idx file out of bounds read attempt (more info ...) | attempted-user | 2019-7045 | URL | ||
| 49263 | FILE-PDF Adobe Acrobat malformed embedded idx file out of bounds read attempt (more info ...) | attempted-user | 2019-7045 | URL | ||
| 49264 | FILE-PDF Adobe Acrobat malformed PDF file stack overflow attempt (more info ...) | attempted-user | 2019-7020 | URL | ||
| 49265 | FILE-PDF Adobe Acrobat malformed PDF file stack overflow attempt (more info ...) | attempted-user | 2019-7020 | URL | ||
| 49266 | FILE-PDF Adobe Acrobat Reader use after free attempt (more info ...) | attempted-user | 2019-7068 | URL | ||
| 49267 | FILE-PDF Adobe Acrobat Reader use after free attempt (more info ...) | attempted-user | 2019-7068 | URL | ||
| 49268 | FILE-OTHER Adobe Acrobat Pro use-after-free attempt (more info ...) | attempted-user | 2019-7070 | URL | ||
| 49269 | FILE-OTHER Adobe Acrobat Pro use-after-free attempt (more info ...) | attempted-user | 2019-7070 | URL | ||
| 49270 | FILE-OTHER Adobe Acrobat out of bounds write attempt (more info ...) | attempted-user | 2019-7079 | URL | ||
| 49271 | FILE-OTHER Adobe Acrobat out of bounds write attempt (more info ...) | attempted-user | 2019-7079 | URL | ||
| 49272 | FILE-PDF Adobe Reader XFA engine untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-7066 | URL | ||
| 49273 | FILE-PDF Adobe Reader XFA engine untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-7066 | URL | ||
| 49274 | FILE-PDF Adobe Acrobat untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-7051 | URL | ||
| 49275 | FILE-PDF Adobe Acrobat untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-7051 | URL | ||
| 49276 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7067 | URL | ||
| 49277 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7067 | URL | ||
| 49278 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2019-7063 | URL | ||
| 49279 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2019-7063 | URL | ||
| 49280 | FILE-OTHER Adobe Acrobat Pro HTML use-after-free attempt (more info ...) | attempted-user | 2019-7077 | URL | ||
| 49283 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7026 | URL | ||
| 49284 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7026 | URL | ||
| 49294 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7038 | URL | ||
| 49295 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7038 | URL | ||
| 49305 | FILE-PDF Adobe Acrobat Reader PostScript file out of bounds read attempt (more info ...) | attempted-user | 2019-7074 | URL | ||
| 49306 | FILE-PDF Adobe Acrobat Reader PostScript file out of bounds read attempt (more info ...) | attempted-user | 2019-7074 | URL | ||
| 49307 | FILE-PDF Adobe Acrobat malformed PDF out of bounds read attempt (more info ...) | attempted-user | 2019-7064 | URL | ||
| 49308 | FILE-PDF Adobe Acrobat malformed PDF out of bounds read attempt (more info ...) | attempted-user | 2019-7064 | URL | ||
| 49309 | FILE-PDF Adobe Acrobat malformed PDF objects use after free attempt (more info ...) | attempted-user | 2019-7044 | URL | ||
| 49310 | FILE-PDF Adobe Acrobat malformed PDF objects use after free attempt (more info ...) | attempted-user | 2019-7044 | URL | ||
| 49311 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7647 | URL | ||
| 49312 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7647 | URL | ||
| 49315 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7058 | URL | ||
| 49316 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7058 | URL | ||
| 49317 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7056 | URL | ||
| 49318 | FILE-PDF Adobe Acrobat out of bounds read attempt (more info ...) | attempted-user | 2019-7056 | URL | ||
| 49337 | SERVER-OTHER Adobe ColdFusion arbitrary file upload attempt (more info ...) | web-application-attack | 2019-7816 | URL | ||
| 49338 | SERVER-OTHER Adobe ColdFusion arbitrary file upload attempt (more info ...) | web-application-attack | 2019-7816 | URL | ||
| 49399 | SERVER-WEBAPP Adobe ColdFusion unauthorized serialized object attempt (more info ...) | attempted-user | 2019-7091 | URL | ||
| 49504 | FILE-PDF Adobe Acrobat Pro saveFilteredXML out-of-bounds read attempt (more info ...) | attempted-user | 2019-7057 | URL | ||
| 49505 | FILE-PDF Adobe Acrobat Pro saveFilteredXML out-of-bounds read attempt (more info ...) | attempted-user | 2019-7057 | URL | ||
| 49583 | FILE-FLASH Adobe Flash Player byteArray inflate information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 49584 | FILE-FLASH Adobe Flash Player byteArray inflate information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 49585 | FILE-FLASH Adobe Flash Player byteArray uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 49586 | FILE-FLASH Adobe Flash Player byteArray uncompress information disclosure attempt (more info ...) | attempted-user | 2014-8440 | URL | ||
| 49599 | FILE-PDF Adobe Acrobat Reader untrusted pointer dereference attempt detected (more info ...) | attempted-user | 2019-7076 | URL | ||
| 49600 | FILE-PDF Adobe Acrobat Reader untrusted pointer dereference attempt detected (more info ...) | attempted-user | 2019-7076 | URL | ||
| 49640 | FILE-PDF Adobe Acrobat PDF use-after-free attempt (more info ...) | attempted-user | 2019-7050 | URL | ||
| 49641 | FILE-PDF Adobe Acrobat PDF use-after-free attempt (more info ...) | attempted-user | 2019-7050 | URL | ||
| 49650 | FILE-PDF Adobe Acrobat PDF printWithParams use-after-free attempt (more info ...) | attempted-user | 2019-7062 | URL | ||
| 49651 | FILE-PDF Adobe Acrobat PDF printWithParams use-after-free attempt (more info ...) | attempted-user | 2019-7062 | URL | ||
| 49654 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 49655 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 49656 | FILE-FLASH Adobe Flash Player PCRE control character denial of service attempt (more info ...) | denial-of-service | 2015-0318 | URL | ||
| 49658 | FILE-PDF Adobe Acrobat Reader XFA font size out-of-bounds read attempt (more info ...) | attempted-user | 2019-7023 | URL | ||
| 49659 | FILE-PDF Adobe Acrobat Reader XFA font size out-of-bounds read attempt (more info ...) | attempted-user | 2019-7023 | URL | ||
| 49660 | FILE-PDF Adobe Acrobat Reader XFA font size out-of-bounds read attempt (more info ...) | attempted-user | 2019-7023 | URL | ||
| 49661 | FILE-PDF Adobe Acrobat Reader XFA font size out-of-bounds read attempt (more info ...) | attempted-user | 2019-7023 | URL | ||
| 50139 | FILE-FLASH Adobe Flash Player out-of-bounds read attempt (more info ...) | attempted-user | 2019-7108 | URL | ||
| 50140 | FILE-FLASH Adobe Flash Player out-of-bounds read attempt (more info ...) | attempted-user | 2019-7108 | URL | ||
| 50141 | FILE-OTHER Adobe Acrobat type confusion attempt (more info ...) | attempted-user | 2019-7128 | URL | ||
| 50142 | FILE-OTHER Adobe Acrobat type confusion attempt (more info ...) | attempted-user | 2019-7128 | URL | ||
| 50143 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7019 | URL | ||
| 50144 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7019 | URL | ||
| 50150 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7025 | URL | ||
| 50151 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7025 | URL | ||
| 50152 | FILE-PDF Adobe Acrobat integer overflow attempt (more info ...) | attempted-user | 2019-7030 | URL | ||
| 50153 | FILE-PDF Adobe Acrobat integer overflow attempt (more info ...) | attempted-user | 2019-7030 | URL | ||
| 50205 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7033 | URL | ||
| 50206 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7033 | URL | ||
| 50209 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7032 | URL | ||
| 50210 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7032 | URL | ||
| 50211 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7048 | URL | ||
| 50212 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7048 | URL | ||
| 50213 | FILE-OTHER Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7040 | URL | ||
| 50214 | FILE-OTHER Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7040 | URL | ||
| 50220 | FILE-PDF Adobe Acrobat untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-7046 | URL | ||
| 50221 | FILE-PDF Adobe Acrobat untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-7046 | URL | ||
| 50222 | FILE-OTHER Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7043 | URL | ||
| 50223 | FILE-OTHER Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7043 | URL | ||
| 50224 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7052 | URL | ||
| 50225 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7052 | URL | ||
| 50226 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7055 | URL | ||
| 50227 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7055 | URL | ||
| 50228 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7059 | URL | ||
| 50229 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7059 | URL | ||
| 50230 | FILE-OTHER Adobe Acrobat malformed font file use after free attempt (more info ...) | attempted-user | 2019-7072 | URL | ||
| 50231 | FILE-OTHER Adobe Acrobat malformed font file use after free attempt (more info ...) | attempted-user | 2019-7072 | URL | ||
| 50232 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7071 | URL | ||
| 50233 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7071 | URL | ||
| 50234 | FILE-OTHER Adobe Acrobat type confusion attempt (more info ...) | attempted-user | 2019-7069 | URL | ||
| 50235 | FILE-OTHER Adobe Acrobat type confusion attempt (more info ...) | attempted-user | 2019-7069 | URL | ||
| 50236 | FILE-OTHER Adobe Acrobat PostScript file parsing TBuildCharDict use after free attempt (more info ...) | attempted-user | 2019-7084 | URL | ||
| 50237 | FILE-OTHER Adobe Acrobat PostScript file parsing TBuildCharDict use after free attempt (more info ...) | attempted-user | 2019-7084 | URL | ||
| 50238 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7112 | URL | ||
| 50239 | FILE-PDF Adobe Acrobat use after free attempt (more info ...) | attempted-user | 2019-7112 | URL | ||
| 50240 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7122 | URL | ||
| 50241 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7122 | URL | ||
| 50242 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7122 | URL | ||
| 50243 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7122 | URL | ||
| 50244 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7120 | URL | ||
| 50245 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7120 | URL | ||
| 50246 | FILE-IMAGE Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7120 | URL | ||
| 50247 | FILE-IMAGE Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7120 | URL | ||
| 50248 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7127 | URL | ||
| 50249 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7127 | URL | ||
| 50250 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7118 | URL | ||
| 50251 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7118 | URL | ||
| 50252 | FILE-IMAGE Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7118 | URL | ||
| 50253 | FILE-IMAGE Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7118 | URL | ||
| 50254 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7124 | URL | ||
| 50255 | FILE-PDF Adobe Acrobat out-of-bounds write attempt (more info ...) | attempted-user | 2019-7124 | URL | ||
| 50256 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7143 | URL | ||
| 50257 | FILE-OTHER Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7143 | URL | ||
| 50267 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-user | 2019-7837 | URL | ||
| 50268 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-user | 2019-7837 | URL | ||
| 50271 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7061 | URL | ||
| 50272 | FILE-PDF Adobe Acrobat out-of-bounds read attempt (more info ...) | attempted-user | 2019-7061 | URL | ||
| 50297 | FILE-PDF Adobe Acrobat execCalculate use after free attempt (more info ...) | attempted-user | 2019-7782 | URL | ||
| 50298 | FILE-PDF Adobe Acrobat execCalculate use after free attempt (more info ...) | attempted-user | 2019-7782 | URL | ||
| 50448 | FILE-PDF Adobe Acrobat double free attempt (more info ...) | attempted-user | 2019-7080 | URL | ||
| 50449 | FILE-PDF Adobe Acrobat double free attempt (more info ...) | attempted-user | 2019-7080 | URL | ||
| 50534 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 50535 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 50536 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 50537 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 51026 | FILE-PDF Adobe Reader SFNT out of bounds memory read attempt (more info ...) | attempted-user | 2014-8458 | URL | ||
| 51081 | FILE-FLASH Adobe Flash player memory corruption attempt (more info ...) | attempted-user | 2015-5577 | URL | ||
| 51082 | FILE-FLASH Adobe Flash player memory corruption attempt (more info ...) | attempted-user | 2015-5577 | URL | ||
| 51162 | FILE-PDF Adobe Acrobat Reader RGB color table out of bounds read attempt (more info ...) | misc-activity | 2014-8456 | URL | ||
| 51163 | FILE-PDF Adobe Acrobat Reader RGB color table out of bounds read attempt (more info ...) | misc-activity | 2014-8456 | URL | ||
| 51225 | FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (more info ...) | attempted-user | 2016-1002 | URL | ||
| 51226 | FILE-FLASH Adobe Flash Player malformed ATF heap overflow attempt (more info ...) | attempted-user | 2016-1002 | URL | ||
| 51648 | FILE-FLASH Adobe Flash Player ActiveX same origin method execution attempt (more info ...) | attempted-user | 2019-8069 | |||
| 51992 | FILE-IDENTIFY Windows Media Metafile file download request (more info ...) | misc-activity | ||||
| 51993 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 51994 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 52036 | SERVER-OTHER Adobe ColdFusion JNBridge remote code execution attempt (more info ...) | attempted-admin | 2019-7839 | URL | ||
| 53148 | FILE-PDF Adobe Acrobat CTextWidget memory corruption attempt (more info ...) | attempted-user | 2019-8038 | URL | ||
| 53149 | FILE-PDF Adobe Acrobat CTextWidget memory corruption attempt (more info ...) | attempted-user | 2019-8038 | URL | ||
| 53687 | SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt (more info ...) | web-application-attack | 2018-12809 | |||
| 53688 | SERVER-WEBAPP Adobe Experience Manager server side request forgery attempt (more info ...) | web-application-attack | 2018-12809 | |||
| 55979 | FILE-MULTIMEDIA Microsoft Windows Media Foundation memory corruption attempt (more info ...) | attempted-user | 2020-16915 | URL | ||
| 55980 | FILE-MULTIMEDIA Microsoft Windows Media Foundation memory corruption attempt (more info ...) | attempted-user | 2020-16915 | URL | ||
| 57137 | FILE-PDF Adobe Acrobat heap buffer overflow attempt (more info ...) | attempted-user | 2021-21017 | URL | ||
| 57138 | FILE-PDF Adobe Acrobat heap buffer overflow attempt (more info ...) | attempted-user | 2021-21017 | URL | ||
| 57499 | FILE-FLASH Adobe Flash Player worker shared object use-after-free attempt (more info ...) | attempted-user | 2014-0502 | URL | ||
| 57566 | FILE-PDF Adobe Acrobat Reader DC Annots.api setProps use-after-free attempt (more info ...) | attempted-user | 2021-28550 | URL | ||
| 57567 | FILE-PDF Adobe Acrobat Reader DC Annots.api setProps use-after-free attempt (more info ...) | attempted-user | 2021-28550 | URL | ||
| 58640 | FILE-PDF Adobe Acrobat Reader DC memory corruption attempt (more info ...) | attempted-user | 2021-28639 | |||
| 58641 | FILE-PDF Adobe Acrobat Reader DC memory corruption attempt (more info ...) | attempted-user | 2021-28639 | |||
| 58643 | FILE-PDF Adobe Acrobat Reader DC memory corruption attempt (more info ...) | attempted-user | 2021-28639 | |||
| 58645 | FILE-PDF Adobe Acrobat Reader DC memory corruption attempt (more info ...) | attempted-user | 2021-28639 | |||
| 59084 | FILE-PDF Adobe Acrobat PDF buttonGetIcon use-after-free attempt (more info ...) | attempted-user | 2021-39836 | URL | ||
| 59085 | FILE-PDF Adobe Acrobat PDF buttonGetIcon use-after-free attempt (more info ...) | attempted-user | 2021-39836 | URL | ||
| 59101 | FILE-PDF Adobe Acrobat PDF AcroForm addField use-after-free attempt (more info ...) | attempted-user | 2021-28635 | URL | ||
| 59102 | FILE-PDF Adobe Acrobat PDF AcroForm addField use-after-free attempt (more info ...) | attempted-user | 2021-28635 | URL | ||
| 59105 | FILE-PDF Adobe Acrobat PDF thermometer use-after-free attempt (more info ...) | attempted-user | 2021-28640 | URL | ||
| 59106 | FILE-PDF Adobe Acrobat PDF thermometer use-after-free attempt (more info ...) | attempted-user | 2021-28640 | URL | ||
| 59248 | FILE-PDF Adobe Acrobat PDF SMask height out of bounds write attempt (more info ...) | attempted-user | 2021-39843 | URL | ||
| 59249 | FILE-PDF Adobe Acrobat PDF SMask height out of bounds write attempt (more info ...) | attempted-user | 2021-39843 | URL | ||
| 60803 | SERVER-WEBAPP Adobe BlazeDS XML external entity injection attempt (more info ...) | web-application-attack | 2009-3960 | URL | ||
| 60804 | SERVER-WEBAPP Adobe BlazeDS XML external entity injection attempt (more info ...) | web-application-attack | 2009-3960 | URL | ||
| 61033 | FILE-OTHER Adobe ColdFusion XmlTransform arbitrary file read attempt (more info ...) | web-application-attack | 2022-42340 | |||
| 61034 | FILE-OTHER Adobe ColdFusion XmlTransform arbitrary file read attempt (more info ...) | web-application-attack | 2022-42340 | |||
| 61690 | SERVER-WEBAPP Adobe RoboHelp Server fileName directory traversal attempt (more info ...) | web-application-attack | 2021-42727 | |||
| 61691 | SERVER-WEBAPP Adobe RoboHelp Server fileName directory traversal attempt (more info ...) | web-application-attack | 2021-42727 | |||
| 62111 | SERVER-WEBAPP Adobe ColdFusion Secure Profile access bypass attempt (more info ...) | web-application-attack | 2023-29298 | URL | ||
| 62112 | SERVER-WEBAPP Adobe ColdFusion Secure Profile access bypass attempt (more info ...) | web-application-attack | 2023-29298 | URL | ||
| 62113 | SERVER-WEBAPP Adobe ColdFusion WDDX Deserialization code execution attempt (more info ...) | attempted-user | 2023-38204 | URL | ||
| 62114 | SERVER-WEBAPP Adobe ColdFusion WDDX Deserialization code execution attempt (more info ...) | attempted-user | 2023-38204 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 1428 | POLICY-MULTIMEDIA audio galaxy keepalive (more info ...) | misc-activity | ||||
| 1540 | SERVER-OTHER Adobe Coldfusion ?Mode=debug attempt (more info ...) | web-application-activity | 1999-0760 | 10797 | ||
| 2419 | FILE-IDENTIFY RealNetworks Realplayer .ram playlist file download request (more info ...) | misc-activity | URL | |||
| 2422 | FILE-IDENTIFY RealNetworks Realplayer .rt playlist file download request (more info ...) | misc-activity | URL | |||
| 2423 | FILE-IDENTIFY RealNetworks Realplayer .rp playlist file download request (more info ...) | misc-activity | URL | |||
| 2438 | FILE-MULTIMEDIA RealNetworks RealPlayer playlist file URL overflow attempt (more info ...) | attempted-user | 2005-0755 | 9579 | ||
| 2439 | FILE-MULTIMEDIA RealNetworks RealPlayer playlist http URL overflow attempt (more info ...) | attempted-user | 2005-0755 | 9579 | ||
| 2440 | FILE-MULTIMEDIA RealNetworks RealPlayer playlist rtsp URL overflow attempt (more info ...) | attempted-user | 2005-0755 | 9579 | ||
| 2550 | FILE-OTHER Nullsoft Winamp XM file buffer overflow attempt (more info ...) | attempted-user | 2004-1896 | URL | ||
| 3470 | FILE-MULTIMEDIA RealNetworks RealPlayer VIDORV30 header length buffer overflow (more info ...) | attempted-admin | 2004-1481 | 11309 | URL | |
| 3473 | FILE-MULTIMEDIA RealNetworks RealPlayer SMIL file overflow attempt (more info ...) | attempted-user | 2005-0455 | 12698 | ||
| 3822 | SERVER-WEBAPP RealNetworks RealPlayer realtext long URI request attempt (more info ...) | protocol-command-decode | 2005-1766 | 14048 | 18558 | |
| 3823 | FILE-MULTIMEDIA RealNetworks RealPlayer realtext file bad version buffer overflow attempt (more info ...) | attempted-user | 2005-1766 | 14048 | 18558 | |
| 4131 | SERVER-OTHER SHOUTcast URI format string attempt (more info ...) | web-application-attack | 2004-1373 | 12096 | ||
| 4158 | BROWSER-PLUGINS Microsoft Windows Media Player Active Movie ActiveX object access (more info ...) | attempted-user | 2000-0400 | 1221 | ||
| 4675 | FILE-FLASH Adobe Flash DOACTION tag overflow attempt (more info ...) | attempted-user | URL | |||
| 4679 | FILE-MULTIMEDIA Apple QuickTime movie file component name integer overflow multipacket attempt (more info ...) | attempted-user | 2005-2754 | 15308 | URL | |
| 4680 | FILE-MULTIMEDIA Apple QuickTime movie file component name integer overflow attempt (more info ...) | attempted-user | 2005-2754 | 15308 | URL | |
| 5710 | OS-WINDOWS Microsoft Windows Media Player Plugin for Non-IE browsers buffer overflow attempt (more info ...) | attempted-user | 2006-0005 | 16644 | URL | |
| 5711 | FILE-IMAGE Microsoft Windows Media Player zero length bitmap heap overflow attempt (more info ...) | attempted-admin | 2006-0006 | 16633 | URL | |
| 5712 | FILE-IMAGE Microsoft Windows Media Player invalid data offset bitmap heap overflow attempt (more info ...) | attempted-admin | 2006-0006 | 16633 | URL | |
| 6368 | PUA-ADWARE Adware flashtrack media/spoton runtime detection - update request (more info ...) | misc-activity | URL | |||
| 6371 | PUA-ADWARE Adware flashtrack media/spoton runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 6506 | FILE-MULTIMEDIA Apple QuickTime udta atom overflow attempt (more info ...) | attempted-user | 2006-1460 | 17953 | ||
| 6691 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6693 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6694 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6695 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6696 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 6698 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 7142 | PUA-ADWARE Adware ares flash downloader 2.04 runtime detection (more info ...) | misc-activity | URL | |||
| 7581 | PUA-TOOLBARS Hijacker flashbar runtime detection - user-agent (more info ...) | misc-activity | URL | |||
| 7888 | BROWSER-PLUGINS AOLFlash.AOLFlash ActiveX clsid access (more info ...) | attempted-user | ||||
| 7978 | BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (more info ...) | attempted-user | 2007-6244 | URL | ||
| 8091 | FILE-MULTIMEDIA RealNetworks RealPlayer error message format string vulnerability attempt (more info ...) | attempted-user | 2005-2710 | 14945 | ||
| 8377 | BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8381 | BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8383 | BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8385 | BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8387 | BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8389 | BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8401 | BROWSER-PLUGINS Microsoft Windows Media Services DRM Storage ActiveX clsid access (more info ...) | attempted-user | ||||
| 8409 | BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 8701 | SERVER-WEBAPP IceCast header buffer overflow attempt (more info ...) | attempted-admin | 2004-1561 | 11271 | URL | |
| 8702 | SERVER-OTHER IceCast header buffer overflow attempt (more info ...) | attempted-admin | 2004-1561 | 11271 | URL | |
| 8703 | SERVER-OTHER IceCast header buffer overflow attempt (more info ...) | attempted-admin | 2004-1561 | 11271 | URL | |
| 9429 | FILE-MULTIMEDIA Apple QuickTime Movie link scripting security bypass attempt (more info ...) | attempted-user | 2006-4965 | 20138 | ||
| 9430 | FILE-MULTIMEDIA Apple QuickTime Movie link file URI security bypass attempt (more info ...) | attempted-user | 2006-4965 | 20138 | ||
| 9625 | OS-WINDOWS Microsoft Windows Media Player ASX file ref href buffer overflow attempt (more info ...) | attempted-user | 2006-6134 | 21247 | URL | |
| 9637 | FILE-OTHER Adobe Download Manager dm.ini stack overflow attempt (more info ...) | attempted-user | 2006-5856 | 21453 | ||
| 9641 | OS-WINDOWS Microsoft Windows Media Player ASF simple index object parsing buffer overflow attempt (more info ...) | attempted-user | 2009-2527 | URL | ||
| 9642 | OS-WINDOWS Microsoft Windows Media Player ASF codec list object parsing buffer overflow attempt (more info ...) | attempted-user | 2009-2527 | URL | ||
| 9643 | OS-WINDOWS Microsoft Windows Media Player ASF marker object parsing buffer overflow attempt (more info ...) | attempted-user | 2009-2527 | URL | ||
| 9671 | BROWSER-PLUGINS RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX clsid access (more info ...) | attempted-user | 2006-6847 | 21802 | ||
| 9673 | BROWSER-PLUGINS RealNetworks RealPlayer AutoStream.AutoStream.1 ActiveX function call access (more info ...) | attempted-user | 2006-6847 | 21802 | ||
| 9823 | FILE-MULTIMEDIA Apple QuickTime RTSP URI overflow attempt (more info ...) | attempted-user | 2007-0015 | 21829 | URL | |
| 9842 | FILE-PDF Adobe Acrobat Plugin Universal cross-site scripting attempt (more info ...) | misc-attack | 2007-0045 | URL | ||
| 10193 | BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (more info ...) | attempted-user | 2010-3749 | 44443 | ||
| 10194 | BROWSER-PLUGINS RealNetworks RealPlayer Ierpplug.dll ActiveX function call access (more info ...) | attempted-user | 2010-3749 | 22811 | ||
| 11180 | FILE-MULTIMEDIA Apple QuickTime movie ftyp buffer underflow (more info ...) | attempted-user | 2007-2296 | 23652 | ||
| 11267 | FILE-IMAGE Adobe Photoshop PNG file handling stack buffer overflow attempt (more info ...) | attempted-user | 2007-2365 | 23698 | ||
| 12219 | FILE-MULTIMEDIA RealNetworks RealPlayer SMIL wallclock parsing buffer overflow (more info ...) | attempted-user | 2007-3410 | 24658 | URL | |
| 12707 | FILE-MULTIMEDIA RealNetworks RealPlayer lyrics heap overflow attempt (more info ...) | attempted-user | 2007-5080 | 26214 | ||
| 12741 | SERVER-OTHER Apple Quicktime TCP RTSP sdp type buffer overflow attempt (more info ...) | attempted-user | 2007-6166 | 26549 | ||
| 12742 | SERVER-OTHER Apple Quicktime UDP RTSP sdp type buffer overflow attempt (more info ...) | attempted-user | 2007-6166 | 26549 | ||
| 12746 | FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (more info ...) | attempted-user | 2015-3789 | 26341 | URL | |
| 12757 | FILE-IMAGE Apple QuickTime uncompressed PICT stack overflow attempt (more info ...) | attempted-user | 2007-4672 | 26344 | ||
| 12767 | BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (more info ...) | attempted-user | 2010-3747 | 44144 | URL | |
| 12768 | BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 12775 | BROWSER-PLUGINS RealNetworks RealPlayer obfuscated Ierpplug.dll ActiveX exploit attempt (more info ...) | attempted-user | 2007-5601 | 26586 | URL | |
| 13300 | FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (more info ...) | attempted-admin | 2007-6242 | 26951 | ||
| 13477 | FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt - compressed (more info ...) | attempted-user | 2008-0655 | 27641 | ||
| 13478 | FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (more info ...) | attempted-user | 2008-0655 | 27641 | ||
| 13515 | FILE-MULTIMEDIA Apple QuickTime user agent (more info ...) | misc-activity | ||||
| 13516 | FILE-MULTIMEDIA Apple QuickTime HTTP error response buffer overflow (more info ...) | attempted-user | 2008-0234 | 27225 | ||
| 13517 | FILE-MULTIMEDIA Apple Quicktime malformed idsc atom (more info ...) | attempted-user | 2008-0033 | |||
| 13603 | BROWSER-PLUGINS RealNetworks RealPlayer Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 13605 | BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 13607 | BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | ||
| 13609 | BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL Vulnerble Property ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | ||
| 13820 | FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (more info ...) | attempted-user | 2007-0071 | 29386 | URL | |
| 13821 | FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (more info ...) | attempted-user | 2007-0071 | 29386 | URL | |
| 13822 | FILE-FLASH Adobe Flash Player SWF scene and label data memory corruption attempt (more info ...) | attempted-user | 2007-0071 | 29386 | URL | |
| 13917 | FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 13918 | FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 13920 | FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (more info ...) | attempted-user | 2008-1022 | 28583 | ||
| 14042 | BROWSER-PLUGINS RealNetworks RealPlayer General Property Page ActiveX clsid access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14044 | BROWSER-PLUGINS RealNetworks RealPlayer Playback Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14046 | BROWSER-PLUGINS RealNetworks RealPlayer RMP Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14048 | BROWSER-PLUGINS RealNetworks RealPlayer RNX Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14050 | BROWSER-PLUGINS RealNetworks RealPlayer SMIL Download Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14052 | BROWSER-PLUGINS RealNetworks RealPlayer Stream Handler ActiveX function call access (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 14235 | BROWSER-PLUGINS Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt (more info ...) | attempted-user | 2008-5232 | 30814 | URL | |
| 14237 | BROWSER-PLUGINS Microsoft Windows Media Services ActiveX function call access (more info ...) | attempted-user | 2008-5232 | 30814 | ||
| 14255 | BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX clsid access (more info ...) | attempted-user | 2008-3008 | 31065 | URL | |
| 14257 | BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (more info ...) | attempted-user | 2008-3008 | 31065 | URL | |
| 15007 | BROWSER-PLUGINS NOS Microsystems / Adobe getPlus Download Manager ActiveX clsid access (more info ...) | attempted-user | 2008-4817 | 32105 | ||
| 15014 | FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (more info ...) | attempted-user | 2008-2992 | |||
| 15358 | FILE-PDF Adobe Acrobat Reader JBIG2 remote code execution attempt (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 15433 | FILE-OTHER Winamp MAKI parsing integer overflow attempt (more info ...) | attempted-user | 2009-1831 | 35052 | ||
| 15478 | FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (more info ...) | attempted-user | 2009-0520 | 33880 | URL | |
| 15480 | FILE-MULTIMEDIA Apple QuickTime movie record invalid version number exploit attempt (more info ...) | attempted-user | 2009-0956 | URL | ||
| 15487 | FILE-MULTIMEDIA Apple QuickTime SMIL qtnext redirect file execution attempt (more info ...) | attempted-user | 2008-1585 | 29650 | ||
| 15492 | FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (more info ...) | attempted-user | 2009-1493 | 34740 | ||
| 15493 | FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (more info ...) | attempted-user | 2009-1492 | 34736 | ||
| 15517 | FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (more info ...) | attempted-user | 2009-1537 | 35139 | URL | |
| 15559 | FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (more info ...) | attempted-user | 2009-0954 | 35167 | URL | |
| 15562 | FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (more info ...) | attempted-user | 2009-1861 | 35295 | URL | |
| 15680 | OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (more info ...) | attempted-user | 2009-1539 | URL | ||
| 15682 | FILE-MULTIMEDIA Microsoft Windows DirectShow QuickTime file stsc atom parsing heap corruption attempt (more info ...) | attempted-user | 2009-1538 | URL | ||
| 15703 | FILE-MULTIMEDIA Apple iTunes ITMS protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15704 | FILE-MULTIMEDIA Apple iTunes ITMSS protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15705 | FILE-MULTIMEDIA Apple iTunes PCAST protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15706 | FILE-MULTIMEDIA Apple iTunes DAAP protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15707 | FILE-MULTIMEDIA Apple iTunes ITPC protocol handler stack buffer overflow attempt (more info ...) | attempted-user | 2009-0950 | 35157 | ||
| 15709 | FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 15728 | FILE-PDF Possible Adobe Acrobat Reader ActionScript byte_array heap spray attempt (more info ...) | attempted-user | 2009-1862 | 35759 | URL | |
| 15729 | FILE-FLASH Possible Adobe Flash Player ActionScript byte_array heap spray attempt (more info ...) | attempted-user | 2009-1862 | 35759 | URL | |
| 15867 | FILE-PDF Adobe Acrobat Reader PDF font processing memory corruption attempt (more info ...) | attempted-user | 2008-4813 | 32100 | URL | |
| 15869 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 15940 | FILE-MULTIMEDIA RealNetworks RealPlayer Multiple Products RA file processing overflow attempt (more info ...) | attempted-user | 2007-2264 | 26214 | ||
| 15993 | FILE-FLASH Adobe Flash Player ActionScript intrf_count integer overflow attempt (more info ...) | attempted-user | 2009-1869 | 35907 | ||
| 16027 | FILE-MULTIMEDIA Nullsoft Winamp midi file header overflow attempt (more info ...) | attempted-user | 2006-3228 | 18507 | ||
| 16041 | FILE-MULTIMEDIA Apple QuickTime FLIC animation file buffer overflow attempt (more info ...) | attempted-user | 2006-4384 | 19976 | ||
| 16046 | FILE-MULTIMEDIA RealNetworks RealPlayer RealMedia file format processing heap corruption attempt (more info ...) | attempted-user | 2007-5081 | 26214 | ||
| 16054 | FILE-IMAGE Apple QuickTime bitmap multiple header overflow (more info ...) | attempted-user | 2006-2238 | 17953 | ||
| 16055 | FILE-MULTIMEDIA Apple iTunes AAC file handling integer overflow attempt (more info ...) | attempted-user | 2006-1467 | 18730 | ||
| 16091 | SERVER-OTHER Macromedia Flash Media Server administration service denial of service attempt (more info ...) | attempted-dos | 2005-4216 | 15822 | ||
| 16148 | FILE-MULTIMEDIA Apple QuickTime and iTunes heap memory corruption attempt (more info ...) | attempted-user | 2005-4092 | 15732 | ||
| 16156 | FILE-MULTIMEDIA Windows Media Player ASF marker object memory corruption attempt (more info ...) | attempted-user | 2009-2527 | URL | ||
| 16158 | OS-WINDOWS Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt (more info ...) | attempted-user | 2009-2525 | URL | ||
| 16172 | FILE-PDF Adobe Acrobat Reader U3D line set heap corruption attempt (more info ...) | attempted-user | 2009-2997 | |||
| 16173 | FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation pointer overwrite attempt (more info ...) | attempted-user | 2009-2998 | |||
| 16174 | FILE-PDF Adobe Acrobat Reader U3D progressive mesh continuation off by one index attempt (more info ...) | attempted-user | 2009-3458 | |||
| 16175 | FILE-PDF Adobe Acrobat Reader collab.removeStateModel denial of service attempt (more info ...) | attempted-user | 2009-2988 | |||
| 16176 | FILE-PDF Adobe Acrobat Reader collab.addStateModel remote corruption attempt (more info ...) | attempted-user | 2009-2996 | |||
| 16220 | FILE-OTHER Adobe Shockwave director file malformed lcsr block memory corruption attempt (more info ...) | attempted-user | 2009-3466 | URL | ||
| 16223 | FILE-OTHER Adobe Shockwave tSAC pointer overwrite attempt (more info ...) | attempted-user | 2009-3464 | URL | ||
| 16224 | FILE-MULTIMEDIA Apple iTunes invalid tref box exploit attempt (more info ...) | attempted-dos | 2010-0531 | URL | ||
| 16225 | FILE-OTHER Adobe Shockwave Flash arbitrary memory access attempt (more info ...) | attempted-user | 2009-3465 | URL | ||
| 16293 | FILE-OTHER Adobe Shockwave Flash memory corruption attempt (more info ...) | attempted-user | 2009-3463 | |||
| 16315 | FILE-FLASH Adobe Flash PlugIn check if file exists attempt (more info ...) | misc-activity | 2009-3951 | |||
| 16316 | FILE-FLASH Adobe Flash Player malformed getPropertyLate actioncode attempt (more info ...) | attempted-user | 2009-3797 | |||
| 16320 | FILE-IMAGE Adobe PNG empty sPLT exploit attempt (more info ...) | attempted-user | 2009-2984 | |||
| 16321 | FILE-IMAGE Adobe tiff oversized image length attempt (more info ...) | attempted-user | 2009-2995 | |||
| 16322 | FILE-PDF Adobe Acrobat Reader oversized object width attempt (more info ...) | attempted-user | 2009-2980 | |||
| 16323 | FILE-PDF Adobe Acrobat Reader JPEG2k uninitialized QCC memory corruption attempt (more info ...) | attempted-user | 2009-2995 | |||
| 16324 | FILE-PDF Adobe Acrobat Reader doc.export arbitrary file write attempt (more info ...) | attempted-user | 2009-2993 | |||
| 16325 | FILE-PDF Adobe JPEG2k uninitialized QCC memory corruption attempt (more info ...) | attempted-user | 2009-2994 | |||
| 16331 | FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (more info ...) | attempted-user | 2009-3794 | |||
| 16333 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 16334 | FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | |||
| 16337 | FILE-FLASH Adobe Flash Player directory traversal attempt (more info ...) | attempted-admin | 2009-3792 | 37420 | URL | |
| 16340 | BROWSER-PLUGINS Microsoft Windows Media Player DHTML Editing ActiveX clsid access (more info ...) | attempted-user | 2003-0228 | 7517 | 11595 | URL |
| 16359 | FILE-OTHER Adobe Illustrator DSC comment overflow attempt (more info ...) | attempted-user | 2009-4195 | 37192 | ||
| 16360 | FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (more info ...) | attempted-user | 2009-0955 | 35166 | URL | |
| 16370 | FILE-PDF Adobe Reader JP2C Region Atom CompNum memory corruption attempt (more info ...) | attempted-user | 2009-3955 | |||
| 16373 | FILE-PDF Adobe Acrobat Reader U3D CLODMeshContinuation code execution attempt (more info ...) | attempted-user | 2009-2990 | 36665 | URL | |
| 16390 | FILE-PDF Adobe Acrobat Reader alternate file magic obfuscation (more info ...) | misc-activity | URL | |||
| 16537 | BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 16541 | OS-WINDOWS Microsoft Windows Media Service stack overflow attempt (more info ...) | attempted-admin | 2010-0478 | URL | ||
| 16543 | FILE-MULTIMEDIA Microsoft Windows Media Player codec code execution attempt (more info ...) | attempted-user | 2010-0480 | URL | ||
| 16546 | FILE-PDF Adobe Acrobat Reader/Acrobat Pro CFF font parsing heap overflow attempt (more info ...) | attempted-user | 2010-1241 | |||
| 16561 | FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 1 (more info ...) | attempted-user | 2017-3028 | URL | ||
| 16562 | FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 2 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16563 | FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 3 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16564 | FILE-IMAGE Adobe Photoshop CS4 TIFF file exploit attempt - 4 (more info ...) | attempted-user | 2010-1279 | URL | ||
| 16578 | OS-WINDOWS Microsoft Windows Media Encoder 9 ActiveX buffer overflow attempt (more info ...) | attempted-user | 2008-3008 | URL | ||
| 16603 | FILE-PDF Adobe Acrobat Reader Linux malformed U3D mesh deceleration block exploit attempt (more info ...) | attempted-user | 2010-0196 | |||
| 16607 | BROWSER-PLUGINS RealNetworks RealPlayer RAM Download Handler ActiveX control access attempt (more info ...) | attempted-user | 2008-1309 | 28157 | URL | |
| 16609 | BROWSER-PLUGINS RealNetworks RealPlayer Import ActiveX clsid access attempt (more info ...) | attempted-user | 2008-3066 | 30379 | ||
| 16633 | FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (more info ...) | attempted-user | 2010-1297 | |||
| 16634 | FILE-FLASH Adobe Flash use-after-free attack attempt (more info ...) | attempted-user | 2010-1297 | |||
| 16664 | FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 16673 | FILE-OTHER Adobe Shockwave DIR file PAMI chunk code execution attempt (more info ...) | attempted-user | 2010-1292 | URL | ||
| 16676 | FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 16677 | FILE-PDF Adobe Acrobat Reader malformed FlateDecode colors declaration (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 16801 | FILE-PDF Adobe Acrobat Reader CoolType.dll remote memory corruption denial of service attempt (more info ...) | attempted-dos | 2010-2204 | 41130 | ||
| 17096 | BROWSER-PLUGINS AOL WinAmpX ActiveX clsid access (more info ...) | attempted-user | 35028 | |||
| 17098 | BROWSER-PLUGINS AOL IWinAmpActiveX class ConvertFile buffer overflow attempt (more info ...) | attempted-user | 35028 | |||
| 17141 | FILE-FLASH Adobe Flash invalid data precision arbitrary code execution exploit attempt (more info ...) | attempted-user | 2010-2216 | URL | ||
| 17142 | FILE-FLASH Adobe Flash Player SWF ActionScript exploit attempt (more info ...) | attempted-user | 2010-0209 | URL | ||
| 17143 | FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 1 (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17144 | FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt - 2 (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17145 | FILE-IMAGE Adobe Photoshop CS4 ASL file processing buffer overflow attempt (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17146 | FILE-IMAGE Adobe Photoshop CS4 GRD file processing buffer overflow attempt (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17147 | FILE-IMAGE Adobe Photoshop CS4 ABR file processing buffer overflow attempt (more info ...) | attempted-user | 2010-1296 | 40389 | ||
| 17179 | FILE-OTHER Adobe Director file pamm record exploit attempt (more info ...) | attempted-user | 2010-2880 | |||
| 17180 | FILE-OTHER Adobe Director file LsCM record exploit attempt (more info ...) | attempted-user | 2010-2881 | |||
| 17181 | FILE-OTHER Adobe Director file LsCM record exploit attempt (more info ...) | attempted-user | 2010-2864 | |||
| 17182 | FILE-OTHER Adobe Director file tSAC record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17183 | FILE-OTHER Adobe Director file tSAC record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17184 | FILE-OTHER Adobe Director file tSAC record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17185 | FILE-OTHER Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17186 | FILE-OTHER Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17187 | FILE-OTHER Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17188 | FILE-OTHER Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2869 | |||
| 17189 | FILE-OTHER Adobe Director file rcsL record exploit attempt (more info ...) | attempted-user | 2010-2882 | |||
| 17190 | FILE-OTHER Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2871 | |||
| 17191 | FILE-OTHER Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2872 | |||
| 17192 | FILE-OTHER Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2873 | |||
| 17193 | FILE-OTHER Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2874 | |||
| 17194 | FILE-OTHER Adobe Director file tSAC tag exploit attempt (more info ...) | attempted-user | 2010-2875 | 42668 | URL | |
| 17196 | FILE-OTHER Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2877 | |||
| 17197 | FILE-OTHER Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2879 | |||
| 17198 | FILE-OTHER Adobe Director file exploit attempt (more info ...) | attempted-user | 2010-2878 | |||
| 17199 | FILE-OTHER Adobe Shockwave Director file lRTX overflow attempt (more info ...) | attempted-user | 2010-2863 | |||
| 17200 | FILE-OTHER Adobe Director file LsCM overflow attempt (more info ...) | attempted-user | 2010-2864 | |||
| 17201 | FILE-OTHER Adobe Shockwave Director file LsCM overflow attempt (more info ...) | attempted-user | 2010-2865 | |||
| 17202 | FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (more info ...) | attempted-user | 2010-2866 | URL | ||
| 17203 | FILE-OTHER Adobe Director file file rcsL overflow attempt (more info ...) | attempted-user | 2010-2867 | |||
| 17211 | FILE-MULTIMEDIA Apple QuickTime marshaled punk remote code execution (more info ...) | attempted-user | 2010-1818 | |||
| 17223 | FILE-FLASH Adobe Flash Player navigateToURL cross-site scripting attempt (more info ...) | misc-activity | 2007-6244 | 26960 | ||
| 17228 | OS-WINDOWS Microsoft Windows Media Player skin decompression code execution attempt (more info ...) | attempted-user | 2007-3035 | 25307 | ||
| 17242 | FILE-MULTIMEDIA Windows Media Player ASF file arbitrary code execution attempt (more info ...) | attempted-user | 2010-0818 | URL | ||
| 17257 | FILE-FLASH Adobe Flash Player and Reader remote code execution attempt (more info ...) | attempted-user | 2010-2884 | URL | ||
| 17272 | FILE-MULTIMEDIA RealNetworks RealPlayer AVI parsing buffer overflow attempt (more info ...) | attempted-user | 2005-2052 | 13530 | ||
| 17334 | FILE-FLASH RealNetworks RealPlayer SWF flash file buffer overflow attempt (more info ...) | attempted-user | 2006-0323 | 17202 | ||
| 17351 | FILE-OTHER Nullsoft Winamp ID3v2 Tag Handling Buffer Overflow attempt (more info ...) | attempted-user | 2005-2310 | 14276 | ||
| 17361 | FILE-PDF Adobe Acrobat Reader PDF Catalog Handling denial of service attempt (more info ...) | attempted-user | 2007-0104 | 21910 | URL | |
| 17372 | FILE-MULTIMEDIA Apple QuickTime udta atom parsing heap overflow vulnerability (more info ...) | attempted-user | 2007-0714 | 22844 | ||
| 17373 | FILE-MULTIMEDIA Apple QuickTime panorama atoms buffer overflow attempt (more info ...) | attempted-user | 2007-4675 | 26342 | ||
| 17381 | FILE-MULTIMEDIA Apple QuickTime PDAT Atom parsing buffer overflow attempt (more info ...) | attempted-user | 2008-3625 | URL | ||
| 17461 | FILE-OTHER RealNetworks RealPlayer zipped skin file buffer overflow attempt (more info ...) | attempted-user | 2005-2630 | 15382 | ||
| 17470 | FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (more info ...) | attempted-user | 2009-0007 | 33390 | ||
| 17523 | FILE-MULTIMEDIA Apple QuickTime H.264 Movie File Buffer Overflow (more info ...) | attempted-user | 2009-2799 | 36328 | ||
| 17526 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta buffer overflow attempt (more info ...) | attempted-user | 2009-1855 | 35282 | URL | |
| 17529 | SERVER-WEBAPP Adobe RoboHelp Server Arbitrary File Upload and Execute (more info ...) | attempted-user | 2009-1855 | 35282 | ||
| 17531 | FILE-MULTIMEDIA Apple QuickTime MOV file JVTCompEncodeFrame heap overflow attempt (more info ...) | attempted-user | 2007-2295 | 23650 | ||
| 17548 | FILE-MULTIMEDIA Apple QuickTime SMIL File Handling Integer Overflow attempt (more info ...) | attempted-user | 2007-2394 | 24873 | ||
| 17552 | FILE-IDENTIFY Adobe Pagemaker file download request (more info ...) | misc-activity | URL | |||
| 17553 | FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (more info ...) | attempted-user | 2007-5169 | 25989 | ||
| 17561 | FILE-MULTIMEDIA RealNetworks RealPlayer IVR Overly Long Filename Code Execution attempt (more info ...) | attempted-user | 2009-0375 | 33652 | ||
| 17587 | BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (more info ...) | attempted-user | 2006-6027 | 21155 | URL | |
| 17606 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 17608 | FILE-MULTIMEDIA Apple QuickTime color table atom movie file handling heap corruption attempt (more info ...) | attempted-user | 2007-4677 | 26338 | ||
| 17610 | FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (more info ...) | attempted-user | 2009-0398 | 33405 | ||
| 17611 | FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (more info ...) | attempted-user | 2009-0398 | 33405 | ||
| 17612 | FILE-MULTIMEDIA GStreamer QuickTime file parsing multiple heap overflow attempt (more info ...) | attempted-user | 2009-0398 | 33405 | ||
| 17633 | FILE-OTHER RealNetworks RealPlayer SWF frame handling buffer overflow attempt (more info ...) | attempted-user | 2007-5400 | 30370 | ||
| 17650 | FILE-OTHER Adobe Pagemaker Key Strings Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2007-6432 | 31999 | ||
| 17658 | FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (more info ...) | attempted-user | 2005-2628 | 15332 | ||
| 17666 | FILE-MULTIMEDIA RealNetworks RealPlayer invalid chunk size heap overflow attempt (more info ...) | attempted-user | 2005-2922 | 17202 | ||
| 17678 | FILE-IMAGE Adobe BMP image handler buffer overflow attempt (more info ...) | attempted-user | 2008-1765 | 28874 | ||
| 17698 | SERVER-MAIL RealNetworks RealPlayer wav chunk string overflow attempt in email (more info ...) | attempted-user | 2005-0611 | 12697 | ||
| 17735 | FILE-OTHER Adobe Pagemaker Font Name Buffer Overflow attempt (more info ...) | attempted-user | 2007-5169 | 25989 | ||
| 17739 | FILE-IDENTIFY FlashPix file download request (more info ...) | misc-activity | URL | |||
| 17753 | FILE-MULTIMEDIA Microsoft Windows Media Player network sharing service RTSP code execution attempt (more info ...) | attempted-user | 2010-3225 | 43776 | URL | |
| 17803 | FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (more info ...) | attempted-user | 2010-2873 | 42682 | URL | |
| 17806 | FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (more info ...) | attempted-user | 2010-3653 | 44291 | URL | |
| 17807 | FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (more info ...) | attempted-user | 2010-3653 | 44291 | URL | |
| 17808 | FILE-FLASH Adobe Flash authplay.dll memory corruption attempt (more info ...) | attempted-user | 2010-3654 | URL | ||
| 18180 | FILE-FLASH Adobe Flash Player ActionScript remote code execution attempt (more info ...) | attempted-user | 2010-3648 | 44684 | URL | |
| 18229 | FILE-IMAGE Microsoft FlashPix tile length overflow attempt (more info ...) | attempted-user | 2010-3952 | URL | ||
| 18237 | FILE-IMAGE Microsoft Windows Flashpix graphics filter fpx32.flt remote code execution attempt (more info ...) | attempted-user | 2010-3951 | URL | ||
| 18308 | FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (more info ...) | attempted-user | 2010-3622 | 43729 | URL | |
| 18402 | FILE-OTHER Microsoft Windows ATMFD Adobe font driver remote code execution attempt (more info ...) | attempted-user | 2011-0033 | URL | ||
| 18418 | FILE-FLASH Adobe Flash Player ActionScript apply function memory corruption attempt (more info ...) | attempted-user | 2011-0558 | URL | ||
| 18419 | FILE-PDF Adobe Acrobat Reader field flags exploit attempt (more info ...) | attempted-user | 2011-0589 | URL | ||
| 18420 | FILE-FLASH Adobe Flash Player ActionScript ASnative function remote code execution attempt (more info ...) | attempted-user | 2011-0559 | URL | ||
| 18421 | FILE-FLASH Adobe Flash Player ActionScript beginGradientFill memory corruption attempt (more info ...) | attempted-user | 2011-0561 | URL | ||
| 18432 | FILE-PDF Adobe Acrobat Reader d3dref9.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0588 | URL | ||
| 18433 | FILE-OTHER Adobe Acrobat Reader d3dref9.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0588 | URL | ||
| 18434 | FILE-OTHER Adobe Acrobat Reader plugin ace.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18435 | FILE-OTHER Adobe Acrobat Reader plugin agm.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18436 | FILE-OTHER Adobe Acrobat Reader plugin bibutils.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18437 | FILE-OTHER Adobe Acrobat Reader plugin cooltype.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18438 | FILE-OTHER Adobe Acrobat Reader plugin cryptocme2.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18439 | FILE-PDF Adobe Acrobat Reader plugin ace.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18440 | FILE-PDF Adobe Acrobat Reader plugin agm.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18441 | FILE-PDF Adobe Acrobat Reader plugin bibutils.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18442 | FILE-PDF Adobe Acrobat Reader plugin cooltype.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18443 | FILE-PDF Adobe Acrobat Reader plugin cryptocme2.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0570 | URL | ||
| 18444 | FILE-FLASH Adobe Flash Player forged atom type attempt (more info ...) | attempted-user | 2011-0574 | URL | ||
| 18445 | FILE-FLASH Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0575 | URL | ||
| 18446 | FILE-FLASH Adobe Acrobat Flash Player nvapi.dll dll-load exploit attempt (more info ...) | attempted-user | 2011-0575 | URL | ||
| 18447 | FILE-FLASH Adobe OpenAction crafted URI action thru Firefox attempt (more info ...) | attempted-user | 2011-0587 | URL | ||
| 18448 | FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (more info ...) | attempted-user | 2011-0592 | 46210 | URL | |
| 18449 | FILE-OTHER Adobe Acrobat font definition memory corruption attempt (more info ...) | attempted-user | 2011-0594 | URL | ||
| 18450 | FILE-PDF Adobe Acrobat Reader malformed BMP RGBQUAD attempt (more info ...) | attempted-user | 2011-0596 | URL | ||
| 18451 | FILE-PDF Adobe Acrobat ICC color integer overflow attempt (more info ...) | attempted-user | 2011-0598 | 46219 | URL | |
| 18452 | FILE-OTHER Adobe malicious IFF memory corruption attempt (more info ...) | attempted-admin | 2011-0590 | URL | ||
| 18453 | FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0593 | 46211 | URL | |
| 18454 | FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0599 | URL | ||
| 18455 | FILE-PDF Adobe Acrobat Reader malformed jpeg2000 superbox attempt (more info ...) | attempted-user | 2011-0602 | URL | ||
| 18456 | FILE-PDF Adobe Acrobat XML entity escape attempt (more info ...) | attempted-user | 2011-0604 | URL | ||
| 18457 | FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (more info ...) | attempted-user | 2011-0591 | 46209 | URL | |
| 18464 | SERVER-WEBAPP Adobe ColdFusion locale directory traversal attempt (more info ...) | attempted-admin | 2010-2861 | 42342 | ||
| 18484 | FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (more info ...) | attempted-user | 2005-0043 | |||
| 18489 | FILE-OTHER Adobe Photoshop request for wintab32.dll over SMB attempt (more info ...) | attempted-user | 2010-3127 | |||
| 18497 | OS-WINDOWS Microsoft Windows Media Player and shell extension request for ehtrace.dll over SMB attempt (more info ...) | attempted-user | 2011-2009 | URL | ||
| 18502 | FILE-FLASH Adobe Flash Player ActionScript Actionlf out of range negative offset attempt (more info ...) | attempted-user | 2011-0560 | URL | ||
| 18503 | FILE-FLASH Adobe Flash Player ActionScript flash.geom.Point constructor memory corruption attempt (more info ...) | attempted-user | 2011-0578 | URL | ||
| 18504 | FILE-FLASH Adobe Flash Player ActionConstantPool overflow attempt (more info ...) | attempted-user | 2011-0607 | URL | ||
| 18505 | FILE-FLASH Adobe Flash Player ActionPush overflow attempt (more info ...) | attempted-user | 2011-0608 | URL | ||
| 18506 | FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (more info ...) | attempted-user | 2011-0567 | 46199 | URL | |
| 18507 | FILE-PDF Adobe Acrobat Reader CCITT stream compression filter invalid image size heap overflow attempt (more info ...) | attempted-user | 2011-0567 | 46199 | URL | |
| 18510 | FILE-IMAGE Apple QuickTime FlashPix Movie file integer overflow attempt (more info ...) | attempted-user | 2010-0519 | 39020 | ||
| 18529 | FILE-OTHER Adobe Premiere Pro ibfs32.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3150 | URL | ||
| 18530 | FILE-OTHER Adobe Premier Pro ibfs32.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3150 | URL | ||
| 18542 | BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 18543 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 18544 | FILE-FLASH embedded Shockwave dropper in email attachment (more info ...) | attempted-user | 2011-0609 | URL | ||
| 18578 | BROWSER-PLUGINS RealNetworks RealPlayer RMOC3260.DLL cdda URI overflow attempt (more info ...) | attempted-user | 2010-3747 | 44144 | ||
| 18596 | FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (more info ...) | attempted-user | 2008-2992 | |||
| 18599 | FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (more info ...) | attempted-user | 2005-2340 | 16202 | ||
| 18600 | FILE-IMAGE Apple QuickTime PictureViewer buffer overflow attempt (more info ...) | attempted-user | 2005-2340 | 16202 | ||
| 18776 | FILE-OTHER Adobe Shockwave Director pamm chunk memory corruption attempt (more info ...) | attempted-user | 2010-4084 | URL | ||
| 18801 | FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (more info ...) | attempted-user | 2009-3955 | 37757 | ||
| 18805 | FILE-FLASH Adobe Flash Player undefined tag exploit attempt (more info ...) | attempted-user | 2010-2214 | |||
| 18928 | FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (more info ...) | attempted-user | 2010-1799 | 41962 | ||
| 18963 | FILE-FLASH Adobe ActionScript 3 addEventListener exploit attempt (more info ...) | attempted-user | 2011-0622 | URL | ||
| 18964 | FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (more info ...) | attempted-user | 2011-0619 | URL | ||
| 18965 | FILE-FLASH Adobe Flash file ActionScript 2 ActionJump remote code execution attempt (more info ...) | attempted-user | 2011-0624 | URL | ||
| 18966 | FILE-FLASH Adobe Flash file DefineFont4 remote code execution attempt (more info ...) | attempted-user | 2011-0627 | URL | ||
| 18967 | FILE-FLASH Adobe ActionScript argumentCount download attempt (more info ...) | attempted-user | 2011-0621 | URL | ||
| 18968 | FILE-FLASH Adobe Flash Player ActionScript3 stack integer overflow attempt (more info ...) | attempted-user | 2011-0618 | URL | ||
| 18969 | FILE-FLASH Adobe Flash Player ActionScript ActionIf integer overflow attempt (more info ...) | attempted-user | 2011-0625 | URL | ||
| 18970 | FILE-FLASH Adobe Flash Player null pointer dereference attempt (more info ...) | attempted-user | 2011-0626 | URL | ||
| 18971 | FILE-FLASH Adobe Flash beginGradientfill improper color validation attempt (more info ...) | attempted-user | 2011-0620 | URL | ||
| 18992 | FILE-FLASH Adobe Flash Player content parsing execution attempt (more info ...) | attempted-user | 2010-3654 | 44503 | ||
| 19002 | FILE-FLASH RealNetworks RealPlayer FLV integer overflow attempt (more info ...) | attempted-user | 2010-3000 | 42775 | ||
| 19011 | FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (more info ...) | attempted-user | 2010-3655 | 44516 | URL | |
| 19012 | FILE-OTHER Adobe Shockwave Player Lnam chunk processing buffer overflow attempt (more info ...) | attempted-user | 2010-3655 | 44516 | URL | |
| 19071 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 19080 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 19082 | FILE-PDF Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 19083 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 19111 | FILE-FLASH Adobe Flash Media Server memory exhaustion (more info ...) | misc-activity | 2009-3791 | |||
| 19112 | FILE-OTHER Adobe Shockwave 3D stucture heap overflow (more info ...) | attempted-user | 2009-4002 | URL | ||
| 19113 | FILE-OTHER Adobe Shockwave 3D structure opcode 81 overflow attempt (more info ...) | attempted-user | 2009-4003 | URL | ||
| 19114 | FILE-OTHER Adobe Shockwave 3D structure opcode 45 overflow attempt (more info ...) | attempted-user | 2009-4003 | URL | ||
| 19115 | FILE-OTHER Adobe Shockwave 3D structure opcode 89 overflow attempt (more info ...) | attempted-user | 2009-4003 | URL | ||
| 19117 | FILE-PDF Adobe Acrobat Reader malformed U3D integer overflow (more info ...) | attempted-user | 2009-3959 | URL | ||
| 19118 | FILE-PDF Adobe Acrobat Reader script injection vulnerability (more info ...) | attempted-user | 2009-3956 | URL | ||
| 19128 | FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (more info ...) | misc-activity | URL | |||
| 19129 | FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (more info ...) | misc-activity | URL | |||
| 19143 | FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (more info ...) | attempted-user | 2010-1880 | 40464 | URL | |
| 19145 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 19148 | FILE-MULTIMEDIA Adobe Flash Player SWF file MP4 data parsing memory corruption attempt (more info ...) | attempted-user | 2010-2162 | 40801 | URL | |
| 19169 | FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (more info ...) | attempted-user | 2010-4393 | 46047 | ||
| 19178 | FILE-FLASH Adobe Flash Player cross-site request forgery attempt (more info ...) | attempted-user | 2011-2107 | URL | ||
| 19179 | FILE-FLASH Adobe Flash Player cross-site request forgery attempt (more info ...) | attempted-user | 2011-2107 | URL | ||
| 19196 | OS-WINDOWS Microsoft Windows ATMFD Adobe font driver remote code execution attempt (more info ...) | attempted-user | 2011-0033 | 46106 | URL | |
| 19247 | FILE-IMAGE Adobe jpeg 2000 image exploit attempt (more info ...) | attempted-user | 2011-2098 | URL | ||
| 19248 | FILE-PDF Adobe Acrobat Reader malformed U3D texture continuation integer overflow attempt (more info ...) | attempted-user | 2011-2096 | URL | ||
| 19249 | FILE-FLASH Adobe Universal3D meshes.removeItem exploit attempt (more info ...) | attempted-admin | 2011-2099 | URL | ||
| 19250 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D file include overflow attempt (more info ...) | attempted-user | 2011-2094 | URL | ||
| 19251 | FILE-PDF Adobe Acrobat Reader CIDFont dictionary glyph width corruption attempt (more info ...) | attempted-user | 2011-2105 | URL | ||
| 19253 | FILE-PDF Adobe Acrobat Reader malicious language.engtesselate.ln file download attempt (more info ...) | attempted-user | 2011-2095 | URL | ||
| 19255 | FILE-PDF Adobe Acrobat Reader ICC ProfileDescriptionTag overflow attempt (more info ...) | attempted-user | 2011-2097 | URL | ||
| 19268 | FILE-PDF attempted download of a PDF with embedded Flash (more info ...) | policy-violation | 2010-3654 | 44503 | URL | |
| 19269 | FILE-PDF attempted download of a PDF with embedded Flash (more info ...) | policy-violation | 2010-3654 | 44503 | URL | |
| 19293 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 19350 | FILE-MULTIMEDIA Adobe Shockwave Player Director file FFFFFF88 record integer overflow attempt (more info ...) | attempted-user | 2010-2876 | URL | ||
| 19408 | FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (more info ...) | attempted-admin | 2010-1297 | |||
| 19431 | FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (more info ...) | attempted-user | 45221 | |||
| 19432 | FILE-MULTIMEDIA Nullsoft Winamp MIDI Timestamp buffer overflow attempt (more info ...) | attempted-user | 45221 | |||
| 19444 | FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19445 | FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19446 | FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19447 | FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19448 | FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19449 | FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19450 | FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 19560 | FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (more info ...) | attempted-user | 2009-2817 | 36478 | ||
| 19561 | BROWSER-PLUGINS RealNetworks RealPlayer ieframe.dll ActiveX clsid access (more info ...) | attempted-user | 47565 | |||
| 19617 | FILE-OTHER Adobe Audition assist.dll dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 19619 | FILE-OTHER Adobe Audition assist.dll dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 19683 | FILE-FLASH Adobe Flash Player ActionScript 3 buffer overflow attempt (more info ...) | attempted-user | 2011-2415 | URL | ||
| 19684 | FILE-OTHER Adobe CFF font storage memory corruption attempt (more info ...) | attempted-user | 2011-2417 | URL | ||
| 19685 | FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (more info ...) | attempted-user | 2014-0499 | 65703 | URL | |
| 19686 | FILE-FLASH Adobe Flash uninitialized bitmap structure memory corruption attempt (more info ...) | attempted-user | 2011-2425 | URL | ||
| 19687 | FILE-FLASH Adobe Flash ActionStoreRegister instruction length invalidation attempt (more info ...) | attempted-admin | 2011-2414 | URL | ||
| 19688 | FILE-FLASH Adobe Flash Player ActionScript BitmapData buffer overflow attempt (more info ...) | attempted-user | 2011-2138 | URL | ||
| 19689 | FILE-FLASH Adobe Flash Player ActionScript dynamic calculation double-free attempt (more info ...) | attempted-dos | 2011-2135 | URL | ||
| 19690 | FILE-FLASH Adobe Flash Player ActionScript duplicateDoorInputArguments stack overwrite (more info ...) | attempted-user | 2011-2136 | URL | ||
| 19691 | FILE-FLASH Adobe Flash Player ActionScript File reference buffer overflow attempt (more info ...) | attempted-user | 2011-2137 | URL | ||
| 19692 | FILE-FLASH Adobe Flash cross-site request forgery attempt (more info ...) | attempted-user | 2011-2139 | URL | ||
| 19693 | FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (more info ...) | attempted-admin | 2011-2140 | URL | ||
| 20050 | FILE-FLASH Adobe Flash Player memory consumption vulnerability (more info ...) | denial-of-service | 2009-3793 | |||
| 20059 | FILE-IMAGE Apple Quicktime PictureViewer GIF rendering vulnerability (more info ...) | attempted-user | 2005-1106 | |||
| 20144 | FILE-PDF Adobe Acrobat embedded TIFF DotRange structure memory corruption attempt (more info ...) | attempted-user | 2011-2432 | URL | ||
| 20145 | FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (more info ...) | attempted-user | 2011-2433 | URL | ||
| 20147 | FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (more info ...) | attempted-user | 2011-2434 | URL | ||
| 20148 | FILE-PDF Adobe Acrobat Reader embedded PICT parsing corruption attempt (more info ...) | attempted-user | 2011-2435 | URL | ||
| 20149 | FILE-PDF Adobe Acrobat Reader embedded IFF file RGBA chunk memory corruption attempt (more info ...) | attempted-user | 2011-2436 | URL | ||
| 20150 | FILE-PDF Adobe Acrobat Reader embedded PCX parsing corruption attempt (more info ...) | attempted-user | 2011-2437 | URL | ||
| 20152 | FILE-PDF Adobe Acrobat GDI object leak memory corruption attempt (more info ...) | attempted-user | 2011-2439 | URL | ||
| 20153 | FILE-PDF Adobe Acrobat embedded JPEG file APP0 chunk memory corruption attempt (more info ...) | attempted-user | 2011-2440 | URL | ||
| 20154 | FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 20155 | FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 20156 | FILE-PDF Adobe Acrobat Reader getCosObj file overwrite attempt (more info ...) | attempted-user | 2011-2442 | URL | ||
| 20162 | FILE-PDF Adobe Acrobat Reader sandbox disable attempt (more info ...) | attempted-user | 2011-1353 | URL | ||
| 20169 | FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (more info ...) | attempted-user | 2011-2438 | URL | ||
| 20170 | FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (more info ...) | attempted-user | 2011-2438 | URL | ||
| 20171 | FILE-PDF Adobe Acrobat Reader embedded BMP parsing corruption attempt (more info ...) | attempted-user | 2011-2438 | URL | ||
| 20181 | FILE-FLASH Adobe Flash Speex-encoded audio buffer underflow attempt (more info ...) | attempted-user | 2011-2130 | URL | ||
| 20182 | FILE-FLASH Adobe Flash Player viewSource blacklist exclusion attempt (more info ...) | attempted-user | 2011-2429 | URL | ||
| 20183 | FILE-FLASH Adobe Flash Player setInterval use attempt (more info ...) | attempted-user | 2011-2444 | URL | ||
| 20206 | FILE-FLASH Adobe Flash Player pcre ActionScript under allocation (more info ...) | attempted-user | 2011-2427 | URL | ||
| 20211 | FILE-FLASH Adobe Flash Player recursive stack overflow attempt (more info ...) | attempted-user | 2011-2426 | URL | ||
| 20235 | MALWARE-CNC Win.Trojan.AdobeReader.Uz runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20288 | FILE-MULTIMEDIA RealNetworks RealPlayer QCP parsing buffer overflow attempt (more info ...) | attempted-user | 2011-2950 | |||
| 20294 | FILE-IMAGE Adobe Reader and Acrobat Libtiff TIFFFetchShortPair stack buffer overflow attempt (more info ...) | attempted-user | 2006-3459 | |||
| 20429 | FILE-PDF Adobe Acrobat Reader U3D CLODMeshDeceleration code execution attempt (more info ...) | attempted-user | 2014-0523 | 67368 | URL | |
| 20545 | FILE-FLASH Adobe Flash Player SWF embedded font null pointer attempt (more info ...) | attempted-user | 2011-2452 | URL | ||
| 20547 | FILE-FLASH Adobe Flash Player overlapping record overflow attempt (more info ...) | attempted-user | 2011-2453 | URL | ||
| 20548 | FILE-FLASH Adobe Flash Player recursive doaction stack exhaustion (more info ...) | attempted-user | 2011-2457 | URL | ||
| 20549 | FILE-FLASH Adobe Flash Player ActionScript bytecode type confusion attempt (more info ...) | attempted-user | 2011-2451 | URL | ||
| 20550 | FILE-FLASH Adobe Flash Player Mover3D clipping exploit (more info ...) | attempted-user | 2011-2460 | URL | ||
| 20551 | FILE-FLASH Adobe Flash Player Stage 3D texture format overflow attempt (more info ...) | attempted-user | 2011-2456 | URL | ||
| 20555 | FILE-FLASH Adobe Flash MP4 ref_frame allocated buffer overflow attempt (more info ...) | attempted-admin | 2011-2140 | URL | ||
| 20556 | FILE-FLASH Adobe Flash Player PlaceObjectX null pointer dereference attempt (more info ...) | attempted-user | 2011-2450 | URL | ||
| 20557 | FILE-FLASH Adobe Flash Player ActionDefineFunction2 length overflow attempt (more info ...) | attempted-user | 2011-2454 | URL | ||
| 20559 | FILE-MULTIMEDIA Nullsoft Winamp MIDI file buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 20565 | FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 20566 | FILE-OTHER Nullsoft Winamp AMF file buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 20567 | FILE-FLASH Adobe Flash SWF AVM2 namespace lookup deref exploit (more info ...) | attempted-user | 2011-2455 | |||
| 20568 | FILE-FLASH Adobe Flash SWF ActionScript 3 ByteArray class vulnerability (more info ...) | attempted-user | 2011-2445 | |||
| 20575 | FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 20610 | FILE-FLASH Adobe Shockwave Flash Flex authoring tool XSS exploit attempt (more info ...) | attempted-admin | 2011-2461 | URL | ||
| 20636 | FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (more info ...) | attempted-user | 2011-2131 | 49106 | ||
| 20637 | FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (more info ...) | attempted-user | 2011-2131 | 49106 | ||
| 20653 | FILE-MULTIMEDIA Microsoft Windows Media Player ASX file ref href buffer overflow attempt (more info ...) | attempted-user | 2006-6134 | 21247 | URL | |
| 20733 | FILE-IDENTIFY Microsoft Windows Media Player DVR file download request (more info ...) | misc-activity | ||||
| 20734 | FILE-MULTIMEDIA Microsoft Windows Media Player digital video recording buffer overflow attempt (more info ...) | attempted-user | 2011-3401 | URL | ||
| 20744 | OS-WINDOWS Microsoft Windows Media Player DirectShow MPEG-2 memory corruption attempt (more info ...) | attempted-user | 2008-0015 | URL | ||
| 20762 | MALWARE-CNC MacOS.Flashback.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20802 | FILE-PDF Adobe Acrobat Reader PRC file MarkupLinkedItem arbitrary code execution attempt (more info ...) | attempted-user | 2011-4369 | URL | ||
| 20875 | BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash ActiveX clsid access (more info ...) | attempted-user | 2010-2185 | URL | ||
| 20919 | FILE-PDF Adobe Acrobat Reader BMP color unused corruption (more info ...) | attempted-user | 2011-4372 | URL | ||
| 20920 | FILE-PDF Adobe Acrobat Reader DCT dequantizer memory corruption attempt (more info ...) | attempted-user | 2011-4370 | URL | ||
| 20921 | FILE-PDF Adobe Acrobat Reader embedded BMP colors used integer overflow attempt (more info ...) | attempted-user | 2011-4373 | URL | ||
| 20922 | FILE-PDF Adobe Acrobat Reader embedded BMP bit count integer overflow attempt (more info ...) | attempted-user | 2011-4373 | URL | ||
| 20923 | FILE-PDF Adobe Acrobat Reader embedded BMP bit count integer overflow attempt (more info ...) | attempted-user | 2011-4373 | URL | ||
| 20925 | FILE-IDENTIFY Adobe Pagemaker file attachment detected (more info ...) | misc-activity | ||||
| 20926 | FILE-IDENTIFY Adobe Pagemaker file attachment detected (more info ...) | misc-activity | ||||
| 21090 | FILE-MULTIMEDIA Nullsoft Winamp player mp4 memory corruption attempt (more info ...) | attempted-user | 2007-2498 | 23723 | ||
| 21091 | FILE-MULTIMEDIA Nullsoft Winamp player mp4 memory corruption attempt (more info ...) | attempted-user | 2007-2498 | 23723 | ||
| 21112 | FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (more info ...) | attempted-user | 2011-4259 | 50741 | ||
| 21162 | FILE-PDF Adobe Acrobat file extension overflow attempt (more info ...) | attempted-user | 2004-0632 | 10696 | ||
| 21174 | FILE-IDENTIFY RealNetworks RealPlayer realtext file download request (more info ...) | misc-activity | ||||
| 21316 | FILE-OTHER Adobe shockwave director tSAC string termination memory corruption attempt (more info ...) | attempted-user | 2011-2118 | |||
| 21320 | FILE-FLASH Adobe Acrobat Flash Player request for atl.dll over SMB attempt (more info ...) | attempted-user | 2012-0756 | URL | ||
| 21321 | FILE-FLASH Adobe Acrobat Flash Player request for uxtheme.dll over SMB attempt (more info ...) | attempted-user | 2012-0756 | URL | ||
| 21323 | FILE-FLASH Adobe Acrobat Flash Player atl.dll dll-load exploit attempt (more info ...) | attempted-user | 2012-0756 | URL | ||
| 21324 | FILE-FLASH Adobe Acrobat Flash Player uxtheme.dll dll-load exploit attempt (more info ...) | attempted-user | 2012-0756 | URL | ||
| 21325 | FILE-FLASH Adobe Flash Player cross site request forgery attempt (more info ...) | attempted-user | 2012-0767 | URL | ||
| 21326 | FILE-FLASH Adobe Flash Player ActiveX URL import attempt (more info ...) | attempted-user | 2012-0751 | URL | ||
| 21371 | FILE-OTHER Adobe Shockwave Director KEY chunk buffer overflow attempt (more info ...) | attempted-user | 2011-2111 | 48300 | ||
| 21420 | FILE-OTHER RealNetworks RealPlayer compressed skin overflow attempt (more info ...) | attempted-user | 2004-1094 | 11555 | ||
| 21530 | FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (more info ...) | attempted-user | 2012-0769 | 52299 | URL | |
| 21531 | FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (more info ...) | attempted-user | 2012-0769 | 52299 | URL | |
| 21532 | FILE-FLASH Adobe Flash Player action script 3 bitmap malicious rectangle attempt (more info ...) | attempted-user | 2012-0769 | 52299 | URL | |
| 21701 | FILE-IDENTIFY FlashPix file attachment detected (more info ...) | misc-activity | ||||
| 21702 | FILE-IDENTIFY FlashPix file attachment detected (more info ...) | misc-activity | ||||
| 21755 | MALWARE-CNC Apple OSX.Flashback variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21756 | MALWARE-CNC Apple OSX.Flashback variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21757 | MALWARE-CNC Apple OSX.Flashback variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21758 | MALWARE-CNC Apple OSX.Flashback variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21765 | FILE-PDF Adobe Acrobat Reader PDF subroutine pointer attempt (more info ...) | attempted-user | 2006-5857 | |||
| 21807 | FILE-IDENTIFY Adobe Download Manager aom file download request (more info ...) | misc-activity | ||||
| 21808 | FILE-IDENTIFY Adobe Download Manager aom file attachment detected (more info ...) | misc-activity | ||||
| 21809 | FILE-IDENTIFY Adobe Download Manager aom file attachment detected (more info ...) | misc-activity | ||||
| 21810 | FILE-IDENTIFY Adobe Download Manager aom file magic detected (more info ...) | misc-activity | ||||
| 21811 | FILE-IDENTIFY Apple Quicktime FLIC animation file file download request (more info ...) | misc-activity | ||||
| 21812 | FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (more info ...) | misc-activity | ||||
| 21813 | FILE-IDENTIFY Apple Quicktime FLIC animation file file attachment detected (more info ...) | misc-activity | ||||
| 21814 | FILE-IDENTIFY Apple Quicktime FLIC file magic detected (more info ...) | misc-activity | ||||
| 21910 | MALWARE-CNC Apple OSX Flashback malware user-agent (more info ...) | trojan-activity | URL | |||
| 21948 | FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (more info ...) | attempted-user | 2012-2027 | URL | ||
| 22033 | MALWARE-CNC Apple OSX Flashback malware variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22034 | MALWARE-CNC Apple OSX Flashback malware variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22965 | FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (more info ...) | misc-activity | ||||
| 22966 | FILE-IDENTIFY RealNetworks RealPlayer RT file attachment detected (more info ...) | misc-activity | ||||
| 23000 | FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (more info ...) | misc-activity | ||||
| 23001 | FILE-IDENTIFY Microsoft Windows Media Player DVR file attachment detected (more info ...) | misc-activity | ||||
| 23014 | FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (more info ...) | attempted-user | 53464 | |||
| 23098 | FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (more info ...) | attempted-user | 2011-2140 | URL | ||
| 23166 | FILE-PDF Adobe Acrobat Reader XDP encoded download attempt (more info ...) | misc-activity | URL | |||
| 23170 | FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (more info ...) | attempted-user | 2012-0659 | URL | ||
| 23188 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23189 | FILE-IDENTIFY Windows Media Metafile file attachment detected (more info ...) | misc-activity | ||||
| 23263 | FILE-PDF Adobe flash player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | |||
| 23264 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 23265 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 23371 | FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (more info ...) | attempted-user | 2010-2866 | URL | ||
| 23403 | SERVER-WEBAPP Adobe JRun directory traversal attempt (more info ...) | attempted-recon | 2009-1874 | URL | ||
| 23500 | FILE-PDF Adobe Acrobat Reader spell.customDictionaryOpen exploit attempt (more info ...) | attempted-user | 2009-1493 | 34740 | ||
| 23504 | FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (more info ...) | attempted-user | 2009-1492 | 34736 | ||
| 23506 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 23509 | FILE-PDF Adobe Acrobat Reader malformed Richmedia annotation exploit attempt (more info ...) | attempted-admin | 2010-1297 | |||
| 23510 | FILE-PDF Adobe Acrobat Reader File containing Flash use-after-free attack attempt (more info ...) | attempted-user | 2010-1297 | |||
| 23511 | FILE-PDF Adobe Acrobat Reader authplay.dll vulnerability exploit attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 23512 | FILE-PDF Adobe flash player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | |||
| 23564 | FILE-OTHER Adobe Illustrator DSC comment overflow attempt (more info ...) | attempted-user | 2009-4195 | 37192 | ||
| 23565 | FILE-MULTIMEDIA Microsoft Windows AVI DirectShow QuickTime parsing overflow attempt (more info ...) | attempted-user | 2009-1537 | 35139 | URL | |
| 23570 | FILE-MULTIMEDIA Microsoft Windows Media sample duration header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23571 | FILE-MULTIMEDIA Microsoft Windows Media Timecode header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23572 | FILE-MULTIMEDIA Microsoft Windows Media file name header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23573 | FILE-MULTIMEDIA Microsoft Windows Media content type header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23574 | FILE-MULTIMEDIA Microsoft Windows Media pixel aspect ratio header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23575 | FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23576 | FILE-MULTIMEDIA Microsoft Windows Media encryption sample ID header RCE attempt (more info ...) | attempted-user | 2009-2498 | URL | ||
| 23579 | FILE-FLASH Adobe Flash use-after-free attack attempt (more info ...) | attempted-user | 2010-1297 | |||
| 23581 | FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (more info ...) | attempted-user | 2012-0659 | URL | ||
| 23591 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 23592 | FILE-FLASH Adobe Flash Player newfunction memory corruption exploit attempt (more info ...) | attempted-admin | 2010-1297 | |||
| 23623 | FILE-MULTIMEDIA Apple QuickTime VR Track Header Atom heap corruption attempt (more info ...) | attempted-user | 2009-0002 | 33384 | URL | |
| 23720 | FILE-IDENTIFY RealNetworks Realplayer REC file magic detected (more info ...) | misc-activity | URL | |||
| 23721 | FILE-IDENTIFY RealNetworks Realplayer .r1m file magic detected (more info ...) | misc-activity | URL | |||
| 23764 | FILE-IDENTIFY Adobe Download Manager aom file magic detected (more info ...) | misc-activity | ||||
| 23765 | FILE-IDENTIFY Apple Quicktime FLIC file magic detected (more info ...) | misc-activity | ||||
| 23855 | FILE-FLASH string heapspray flash file - likely attack (more info ...) | attempted-user | ||||
| 23856 | FILE-FLASH string heapspray flash file - likely attack (more info ...) | attempted-user | ||||
| 23898 | FILE-PDF Adobe Acrobat Reader collab.collectEmailInfo exploit attempt (more info ...) | attempted-user | 2008-0655 | 27641 | ||
| 24045 | FILE-IDENTIFY Winamp skin file wsz file download request (more info ...) | misc-activity | ||||
| 24046 | FILE-IDENTIFY Winamp skin file wsz file attachment detected (more info ...) | misc-activity | ||||
| 24047 | FILE-IDENTIFY Winamp skin file wsz file attachment detected (more info ...) | misc-activity | ||||
| 24048 | FILE-IDENTIFY Winamp skin file wal file download request (more info ...) | misc-activity | ||||
| 24049 | FILE-IDENTIFY Winamp skin file wal file attachment detected (more info ...) | misc-activity | ||||
| 24050 | FILE-IDENTIFY Winamp skin file wal file attachment detected (more info ...) | misc-activity | ||||
| 24051 | FILE-OTHER Winamp skin file arbitrary code execution attempt (more info ...) | attempted-user | 2004-0820 | 11053 | ||
| 24052 | FILE-OTHER Winamp skin file arbitrary code execution attempt (more info ...) | attempted-user | 2004-0820 | 11053 | ||
| 24124 | FILE-PDF Adobe Acrobat Reader PDF JBIG2 remote code execution attempt (more info ...) | attempted-user | 2009-0658 | 33751 | ||
| 24220 | FILE-MULTIMEDIA Apple QuickTime streaming debug error logging buffer overflow attempt (more info ...) | attempted-user | 2010-1799 | 41962 | ||
| 24272 | FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (more info ...) | attempted-user | 2010-2866 | URL | ||
| 24273 | FILE-OTHER Adobe Director file file Shockwave 3D overflow attempt (more info ...) | attempted-user | 2010-2866 | URL | ||
| 24277 | FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (more info ...) | attempted-user | 2010-3653 | 44291 | URL | |
| 24278 | FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (more info ...) | attempted-user | 2010-3653 | 44291 | URL | |
| 24279 | FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (more info ...) | attempted-user | 2010-3653 | 44291 | URL | |
| 24280 | FILE-OTHER Adobe Shockwave Director rcsL chunk remote code execution attempt (more info ...) | attempted-user | 2010-3653 | 44291 | URL | |
| 24508 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-user | 2010-2862 | 42203 | URL | |
| 24551 | FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 24552 | FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 24553 | FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 24554 | FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 24555 | FILE-IDENTIFY Apple QuickTime PICT v2.0 Image header (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 24640 | FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (more info ...) | attempted-user | 2006-4381 | URL | ||
| 24641 | FILE-MULTIMEDIA Apple QuickTime movie buffer overflow attempt (more info ...) | attempted-user | 2006-4381 | URL | ||
| 24672 | FILE-MULTIMEDIA Adobe Flash Player MP4 sequence parameter set parsing overflow attempt (more info ...) | attempted-user | 2011-2140 | URL | ||
| 24687 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 24688 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 24721 | FILE-PDF Adobe Acrobat Reader empty object page tree node reference attempt (more info ...) | attempted-user | URL | |||
| 24722 | FILE-PDF Adobe Acrobat Reader empty object page tree node reference attempt (more info ...) | attempted-user | URL | |||
| 24723 | BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access attempt (more info ...) | attempted-user | 2011-1391 | |||
| 24724 | BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access attempt (more info ...) | attempted-user | 2011-1391 | |||
| 24725 | BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX clsid access attempt (more info ...) | attempted-user | 2011-1391 | |||
| 24726 | BROWSER-PLUGINS IBM Rational Rhapsody BBFlashback ActiveX function call access attempt (more info ...) | attempted-user | 2011-1391 | |||
| 24768 | SERVER-OTHER RealPlayer Helix rn5auth credential overflow attempt (more info ...) | attempted-admin | 2012-0942 | URL | ||
| 24824 | FILE-IDENTIFY RealPlayer skin file download request (more info ...) | misc-activity | ||||
| 24825 | FILE-IDENTIFY RealPlayer skin file attachment detected (more info ...) | misc-activity | ||||
| 24826 | FILE-IDENTIFY RealPlayer skin file attachment detected (more info ...) | misc-activity | ||||
| 24891 | FILE-FLASH Adobe Flash Player action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 24894 | FILE-FLASH Adobe Flash Player Action InitArray stack overflow attempt (more info ...) | attempted-user | 2012-5269 | URL | ||
| 25266 | SERVER-OTHER Adobe ColdFusion Admin API arbitrary command execution attempt (more info ...) | attempted-user | 2013-0631 | URL | ||
| 25305 | FILE-IDENTIFY Adobe Audition Session file magic detected (more info ...) | misc-activity | ||||
| 25306 | FILE-IDENTIFY Adobe Audition Session file download request (more info ...) | misc-activity | ||||
| 25307 | FILE-IDENTIFY Adobe Audition Session file attachment detected (more info ...) | misc-activity | ||||
| 25308 | FILE-IDENTIFY Adobe Audition Session file attachment detected (more info ...) | misc-activity | ||||
| 25309 | FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (more info ...) | attempted-user | 2011-0614 | 47841 | URL | |
| 25310 | FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (more info ...) | attempted-user | 2011-0614 | 47841 | URL | |
| 25332 | FILE-OTHER Adobe Audition Session file tkrm stack buffer overflow attempt (more info ...) | attempted-user | 2011-0614 | 47841 | URL | |
| 25588 | FILE-PDF Adobe Acrobat Reader FlateDecode integer overflow attempt (more info ...) | attempted-user | 2009-3459 | 36600 | ||
| 25767 | FILE-PDF Adobe Acrobat Reader JPX malformed code-block width memory corruption attempt (more info ...) | attempted-user | 2009-1861 | 35295 | URL | |
| 25814 | FILE-FLASH Adobe Flash Player nested SWF cross domain clickjacking attempt (more info ...) | attempted-recon | 2013-0637 | URL | ||
| 25975 | POLICY-OTHER Adobe ColdFusion admin interface access attempt (more info ...) | policy-violation | 2013-0632 | 57330 | URL | |
| 26027 | FILE-OTHER Adobe Director file file rcsL overflow attempt (more info ...) | attempted-user | 2010-2867 | |||
| 26028 | FILE-OTHER Adobe Shockwave Director rcsL chunk memory corruption attempt (more info ...) | attempted-user | 2010-2873 | 42682 | URL | |
| 26029 | FILE-OTHER Adobe Director remote code execution attempt (more info ...) | attempted-user | 2010-2873 | |||
| 26109 | FILE-MULTIMEDIA Apple QuickTime Obji Atom parsing stack buffer overflow attempt (more info ...) | attempted-user | 2008-1022 | 28583 | ||
| 26110 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 26111 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 26112 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 26113 | FILE-PDF Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 26327 | MALWARE-CNC OSX.Trojan.Flashfake variant outbound connection (more info ...) | trojan-activity | ||||
| 26472 | FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (more info ...) | attempted-user | 2009-0010 | 34938 | ||
| 26564 | FILE-MULTIMEDIA Apple QuickTime movie file clipping region handling heap buffer overflow attempt (more info ...) | attempted-user | 2009-0954 | 35167 | URL | |
| 26621 | SERVER-OTHER Adobe ColdFusion adminapi information disclosure attempt (more info ...) | attempted-recon | 2013-3336 | 59773 | URL | |
| 26667 | FILE-MULTIMEDIA Apple iTunes playlist overflow attempt (more info ...) | attempted-user | 2005-0043 | |||
| 26694 | FILE-PDF Adobe Acrobat Reader dll injection sandbox escape (more info ...) | attempted-user | 2013-2730 | URL | ||
| 26699 | FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 26700 | FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 26701 | FILE-IMAGE Apple QuickTime PICT Image PnSize Opcode Stack Buffer Overflow attempt (more info ...) | attempted-user | 2011-0257 | 49144 | ||
| 26724 | FILE-MULTIMEDIA Apple iTunes Playlist Overflow Attempt (more info ...) | attempted-user | 2005-0043 | |||
| 26854 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected cHRM overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26855 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iCCP overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26856 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sBIT overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26857 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sRGB overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26858 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected bKGD overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26859 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected hIST overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26860 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tRNS overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26861 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected pHYs overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26862 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected sPLT overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26863 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected tIME overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26864 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected iTXt overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26866 | FILE-IMAGE Microsoft Windows Media Player Malformed PNG detected zTXt overflow attempt (more info ...) | attempted-user | 2006-0025 | 18385 | URL | |
| 26976 | FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (more info ...) | attempted-user | 2012-1744 | |||
| 26977 | FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (more info ...) | attempted-user | 2012-1744 | |||
| 26978 | FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (more info ...) | attempted-user | 2012-1744 | |||
| 26979 | FILE-IMAGE Oracle Outside In FlashPix image processing overflow attempt (more info ...) | attempted-user | 2012-1744 | |||
| 27182 | FILE-FLASH Adobe Flash Player malicious swf file download attempt (more info ...) | attempted-user | URL | |||
| 27183 | FILE-FLASH Adobe Flash Player malicious swf file download attempt (more info ...) | attempted-user | URL | |||
| 27184 | FILE-FLASH Adobe Flash Player malicious swf file download attempt (more info ...) | attempted-user | URL | |||
| 27185 | FILE-FLASH Adobe Flash Player malicious swf file download attempt (more info ...) | attempted-user | URL | |||
| 27186 | FILE-FLASH Adobe Flash Player malicious swf file download attempt (more info ...) | attempted-user | URL | |||
| 27187 | FILE-FLASH Adobe Flash Player malicious swf file download attempt (more info ...) | attempted-user | URL | |||
| 27205 | BROWSER-PLUGINS Microsoft Windows Media Services CallHTMLHelp ActiveX buffer overflow attempt (more info ...) | attempted-user | 2008-5232 | 30814 | URL | |
| 27225 | SERVER-OTHER Adobe ColdFusion JRun error page getWriter denial of service attempt (more info ...) | attempted-dos | 2013-3349 | 61039 | URL | |
| 27232 | FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (more info ...) | attempted-user | 2008-2992 | 30035 | ||
| 27233 | FILE-PDF Adobe Acrobat Reader util.printf buffer overflow attempt (more info ...) | attempted-user | 2008-2992 | 30035 | ||
| 27250 | BROWSER-PLUGINS ShockwaveFlash.ShockwaveFlash.9 ActiveX function overflow attempt (more info ...) | attempted-user | ||||
| 27671 | FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (more info ...) | attempted-admin | 2007-6242 | 26951 | ||
| 27800 | BROWSER-PLUGINS Microsoft Windows Media Encoder 9 ActiveX function call access (more info ...) | attempted-user | 2008-3008 | 31065 | URL | |
| 28256 | FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (more info ...) | attempted-user | 2010-3622 | 43729 | URL | |
| 28257 | FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (more info ...) | attempted-user | 2010-3621 | 43726 | URL | |
| 28260 | FILE-PDF Adobe Acrobat Reader ICC remote memory corruption attempt (more info ...) | attempted-user | 2010-3621 | 43726 | URL | |
| 28261 | FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (more info ...) | attempted-user | 2010-3622 | 43729 | URL | |
| 28262 | FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 28266 | FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 28303 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta buffer overflow attempt (more info ...) | attempted-user | 2009-1855 | 35282 | URL | |
| 28388 | FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (more info ...) | attempted-admin | 2010-0195 | 39417 | ||
| 28389 | FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (more info ...) | attempted-admin | 2010-0195 | 39417 | ||
| 28426 | FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0599 | URL | ||
| 28427 | FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0593 | 46211 | URL | |
| 28441 | FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 28442 | FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 28443 | FILE-MULTIMEDIA Apple QuickTime MOV file string handling integer overflow attempt (more info ...) | attempted-user | 2005-2753 | 15306 | ||
| 28451 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 28452 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 28453 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 28454 | FILE-PDF Adobe Acrobat Reader compressed media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | |||
| 28461 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-user | 2010-2862 | 42203 | URL | |
| 28462 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-user | 2010-2862 | 42203 | URL | |
| 28617 | FILE-PDF Adobe Acrobat Reader PDSElementGetPageRangeList recursive call denial of service attempt (more info ...) | attempted-dos | 2013-3351 | 62429 | URL | |
| 28618 | FILE-PDF Adobe Acrobat Reader PDSElementGetPageRangeList recursive call denial of service attempt (more info ...) | attempted-dos | 2013-3351 | 62429 | URL | |
| 28622 | FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (more info ...) | attempted-user | 2011-2462 | URL | ||
| 28623 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | 42203 | URL | |
| 28624 | FILE-PDF Adobe Acrobat font parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2862 | 42203 | URL | |
| 28625 | FILE-PDF Adobe Acrobat Reader U3D rgba parsing overflow attempt (more info ...) | attempted-user | 2011-0591 | 46209 | URL | |
| 28626 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta buffer overflow attempt (more info ...) | attempted-user | 2009-1855 | 35282 | URL | |
| 28627 | FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0599 | URL | ||
| 28628 | FILE-PDF Adobe Acrobat universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0599 | URL | ||
| 28631 | FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (more info ...) | attempted-user | 2007-6242 | 26951 | ||
| 28632 | FILE-FLASH Adobe Flash Player embedded JPG image height overflow attempt (more info ...) | attempted-user | 2007-6242 | 26951 | ||
| 28633 | FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (more info ...) | attempted-user | 2011-0592 | 46210 | URL | |
| 28634 | FILE-PDF Adobe Acrobat Reader CoolType.dll composite glyf buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 28635 | FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 28636 | FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (more info ...) | attempted-user | 2007-0071 | 28695 | URL | |
| 28637 | FILE-FLASH Adobe Flash Player multimedia file DefineSceneAndFrameLabelData code execution attempt (more info ...) | attempted-user | 2007-0071 | 28695 | URL | |
| 28638 | FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 28639 | FILE-PDF Adobe Acrobat Reader CoolType.dll glyf directory table buffer overflow attempt (more info ...) | attempted-user | 2011-2441 | 49581 | URL | |
| 28640 | FILE-FLASH RealNetworks RealPlayer SWF frame handling buffer overflow attempt (more info ...) | attempted-user | 2007-5400 | 30370 | ||
| 28641 | FILE-FLASH RealNetworks RealPlayer SWF frame handling buffer overflow attempt (more info ...) | attempted-user | 2007-5400 | 30370 | ||
| 28642 | FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (more info ...) | attempted-admin | 2010-0195 | 39417 | ||
| 28643 | FILE-PDF Adobe Acrobat TrueType font handling remote code execution attempt (more info ...) | attempted-admin | 2010-0195 | 39417 | ||
| 28660 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2009-1862 | |||
| 28661 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | 2009-1862 | |||
| 28664 | FILE-FLASH RealNetworks RealPlayer SWF flash file buffer overflow attempt (more info ...) | attempted-user | 2006-0323 | 17202 | ||
| 28665 | FILE-FLASH RealNetworks RealPlayer SWF flash file buffer overflow attempt (more info ...) | attempted-user | 2006-0323 | 17202 | ||
| 28666 | FILE-FLASH RealNetworks RealPlayer SWF flash file buffer overflow attempt (more info ...) | attempted-user | 2006-0323 | 17202 | ||
| 28667 | FILE-FLASH Adobe Flash ActionDefineFunction memory access exploit attempt (more info ...) | attempted-user | 2005-2628 | 15334 | ||
| 28668 | FILE-FLASH Adobe Flash ActionDefineFunction memory access exploit attempt (more info ...) | attempted-user | 2005-2628 | 15334 | ||
| 28669 | FILE-FLASH Adobe Flash ActionDefineFunction memory access exploit attempt (more info ...) | attempted-user | 2005-2628 | 15334 | ||
| 28670 | FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (more info ...) | attempted-user | 2005-2628 | 15332 | ||
| 28671 | FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (more info ...) | attempted-user | 2005-2628 | 15332 | ||
| 28672 | FILE-FLASH Adobe Flash frame type identifier memory corruption attempt (more info ...) | attempted-user | 2005-2628 | 15332 | ||
| 28673 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 28674 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 28675 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 28676 | FILE-FLASH Adobe Flash Player newfunction memory corruption attempt (more info ...) | attempted-user | 2010-1297 | 40586 | ||
| 28677 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28678 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28679 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28680 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28681 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28682 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28683 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28684 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28685 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28686 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 28691 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | 46860 | ||
| 28692 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | 46860 | ||
| 28693 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | 46860 | ||
| 28694 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | 46860 | ||
| 28700 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2013-0634 | 57787 | URL | |
| 28709 | FILE-PDF Adobe Acrobat Universal 3D stream memory corruption attempt (more info ...) | attempted-user | 2011-0592 | 46210 | URL | |
| 28716 | FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (more info ...) | attempted-user | 2009-2985 | |||
| 28717 | FILE-PDF Adobe Acrobat Reader compact font format memory corruption attempt (more info ...) | attempted-user | 2009-2985 | |||
| 28718 | FILE-PDF Adobe Acrobat Reader memory corruption attempt (more info ...) | attempted-user | 2010-2202 | 41234 | ||
| 28719 | FILE-PDF Adobe Acrobat Reader memory corruption attempt (more info ...) | attempted-user | 2010-2202 | 41234 | ||
| 28720 | FILE-PDF Adobe Acrobat Reader memory corruption attempt (more info ...) | attempted-user | 2010-2202 | 41234 | ||
| 28721 | FILE-PDF Adobe Acrobat Reader memory corruption attempt (more info ...) | attempted-user | 2010-2202 | 41234 | ||
| 28725 | FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (more info ...) | attempted-user | 2010-3622 | 43729 | URL | |
| 28726 | FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (more info ...) | attempted-user | 2010-3622 | 43729 | URL | |
| 28727 | FILE-PDF Adobe Acrobat Reader ICC mluc integer overflow attempt (more info ...) | attempted-user | 2010-3622 | 43729 | URL | |
| 28728 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28729 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28730 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28731 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28732 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28733 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28734 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28735 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28736 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28737 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28738 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28739 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28740 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28741 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28742 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28743 | FILE-PDF Adobe Acrobat Reader media.newPlayer memory corruption attempt (more info ...) | attempted-user | 2009-4324 | 37331 | ||
| 28747 | FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0593 | 46211 | URL | |
| 28748 | FILE-PDF Adobe Acrobat Reader universal 3D format memory corruption attempt (more info ...) | attempted-user | 2011-0593 | 46211 | URL | |
| 28790 | FILE-PDF Adobe Acrobat Reader universal 3D stream memory corruption attempt (more info ...) | attempted-user | 2011-0592 | 46210 | URL | |
| 29207 | FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29208 | FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29209 | FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29212 | FILE-OTHER RealNetworks RealPlayer RMP file heap buffer overflow attempt (more info ...) | attempted-admin | 2013-6877 | 64398 | ||
| 29394 | BROWSER-WEBKIT Apple WebKit QuickTime plugin content-type http header buffer overflow attempt (more info ...) | attempted-user | 2012-3753 | URL | ||
| 29433 | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt (more info ...) | attempted-user | 2012-5679 | URL | ||
| 29434 | FILE-IMAGE Apple QuickTime PICT file overread buffer overflow attempt (more info ...) | attempted-user | 2008-1019 | 28583 | ||
| 29435 | FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (more info ...) | attempted-user | 2009-0010 | 34938 | ||
| 29436 | FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (more info ...) | attempted-user | 2009-0010 | 34938 | ||
| 29444 | EXPLOIT-KIT Fiesta exploit kit flashplayer11 payload download (more info ...) | trojan-activity | ||||
| 29620 | FILE-IMAGE Adobe Photoshop malformed PNG detected tRNS overflow attempt (more info ...) | attempted-user | 2012-4170 | 18385 | URL | |
| 29622 | FILE-PDF Adobe Acrobat Reader malformed shading modifier heap corruption attempt (more info ...) | attempted-user | 2011-2462 | URL | ||
| 29669 | FILE-PDF Adobe Acrobat Reader pattern object memory corruption attempt (more info ...) | attempted-user | 2014-0495 | 64803 | URL | |
| 29932 | FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (more info ...) | attempted-user | 2014-0499 | 65703 | URL | |
| 29933 | FILE-FLASH Adobe Flash Player PCRE regexp out of bounds memory leak ASLR bypass attempt (more info ...) | attempted-user | 2014-0499 | 65703 | URL | |
| 29934 | FILE-FLASH Adobe Flash regular expression grouping depth buffer overflow attempt (more info ...) | attempted-user | 2014-0499 | 65703 | URL | |
| 30146 | FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (more info ...) | attempted-user | 2014-0503 | URL | ||
| 30147 | FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (more info ...) | attempted-user | 2014-0503 | URL | ||
| 30148 | FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (more info ...) | attempted-user | 2014-0503 | URL | ||
| 30149 | FILE-FLASH Adobe Flash incorrect null uri character normalization attempt (more info ...) | attempted-user | 2014-0503 | URL | ||
| 30236 | FILE-PDF Adobe Acrobat Reader field flags exploit attempt (more info ...) | attempted-user | 2011-0589 | URL | ||
| 30347 | FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (more info ...) | attempted-user | 2009-3794 | |||
| 30348 | FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (more info ...) | attempted-user | 2009-3794 | |||
| 30349 | FILE-FLASH Adobe Flash Player JPEG parsing heap overflow attempt (more info ...) | attempted-user | 2009-3794 | |||
| 30539 | FILE-FLASH Adobe Flash Player navigateToUrl hidden channel to file creation (more info ...) | attempted-user | 2014-0508 | |||
| 30540 | FILE-FLASH Adobe Flash Player navigateToUrl hidden channel to file creation (more info ...) | attempted-user | 2014-0508 | |||
| 30843 | FILE-FLASH Adobe Acrobat Reader cross-site scripting attempt (more info ...) | attempted-user | 2014-0509 | 66703 | URL | |
| 30844 | FILE-FLASH Adobe Acrobat Reader cross-site scripting attempt (more info ...) | attempted-user | 2014-0509 | 66703 | URL | |
| 31027 | FILE-OTHER Adobe Acrobat EMF conversion heap buffer overflow attempt (more info ...) | attempted-user | 2018-16021 | 67632 | URL | |
| 31028 | FILE-OTHER Adobe Acrobat EMF conversion heap buffer overflow attempt (more info ...) | attempted-user | 2018-16021 | 67632 | URL | |
| 31043 | BROWSER-PLUGINS Apple Quicktime ActiveX Control use after free (more info ...) | attempted-user | 2012-3754 | 56438 | ||
| 31044 | BROWSER-PLUGINS Apple Quicktime ActiveX Control use after free (more info ...) | attempted-user | 2012-3754 | 56438 | ||
| 31245 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2014-0520 | URL | ||
| 31246 | FILE-FLASH Adobe Flash malformed regular expression exploit attempt (more info ...) | attempted-user | 2014-0520 | URL | ||
| 31281 | FILE-FLASH Adobe Flash Player redirect attempt (more info ...) | attempted-user | 2014-0535 | 67970 | URL | |
| 31282 | FILE-FLASH Adobe Flash Player redirect attempt (more info ...) | attempted-user | 2014-0535 | 67970 | URL | |
| 31291 | FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (more info ...) | attempted-user | 2014-0521 | URL | ||
| 31292 | FILE-PDF Adobe Acrobat Reader DynamicAnnotStore exploit attempt (more info ...) | attempted-user | 2014-0521 | URL | ||
| 31308 | FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (more info ...) | attempted-user | 2009-0010 | 34938 | ||
| 31309 | FILE-MULTIMEDIA Apple QuickTime pict image poly structure memory corruption attempt (more info ...) | attempted-user | 2009-0010 | 34938 | ||
| 31320 | BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (more info ...) | attempted-user | 2005-0035 | 12989 | URL | |
| 31321 | BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (more info ...) | attempted-user | 2006-6027 | 21155 | URL | |
| 31322 | BROWSER-PLUGINS Adobe Multiple Product AcroPDF.PDF ActiveX exploit attempt (more info ...) | attempted-user | 2005-0035 | 12989 | URL | |
| 31376 | FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (more info ...) | attempted-user | 2011-4259 | 50741 | ||
| 31392 | FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (more info ...) | attempted-user | 2014-4671 | URL | ||
| 31393 | FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (more info ...) | attempted-user | 2014-4671 | URL | ||
| 31394 | FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (more info ...) | attempted-user | 2014-4671 | URL | ||
| 31395 | FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (more info ...) | attempted-user | 2014-4671 | URL | ||
| 31396 | FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (more info ...) | attempted-user | 2014-4671 | URL | ||
| 31397 | FILE-FLASH Adobe JSONP callback API vulnerability exploitation attempt (more info ...) | attempted-user | 2014-4671 | URL | ||
| 31399 | POLICY-OTHER Rosetta Flash tool use attempt (more info ...) | policy-violation | 2015-3096 | URL | ||
| 31400 | POLICY-OTHER Rosetta Flash tool use attempt (more info ...) | policy-violation | 2015-3096 | URL | ||
| 31401 | POLICY-OTHER Rosetta Flash tool use attempt (more info ...) | policy-violation | 2015-3096 | URL | ||
| 31407 | BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (more info ...) | attempted-user | 2014-0527 | URL | ||
| 31409 | BROWSER-PLUGINS Adobe Reader 11 messageHandler ActiveX access attempt (more info ...) | attempted-user | 2014-0527 | URL | ||
| 31411 | OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | 42855 | URL | |
| 31412 | OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | 42855 | URL | |
| 31413 | OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | 42855 | URL | |
| 31414 | OS-WINDOWS Microsoft Windows Media Encoder wmerrorDAN.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | 42855 | URL | |
| 31415 | OS-WINDOWS Microsoft Windows Media Encoder winietDAN.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | 42855 | URL | |
| 31416 | OS-WINDOWS Microsoft Windows Media Encoder asferrorDAN.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3965 | 42855 | URL | |
| 31439 | FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (more info ...) | attempted-user | 2012-2049 | 55024 | URL | |
| 31440 | FILE-PDF Adobe Acrobat Reader Texture Declaration buffer overflow attempt (more info ...) | attempted-user | 2012-2049 | 55024 | URL | |
| 31489 | FILE-FLASH Adobe Flash Player security sandbox bypass attempt (more info ...) | policy-violation | 2014-0534 | 67963 | URL | |
| 31490 | FILE-FLASH Adobe Flash Player security sandbox bypass attempt (more info ...) | policy-violation | 2014-0534 | 67963 | URL | |
| 31491 | FILE-FLASH Adobe Flash Player security sandbox bypass attempt (more info ...) | policy-violation | 2014-0534 | 67963 | URL | |
| 31492 | FILE-FLASH Adobe Flash Player security sandbox bypass attempt (more info ...) | policy-violation | 2014-0534 | 67963 | URL | |
| 31493 | FILE-FLASH Adobe Flash Player security sandbox bypass attempt (more info ...) | policy-violation | 2014-0534 | 67963 | URL | |
| 31494 | FILE-FLASH Adobe Flash Player security sandbox bypass attempt (more info ...) | policy-violation | 2014-0534 | 67963 | URL | |
| 31549 | FILE-FLASH Adobe Flash Player feed scheme security sandbox bypass attempt (more info ...) | policy-violation | 2014-0539 | 68454 | URL | |
| 31550 | FILE-FLASH Adobe Flash Player feed scheme security sandbox bypass attempt (more info ...) | policy-violation | 2014-0539 | 68454 | URL | |
| 31551 | FILE-FLASH Adobe Flash Player pcast scheme security sandbox bypass attempt (more info ...) | policy-violation | 2014-0539 | 68454 | URL | |
| 31552 | FILE-FLASH Adobe Flash Player feed scheme security sandbox bypass attempt (more info ...) | policy-violation | 2014-0539 | 68454 | URL | |
| 31553 | FILE-FLASH Adobe Flash Player feed scheme security sandbox bypass attempt (more info ...) | policy-violation | 2014-0539 | 68454 | URL | |
| 31554 | FILE-FLASH Adobe Flash Player pcast scheme security sandbox bypass attempt (more info ...) | policy-violation | 2014-0539 | 68454 | URL | |
| 31587 | FILE-PDF Adobe Acrobat Reader XDP encoded download attempt (more info ...) | misc-activity | URL | |||
| 31614 | POLICY-OTHER Adobe Flash Player possible cross-domain bypass attempt (more info ...) | policy-violation | 2014-0537 | 68455 | URL | |
| 31673 | FILE-FLASH Adobe Flash Player URL handling remote code execution attempt (more info ...) | attempted-admin | 2014-0541 | 69191 | URL | |
| 31674 | FILE-FLASH Adobe Flash Broker write to junction exploit attempt (more info ...) | attempted-user | 2014-0520 | URL | ||
| 31675 | FILE-FLASH Adobe Flash Broker write to junction exploit attempt (more info ...) | attempted-user | 2014-0520 | URL | ||
| 31676 | FILE-FLASH Adobe Flash Broker write to junction exploit attempt (more info ...) | attempted-user | 2014-0520 | URL | ||
| 31677 | FILE-FLASH Adobe Flash Broker write to junction exploit attempt (more info ...) | attempted-user | 2014-0520 | URL | ||
| 31684 | FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (more info ...) | policy-violation | 2014-0516 | 67361 | URL | |
| 31685 | FILE-FLASH Adobe Flash Player cross-origin security policy bypass attempt (more info ...) | policy-violation | 2014-0516 | 67361 | URL | |
| 31739 | FILE-FLASH Adobe Flash Player corrupt image memory leak (more info ...) | attempted-user | 2014-0545 | 69197 | URL | |
| 31861 | FILE-FLASH Adobe Flash Player corrupt image memory leak (more info ...) | attempted-user | 2014-0542 | 69194 | ||
| 31862 | FILE-FLASH Adobe Flash Player corrupt image memory leak (more info ...) | attempted-user | 2014-0542 | 69194 | ||
| 32026 | FILE-FLASH Adobe Flash Player invalid TRCK frame attempt (more info ...) | attempted-user | 2014-0552 | 69703 | URL | |
| 32027 | FILE-FLASH Adobe Flash Player invalid TRCK frame attempt (more info ...) | attempted-user | 2014-0552 | 69703 | URL | |
| 32099 | FILE-OTHER Adobe Flash Player integer overflow out-of-bounds read attempt (more info ...) | attempted-user | 2014-0547 | 69695 | ||
| 32100 | FILE-OTHER Adobe Flash Player integer overflow out-of-bounds read attempt (more info ...) | attempted-user | 2014-0547 | 69695 | ||
| 32358 | FILE-PDF Adobe Acrobat Reader JpxDecode invalid crgn memory corruption attempt (more info ...) | attempted-user | 2009-3955 | 37757 | ||
| 32626 | BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (more info ...) | attempted-user | 2014-8442 | 71040 | URL | |
| 32627 | BROWSER-PLUGINS Adobe Flash broker privilege escalation file creation attempt (more info ...) | attempted-user | 2014-8442 | 71040 | URL | |
| 32638 | EXPLOIT-KIT Sweet Orange exploit kit Adobe Flash exploit on defined port (more info ...) | trojan-activity | ||||
| 32738 | FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (more info ...) | attempted-user | 2012-0664 | |||
| 32739 | FILE-MULTIMEDIA Apple QuickTime text track descriptors heap buffer overflow attempt (more info ...) | attempted-user | 2012-0664 | |||
| 32771 | MALWARE-OTHER Adobe Invoice email scam phishing attempt (more info ...) | trojan-activity | URL | |||
| 32772 | MALWARE-OTHER Adobe License Key email scam phishing attempt (more info ...) | trojan-activity | URL | |||
| 32797 | FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (more info ...) | policy-violation | 2014-8452 | URL | ||
| 32798 | FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (more info ...) | policy-violation | 2014-8452 | URL | ||
| 32799 | FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (more info ...) | policy-violation | 2014-8452 | URL | ||
| 32800 | FILE-PDF Adobe Acrobat Reader XFA loadXML escape attempt (more info ...) | policy-violation | 2014-8452 | URL | ||
| 32806 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32807 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32808 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32809 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32810 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32811 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32812 | FILE-FLASH Adobe Flash Player regex buffer overflow attempt (more info ...) | attempted-user | 2014-9162 | URL | ||
| 32817 | FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (more info ...) | attempted-dos | 2015-5578 | 69707 | URL | |
| 32818 | FILE-FLASH Adobe Flash Player corrupt MP4 video denial of service attempt (more info ...) | attempted-dos | 2015-5578 | 69707 | URL | |
| 32838 | FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (more info ...) | attempted-user | 2014-8451 | URL | ||
| 32839 | FILE-PDF Adobe Acrobat Reader ANTrustPropgateAll privilege propagation attempt (more info ...) | attempted-user | 2014-8451 | URL | ||
| 32867 | FILE-PDF Adobe Acrobat Reader resampling invalid graphic matrix value attempt (more info ...) | attempted-user | 2014-9159 | URL | ||
| 32868 | FILE-PDF Adobe Acrobat Reader resampling invalid graphic matrix value attempt (more info ...) | attempted-user | 2014-9159 | URL | ||
| 32883 | FILE-OTHER Adobe Reader MoveFileEx arbitrary file write attempt (more info ...) | misc-attack | 2014-9150 | URL | ||
| 32884 | FILE-OTHER Adobe Reader MoveFileEx arbitrary file write attempt (more info ...) | misc-attack | 2014-9150 | URL | ||
| 32898 | FILE-MULTIMEDIA Quicktime MJPEG Frame stsd Atom Heap Overflow attempt (more info ...) | attempted-user | 2013-1020 | |||
| 32899 | FILE-MULTIMEDIA Quicktime MJPEG Frame stsd Atom Heap Overflow attempt (more info ...) | attempted-user | 2013-1020 | |||
| 32900 | FILE-FLASH Adobe Flash pepper player 307 redirect custom header cross domain policy evasion attempt (more info ...) | attempted-user | 2014-0580 | |||
| 33023 | FILE-OTHER Apple Quicktime invalid rdrf atom length buffer overflow attempt (more info ...) | attempted-admin | 2013-1017 | 60097 | URL | |
| 33159 | FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (more info ...) | attempted-dos | 2014-0590 | URL | ||
| 33160 | FILE-FLASH Adobe Flash Player AVM2 opcode type confusion denial of service attempt (more info ...) | attempted-dos | 2014-0590 | URL | ||
| 33164 | FILE-FLASH Adobe Flash Player RTMP out-of-bounds read attempt (more info ...) | attempted-user | 2014-0549 | 69699 | URL | |
| 33213 | FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (more info ...) | attempted-user | 2010-2168 | URL | ||
| 33214 | FILE-PDF Adobe Acrobat Reader newfunction memory corruption attempt (more info ...) | attempted-user | 2010-2168 | URL | ||
| 33295 | FILE-FLASH Adobe Flash Player sound object heap buffer overflow attempt (more info ...) | attempted-user | 2015-0304 | URL | ||
| 33296 | FILE-FLASH Adobe Flash Player sound object heap buffer overflow attempt (more info ...) | attempted-user | 2015-0304 | URL | ||
| 33297 | FILE-FLASH Adobe Flash Player sound object heap buffer overflow attempt (more info ...) | attempted-user | 2015-0304 | URL | ||
| 33298 | FILE-FLASH Adobe Flash Player sound object heap buffer overflow attempt (more info ...) | attempted-user | 2015-0304 | URL | ||
| 33475 | FILE-FLASH Adobe Flash Player byte array use after free attempt (more info ...) | attempted-user | 2015-0312 | URL | ||
| 33476 | FILE-FLASH Adobe Flash Player byte array use after free attempt (more info ...) | attempted-user | 2015-0312 | URL | ||
| 33477 | FILE-FLASH Adobe Flash Player byte array use after free attempt (more info ...) | attempted-user | 2015-0312 | URL | ||
| 33478 | FILE-FLASH Adobe Flash Player byte array use after free attempt (more info ...) | attempted-user | 2015-0312 | URL | ||
| 33527 | FILE-FLASH Adobe Flash Player PCRE library out of bounds memory access attempt (more info ...) | denial-of-service | 2015-0316 | URL | ||
| 33528 | FILE-FLASH Adobe Flash Player PCRE library out of bounds memory access attempt (more info ...) | denial-of-service | 2015-0316 | URL | ||
| 33529 | FILE-FLASH Adobe Flash Player PCRE library out of bounds memory access attempt (more info ...) | denial-of-service | 2015-0316 | URL | ||
| 33530 | FILE-FLASH Adobe Flash Player PCRE library out of bounds memory access attempt (more info ...) | denial-of-service | 2015-0316 | URL | ||
| 33549 | FILE-FLASH Adobe Flash Player addHeader null pointer dereference attempt (more info ...) | denial-of-service | 2015-0328 | URL | ||
| 33550 | FILE-FLASH Adobe Flash Player addHeader null pointer dereference attempt (more info ...) | denial-of-service | 2015-0328 | URL | ||
| 33551 | FILE-FLASH Adobe Flash Player addHeader null pointer dereference attempt (more info ...) | denial-of-service | 2015-0328 | URL | ||
| 33552 | FILE-FLASH Adobe Flash Player addHeader null pointer dereference attempt (more info ...) | denial-of-service | 2015-0328 | URL | ||
| 33575 | FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (more info ...) | attempted-user | 2009-0007 | 33390 | ||
| 33577 | FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (more info ...) | attempted-user | 2009-0007 | 33390 | ||
| 33578 | FILE-MULTIMEDIA Apple QuickTime STSD JPEG atom heap corruption attempt (more info ...) | attempted-user | 2009-0007 | 33390 | ||
| 33584 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 33585 | FILE-FLASH Adobe Flash Player ASnative command execution attempt (more info ...) | attempted-user | 2008-5499 | 32896 | URL | |
| 33586 | FILE-MULTIMEDIA Apple QuickTime Image Description Atom sign extension memory corruption attempt (more info ...) | attempted-user | 2009-0955 | 35166 | URL | |
| 33589 | FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (more info ...) | attempted-user | 2017-3028 | URL | ||
| 33590 | FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (more info ...) | attempted-user | 2017-3028 | URL | ||
| 33591 | FILE-IMAGE Adobe Photoshop CS4 TIFF parsing heap overflow attempt (more info ...) | attempted-user | 2012-2027 | URL | ||
| 33592 | FILE-OTHER Adobe Shockwave Player SwDir.dll PlayerVersion Buffer Overflow attempt (more info ...) | attempted-user | 2009-3244 | 36905 | URL | |
| 33593 | FILE-OTHER Adobe Shockwave Player SwDir.dll PlayerVersion Buffer Overflow attempt (more info ...) | attempted-user | 2009-3244 | 36905 | URL | |
| 33615 | FILE-IMAGE Adobe Photoshop CS5 gif file heap corruption attempt (more info ...) | attempted-user | 2011-2131 | 49106 | ||
| 33634 | FILE-FLASH Adobe Flash Player decompressing denial of service attempt (more info ...) | attempted-dos | 2010-0187 | |||
| 33635 | FILE-FLASH Adobe Flash Player decompressing denial of service attempt (more info ...) | attempted-dos | 2010-0187 | |||
| 33824 | FILE-FLASH Adobe Flash Player memory corruption attempt (more info ...) | attempted-user | 2011-0609 | URL | ||
| 33908 | FILE-PDF Adobe Acrobat Reader CoolType.dll out-of-bounds memory write access attempt (more info ...) | attempted-user | 2014-9160 | |||
| 33909 | FILE-PDF Adobe Acrobat Reader CoolType.dll out-of-bounds memory write access attempt (more info ...) | attempted-user | 2014-9160 | |||
| 33971 | FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (more info ...) | attempted-user | 2015-0340 | |||
| 33972 | FILE-FLASH Adobe Flash Player cross domain policy bypass attempt (more info ...) | attempted-user | 2015-0340 | |||
| 33973 | FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (more info ...) | attempted-user | 2015-0340 | |||
| 33974 | FILE-FLASH Adobe Flash Player compressed file cross domain policy bypass attempt (more info ...) | attempted-user | 2015-0340 | |||
| 34147 | FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (more info ...) | attempted-user | 2015-0357 | URL | ||
| 34148 | FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (more info ...) | attempted-user | 2015-0357 | URL | ||
| 34149 | FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (more info ...) | attempted-user | 2015-0357 | URL | ||
| 34150 | FILE-FLASH Adobe Flash Player ConvolutionFilter heap information disclosure attempt (more info ...) | attempted-user | 2015-0357 | URL | ||
| 34176 | FILE-FLASH Adobe Flash Player domain security bypass attempt (more info ...) | attempted-user | 2015-3044 | URL | ||
| 34177 | FILE-FLASH Adobe Flash Player domain security bypass attempt (more info ...) | attempted-user | 2015-3044 | URL | ||
| 34232 | FILE-FLASH Adobe Flash Player potential information disclosure attempt (more info ...) | attempted-user | 2015-3040 | URL | ||
| 34233 | FILE-FLASH Adobe Flash Player potential information disclosure attempt (more info ...) | attempted-user | 2015-3040 | URL | ||
| 34234 | FILE-FLASH Adobe Flash Player potential information disclosure attempt (more info ...) | attempted-user | 2015-3040 | URL | ||
| 34235 | FILE-FLASH Adobe Flash Player potential information disclosure attempt (more info ...) | attempted-user | 2015-3040 | URL | ||
| 34253 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (more info ...) | attempted-dos | 2015-0354 | URL | ||
| 34254 | FILE-FLASH Adobe Flash Player malformed CEA-708 packet denial of service attempt (more info ...) | attempted-dos | 2015-0354 | URL | ||
| 34334 | EXPLOIT-KIT Fiesta exploit kit Adobe Reader exploit download (more info ...) | trojan-activity | ||||
| 34528 | FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (more info ...) | attempted-admin | 2015-3055 | URL | ||
| 34529 | FILE-PDF Adobe Acrobat Reader AVDoc use-after-free attempt (more info ...) | attempted-admin | 2015-3055 | URL | ||
| 34532 | FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (more info ...) | attempted-recon | 2015-3058 | URL | ||
| 34533 | FILE-PDF Adobe Acrobat Reader customDictionaryExport information disclosure attempt (more info ...) | attempted-recon | 2015-3058 | URL | ||
| 34534 | FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (more info ...) | attempted-user | 2015-3047 | URL | ||
| 34535 | FILE-PDF Adobe Acrobat Reader PRC invalid index attempt (more info ...) | attempted-user | 2015-3047 | URL | ||
| 34536 | FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (more info ...) | attempted-recon | 2015-3091 | |||
| 34537 | FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (more info ...) | attempted-recon | 2015-3091 | |||
| 34573 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34574 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34575 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34576 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34577 | FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (more info ...) | attempted-recon | 2015-3092 | 74617 | URL | |
| 34578 | FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (more info ...) | attempted-recon | 2015-3092 | 74617 | URL | |
| 34579 | FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (more info ...) | attempted-recon | 2015-3092 | 74617 | URL | |
| 34580 | FILE-FLASH Adobe Flash Player uninitialized register memory leak attempt (more info ...) | attempted-recon | 2015-3092 | 74617 | URL | |
| 34585 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34586 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3083 | URL | ||
| 34587 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34588 | FILE-FLASH Adobe Flash Player BrokerMoveFileEx sandbox escape attempt (more info ...) | attempted-admin | 2015-3081 | URL | ||
| 34811 | FILE-FLASH Adobe Flash Player assumed trust URI reference to child file attempt (more info ...) | attempted-user | 2015-3098 | URL | ||
| 34812 | FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (more info ...) | policy-violation | 2015-3099 | URL | ||
| 34813 | FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (more info ...) | policy-violation | 2015-3099 | URL | ||
| 34814 | FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (more info ...) | policy-violation | 2015-3099 | URL | ||
| 34815 | FILE-FLASH Adobe Flash Player Security.allowDomain cross domain policy bypass attempt (more info ...) | policy-violation | 2015-3099 | URL | ||
| 34836 | FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (more info ...) | attempted-user | 2015-3102 | URL | ||
| 34837 | FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (more info ...) | attempted-user | 2015-3102 | URL | ||
| 34838 | FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (more info ...) | attempted-user | 2015-3102 | URL | ||
| 34839 | FILE-FLASH Adobe Flash Player invalid URL encoding exploit attempt (more info ...) | attempted-user | 2015-3102 | URL | ||
| 34858 | FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (more info ...) | misc-attack | 2015-3108 | URL | ||
| 34859 | FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (more info ...) | misc-attack | 2015-3108 | URL | ||
| 34860 | FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (more info ...) | misc-attack | 2015-3108 | URL | ||
| 34861 | FILE-FLASH Adobe Flash Player BitmapData shader bit information disclosure attempt (more info ...) | misc-attack | 2015-3108 | URL | ||
| 34992 | MALWARE-OTHER Adobe Flash exploit download attempt - Group 6 (more info ...) | trojan-activity | URL | |||
| 35022 | FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (more info ...) | attempted-user | 2015-3667 | URL | ||
| 35023 | FILE-MULTIMEDIA Apple Quicktime corrupt stbl atom out of bounds read attempt (more info ...) | attempted-user | 2015-3667 | URL | ||
| 35282 | FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (more info ...) | attempted-user | 2014-0578 | URL | ||
| 35283 | FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (more info ...) | attempted-user | 2014-0578 | URL | ||
| 35284 | FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (more info ...) | attempted-user | 2014-0578 | URL | ||
| 35285 | FILE-FLASH Adobe Flash Player cross-site information disclosure attempt (more info ...) | attempted-user | 2014-0578 | URL | ||
| 35286 | FILE-FLASH Adobe Flash Player universal allowDomain command proxying attempt (more info ...) | policy-violation | 2015-3116 | URL | ||
| 35287 | FILE-FLASH Adobe Flash Player universal allowDomain command proxying attempt (more info ...) | policy-violation | 2015-3116 | URL | ||
| 35288 | FILE-FLASH Adobe Flash Player universal allowDomain command proxying attempt (more info ...) | policy-violation | 2015-3116 | URL | ||
| 35289 | FILE-FLASH Adobe Flash Player universal allowDomain command proxying attempt (more info ...) | policy-violation | 2015-3116 | URL | ||
| 35333 | EXPLOIT-KIT Angler exploit kit Flash download attempt (more info ...) | attempted-user | ||||
| 35334 | EXPLOIT-KIT Angler exploit kit Flash download attempt (more info ...) | attempted-user | ||||
| 35335 | EXPLOIT-KIT Angler exploit kit Flash download attempt (more info ...) | attempted-user | ||||
| 35376 | FILE-FLASH Adobe Flash Player cross-site file download attempt (more info ...) | attempted-user | 2015-3114 | URL | ||
| 35377 | FILE-FLASH Adobe Flash Player cross-site file download attempt (more info ...) | attempted-user | 2015-3114 | URL | ||
| 35378 | FILE-FLASH Adobe Flash Player cross-site file download attempt (more info ...) | attempted-user | 2015-3114 | URL | ||
| 35379 | FILE-FLASH Adobe Flash Player cross-site file download attempt (more info ...) | attempted-user | 2015-3114 | URL | ||
| 35542 | EXPLOIT-KIT Nuclear exploit kit flash exploit download attempt (more info ...) | attempted-user | ||||
| 35543 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 35544 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 35545 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 35546 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 35547 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 35548 | FILE-FLASH Adobe Flash Player remote code execution attempt (more info ...) | attempted-user | ||||
| 35560 | FILE-MULTIMEDIA Apple QuickTime invalid stsd atom out of bounds read attempt (more info ...) | attempted-user | 2015-3789 | 26341 | URL | |
| 35561 | FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (more info ...) | attempted-user | 2015-3792 | URL | ||
| 35562 | FILE-MULTIMEDIA Apple QuickTime mdat atom corruption out of bounds read attempt (more info ...) | attempted-user | 2015-3792 | URL | ||
| 35563 | FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (more info ...) | attempted-user | 2015-3791 | URL | ||
| 35564 | FILE-MULTIMEDIA Apple QuickTime esds atom buffer overread attempt (more info ...) | attempted-user | 2015-3791 | URL | ||
| 35567 | FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (more info ...) | attempted-user | 2015-3790 | URL | ||
| 35568 | FILE-MULTIMEDIA Apple QuickTime invalid mvhd atom size out of bounds read attempt (more info ...) | attempted-user | 2015-3790 | URL | ||
| 35628 | FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (more info ...) | attempted-user | 2015-5786 | URL | ||
| 35629 | FILE-MULTIMEDIA Apple QuickTime tkhd atom matrix integer overflow attempt (more info ...) | attempted-user | 2015-5786 | URL | ||
| 35636 | FILE-FLASH Adobe Flash invalid swf tag parsing buffer overflow attempt (more info ...) | attempted-dos | 2015-5132 | |||
| 35637 | FILE-FLASH Adobe Flash invalid swf tag parsing buffer overflow attempt (more info ...) | attempted-dos | 2015-5132 | |||
| 35638 | FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (more info ...) | attempted-user | 2015-5540 | |||
| 35639 | FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (more info ...) | attempted-user | 2015-5540 | |||
| 35640 | FILE-FLASH Adobe Flash Player childNodes XML object after free attempt (more info ...) | attempted-user | 2015-5540 | |||
| 35641 | FILE-FLASH Adobe Flash Player childNodes XML object use after free attempt (more info ...) | attempted-user | 2015-5540 | |||
| 35664 | FILE-FLASH Adobe Flash Player DefineVideoStream out of bounds memory access attempt (more info ...) | attempted-user | 2015-5552 | URL | ||
| 35665 | FILE-FLASH Adobe Flash Player DefineVideoStream out of bounds memory access attempt (more info ...) | attempted-user | 2015-5552 | URL | ||
| 35757 | FILE-PDF Adobe Reader exclGroup element null pointer dereference attempt (more info ...) | attempted-user | 2015-4443 | URL | ||
| 35758 | FILE-PDF Adobe Reader exclGroup element null pointer dereference attempt (more info ...) | attempted-user | 2015-4443 | URL | ||
| 35781 | FILE-PDF Adobe Acrobat Reader privileged method protection bypass attempt (more info ...) | attempted-user | 2015-4452 | URL | ||
| 35782 | FILE-PDF Adobe Acrobat Reader privileged method protection bypass attempt (more info ...) | attempted-user | 2015-4452 | URL | ||
| 35784 | FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (more info ...) | attempted-user | 2015-4444 | |||
| 35785 | FILE-PDF Adobe Reader AcroForm null pointer dereference attempt (more info ...) | attempted-user | 2015-4444 | |||
| 35786 | FILE-PDF Adobe Acrobat Reader trusted function privilege escalation attempt (more info ...) | attempted-user | 2015-4451 | URL | ||
| 35787 | FILE-PDF Adobe Acrobat Reader trusted function privilege escalation attempt (more info ...) | attempted-user | 2015-4451 | URL | ||
| 35805 | FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (more info ...) | attempted-user | 2015-4446 | URL | ||
| 35806 | FILE-EXECUTABLE Adobe Reader NtSetInformationFile privilege escalation attempt (more info ...) | attempted-user | 2015-4446 | URL | ||
| 35807 | FILE-PDF Adobe Reader validation bypass privilege escalation attempt (more info ...) | attempted-admin | 2015-5090 | URL | ||
| 35808 | FILE-PDF Adobe Reader validation bypass privilege escalation attempt (more info ...) | attempted-admin | 2015-5090 | URL | ||
| 35820 | FILE-FLASH Adobe Flash Player scale9Grid use after free attempt (more info ...) | attempted-user | 2015-5564 | |||
| 35859 | FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (more info ...) | attempted-user | 2015-3668 | URL | ||
| 35860 | FILE-MULTIMEDIA Apple QuickTime traf atom out of bounds read attempt (more info ...) | attempted-user | 2015-3668 | URL | ||
| 35979 | FILE-IDENTIFY Windows Media Center link file download request (more info ...) | misc-activity | ||||
| 35980 | FILE-IDENTIFY Windows Media Center link file attachment detected (more info ...) | misc-activity | ||||
| 35981 | FILE-IDENTIFY Windows Media Center link file attachment detected (more info ...) | misc-activity | ||||
| 36034 | FILE-FLASH Infinity popup toolkit detected (more info ...) | policy-violation | URL | |||
| 36035 | FILE-FLASH Infinity popup toolkit detected (more info ...) | policy-violation | URL | |||
| 36036 | INDICATOR-OBFUSCATION Adobe Flash file with SecureSwfLoader packer detected (more info ...) | policy-violation | URL | |||
| 36062 | FILE-PDF Adobe Reader makeMeasurement information disclosure attempt (more info ...) | attempted-recon | 2015-5107 | URL | ||
| 36063 | FILE-PDF Adobe Reader makeMeasurement information disclosure attempt (more info ...) | attempted-recon | 2015-5107 | URL | ||
| 36191 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 36192 | FILE-PDF Adobe Acrobat Reader X XML forms specially crafted RLE8 format BMP integer overflow attempt (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 36316 | FILE-FLASH Adobe Flash Player URI loaded MP4 potential information leak attempt (more info ...) | policy-violation | 2016-1096 | URL | ||
| 36317 | FILE-FLASH Adobe Flash Player URI loaded FLV potential information leak attempt (more info ...) | policy-violation | 2015-5575 | URL | ||
| 36476 | FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (more info ...) | attempted-user | 2015-6679 | URL | ||
| 36477 | FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (more info ...) | attempted-user | 2015-6679 | URL | ||
| 36478 | FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (more info ...) | attempted-user | 2015-6679 | URL | ||
| 36479 | FILE-FLASH Adobe Flash Player same orgin policy bypass attempt (more info ...) | attempted-user | 2015-6679 | URL | ||
| 36495 | BROWSER-PLUGINS RealNetworks RealPlayer Import ActiveX clsid access attempt (more info ...) | attempted-user | 2008-3066 | 30379 | ||
| 36496 | BROWSER-PLUGINS RealNetworks RealPlayer Import ActiveX clsid access attempt (more info ...) | attempted-user | 2008-3066 | 30379 | ||
| 36606 | FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (more info ...) | policy-violation | 2015-7628 | URL | ||
| 36607 | FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (more info ...) | policy-violation | 2015-7628 | URL | ||
| 36608 | FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (more info ...) | policy-violation | 2015-7628 | URL | ||
| 36609 | FILE-FLASH Adobe Flash Player NavigatetoURL new tab open attempt (more info ...) | policy-violation | 2015-7628 | URL | ||
| 36972 | FILE-OTHER Windows Media Player MCL to HTML information disclosure attempt (more info ...) | attempted-recon | 2015-6127 | URL | ||
| 36973 | FILE-OTHER Windows Media Player MCL to HTML information disclosure attempt (more info ...) | attempted-recon | 2015-6127 | URL | ||
| 37314 | FILE-PDF Adobe Acrobat Reader privileged method protection bypass attempt (more info ...) | policy-violation | 2015-5085 | URL | ||
| 37315 | FILE-PDF Adobe Acrobat Reader privileged method protection bypass attempt (more info ...) | policy-violation | 2015-5085 | URL | ||
| 37329 | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt (more info ...) | attempted-user | 2012-5679 | URL | ||
| 37331 | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt (more info ...) | attempted-user | 2012-5679 | URL | ||
| 37332 | FILE-IMAGE Adobe Camera Raw Plug-in TIFF image processing buffer underflow attempt (more info ...) | attempted-user | 2012-5679 | URL | ||
| 37431 | FILE-PDF Adobe Acrobat Reader ExtGState use after free attempt (more info ...) | attempted-user | 2016-0934 | URL | ||
| 37432 | FILE-PDF Adobe Acrobat Reader ExtGState use after free attempt (more info ...) | attempted-user | 2016-0934 | URL | ||
| 37672 | FILE-FLASH Adobe Flash Player heap object address enumeration technique (more info ...) | attempted-user | 2015-3113 | URL | ||
| 37673 | FILE-FLASH Adobe Flash Player heap object address enumeration technique (more info ...) | attempted-user | 2015-3113 | URL | ||
| 37690 | FILE-FLASH Adobe Flash Player invalid object reference code execution attempt (more info ...) | attempted-user | 2009-0520 | 33880 | URL | |
| 37712 | FILE-PDF Adobe Acrobat and Adobe Acrobat Reader U3D RHAdobeMeta buffer overflow attempt (more info ...) | attempted-user | 2009-1855 | 35282 | URL | |
| 37729 | INDICATOR-OBFUSCATION Adobe Flash file with SecureSwfLoader packer detected (more info ...) | policy-violation | URL | |||
| 37849 | FILE-FLASH Adobe Flash file with embedded PE detected (more info ...) | misc-activity | ||||
| 37850 | FILE-FLASH Adobe Flash file with embedded PE detected (more info ...) | misc-activity | ||||
| 37910 | FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (more info ...) | attempted-user | 2009-2997 | URL | ||
| 37911 | FILE-PDF Adobe Acrobat and Reader U3D Buffer Overflow buffer overflow attempt (more info ...) | attempted-user | 2009-2997 | URL | ||
| 37953 | SERVER-WEBAPP Adobe RoboHelp rx cross site scripting attempt (more info ...) | attempted-user | 2008-2991 | 30137 | URL | |
| 37959 | FILE-MULTIMEDIA Apple iTunes PLS file parsing buffer overflow attempt (more info ...) | attempted-user | 2009-2817 | 36478 | ||
| 38020 | FILE-FLASH Adobe Flash file with CreateFileA shellcode (more info ...) | attempted-user | 2015-3113 | URL | ||
| 38021 | FILE-FLASH Adobe Flash file with large DefineBinaryData tag (more info ...) | policy-violation | 2015-3113 | URL | ||
| 38023 | FILE-FLASH Adobe Flash file CreateFileA shellcode found (more info ...) | attempted-user | 2015-3113 | URL | ||
| 38024 | FILE-FLASH Adobe Flash file with large DefineBinaryData tag (more info ...) | policy-violation | 2015-3113 | URL | ||
| 38025 | FILE-FLASH Adobe Flash file with large DefineBinaryData tag (more info ...) | policy-violation | 2015-3113 | URL | ||
| 38026 | FILE-FLASH Adobe Flash file with RC4 decryption routine detected (more info ...) | policy-violation | ||||
| 38141 | BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 38142 | BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 38143 | BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 38144 | BROWSER-PLUGINS Microsoft Windows Media Player ActiveX unknown compression algorithm use after free attempt (more info ...) | attempted-user | 2010-0268 | URL | ||
| 38172 | FILE-OTHER Adobe Acrobat updaternotifications.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-1008 | URL | ||
| 38897 | FILE-OTHER Adobe Illustrator CS4 request for aires.dll over SMB attempt (more info ...) | attempted-user | 2010-3152 | |||
| 38898 | FILE-OTHER Adobe Illustrator CS4 aires.dll dll-load exploit attempt (more info ...) | attempted-user | 2010-3152 | URL | ||
| 39081 | EXPLOIT-KIT Neutrino Exploit Kit Flash exploit download attempt (more info ...) | trojan-activity | URL | |||
| 39100 | FILE-PDF Adobe Reader Universal 3D engine out of bounds memory access violation attempt (more info ...) | attempted-user | 2016-1071 | URL | ||
| 39108 | FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (more info ...) | attempted-user | 2009-1492 | 34736 | ||
| 39109 | FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (more info ...) | attempted-user | 2009-1492 | 34736 | ||
| 39262 | FILE-FLASH Adobe Flash Player unhandled recursion limit out of bounds read attempt (more info ...) | attempted-user | 2016-4132 | URL | ||
| 39263 | FILE-FLASH Adobe Flash Player unhandled recursion limit out of bounds read attempt (more info ...) | attempted-user | 2016-4132 | URL | ||
| 39264 | FILE-FLASH Adobe Flash Player unhandled recursion limit out of bounds read attempt (more info ...) | attempted-user | 2016-4132 | URL | ||
| 39265 | FILE-FLASH Adobe Flash Player unhandled recursion limit out of bounds read attempt (more info ...) | attempted-user | 2016-4132 | URL | ||
| 39316 | FILE-FLASH Adobe Flash Player MovieClip object use-after-free attempt (more info ...) | attempted-user | 2016-4146 | URL | ||
| 39556 | FILE-PDF Adobe Acrobat Reader PostScript font parsing memory corruption attempt (more info ...) | attempted-user | 2016-4251 | URL | ||
| 39669 | FILE-PDF Adobe Reader submitForm SOP bypass attempt (more info ...) | policy-violation | 2016-4215 | URL | ||
| 39670 | FILE-PDF Adobe Reader submitForm SOP bypass attempt (more info ...) | policy-violation | 2016-4215 | URL | ||
| 40161 | FILE-FLASH Adobe Flash Player navigatetoURL sandbox escape attempt (more info ...) | attempted-admin | 2016-4277 | URL | ||
| 40162 | FILE-FLASH Adobe Flash Player navigatetoURL sandbox escape attempt (more info ...) | attempted-admin | 2016-4277 | URL | ||
| 40163 | FILE-FLASH Adobe Flash Player navigatetoURL sandbox escape attempt (more info ...) | attempted-admin | 2016-4277 | URL | ||
| 40164 | FILE-FLASH Adobe Flash Player navigatetoURL sandbox escape attempt (more info ...) | attempted-admin | 2016-4277 | URL | ||
| 40165 | FILE-FLASH Adobe Flash Player navigatetoURL sandbox escape attempt (more info ...) | attempted-admin | 2016-4277 | URL | ||
| 40170 | FILE-FLASH Adobe Standalone Flash Player use after free attempt (more info ...) | attempted-admin | 2016-4279 | URL | ||
| 40171 | FILE-FLASH Adobe Standalone Flash Player use after free attempt (more info ...) | attempted-admin | 2016-4279 | URL | ||
| 40172 | FILE-FLASH Adobe Standalone Flash Player out of bounds memory access attempt (more info ...) | attempted-admin | 2016-4282 | |||
| 40173 | FILE-FLASH Adobe Standalone Flash Player out of bounds memory access attempt (more info ...) | attempted-admin | 2016-4282 | |||
| 40174 | FILE-FLASH Adobe Flash Player out of bounds memory access attempt (more info ...) | attempted-admin | 2016-4281 | |||
| 40175 | FILE-FLASH Adobe Flash Player out of bounds memory access attempt (more info ...) | attempted-admin | 2016-4281 | |||
| 40324 | SERVER-OTHER Adobe ColdFusion default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40325 | SERVER-OTHER Adobe ColdFusion default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40327 | SERVER-OTHER Adobe ColdFusion fckeditor arbitrary file upload (more info ...) | attempted-admin | ||||
| 40354 | OS-WINDOWS Microsoft Windows Media Runtime malformed ASF codec memory corruption attempt (more info ...) | attempted-user | 2009-2525 | URL | ||
| 40434 | FILE-FLASH Adobe Flash Player malformed ActionConstantPool memory corruption attempt (more info ...) | attempted-user | 2016-4273 | URL | ||
| 41204 | FILE-PDF Adobe Reader XSL type confusion attempt (more info ...) | attempted-user | 2017-2962 | URL | ||
| 41205 | FILE-PDF Adobe Reader XSL type confusion attempt (more info ...) | attempted-user | 2017-2962 | URL | ||
| 41207 | FILE-FLASH Adobe Flash Player malformed PlaceObject3 memory corruption attempt (more info ...) | attempted-user | 2017-2931 | URL | ||
| 41208 | FILE-FLASH Adobe Flash Player malformed PlaceObject3 memory corruption attempt (more info ...) | attempted-user | 2017-2931 | URL | ||
| 41298 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41299 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41300 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41301 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41302 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41303 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41304 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41305 | FILE-IMAGE Adobe Acrobat Reader jpeg decoding heap buffer overflow attempt (more info ...) | attempted-user | 2017-2971 | URL | ||
| 41321 | FILE-PDF Adobe Acrobat Pro zoom caching use after free attempt (more info ...) | attempted-admin | 2016-6971 | URL | ||
| 41322 | FILE-PDF Adobe Acrobat Pro zoom caching use after free attempt (more info ...) | attempted-admin | 2016-6971 | URL | ||
| 41323 | FILE-PDF Adobe Reader JPEG 2000 COD marker use after free attempt (more info ...) | attempted-admin | 2016-6955 | URL | ||
| 41324 | FILE-PDF Adobe Reader JPEG 2000 COD marker use after free attempt (more info ...) | attempted-admin | 2016-6955 | URL | ||
| 41411 | FILE-FLASH Adobe Flash Player custom toString function attempt (more info ...) | attempted-user | 2017-2951 | URL | ||
| 41416 | FILE-PDF Adobe Acrobat Reader image cache use after free attempt (more info ...) | attempted-user | 2014-0528 | URL | ||
| 41417 | FILE-PDF Adobe Acrobat Reader image cache use after free attempt (more info ...) | attempted-user | 2014-0528 | URL | ||
| 41603 | FILE-FLASH Adobe Flash player BitmapData class use after free attempt (more info ...) | attempted-user | 2017-2985 | URL | ||
| 41604 | FILE-FLASH Adobe Flash player BitmapData class use after free attempt (more info ...) | attempted-user | 2017-2985 | URL | ||
| 42279 | FILE-OTHER Adobe Acrobat request for RARfsClientNP.dll over SMB attempt (more info ...) | attempted-user | 2017-3013 | |||
| 42280 | FILE-OTHER Adobe Acrobat RARfsClientNP.dll dll-load exploit attempt (more info ...) | attempted-user | 2017-3013 | URL | ||
| 42298 | FILE-PDF Adobe PDF PPKLite security handler memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-3039 | URL | ||
| 42307 | FILE-PDF Adobe Acrobat Reader malformed TTF out of bounds memory access attempt (more info ...) | attempted-user | 2017-3038 | URL | ||
| 42308 | FILE-PDF Adobe Acrobat Reader malformed TTF out of bounds memory access attempt (more info ...) | attempted-user | 2017-3038 | URL | ||
| 42315 | FILE-PDF Adobe Acrobat malformed JPEG 2000 codestream tile height out of bounds read attempt (more info ...) | attempted-user | 2017-3033 | URL | ||
| 42316 | FILE-PDF Adobe Acrobat malformed JPEG 2000 codestream tile height out of bounds read attempt (more info ...) | attempted-user | 2017-3033 | URL | ||
| 42317 | FILE-PDF Adobe Acrobat malformed JPEG 2000 codestream width out of bounds read attempt (more info ...) | attempted-user | 2017-3033 | URL | ||
| 42318 | FILE-PDF Adobe Acrobat malformed JPEG 2000 codestream width out of bounds read attempt (more info ...) | attempted-user | 2017-3033 | URL | ||
| 42341 | FILE-PDF Adobe PDF CFF font parsing memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-3041 | URL | ||
| 42342 | FILE-PDF Adobe PDF CFF font parsing memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-3041 | URL | ||
| 42343 | FILE-PDF Adobe PDF CFF font parsing memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-3041 | URL | ||
| 42344 | FILE-PDF Adobe PDF CFF font parsing memory corruption vulnerability attempt (more info ...) | attempted-user | 2017-3041 | URL | ||
| 42377 | FILE-PDF Adobe Acrobat Reader dll injection sandbox escape (more info ...) | attempted-user | 2013-2730 | URL | ||
| 42460 | INDICATOR-COMPROMISE Adobe Reader PDF embedded null JPEG image (more info ...) | misc-activity | 2016-1088 | URL | ||
| 42846 | FILE-IMAGE Adobe Acrobat Pro malformed TIF heap overflow attempt (more info ...) | attempted-user | 2017-3049 | URL | ||
| 42847 | FILE-IMAGE Adobe Acrobat Pro malformed TIF heap overflow attempt (more info ...) | attempted-user | 2017-3049 | URL | ||
| 42870 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42871 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42872 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42873 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42874 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42875 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42876 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42877 | FILE-PDF Adobe Reader PDF document XSLT engine information disclosure exploitation attempt (more info ...) | misc-activity | 2017-3031 | URL | ||
| 42937 | FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (more info ...) | attempted-user | 2017-3048 | URL | ||
| 42938 | FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (more info ...) | attempted-user | 2017-3048 | URL | ||
| 42939 | FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (more info ...) | attempted-user | 2017-3048 | URL | ||
| 42940 | FILE-IMAGE Adobe Acrobat Pro SampleFormat heap overflow attempt (more info ...) | attempted-user | 2017-3048 | URL | ||
| 43051 | FILE-IMAGE Apple Quicktime malformed FPX file memory corruption attempt (more info ...) | attempted-admin | 2016-1768 | |||
| 43052 | FILE-IMAGE Apple Quicktime malformed FPX file memory corruption attempt (more info ...) | attempted-admin | 2016-1768 | |||
| 43130 | FILE-OTHER Adobe malicious IFF memory corruption attempt (more info ...) | attempted-user | 2011-0590 | URL | ||
| 43131 | FILE-OTHER Adobe malicious IFF memory corruption attempt (more info ...) | attempted-user | 2011-0590 | URL | ||
| 43132 | FILE-OTHER Adobe malicious IFF memory corruption attempt (more info ...) | attempted-user | 2011-0590 | URL | ||
| 43133 | FILE-OTHER Adobe malicious IFF memory corruption attempt (more info ...) | attempted-user | 2011-0590 | URL | ||
| 43229 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43230 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43231 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43232 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43233 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43234 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43235 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43236 | FILE-OTHER Adobe Shockwave Director Shockwave 3D buffer overflow attempt (more info ...) | attempted-user | 2013-1383 | |||
| 43303 | FILE-FLASH Adobe Flash Player ASnative null pointer dereference attempt (more info ...) | attempted-user | ||||
| 43335 | FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (more info ...) | attempted-user | 2010-1880 | 40464 | URL | |
| 43336 | FILE-MULTIMEDIA Microsoft Windows Media Player JPG header record mismatch memory corruption attempt (more info ...) | attempted-user | 2010-1880 | 40464 | URL | |
| 43727 | FILE-FLASH RealNetworks RealPlayer FLV integer overflow attempt (more info ...) | attempted-user | 2010-3000 | 42775 | ||
| 43835 | EXPLOIT-KIT RIG exploit kit Adobe Flash exploit download (more info ...) | misc-activity | ||||
| 43836 | INDICATOR-OBFUSCATION Adobe Flash file packed with SecureSwf obfuscator (more info ...) | misc-activity | URL | |||
| 43838 | INDICATOR-COMPROMISE Adobe Flash file contains reference to kernel32.dll (more info ...) | attempted-user | ||||
| 43871 | FILE-IMAGE Adobe Acrobat Professional malformed PCX memory corruption attempt (more info ...) | attempted-user | 2017-3124 | URL | ||
| 43872 | FILE-IMAGE Adobe Acrobat Professional malformed PCX memory corruption attempt (more info ...) | attempted-user | 2017-3124 | URL | ||
| 43873 | FILE-IMAGE Adobe Acrobat Professional malformed PCX memory corruption attempt (more info ...) | attempted-user | 2017-3116 | URL | ||
| 43874 | FILE-IMAGE Adobe Acrobat Professional malformed PCX memory corruption attempt (more info ...) | attempted-user | 2017-3116 | URL | ||
| 43879 | FILE-OTHER Adobe Professional EMF polygon heap buffer overflow attempt (more info ...) | attempted-user | 2017-11241 | URL | ||
| 43880 | FILE-OTHER Adobe Professional EMF polygon heap buffer overflow attempt (more info ...) | attempted-user | 2017-11241 | URL | ||
| 43914 | FILE-PDF Adobe Acrobat Reader XFA resolveNode type confusion exploitation attempt (more info ...) | attempted-user | URL | |||
| 43915 | FILE-PDF Adobe Acrobat Reader XFA resolveNode type confusion exploitation attempt (more info ...) | attempted-user | URL | |||
| 43918 | FILE-PDF Adobe Acrobat Reader exportDataObject security bypass attempt (more info ...) | attempted-user | 2017-3118 | 100189 | URL | |
| 43919 | FILE-PDF Adobe Acrobat Reader exportDataObject security bypass attempt (more info ...) | attempted-user | 2017-3118 | 100189 | URL | |
| 43920 | FILE-PDF Adobe Acrobat Reader exportDataObject security bypass attempt (more info ...) | attempted-user | 2017-3118 | 100189 | URL | |
| 43921 | FILE-PDF Adobe Acrobat Reader exportDataObject security bypass attempt (more info ...) | attempted-user | 2017-3118 | 100189 | URL | |
| 43922 | FILE-PDF Adobe Acrobat Reader exportDataObject security bypass attempt (more info ...) | attempted-user | 2017-3118 | 100189 | URL | |
| 43923 | FILE-PDF Adobe Acrobat Reader exportDataObject security bypass attempt (more info ...) | attempted-user | 2017-3118 | 100189 | URL | |
| 43967 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIERTO16 out of bounds access attempt (more info ...) | attempted-user | 2017-11238 | URL | ||
| 43970 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIER16 out of bounds access attempt (more info ...) | attempted-user | 2017-3122 | URL | ||
| 43971 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_POLYBEZIER16 out of bounds access attempt (more info ...) | attempted-user | 2017-3122 | URL | ||
| 44024 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2018-15927 | URL | ||
| 44026 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (more info ...) | attempted-user | 2017-16396 | URL | ||
| 44056 | FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed EMR_COMMENT record out of bounds access attempt (more info ...) | attempted-user | 2018-15946 | URL | ||
| 44057 | FILE-OTHER Adobe Acrobat Pro EMF file EMR_ALPHABLEND record memory corruption attempt (more info ...) | misc-activity | URL | |||
| 44058 | FILE-OTHER Adobe Acrobat Pro EMF file EMR_ALPHABLEND record memory corruption attempt (more info ...) | misc-activity | URL | |||
| 44066 | FILE-OTHER Adobe Acrobat EMF conversion heap buffer overflow attempt (more info ...) | attempted-user | 2017-11241 | URL | ||
| 44067 | FILE-OTHER Adobe Acrobat EMF conversion heap buffer overflow attempt (more info ...) | attempted-user | 2017-11241 | URL | ||
| 44108 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44109 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44110 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44111 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44112 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44113 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44114 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44115 | FILE-OTHER Adobe Professional EMF file TIFF image size memory corruption attempt (more info ...) | attempted-user | 2017-11261 | URL | ||
| 44120 | FILE-OTHER Adobe Acrobat Professional EMF JPEG APP13 malformed record crash attempt (more info ...) | misc-activity | 2017-11267 | URL | ||
| 44121 | FILE-OTHER Adobe Acrobat Professional EMF JPEG APP13 malformed record memory corruption attempt (more info ...) | misc-activity | 2018-4981 | URL | ||
| 44122 | FILE-OTHER Adobe Acrobat Professional EMF JPEG APP13 malformed record memory corruption attempt (more info ...) | misc-activity | 2018-4981 | URL | ||
| 44158 | FILE-OTHER Microsoft Windows Media Player malformed au denial of service attempt (more info ...) | denial-of-service | 2007-4288 | 25236 | ||
| 44159 | FILE-OTHER Microsoft Windows Media Player malformed au denial of service attempt (more info ...) | denial-of-service | 2007-4288 | 25236 | ||
| 44169 | FILE-PDF Adobe Professional JPEG ICC profile heap overflow attempt (more info ...) | attempted-user | 2017-11211 | URL | ||
| 44170 | FILE-PDF Adobe Professional JPEG ICC profile heap overflow attempt (more info ...) | attempted-user | 2017-11211 | URL | ||
| 44206 | FILE-PDF Adobe Acrobat Reader embedded JS array memory corruption attempt (more info ...) | attempted-user | 2017-3119 | URL | ||
| 44207 | FILE-PDF Adobe Acrobat Reader embedded JS array memory corruption attempt (more info ...) | attempted-user | 2017-3119 | URL | ||
| 44208 | FILE-PDF Adobe Acrobat Reader embedded JS array memory corruption attempt (more info ...) | attempted-user | 2017-3119 | URL | ||
| 44209 | FILE-PDF Adobe Acrobat Reader embedded JS array memory corruption attempt (more info ...) | attempted-user | 2017-3119 | URL | ||
| 44904 | FILE-PDF Adobe Acrobat untrusted pointer dereference attempt (more info ...) | attempted-user | 2017-16373 | URL | ||
| 44905 | FILE-PDF Adobe Acrobat untrusted pointer dereference attempt (more info ...) | attempted-user | 2017-16373 | URL | ||
| 44906 | FILE-PDF Adobe Acrobat Reader javscript use after free attempt (more info ...) | attempted-user | 2017-16390 | URL | ||
| 44907 | FILE-PDF Adobe Acrobat Reader javscript use after free attempt (more info ...) | attempted-user | 2017-16390 | URL | ||
| 44914 | FILE-PDF Adobe Acrobat Reader PrintParams out of bounds array index attempt (more info ...) | attempted-user | 2017-16391 | URL | ||
| 44915 | FILE-PDF Adobe Acrobat Reader PrintParams out of bounds array index attempt (more info ...) | attempted-user | 2017-16391 | URL | ||
| 44919 | FILE-OTHER Adobe Acrobat Pro EmfPlusRectF out of bounds read attempt (more info ...) | attempted-user | 2017-16401 | URL | ||
| 44920 | FILE-OTHER Adobe Acrobat Pro EmfPlusRectF out of bounds read attempt (more info ...) | attempted-user | 2017-16401 | URL | ||
| 44931 | FILE-OTHER Adobe Acrobat Pro XPS file embedded JPEG invalid SOS data memory corruption attempt (more info ...) | attempted-user | 2017-16412 | URL | ||
| 44932 | FILE-OTHER Adobe Acrobat Pro XPS file embedded JPEG invalid SOS data memory corruption attempt (more info ...) | attempted-user | 2017-16412 | URL | ||
| 44935 | FILE-OTHER Adobe Acrobat Pro XPS out of bounds read attempt (more info ...) | attempted-user | 2017-16418 | URL | ||
| 44936 | FILE-OTHER Adobe Acrobat Pro XPS out of bounds read attempt (more info ...) | attempted-user | 2017-16418 | URL | ||
| 44941 | FILE-OTHER Adobe Acrobat Reader FDF file security bypass attempt (more info ...) | misc-activity | 2017-16361 | URL | ||
| 44942 | FILE-OTHER Adobe Acrobat Reader FDF file security bypass attempt (more info ...) | misc-activity | 2017-16361 | URL | ||
| 44947 | FILE-PDF Adobe Acrobat Reader double free attempt (more info ...) | attempted-user | 2017-16420 | URL | ||
| 44948 | FILE-PDF Adobe Acrobat Reader double free attempt (more info ...) | attempted-user | 2017-16420 | URL | ||
| 44957 | FILE-PDF Adobe Acrobat malformed XObject use after free attempt (more info ...) | attempted-admin | 2017-16360 | URL | ||
| 44958 | FILE-PDF Adobe Acrobat malformed XObject use after free attempt (more info ...) | attempted-admin | 2017-16360 | URL | ||
| 44987 | FILE-PDF Adobe Acrobat PDF font character encoding out of bounds write attempt (more info ...) | attempted-user | 2017-16415 | URL | ||
| 45023 | FILE-PDF Adobe Acrobat out of bound read exploitation attempt (more info ...) | attempted-user | 2017-16414 | URL | ||
| 45024 | FILE-PDF Adobe Acrobat out of bound read exploitation attempt (more info ...) | attempted-user | 2017-16414 | URL | ||
| 45027 | FILE-PDF Adobe Acrobat out of bound read exploitation attempt (more info ...) | attempted-user | 2017-16414 | URL | ||
| 45028 | FILE-PDF Adobe Acrobat out of bound read exploitation attempt (more info ...) | attempted-user | 2017-16414 | URL | ||
| 45042 | BROWSER-OTHER Adobe Acrobat Pro WebCapture information disclosure attempt (more info ...) | attempted-user | 2017-16408 | URL | ||
| 45043 | BROWSER-OTHER Adobe Acrobat Pro WebCapture information disclosure attempt (more info ...) | attempted-user | 2017-16408 | URL | ||
| 45080 | EXPLOIT-KIT Sundown/Terror malicious flash file load attempt (more info ...) | attempted-user | ||||
| 45085 | FILE-FLASH Adobe Flash Player use after free attempt (more info ...) | attempted-admin | 2015-8434 | URL | ||
| 45125 | FILE-OTHER Adobe Shockwave newModel memory disclosure attempt (more info ...) | attempted-recon | 2013-1385 | |||
| 45126 | FILE-OTHER Adobe Shockwave newModel memory disclosure attempt (more info ...) | attempted-recon | 2013-1385 | |||
| 45185 | FILE-IMAGE Apple Quicktime malformed FPX file memory corruption attempt (more info ...) | attempted-admin | 2016-1767 | |||
| 45186 | FILE-IMAGE Apple Quicktime malformed FPX file memory corruption attempt (more info ...) | attempted-admin | 2016-1767 | |||
| 45202 | FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (more info ...) | attempted-user | 2011-0614 | 47841 | URL | |
| 45203 | FILE-OTHER Adobe Audition Session file stack buffer overflow attempt (more info ...) | attempted-user | 2011-0614 | 47841 | URL | |
| 45224 | FILE-FLASH Adobe Flash memory corruption exploit attempt (more info ...) | attempted-user | 2009-3798 | 37275 | ||
| 45225 | FILE-FLASH Adobe Flash memory corruption exploit attempt (more info ...) | attempted-user | 2009-3798 | 37275 | ||
| 45356 | FILE-FLASH Adobe Flash Player null pointer dereference attempt (more info ...) | attempted-user | 2011-0626 | URL | ||
| 45369 | FILE-PDF Adobe Acrobat Reader getAnnots exploit attempt (more info ...) | attempted-user | 2009-1492 | 34736 | ||
| 45399 | FILE-OTHER Adobe Photoshop asset elements stack based buffer overflow attempt (more info ...) | attempted-user | 53464 | |||
| 45458 | FILE-FLASH Adobe Flash Player movieclip attachbitmap use-after-free attempt (more info ...) | attempted-user | 2015-8410 | URL | ||
| 45586 | FILE-MULTIMEDIA Microsoft Windows Media Player or Explorer Malformed MIDI File DOS attempt (more info ...) | denial-of-service | 2007-0562 | 21612 | ||
| 45669 | FILE-OTHER Adobe Acrobat Pro embedded TIFF heap overflow attempt (more info ...) | attempted-admin | 2018-4904 | URL | ||
| 45670 | FILE-OTHER Adobe Acrobat Pro embedded TIFF heap overflow attempt (more info ...) | attempted-admin | 2018-4904 | URL | ||
| 45671 | FILE-OTHER Adobe Acrobat Pro embedded TIFF heap overflow attempt (more info ...) | attempted-admin | 2018-4904 | URL | ||
| 45672 | FILE-OTHER Adobe Acrobat Pro embedded TIFF heap overflow attempt (more info ...) | attempted-admin | 2018-4904 | URL | ||
| 45684 | FILE-IMAGE Adobe Acrobat Pro BMP out of bounds read attempt (more info ...) | attempted-admin | 2018-4881 | URL | ||
| 45685 | FILE-IMAGE Adobe Acrobat Pro BMP out of bounds read attempt (more info ...) | attempted-admin | 2018-4881 | URL | ||
| 45686 | FILE-OTHER Adobe Acrobat Pro embedded JPEG out of bounds read attempt (more info ...) | attempted-admin | 2018-4889 | URL | ||
| 45687 | FILE-OTHER Adobe Acrobat Pro embedded JPEG out of bounds read attempt (more info ...) | attempted-admin | 2018-4889 | URL | ||
| 45719 | FILE-PDF Adobe Acrobat Reader OCG heap overflow attempt (more info ...) | attempted-admin | 2018-4910 | URL | ||
| 45739 | INDICATOR-COMPROMISE Adobe Flash potential exploit download attempt (more info ...) | attempted-user | ||||
| 45740 | INDICATOR-COMPROMISE Adobe Flash potential exploit download attempt (more info ...) | attempted-user | ||||
| 45742 | INDICATOR-COMPROMISE Adobe Flash potential exploit download attempt (more info ...) | attempted-user | ||||
| 45743 | FILE-FLASH Adobe Flash Player ByteArray shading memory leak attempt (more info ...) | attempted-recon | 2015-3105 | 75086 | URL | |
| 45776 | FILE-OTHER Adobe Acrobat Pro XPS file malformed Source attribute buffer overflow attempt (more info ...) | attempted-user | 2018-4899 | URL | ||
| 45777 | FILE-OTHER Adobe Acrobat Pro XPS file malformed Source attribute buffer overflow attempt (more info ...) | attempted-user | 2018-4899 | URL | ||
| 45780 | FILE-OTHER Adobe Acrobat Pro XPS out of bounds read attempt (more info ...) | attempted-recon | 2018-4893 | |||
| 45781 | FILE-OTHER Adobe Acrobat Pro XPS out of bounds read attempt (more info ...) | attempted-recon | 2018-4893 | |||
| 45784 | FILE-PDF Adobe Reader annotation object out of bounds read attempt (more info ...) | attempted-admin | 2018-4900 | URL | ||
| 45785 | FILE-PDF Adobe Reader annotation object out of bounds read attempt (more info ...) | attempted-user | 2018-4900 | URL | ||
| 45802 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-recon | 2018-4894 | |||
| 45803 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-recon | 2018-4894 | |||
| 45851 | FILE-OTHER Adobe Acrobat Pro EMF malformed bitmap rectangle destination out of bounds read attempt (more info ...) | attempted-user | 2018-4886 | URL | ||
| 46053 | FILE-OTHER Adobe Acrobat EMF malformed Object record out-of-bounds access attempt (more info ...) | attempted-user | 2018-4885 | URL | ||
| 46054 | FILE-OTHER Adobe Acrobat EMF malformed Object record out-of-bounds access attempt (more info ...) | attempted-user | 2018-4885 | URL | ||
| 46103 | POLICY-OTHER Flash file external url request attempt (more info ...) | attempted-user | 2018-0112 | |||
| 46117 | FILE-OTHER Adobe Acrobat Pro JPEG embedded XPS file heap overflow attempt (more info ...) | attempted-user | 2018-4890 | URL | ||
| 46118 | FILE-OTHER Adobe Acrobat Pro JPEG embedded XPS file heap overflow attempt (more info ...) | attempted-user | 2018-4890 | URL | ||
| 46256 | FILE-FLASH Adobe Flash Player corrupt PNG image load out of bounds memory access attempt (more info ...) | attempted-user | 2018-4934 | |||
| 46257 | FILE-FLASH Adobe Flash Player corrupt PNG image load out of bounds memory access attempt (more info ...) | attempted-user | 2018-4934 | URL | ||
| 46258 | FILE-FLASH Adobe Flash Player MovieClip out of bounds write attempt (more info ...) | attempted-user | 2018-4935 | URL | ||
| 46259 | FILE-FLASH Adobe Flash Player MovieClip out of bounds write attempt (more info ...) | attempted-user | 2018-4935 | URL | ||
| 46461 | SERVER-WEBAPP Adobe RoboHelp rx cross site scripting attempt (more info ...) | attempted-user | 2008-2991 | 30137 | URL | |
| 46464 | SERVER-WEBAPP Adobe RoboHelp rx cross site scripting attempt (more info ...) | attempted-user | 2008-2991 | 30137 | URL | |
| 46465 | SERVER-WEBAPP Adobe RoboHelp rx cross site scripting attempt (more info ...) | attempted-user | 2008-2991 | 30137 | URL | |
| 46480 | FILE-MULTIMEDIA Apple QuickTime movie file keys atom integer overflow attempt (more info ...) | attempted-user | 2016-5199 | 94196 | URL | |
| 46481 | FILE-MULTIMEDIA Apple QuickTime movie file keys atom integer overflow attempt (more info ...) | attempted-user | 2016-5199 | 94196 | URL | |
| 46643 | FILE-OTHER Adobe Professional EMF compression out of bounds write attempt (more info ...) | attempted-user | 2018-4950 | URL | ||
| 46644 | FILE-OTHER Adobe Professional EMF compression out of bounds write attempt (more info ...) | attempted-user | 2018-4950 | URL | ||
| 46659 | FILE-OTHER Adobe Acrobat Reader jp2 double free attempt (more info ...) | attempted-user | 2018-4990 | URL | ||
| 46671 | FILE-IMAGE Adobe Acrobat Pro EMF file EMR_STRETCHDIBITS heap overflow attempt (more info ...) | attempted-user | 2018-4948 | URL | ||
| 46672 | FILE-IMAGE Adobe Acrobat Pro EMF file EMR_STRETCHDIBITS heap overflow attempt (more info ...) | attempted-user | 2018-4948 | URL | ||
| 46673 | FILE-IMAGE Adobe Acrobat Pro EMF file EMR_STRETCHDIBITS heap overflow attempt (more info ...) | attempted-user | 2018-4948 | URL | ||
| 46674 | FILE-IMAGE Adobe Acrobat Pro EMF file EMR_STRETCHDIBITS heap overflow attempt (more info ...) | attempted-user | 2018-4948 | URL | ||
| 46711 | FILE-OTHER Adobe Professional BMP embedded image heap overflow attempt (more info ...) | attempted-user | 2018-4982 | URL | ||
| 46712 | FILE-OTHER Adobe Professional BMP embedded image heap overflow attempt (more info ...) | attempted-user | 2018-4982 | URL | ||
| 46716 | FILE-PDF Adobe Acrobat Reader use after free attempt (more info ...) | attempted-admin | 2018-4988 | URL | ||
| 46725 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG out of bounds read attempt (more info ...) | attempted-admin | 2018-4973 | URL | ||
| 46726 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG out of bounds read attempt (more info ...) | attempted-admin | 2018-4973 | URL | ||
| 46729 | FILE-OTHER Adobe Acrobat Professional XPS out of bounds read attempt (more info ...) | attempted-recon | 2018-4975 | |||
| 46730 | FILE-OTHER Adobe Acrobat Professional XPS out of bounds read attempt (more info ...) | attempted-recon | 2018-4975 | |||
| 46797 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-admin | 2018-4957 | URL | ||
| 46798 | FILE-OTHER Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-admin | 2018-4957 | URL | ||
| 46960 | FILE-OTHER Adobe Flash Player AMF0 Shared Object integer overflow attempt (more info ...) | attempted-user | 2018-5000 | URL | ||
| 47032 | FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (more info ...) | attempted-user | 2012-0659 | URL | ||
| 47033 | FILE-MULTIMEDIA Apple QuickTime MPEG stream padding buffer overflow attempt (more info ...) | attempted-user | 2012-0659 | URL | ||
| 47059 | FILE-IMAGE Adobe Acrobat Pro malformed EMF out of bounds read attempt (more info ...) | attempted-admin | 2018-4951 | URL | ||
| 47060 | FILE-IMAGE Adobe Acrobat Pro malformed EMF out of bounds read attempt (more info ...) | attempted-admin | 2018-4951 | URL | ||
| 47129 | FILE-IMAGE Adobe Acrobat Pro malformed CEL heap overflow attempt (more info ...) | attempted-user | 2018-5052 | URL | ||
| 47130 | FILE-IMAGE Adobe Acrobat Pro malformed CEL heap overflow attempt (more info ...) | attempted-user | 2018-5052 | URL | ||
| 47131 | FILE-OTHER Adobe Acrobat Pro EMF Alphablend memory corruption attempt (more info ...) | attempted-user | 2018-5062 | URL | ||
| 47140 | FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out-of-bounds read attempt (more info ...) | attempted-user | 2018-5061 | URL | ||
| 47153 | FILE-OTHER Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12783 | URL | ||
| 47154 | FILE-OTHER Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12783 | URL | ||
| 47157 | FILE-IMAGE Adobe Acrobat Reader jp2 out-of-bounds read attempt (more info ...) | attempted-user | 2018-12790 | URL | ||
| 47158 | FILE-IMAGE Adobe Acrobat Reader jp2 out-of-bounds read attempt (more info ...) | attempted-user | 2018-12790 | URL | ||
| 47174 | FILE-IMAGE Apple Quicktime malformed FPX file memory corruption attempt (more info ...) | attempted-admin | 2016-1767 | |||
| 47187 | FILE-PDF Adobe Acrobat Reader type confusion attempt (more info ...) | attempted-user | 2018-12794 | URL | ||
| 47188 | FILE-PDF Adobe Acrobat Reader type confusion attempt (more info ...) | attempted-user | 2018-12794 | URL | ||
| 47195 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-5014 | URL | ||
| 47196 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-5014 | URL | ||
| 47230 | FILE-OTHER Adobe Acrobat Pro out-of-bounds write attempt (more info ...) | attempted-user | 2018-12771 | |||
| 47231 | FILE-OTHER Adobe Acrobat Pro out-of-bounds write attempt (more info ...) | attempted-user | 2018-12771 | |||
| 47232 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12780 | URL | ||
| 47233 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12780 | URL | ||
| 47245 | FILE-OTHER Adobe Acrobat Pro XPS TTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-5019 | URL | ||
| 47246 | FILE-OTHER Adobe Acrobat Pro XPS TTF out-of-bounds read attempt (more info ...) | attempted-user | 2018-5019 | URL | ||
| 47249 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds read attempt (more info ...) | attempted-recon | 2018-5018 | URL | ||
| 47250 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds read attempt (more info ...) | attempted-recon | 2018-5018 | URL | ||
| 47251 | FILE-OTHER Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12773 | URL | ||
| 47252 | FILE-OTHER Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12773 | URL | ||
| 47266 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12776 | URL | ||
| 47267 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12776 | URL | ||
| 47268 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12774 | URL | ||
| 47269 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12774 | URL | ||
| 47274 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12777 | URL | ||
| 47275 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12777 | URL | ||
| 47276 | FILE-OTHER Adobe Acrobat Pro XPS file PPDoc out-of-bounds read attempt (more info ...) | attempted-user | 2018-5056 | URL | ||
| 47277 | FILE-OTHER Adobe Acrobat Pro XPS file PPDoc out-of-bounds read attempt (more info ...) | attempted-user | 2018-5056 | URL | ||
| 47279 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12779 | URL | ||
| 47280 | FILE-OTHER Adobe Acrobat Pro out-of-bounds read attempt (more info ...) | attempted-user | 2018-12779 | URL | ||
| 47312 | FILE-IMAGE Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-5029 | URL | ||
| 47313 | FILE-IMAGE Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-5029 | URL | ||
| 47314 | FILE-IMAGE Adobe Acrobat Pro malformed CEL out of bounds read attempt (more info ...) | attempted-user | 2018-5046 | URL | ||
| 47315 | FILE-IMAGE Adobe Acrobat Pro malformed CEL out of bounds read attempt (more info ...) | attempted-user | 2018-5046 | URL | ||
| 47318 | FILE-PDF Adobe Acrobat Reader out of bounds write attempt (more info ...) | attempted-user | 2018-12755 | URL | ||
| 47328 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5044 | URL | ||
| 47329 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5044 | URL | ||
| 47330 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5044 | URL | ||
| 47331 | FILE-IMAGE Adobe Acrobat Pro malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5044 | URL | ||
| 47332 | FILE-OTHER Adobe Acrobat Pro out of bounds write attempt (more info ...) | attempted-user | 2018-5059 | URL | ||
| 47333 | FILE-OTHER Adobe Acrobat Pro out of bounds write attempt (more info ...) | attempted-user | 2018-5059 | URL | ||
| 47334 | FILE-PDF Adobe Acrobat Pro out of bounds write attempt (more info ...) | attempted-user | 2018-5059 | URL | ||
| 47335 | FILE-PDF Adobe Acrobat Pro out of bounds write attempt (more info ...) | attempted-user | 2018-5059 | URL | ||
| 47343 | FILE-IMAGE Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-5033 | URL | ||
| 47344 | FILE-IMAGE Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-5033 | URL | ||
| 47350 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG heap overflow attempt (more info ...) | attempted-user | 2018-5058 | URL | ||
| 47351 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG heap overflow attempt (more info ...) | attempted-user | 2018-5058 | URL | ||
| 47352 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG heap overflow attempt (more info ...) | attempted-user | 2018-5058 | URL | ||
| 47353 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG heap overflow attempt (more info ...) | attempted-user | 2018-5058 | URL | ||
| 47354 | FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawPath out of bounds read attempt (more info ...) | attempted-recon | ||||
| 47356 | FILE-IMAGE Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-5039 | URL | ||
| 47357 | FILE-IMAGE Adobe Acrobat Pro out of bounds read attempt (more info ...) | attempted-user | 2018-5039 | URL | ||
| 47359 | FILE-IMAGE Adobe Acrobat Reader malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5053 | URL | ||
| 47360 | FILE-IMAGE Adobe Acrobat Reader malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5053 | URL | ||
| 47361 | FILE-IMAGE Adobe Acrobat Reader malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5053 | URL | ||
| 47362 | FILE-IMAGE Adobe Acrobat Reader malformed TIFF out of bounds read attempt (more info ...) | attempted-user | 2018-5053 | URL | ||
| 47365 | FILE-PDF Adobe Acrobat Reader double free attempt (more info ...) | attempted-user | 2018-12782 | URL | ||
| 47366 | FILE-PDF Adobe Acrobat Reader double free attempt (more info ...) | attempted-user | 2018-12782 | URL | ||
| 47367 | FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (more info ...) | attempted-user | 2018-5042 | URL | ||
| 47368 | FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (more info ...) | attempted-user | 2018-5042 | URL | ||
| 47369 | FILE-OTHER Adobe Acrobat Pro out of bounds memory access attempt (more info ...) | attempted-user | 2018-5037 | URL | ||
| 47370 | FILE-OTHER Adobe Acrobat Pro out of bounds memory access attempt (more info ...) | attempted-user | 2018-5037 | URL | ||
| 47378 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2018-5068 | URL | ||
| 47379 | FILE-PDF Adobe Acrobat Reader out of bounds read attempt (more info ...) | attempted-user | 2018-5068 | URL | ||
| 47382 | FILE-IMAGE Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12791 | URL | ||
| 47383 | FILE-IMAGE Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12791 | URL | ||
| 47384 | FILE-OTHER Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12772 | URL | ||
| 47385 | FILE-OTHER Adobe Acrobat Pro use after free attempt (more info ...) | attempted-user | 2018-12772 | URL | ||
| 47625 | FILE-OTHER Adobe Acrobat Reader EMF path record out-of-bounds read attempt (more info ...) | attempted-user | 2018-12786 | URL | ||
| 47626 | FILE-OTHER Adobe Acrobat Reader EMF path record out-of-bounds read attempt (more info ...) | attempted-user | 2018-12786 | URL | ||
| 47685 | FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (more info ...) | attempted-recon | 2019-7034 | URL | ||
| 47686 | FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (more info ...) | attempted-recon | 2019-7034 | URL | ||
| 47687 | FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (more info ...) | attempted-recon | 2018-5047 | URL | ||
| 47688 | FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (more info ...) | attempted-recon | 2018-5047 | URL | ||
| 47838 | FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (more info ...) | attempted-user | 2018-5054 | URL | ||
| 47839 | FILE-IMAGE Adobe Acrobat Pro SGI RGB run-length encoding out of bounds read attempt (more info ...) | attempted-user | 2018-5054 | URL | ||
| 47874 | FILE-IMAGE Adobe Acrobat Pro EMF ALPHABLEND heap overflow attempt (more info ...) | attempted-user | 2018-12788 | URL | ||
| 47875 | FILE-IMAGE Adobe Acrobat Pro EMF ALPHABLEND heap overflow attempt (more info ...) | attempted-user | 2018-12788 | URL | ||
| 47883 | FILE-OTHER Adobe Acrobat Pro EMF image conversion memory corruption attempt (more info ...) | attempted-user | 2018-5030 | URL | ||
| 47884 | FILE-OTHER Adobe Acrobat Pro EMF image conversion memory corruption attempt (more info ...) | attempted-user | 2018-5030 | URL | ||
| 47908 | FILE-IMAGE Adobe Acrobat Pro EMR_STRETCHDIBITS out-of-bounds write attempt (more info ...) | attempted-user | 2018-12787 | URL | ||
| 47910 | FILE-IMAGE Adobe Acrobat Pro EMR_STRETCHDIBITS out-of-bounds write attempt (more info ...) | attempted-user | 2018-12787 | URL | ||
| 47939 | FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (more info ...) | attempted-recon | 2018-12834 | URL | ||
| 47940 | FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (more info ...) | attempted-recon | 2018-12834 | URL | ||
| 47943 | FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (more info ...) | attempted-user | 2018-12838 | URL | ||
| 47944 | FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (more info ...) | attempted-user | 2018-12838 | URL | ||
| 47961 | FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (more info ...) | attempted-user | 2018-12759 | URL | ||
| 47962 | FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (more info ...) | attempted-user | 2018-12759 | URL | ||
| 47985 | FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (more info ...) | attempted-user | 2018-15945 | URL | ||
| 47989 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (more info ...) | attempted-user | 2018-12868 | URL | ||
| 47990 | FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (more info ...) | attempted-user | 2018-12868 | URL | ||
| 48011 | FILE-IMAGE Adobe Acrobat Pro U3D TIFF XResolution out of bounds read attempt (more info ...) | attempted-user | 2018-15956 | URL | ||
| 48012 | FILE-IMAGE Adobe Acrobat Pro U3D TIFF XResolution out of bounds read attempt (more info ...) | attempted-user | 2018-15956 | URL | ||
| 48013 | FILE-IMAGE Adobe Acrobat Pro U3D TIFF XResolution out of bounds read attempt (more info ...) | attempted-user | 2018-15956 | URL | ||
| 48014 | FILE-IMAGE Adobe Acrobat Pro U3D TIFF XResolution out of bounds read attempt (more info ...) | attempted-user | 2018-15956 | URL | ||
| 48039 | FILE-IMAGE Adobe Acrobat Pro malformed BMP out of bounds read attempt (more info ...) | attempted-user | 2018-5051 | URL | ||
| 48040 | FILE-IMAGE Adobe Acrobat Pro malformed BMP out of bounds read attempt (more info ...) | attempted-user | 2018-5051 | URL | ||
| 48134 | FILE-IMAGE Adobe Acrobat SGI parsing out of bounds read attempt (more info ...) | attempted-recon | 2018-15953 | URL | ||
| 48135 | FILE-IMAGE Adobe Acrobat SGI parsing out of bounds read attempt (more info ...) | attempted-recon | 2018-15953 | URL | ||
| 48211 | FILE-PDF Adobe Acrobat Pro out-of-bounds write attempt (more info ...) | attempted-user | 2018-5070 | URL | ||
| 48212 | FILE-PDF Adobe Acrobat Pro out-of-bounds write attempt (more info ...) | attempted-user | 2018-5070 | URL | ||
| 48400 | FILE-FLASH Adobe Flash Player out of bounds read attempt (more info ...) | attempted-recon | 2018-15978 | |||
| 48401 | FILE-FLASH Adobe Flash Player out of bounds read attempt (more info ...) | attempted-recon | 2018-15978 | |||
| 48642 | FILE-OTHER Adobe Acrobat EMF out of bounds read attempt (more info ...) | attempted-user | 2018-16017 | URL | ||
| 48905 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48906 | FILE-FLASH Adobe Flash Player TVSDK metadata use after free attempt (more info ...) | attempted-user | 2018-15982 | URL | ||
| 48909 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48910 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48911 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48912 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48913 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48914 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48915 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48916 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48917 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48918 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48919 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48920 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48921 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48922 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48923 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48924 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48925 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48926 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48927 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48928 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48929 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48930 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48931 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48932 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48933 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48934 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48935 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48936 | FILE-IMAGE Adobe Acrobat Pro tga file heap overflow attempt (more info ...) | attempted-user | 2018-5045 | URL | ||
| 48965 | FILE-PDF Adobe Reader PPKLite security handler memory corruption vulnerability attempt (more info ...) | attempted-user | 2018-16042 | URL | ||
| 48966 | FILE-PDF Adobe Reader PPKLite security handler memory corruption vulnerability attempt (more info ...) | attempted-user | 2018-16042 | URL | ||
| 48967 | FILE-PDF Adobe Reader PPKLite security handler memory corruption vulnerability attempt (more info ...) | attempted-user | 2018-16042 | URL | ||
| 48968 | FILE-PDF Adobe Reader PPKLite security handler memory corruption vulnerability attempt (more info ...) | attempted-user | 2018-16042 | URL | ||
| 49122 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 49123 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 49124 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 49125 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 49178 | FILE-PDF Adobe Acrobat Reader XSLT information disclosure attempt (more info ...) | attempted-user | 2019-7815 | URL | ||
| 49179 | FILE-PDF Adobe Acrobat Reader XSLT information disclosure attempt (more info ...) | attempted-user | 2019-7815 | URL | ||
| 49281 | FILE-OTHER Adobe Acrobat Pro HTML use-after-free attempt (more info ...) | attempted-user | 2019-7077 | URL | ||
| 49404 | FILE-MULTIMEDIA RealNetworks RealPlayer vidplin.dll avi header parsing execution attempt (more info ...) | attempted-user | 2010-4393 | 46047 | ||
| 49573 | FILE-MULTIMEDIA RealNetworks RealPlayer mpeg width integer memory underflow attempt (more info ...) | attempted-user | 2011-4259 | 50741 | ||
| 50185 | FILE-FLASH Adobe Flash Player writeExternal type confusion attempt (more info ...) | attempted-user | 2015-7645 | URL | ||
| 50441 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 50442 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 50443 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 50444 | FILE-IMAGE Adobe Acrobat TIFF heap buffer overflow attempt (more info ...) | attempted-user | 2017-2966 | URL | ||
| 51379 | FILE-OTHER Adobe Acrobat XPS TTF cmap out-of-bounds read attempt (more info ...) | attempted-user | 2018-5019 | URL | ||
| 51380 | FILE-OTHER Adobe Acrobat XPS TTF cmap out-of-bounds read attempt (more info ...) | attempted-user | 2018-5019 | URL | ||
| 51555 | OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (more info ...) | attempted-user | 2009-1539 | URL | ||
| 51556 | OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (more info ...) | attempted-user | 2009-1539 | URL | ||
| 51557 | OS-WINDOWS Microsoft DirectShow QuickTime file atom size parsing heap corruption attempt (more info ...) | attempted-user | 2009-1539 | URL | ||
| 51819 | FILE-MULTIMEDIA RealNetworks RealPlayer 3GP file parsing memory corruption attempt (more info ...) | attempted-user | 2014-3444 | |||
| 51820 | FILE-MULTIMEDIA RealNetworks RealPlayer 3GP file parsing memory corruption attempt (more info ...) | attempted-user | 2014-3444 | |||
| 52125 | FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | URL | ||
| 52383 | FILE-OTHER Adobe Acrobat and Reader crafted .joboptions file download attempt (more info ...) | attempted-user | 2019-7110 | |||
| 52444 | FILE-OTHER Winamp MAKI parsing integer overflow attempt (more info ...) | attempted-user | 2009-1831 | 35052 | ||
| 52465 | FILE-PDF Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt (more info ...) | attempted-user | 2014-8460 | URL | ||
| 52466 | FILE-PDF Adobe Acrobat Reader embedded font type max subroutine buffer overflow attempt (more info ...) | attempted-user | 2014-8460 | URL | ||
| 52483 | FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | URL | ||
| 52484 | FILE-PDF Adobe Acrobat Reader and Acrobat TTF SING table parsing remote code execution attempt (more info ...) | attempted-user | 2010-2883 | URL | ||
| 52499 | FILE-IMAGE Adobe Photoshop Camera Raw plug-in TIFF image processing buffer underflow attempt (more info ...) | attempted-user | 2012-5679 | URL | ||
| 52500 | FILE-IMAGE Adobe Photoshop Camera Raw plug-in TIFF image processing buffer underflow attempt (more info ...) | attempted-user | 2012-5679 | URL | ||
| 57256 | FILE-PDF Adobe Acrobat Reader DC TTF parsing heap overflow attempt (more info ...) | attempted-user | 2019-8042 | |||
| 57257 | FILE-PDF Adobe Acrobat Reader DC TTF parsing heap overflow attempt (more info ...) | attempted-user | 2019-8042 | |||
| 58102 | FILE-PDF Adobe Reader ESObject use after free attempt (more info ...) | attempted-user | 2020-9715 | URL | ||
| 58103 | FILE-PDF Adobe Reader ESObject use after free attempt (more info ...) | attempted-user | 2020-9715 | URL | ||
| 58642 | FILE-PDF Adobe Acrobat Reader DC memory corruption attempt (more info ...) | attempted-user | 2021-28639 | |||
| 58644 | FILE-PDF Adobe Acrobat Reader DC memory corruption attempt (more info ...) | attempted-user | 2021-28639 | |||
| 58782 | FILE-PDF Adobe Reader Uninitialized object RCE attempt (more info ...) | attempted-user | ||||
| 58783 | FILE-PDF Adobe Reader Uninitialized object RCE attempt (more info ...) | attempted-user | ||||
| 59478 | FILE-OTHER Adobe Acrobat Pro embedded TIFF heap overflow attempt (more info ...) | attempted-user | 2018-4904 | URL | ||
| 59479 | FILE-OTHER Adobe Acrobat Pro embedded TIFF heap overflow attempt (more info ...) | attempted-user | 2018-4904 | URL | ||
| 59632 | FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (more info ...) | attempted-user | 2014-9163 | URL | ||
| 59633 | FILE-FLASH Adobe Flash Player parseFloat stack overflow remote code execution attempt (more info ...) | attempted-user | 2014-9163 | URL | ||
| 59678 | FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt (more info ...) | attempted-admin | 2017-2960 | URL | ||
| 59748 | SERVER-WEBAPP Adobe ColdFusion cross-site scripting attempt (more info ...) | web-application-attack | 2022-28818 | URL | ||
| 59749 | SERVER-WEBAPP Adobe ColdFusion cross-site scripting attempt (more info ...) | web-application-attack | 2022-28818 | URL | ||
| 59783 | FILE-PDF Adobe Acrobat DC memory corruption attempt (more info ...) | attempted-user | 2019-7125 | URL | ||
| 59784 | FILE-PDF Adobe Acrobat DC memory corruption attempt (more info ...) | attempted-user | 2019-7125 | URL | ||
| 59785 | FILE-MULTIMEDIA Apple QuickTime ftab atom buffer overflow attempt (more info ...) | attempted-user | 2014-1246 | |||
| 59786 | FILE-MULTIMEDIA Apple QuickTime ftab atom buffer overflow attempt (more info ...) | attempted-user | 2014-1246 | |||
| 59826 | FILE-OTHER Adobe Acrobat malicious joboptions file download attempt (more info ...) | attempted-user | 2019-7111 | URL | ||
| 59827 | FILE-OTHER Adobe Acrobat malicious joboptions file download attempt (more info ...) | attempted-user | 2019-7111 | URL | ||
| 59841 | FILE-OTHER Adobe Acrobat Pro XPS file PPDoc out-of-bounds read attempt (more info ...) | attempted-user | 2018-5056 | URL | ||
| 59863 | FILE-OTHER Adobe Acrobat Pro XPS file malformed Source attribute buffer overflow attempt (more info ...) | attempted-user | 2018-4899 | URL | ||
| 59944 | FILE-PDF Adobe Acrobat Reader DC out-of-bounds read attempt (more info ...) | attempted-user | 2021-28554 | URL | ||
| 59945 | FILE-PDF Adobe Acrobat Reader DC out-of-bounds read attempt (more info ...) | attempted-user | 2021-28554 | URL | ||
| 60047 | FILE-PDF Adobe Acrobat Reader DC heap-based buffer overflow attempt (more info ...) | attempted-user | 2021-28560 | URL | ||
| 60048 | FILE-PDF Adobe Acrobat Reader DC heap-based buffer overflow attempt (more info ...) | attempted-user | 2021-28560 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 55016 | SERVER-OTHER Cisco Jabber for Windows protocol handler command injection attempt (more info ...) | attempted-user | 2020-3430 | URL | ||
| 55017 | SERVER-OTHER Cisco Jabber for Windows protocol handler command injection attempt (more info ...) | attempted-user | 2020-3430 | URL | ||
| 55018 | SERVER-OTHER Cisco Jabber for Windows protocol handler command injection attempt (more info ...) | attempted-user | 2020-3430 | URL | ||
| 55035 | SERVER-OTHER Cisco Jabber client remote code execution attempt (more info ...) | attempted-user | 2020-3495 | URL | ||
| 56572 | BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (more info ...) | attempted-user | 2020-27127 | URL | ||
| 56573 | BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (more info ...) | attempted-user | 2020-27127 | URL | ||
| 56575 | BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (more info ...) | attempted-user | 2020-27133 | URL | ||
| 56576 | BROWSER-OTHER Cisco Jabber protocol handler command line argument injection attempt (more info ...) | attempted-user | 2020-27133 | URL | ||
| 56588 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2020-27132 | URL | ||
| 56589 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2020-27132 | URL | ||
| 56590 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2020-27132 | URL | ||
| 56845 | BROWSER-OTHER Cisco Jabber protocol cross-site scripting attempt (more info ...) | attempted-user | 2020-26085 | URL | ||
| 56846 | BROWSER-OTHER Cisco Jabber protocol cross-site scripting attempt (more info ...) | attempted-user | 2020-26085 | URL | ||
| 57352 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2021-1411 | URL | ||
| 57353 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2021-1411 | URL | ||
| 57354 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2021-1469 | URL | ||
| 57359 | BROWSER-OTHER Cisco Jabber XMPP information disclosure attempt (more info ...) | attempted-recon | 2021-1417 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 3130 | PUA-OTHER Microsoft MSN Messenger png overflow (more info ...) | attempted-user | 2004-0957 | 10872 | URL | |
| 5692 | PUA-P2P Skype client successful install (more info ...) | policy-violation | URL | |||
| 5694 | PUA-P2P Skype client setup get newest version attempt (more info ...) | policy-violation | URL | |||
| 5998 | PUA-P2P Skype client login startup (more info ...) | policy-violation | ||||
| 5999 | PUA-P2P Skype client login (more info ...) | policy-violation | ||||
| 9380 | MALWARE-OTHER jitux msn messenger propagation detection (more info ...) | trojan-activity | URL | |||
| 13292 | PUA-OTHER Skype skype4com URI handler memory corruption attempt (more info ...) | attempted-user | 2007-5989 | 26748 | ||
| 15150 | PUA-OTHER Jive Software Openfire Jabber Server login Authentication bypass attempt (more info ...) | attempted-admin | 2008-6510 | 32189 | ||
| 15151 | PUA-OTHER Jive Software Openfire Jabber Server logout Authentication bypass attempt (more info ...) | attempted-admin | 2008-6510 | 32189 | ||
| 15152 | PUA-OTHER Jive Software Openfire Jabber Server setup-index Authentication bypass attempt (more info ...) | attempted-admin | 2008-6510 | 32189 | ||
| 15153 | PUA-OTHER Jive Software Openfire Jabber Server setup Authentication bypass attempt (more info ...) | attempted-admin | 2008-6509 | 32189 | ||
| 15154 | PUA-OTHER Jive Software Openfire Jabber Server gif Authentication bypass attempt (more info ...) | attempted-admin | 2008-6510 | 32189 | ||
| 15155 | PUA-OTHER Jive Software Openfire Jabber Server png Authentication bypass attempt (more info ...) | attempted-admin | 2008-6510 | 32189 | ||
| 15156 | PUA-OTHER Jive Software Openfire Jabber Server serverdown Authentication bypass attempt (more info ...) | attempted-admin | 2008-6510 | 32189 | ||
| 15939 | SERVER-OTHER MSN Messenger IRC bot calling home attempt (more info ...) | trojan-activity | ||||
| 16525 | POLICY-SOCIAL Microsoft MSN Messenger web login attempt (more info ...) | policy-violation | URL | |||
| 16718 | PUA-OTHER Skype URI handler input validation exploit attempt (more info ...) | misc-attack | 38699 | URL | ||
| 17551 | PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (more info ...) | attempted-user | 2007-2931 | 25461 | ||
| 17674 | BROWSER-PLUGINS Skype Extras Manager ActiveX clsid access (more info ...) | attempted-user | 2009-4741 | 36459 | ||
| 17676 | BROWSER-PLUGINS Skype Extras Manager ActiveX function call access (more info ...) | attempted-user | 2009-4741 | 36459 | ||
| 18570 | INDICATOR-COMPROMISE fraudulent digital certificate for login.skype.com detected (more info ...) | misc-attack | URL | |||
| 20554 | PUA-OTHER Microsoft MSN Messenger and Windows Live Messenger Code Execution attempt (more info ...) | attempted-user | 2007-2931 | 25461 | ||
| 31828 | MALWARE-CNC Win.Trojan.Jabberbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31949 | MALWARE-CNC User-Agent known malicious user-agent string - Skypee - Win.Trojan.Rukypee (more info ...) | trojan-activity | URL | |||
| 56591 | BROWSER-OTHER Cisco Jabber XMPP cross site scripting attempt (more info ...) | attempted-user | 2020-27134 | URL | ||
| 57351 | BROWSER-OTHER Cisco Jabber XMPP mention message denial of service attempt (more info ...) | attempted-dos | 2021-1418 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 16405 | PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Prefix Information stack buffer overflow attempt (more info ...) | attempted-admin | 2010-0239 | URL | ||
| 32369 | PROTOCOL-ICMP FreeBSD rtsold dname_labeldec stack buffer overflow attempt (more info ...) | attempted-admin | 2014-3954 | 70694 | ||
| 43310 | BROWSER-PLUGINS MagnetoSoft ICMP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43311 | BROWSER-PLUGINS MagnetoSoft ICMP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43318 | BROWSER-PLUGINS MagnetoSoft ICMP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 43319 | BROWSER-PLUGINS MagnetoSoft ICMP ActiveX clsid access attempt (more info ...) | attempted-user | URL | |||
| 54902 | PROTOCOL-OTHER IGMP DVMRP scan attempt (more info ...) | network-scan | URL | |||
| 55984 | PROTOCOL-ICMP Microsoft Windows IPv6 stack remote execution attempt (more info ...) | attempted-user | 2020-16898 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 221 | PROTOCOL-ICMP TFN Probe (more info ...) | attempted-dos | 2000-0138 | |||
| 222 | PROTOCOL-ICMP tfn2k icmp possible communication (more info ...) | attempted-dos | 2000-0138 | |||
| 224 | PROTOCOL-ICMP Stacheldraht server spoof (more info ...) | attempted-dos | 2000-0138 | |||
| 225 | PROTOCOL-ICMP Stacheldraht gag server response (more info ...) | attempted-dos | 2000-0138 | |||
| 226 | PROTOCOL-ICMP Stacheldraht server response (more info ...) | attempted-dos | 2000-0138 | |||
| 227 | PROTOCOL-ICMP Stacheldraht client spoofworks (more info ...) | attempted-dos | 2000-0138 | |||
| 228 | PROTOCOL-ICMP TFN client command BE (more info ...) | attempted-dos | 2000-0138 | |||
| 229 | PROTOCOL-ICMP Stacheldraht client check skillz (more info ...) | attempted-dos | 2000-0138 | |||
| 236 | PROTOCOL-ICMP Stacheldraht client check gag (more info ...) | attempted-dos | 2000-0138 | |||
| 238 | PROTOCOL-ICMP TFN server response (more info ...) | attempted-dos | 2000-0138 | |||
| 251 | PROTOCOL-ICMP - TFN client command LE (more info ...) | attempted-dos | 2000-0138 | |||
| 272 | OS-WINDOWS Microsoft WIndows IGMP dos attack (more info ...) | attempted-dos | 1999-0918 | 514 | URL | |
| 274 | PROTOCOL-ICMP ath (more info ...) | attempted-dos | 1999-1228 | |||
| 363 | PROTOCOL-ICMP IRDP router advertisement (more info ...) | misc-activity | 1999-0875 | 578 | ||
| 364 | PROTOCOL-ICMP IRDP router selection (more info ...) | misc-activity | 1999-0875 | 578 | ||
| 365 | PROTOCOL-ICMP PING undefined code (more info ...) | misc-activity | ||||
| 368 | PROTOCOL-ICMP PING BSDtype (more info ...) | misc-activity | ||||
| 369 | PROTOCOL-ICMP PING BayRS Router (more info ...) | misc-activity | ||||
| 370 | PROTOCOL-ICMP PING BeOS4.x (more info ...) | misc-activity | ||||
| 371 | PROTOCOL-ICMP PING Cisco Type.x (more info ...) | misc-activity | ||||
| 372 | PROTOCOL-ICMP PING Delphi-Piette Windows (more info ...) | misc-activity | ||||
| 373 | PROTOCOL-ICMP PING Flowpoint2200 or Network Management Software (more info ...) | misc-activity | ||||
| 374 | PROTOCOL-ICMP PING IP NetMonitor Macintosh (more info ...) | misc-activity | ||||
| 375 | PROTOCOL-ICMP PING LINUX/*BSD (more info ...) | misc-activity | ||||
| 376 | PROTOCOL-ICMP PING Microsoft Windows (more info ...) | misc-activity | ||||
| 377 | PROTOCOL-ICMP PING Network Toolbox 3 Windows (more info ...) | misc-activity | ||||
| 378 | PROTOCOL-ICMP PING Ping-O-MeterWindows (more info ...) | misc-activity | ||||
| 379 | PROTOCOL-ICMP PING Pinger Windows (more info ...) | misc-activity | ||||
| 380 | PROTOCOL-ICMP PING Seer Windows (more info ...) | misc-activity | ||||
| 381 | PROTOCOL-ICMP PING Oracle Solaris (more info ...) | misc-activity | ||||
| 382 | PROTOCOL-ICMP PING Windows (more info ...) | misc-activity | ||||
| 385 | PROTOCOL-ICMP traceroute (more info ...) | attempted-recon | ||||
| 386 | PROTOCOL-ICMP Address Mask Reply (more info ...) | misc-activity | ||||
| 387 | PROTOCOL-ICMP Address Mask Reply undefined code (more info ...) | misc-activity | ||||
| 388 | PROTOCOL-ICMP Address Mask Request (more info ...) | misc-activity | ||||
| 389 | PROTOCOL-ICMP Address Mask Request undefined code (more info ...) | misc-activity | ||||
| 390 | PROTOCOL-ICMP Alternate Host Address (more info ...) | misc-activity | ||||
| 391 | PROTOCOL-ICMP Alternate Host Address undefined code (more info ...) | misc-activity | ||||
| 392 | PROTOCOL-ICMP Datagram Conversion Error (more info ...) | misc-activity | ||||
| 393 | PROTOCOL-ICMP Datagram Conversion Error undefined code (more info ...) | misc-activity | ||||
| 394 | PROTOCOL-ICMP Destination Unreachable Destination Host Unknown (more info ...) | misc-activity | ||||
| 395 | PROTOCOL-ICMP Destination Unreachable Destination Network Unknown (more info ...) | misc-activity | ||||
| 397 | PROTOCOL-ICMP Destination Unreachable Host Precedence Violation (more info ...) | misc-activity | ||||
| 398 | PROTOCOL-ICMP Destination Unreachable Host Unreachable for Type of Service (more info ...) | misc-activity | ||||
| 400 | PROTOCOL-ICMP Destination Unreachable Network Unreachable for Type of Service (more info ...) | misc-activity | ||||
| 401 | PROTOCOL-ICMP Destination Unreachable Network Unreachable (more info ...) | misc-activity | ||||
| 403 | PROTOCOL-ICMP Destination Unreachable Precedence Cutoff in effect (more info ...) | misc-activity | ||||
| 404 | PROTOCOL-ICMP Destination Unreachable Protocol Unreachable (more info ...) | misc-activity | 2005-0068 | |||
| 405 | PROTOCOL-ICMP Destination Unreachable Source Host Isolated (more info ...) | misc-activity | ||||
| 406 | PROTOCOL-ICMP Destination Unreachable Source Route Failed (more info ...) | misc-activity | ||||
| 407 | PROTOCOL-ICMP Destination Unreachable cndefined code (more info ...) | misc-activity | ||||
| 411 | PROTOCOL-ICMP IPV6 I-Am-Here (more info ...) | misc-activity | ||||
| 412 | PROTOCOL-ICMP IPV6 I-Am-Here undefined code (more info ...) | misc-activity | ||||
| 413 | PROTOCOL-ICMP IPV6 Where-Are-You (more info ...) | misc-activity | ||||
| 414 | PROTOCOL-ICMP IPV6 Where-Are-You undefined code (more info ...) | misc-activity | ||||
| 415 | PROTOCOL-ICMP Information Reply (more info ...) | misc-activity | ||||
| 416 | PROTOCOL-ICMP Information Reply undefined code (more info ...) | misc-activity | ||||
| 417 | PROTOCOL-ICMP Information Request (more info ...) | misc-activity | ||||
| 418 | PROTOCOL-ICMP Information Request undefined code (more info ...) | misc-activity | ||||
| 419 | PROTOCOL-ICMP Mobile Host Redirect (more info ...) | misc-activity | ||||
| 420 | PROTOCOL-ICMP Mobile Host Redirect undefined code (more info ...) | misc-activity | ||||
| 421 | PROTOCOL-ICMP Mobile Registration Reply (more info ...) | misc-activity | ||||
| 422 | PROTOCOL-ICMP Mobile Registration Reply undefined code (more info ...) | misc-activity | ||||
| 423 | PROTOCOL-ICMP Mobile Registration Request (more info ...) | misc-activity | ||||
| 424 | PROTOCOL-ICMP Mobile Registration Request undefined code (more info ...) | misc-activity | ||||
| 425 | PROTOCOL-ICMP Parameter Problem Bad Length (more info ...) | misc-activity | ||||
| 426 | PROTOCOL-ICMP Parameter Problem Missing a Required Option (more info ...) | misc-activity | ||||
| 427 | PROTOCOL-ICMP Parameter Problem Unspecified Error (more info ...) | misc-activity | ||||
| 428 | PROTOCOL-ICMP Parameter Problem undefined Code (more info ...) | misc-activity | ||||
| 429 | PROTOCOL-ICMP Photuris Reserved (more info ...) | misc-activity | ||||
| 430 | PROTOCOL-ICMP Photuris Unknown Security Parameters Index (more info ...) | misc-activity | ||||
| 431 | PROTOCOL-ICMP Photuris Valid Security Parameters, But Authentication Failed (more info ...) | misc-activity | ||||
| 432 | PROTOCOL-ICMP Photuris Valid Security Parameters, But Decryption Failed (more info ...) | misc-activity | ||||
| 433 | PROTOCOL-ICMP Photuris undefined code! (more info ...) | misc-activity | ||||
| 436 | PROTOCOL-ICMP Redirect for TOS and Host (more info ...) | misc-activity | 1999-0265 | |||
| 437 | PROTOCOL-ICMP Redirect for TOS and Network (more info ...) | misc-activity | 1999-0265 | |||
| 438 | PROTOCOL-ICMP Redirect undefined code (more info ...) | misc-activity | 1999-0265 | |||
| 439 | PROTOCOL-ICMP Reserved for Security Type 19 (more info ...) | misc-activity | ||||
| 440 | PROTOCOL-ICMP Reserved for Security Type 19 undefined code (more info ...) | misc-activity | ||||
| 441 | PROTOCOL-ICMP Router Advertisement (more info ...) | misc-activity | ||||
| 443 | PROTOCOL-ICMP Router Selection (more info ...) | misc-activity | ||||
| 445 | PROTOCOL-ICMP SKIP (more info ...) | misc-activity | ||||
| 446 | PROTOCOL-ICMP SKIP undefined code (more info ...) | misc-activity | ||||
| 448 | PROTOCOL-ICMP Source Quench undefined code (more info ...) | misc-activity | ||||
| 450 | PROTOCOL-ICMP Time-To-Live Exceeded in Transit undefined code (more info ...) | misc-activity | ||||
| 451 | PROTOCOL-ICMP Timestamp Reply (more info ...) | misc-activity | ||||
| 452 | PROTOCOL-ICMP Timestamp Reply undefined code (more info ...) | misc-activity | ||||
| 453 | PROTOCOL-ICMP Timestamp Request (more info ...) | misc-activity | ||||
| 454 | PROTOCOL-ICMP Timestamp Request undefined code (more info ...) | misc-activity | ||||
| 456 | PROTOCOL-ICMP Traceroute (more info ...) | misc-activity | ||||
| 457 | PROTOCOL-ICMP Traceroute undefined code (more info ...) | misc-activity | ||||
| 458 | PROTOCOL-ICMP unassigned type 1 (more info ...) | misc-activity | ||||
| 462 | PROTOCOL-ICMP unassigned type 7 (more info ...) | misc-activity | ||||
| 463 | PROTOCOL-ICMP unassigned type 7 undefined code (more info ...) | misc-activity | 1999-0454 | |||
| 465 | PROTOCOL-ICMP ISS Pinger (more info ...) | attempted-recon | ||||
| 467 | PROTOCOL-ICMP Nemesis v1.1 Echo (more info ...) | attempted-recon | ||||
| 476 | PROTOCOL-ICMP webtrends scanner (more info ...) | attempted-recon | ||||
| 480 | PROTOCOL-ICMP PING speedera (more info ...) | misc-activity | ||||
| 481 | PROTOCOL-ICMP TJPingPro1.1Build 2 Windows (more info ...) | misc-activity | ||||
| 482 | PROTOCOL-ICMP PING WhatsupGold Windows (more info ...) | misc-activity | ||||
| 484 | PROTOCOL-ICMP PING Sniffer Pro/NetXRay network scan (more info ...) | misc-activity | ||||
| 1813 | PROTOCOL-ICMP digital island bandwidth query (more info ...) | misc-activity | ||||
| 1854 | PROTOCOL-ICMP Stacheldraht handler->agent niggahbitch (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 1855 | PROTOCOL-ICMP Stacheldraht agent->handler skillz (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 1856 | PROTOCOL-ICMP Stacheldraht handler->agent ficken (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 1918 | PROTOCOL-ICMP SolarWinds IP scan attempt (more info ...) | network-scan | ||||
| 2462 | SERVER-OTHER Ethereal IGMP IGAP account overflow attempt (more info ...) | attempted-admin | 2004-0367 | 9952 | ||
| 2463 | SERVER-OTHER Ethereal IGMP IGAP message overflow attempt (more info ...) | attempted-admin | 2004-0367 | 9952 | ||
| 3626 | PROTOCOL-ICMP PATH MTU denial of service attempt (more info ...) | attempted-dos | 2004-1060 | 13124 | ||
| 6128 | MALWARE-BACKDOOR dkangel runtime detection - icmp echo reply client-to-server (more info ...) | trojan-activity | URL | |||
| 8730 | PROTOCOL-ICMP record route rr denial of service attempt (more info ...) | attempted-dos | 2001-0752 | 870 | ||
| 10107 | MALWARE-BACKDOOR icmp cmd 1.0 runtime detection - pslist (more info ...) | trojan-activity | URL | |||
| 10108 | MALWARE-BACKDOOR icmp cmd 1.0 runtime detection - pskill (more info ...) | trojan-activity | URL | |||
| 13288 | OS-WINDOWS Microsoft Windows remote kernel tcp/ip icmp vulnerability exploit attempt (more info ...) | attempted-admin | 2007-0066 | URL | ||
| 18249 | PROTOCOL-ICMP Microsoft Windows Ipv6pHandleRouterAdvertisement Route Information stack buffer overflow attempt (more info ...) | attempted-admin | 2010-0241 | URL | ||
| 18474 | PROTOCOL-ICMP ICMPv6 Echo Request (more info ...) | misc-activity | ||||
| 21853 | APP-DETECT ptunnel icmp proxy (more info ...) | policy-violation | URL | |||
| 23178 | PROTOCOL-ICMP IPv6 router advertisement flood attempt (more info ...) | attempted-dos | 2014-2309 | 65409 | URL | |
| 24088 | MALWARE-CNC Win.Trojan.Bledoor TCP tunnel in ICMP (more info ...) | trojan-activity | URL | |||
| 24294 | PROTOCOL-ICMP IPv6 neighbor advertisement flood attempt (more info ...) | misc-activity | URL | |||
| 24295 | PROTOCOL-ICMP suspicious IPv6 router advertisement attempt (more info ...) | attempted-admin | URL | |||
| 24296 | PROTOCOL-ICMP IPv6 router advertisement invalid prefix option attempt (more info ...) | misc-activity | 2014-0254 | 65409 | URL | |
| 24297 | PROTOCOL-ICMP IPv6 oversized ICMP ping attempt (more info ...) | misc-activity | URL | |||
| 24298 | PROTOCOL-ICMP IPv6 0xdeadbeef ICMP ping attempt (more info ...) | misc-activity | URL | |||
| 24299 | PROTOCOL-ICMP IPv6 invalid router advertisement attempt (more info ...) | misc-activity | URL | |||
| 24301 | PROTOCOL-ICMP IPv6 MLD multicast listener query attempt (more info ...) | misc-activity | URL | |||
| 24302 | PROTOCOL-ICMP IPv6 multicast neighbor delete attempt (more info ...) | misc-activity | URL | |||
| 24303 | PROTOCOL-ICMP IPv6 multicast neighbor add attempt (more info ...) | misc-activity | URL | |||
| 24305 | PROTOCOL-ICMP invalid ICMPv6 header attempt (more info ...) | misc-activity | URL | |||
| 25314 | OS-LINUX Linux kernel IGMP queries denial of service attempt (more info ...) | denial-of-service | 2012-0207 | |||
| 26736 | MALWARE-CNC Win.Trojan.BlackRev cnc icmp command (more info ...) | trojan-activity | URL | |||
| 27610 | PROTOCOL-ICMP Truncated ICMPv6 denial of service attempt (more info ...) | denial-of-service | 2013-3182 | URL | ||
| 27611 | PROTOCOL-ICMP Truncated ICMPv6 denial of service attempt (more info ...) | denial-of-service | 2013-3182 | URL | ||
| 27624 | OS-WINDOWS Microsoft ICMPv6 mismatched prefix length and length field denial of service attempt (more info ...) | denial-of-service | 2013-3183 | URL | ||
| 28292 | PROTOCOL-ICMP IPv6 0xfacebabe ICMP ping attempt (more info ...) | misc-activity | URL | |||
| 28463 | MALWARE-CNC Win.Trojan.AllAple Variant ICMP flood (more info ...) | trojan-activity | URL | |||
| 29454 | PROTOCOL-ICMP Unusual L3retriever Ping detected (more info ...) | successful-recon-limited | URL | |||
| 29455 | PROTOCOL-ICMP Unusual Microsoft Windows Ping detected (more info ...) | successful-recon-limited | URL | |||
| 29457 | PROTOCOL-ICMP Unusual Microsoft Windows 7 Ping detected (more info ...) | successful-recon-limited | URL | |||
| 33927 | SERVER-OTHER Cisco IOS virtual routing and forwarding ICMP redirect denial of service attempt (more info ...) | attempted-dos | 2015-0638 | URL | ||
| 36650 | PROTOCOL-ICMP Squid Pinger IPv6 denial of service attempt (more info ...) | attempted-dos | 2014-7142 | URL | ||
| 36651 | PROTOCOL-ICMP Squid Pinger IPv6 denial of service attempt (more info ...) | attempted-dos | 2014-7142 | URL | ||
| 39065 | SERVER-OTHER Cisco IOS NX invalid ICMPv6 neighbor discovery hop limit denial of service attempt (more info ...) | attempted-dos | 2016-1409 | URL | ||
| 46126 | SERVER-OTHER Cisco IOS XE IGMP denial of service attempt (more info ...) | attempted-dos | 2018-0165 | URL | ||
| 46127 | SERVER-OTHER Cisco IOS XE IGMP denial of service attempt (more info ...) | attempted-dos | 2018-0165 | URL | ||
| 46128 | SERVER-OTHER Cisco IOS XE IGMP denial of service attempt (more info ...) | attempted-dos | 2018-0165 | URL | ||
| 47401 | INDICATOR-OBFUSCATION ICMP HTTP tunneling attempt (more info ...) | misc-activity | URL | |||
| 50165 | MALWARE-CNC Unix.Trojan.Winnti variant outbound ICMP connection (more info ...) | trojan-activity | URL | |||
| 90033 | OS-WINDOWS Microsoft Windows IppRateLimitIcmp integer overflow exploit attempt (more info ...) | attempted-dos | 2011-1871 | URL |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 610 | PROTOCOL-SERVICES rsh root (more info ...) | attempted-admin | 2012-6392 | 57221 | URL | |
| 654 | SERVER-MAIL RCPT TO overflow (more info ...) | attempted-admin | 2010-2580 | 9696 | ||
| 1409 | PROTOCOL-SNMP community string buffer overflow attempt (more info ...) | misc-attack | 2002-0013 | 4089 | URL | |
| 1422 | PROTOCOL-SNMP community string buffer overflow attempt with evasion (more info ...) | misc-attack | 2002-0013 | 4089 | URL | |
| 1634 | PROTOCOL-POP PASS overflow attempt (more info ...) | attempted-admin | 2006-6605 | 791 | 10325 | |
| 2551 | SERVER-OTHER Oracle Web Cache GET overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2552 | SERVER-OTHER Oracle Web Cache HEAD overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2553 | SERVER-OTHER Oracle Web Cache PUT overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2554 | SERVER-OTHER Oracle Web Cache POST overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2555 | SERVER-OTHER Oracle Web Cache TRACE overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2556 | SERVER-OTHER Oracle Web Cache DELETE overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2557 | SERVER-OTHER Oracle Web Cache LOCK overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2558 | SERVER-OTHER Oracle Web Cache MKCOL overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2559 | SERVER-OTHER Oracle Web Cache COPY overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2560 | SERVER-OTHER Oracle Web Cache MOVE overflow attempt (more info ...) | attempted-admin | 2004-0385 | 9868 | 12126 | |
| 2580 | SERVER-WEBAPP server negative Content-Length attempt (more info ...) | attempted-admin | 2004-0492 | 10508 | URL | |
| 2597 | SERVER-WEBAPP Samba SWAT Authorization overflow attempt (more info ...) | web-application-attack | 2004-0600 | 10780 | ||
| 2598 | SERVER-WEBAPP Samba SWAT Authorization port 901 overflow attempt (more info ...) | web-application-attack | 2004-0600 | 10780 | ||
| 2673 | FILE-IMAGE libpng tRNS overflow attempt (more info ...) | attempted-user | 2004-0597 | 10872 | ||
| 3085 | SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (more info ...) | misc-attack | 2004-0636 | 10889 | ||
| 3517 | SERVER-OTHER Computer Associates license PUTOLF overflow attempt (more info ...) | attempted-user | 2005-0582 | 12705 | ||
| 3824 | SERVER-MAIL AUTH user overflow attempt (more info ...) | attempted-admin | 2018-6789 | 13772 | ||
| 4642 | SERVER-ORACLE sys.pbsde.init buffer overflow attempt (more info ...) | attempted-user | 2005-3438 | 15134 | URL | |
| 4681 | SERVER-WEBAPP Symantec Antivirus admin scan interface negative Content-Length attempt (more info ...) | attempted-admin | 2005-2758 | 15001 | ||
| 5316 | SERVER-OTHER CA CAM log_security overflow attempt (more info ...) | misc-attack | 2005-2668 | 14622 | ||
| 6512 | SERVER-OTHER symantec antivirus realtime virusscan overflow attempt (more info ...) | attempted-admin | 2006-2630 | 18107 | ||
| 7091 | MALWARE-BACKDOOR serveme runtime detection (more info ...) | trojan-activity | URL | |||
| 7096 | MALWARE-BACKDOOR remote hack 1.5 runtime detection - logon (more info ...) | trojan-activity | URL | |||
| 7097 | MALWARE-BACKDOOR remote hack 1.5 runtime detection - execute file (more info ...) | trojan-activity | URL | |||
| 7099 | MALWARE-BACKDOOR remote hack 1.5 runtime detection - start keylogger (more info ...) | trojan-activity | URL | |||
| 7105 | MALWARE-BACKDOOR aol admin runtime detection (more info ...) | trojan-activity | URL | |||
| 7108 | MALWARE-BACKDOOR undetected runtime detection (more info ...) | trojan-activity | URL | |||
| 7111 | MALWARE-BACKDOOR fearless lite 1.01 runtime detection (more info ...) | trojan-activity | URL | |||
| 7112 | MALWARE-BACKDOOR fearless lite 1.01 runtime detection (more info ...) | trojan-activity | URL | |||
| 7115 | MALWARE-BACKDOOR ghost 2.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 8441 | SERVER-WEBAPP McAfee header buffer overflow attempt (more info ...) | attempted-admin | 2006-5156 | 20288 | ||
| 9421 | MALWARE-OTHER zotob attempt (more info ...) | trojan-activity | 2005-1983 | 14513 | URL | |
| 9422 | MALWARE-OTHER msblast attempt (more info ...) | trojan-activity | 2003-0352 | 8205 | URL | |
| 9423 | MALWARE-OTHER lovegate attempt (more info ...) | trojan-activity | 2003-0352 | 8205 | URL | |
| 9632 | SERVER-OTHER Tivoli Storage Manager command request buffer overflow attempt (more info ...) | attempted-admin | 2006-5855 | 21440 | ||
| 9845 | FILE-IDENTIFY M3U file magic detected (more info ...) | misc-activity | URL | |||
| 10187 | SERVER-OTHER HP Mercury Loadrunner command line buffer overflow (more info ...) | attempted-admin | 2007-0446 | 22487 | ||
| 11265 | SERVER-OTHER Sentinel license manager buffer overflow attempt (more info ...) | attempted-admin | 2020-10291 | 12742 | ||
| 12362 | SERVER-WEBAPP Squid HTTP Proxy-Authorization overflow attempt (more info ...) | attempted-user | 2004-0541 | 10500 | ||
| 12480 | MALWARE-OTHER Keylogger inside website logger 2.4 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12596 | SERVER-OTHER CA BrightStor LGServer username buffer overflow attempt (more info ...) | attempted-admin | 2007-5003 | 24348 | ||
| 13221 | SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (more info ...) | attempted-admin | 2007-4221 | 25454 | URL | |
| 13222 | SERVER-OTHER Motorola Timbuktu crafted login request buffer overflow attempt (more info ...) | attempted-admin | 2007-4221 | 25454 | URL | |
| 13365 | SERVER-OTHER Trend Micro ServerProtect TMregChange buffer overflow attempt (more info ...) | attempted-admin | 2007-4731 | URL | ||
| 13519 | SERVER-OTHER Citrix MetaFrame IMA buffer overflow attempt (more info ...) | attempted-admin | 2008-0356 | 27329 | ||
| 13522 | SERVER-OTHER Firebird Database Server username handling buffer overflow (more info ...) | attempted-admin | 2008-0467 | 27467 | ||
| 13584 | FILE-IDENTIFY CSV file download request (more info ...) | misc-activity | 2008-0112 | URL | ||
| 13715 | SERVER-WEBAPP HP OpenView Network Node Manager HTTP handling buffer overflow attempt (more info ...) | attempted-admin | 2008-1697 | 28569 | ||
| 13718 | SERVER-MAIL BDAT buffer overflow attempt (more info ...) | attempted-admin | 2002-0055 | 4204 | URL | |
| 13801 | FILE-IDENTIFY RTF file download request (more info ...) | misc-activity | URL | |||
| 13804 | SERVER-OTHER Borland Software InterBase ibserver.exe Service Attach Request buffer overflow attempt (more info ...) | attempted-admin | 2008-1910 | 28730 | ||
| 13843 | SERVER-OTHER MaxDB WebDBM get buffer overflow (more info ...) | attempted-admin | 2006-4305 | 13843 | ||
| 14017 | FILE-IDENTIFY MPEG Layer 3 playlist file download request (more info ...) | misc-activity | URL | |||
| 14769 | SERVER-OTHER DATAC RealWin SCADA System buffer overflow attempt (more info ...) | attempted-user | 2011-1563 | 46937 | ||
| 15013 | FILE-IDENTIFY PDF file download request (more info ...) | misc-activity | URL | |||
| 15079 | FILE-IDENTIFY WAV file download request (more info ...) | misc-activity | URL | |||
| 15186 | SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (more info ...) | attempted-user | 2008-3641 | 31688 | ||
| 15255 | SERVER-ORACLE Secure Backup msgid 0x901 username field overflow attempt (more info ...) | attempted-admin | 2008-5444 | 33177 | ||
| 15261 | SERVER-ORACLE Secure Backup exec_qr command injection attempt (more info ...) | attempted-user | 2008-5448 | 33177 | ||
| 15262 | SERVER-ORACLE Secure Backup POST exec_qr command injection attempt (more info ...) | attempted-user | 2008-5448 | 33177 | ||
| 15422 | SERVER-OTHER Sun One web proxy server overflow attempt (more info ...) | attempted-admin | 2007-2881 | 24165 | URL | |
| 15427 | FILE-IDENTIFY SVG file download request (more info ...) | misc-activity | URL | |||
| 15434 | SERVER-WEBAPP HP OpenView Network Node Manager OvOSLocale parameter buffer overflow attempt (more info ...) | attempted-user | 2009-0920 | 34134 | ||
| 15436 | SERVER-OTHER IBM Tivoli Storage Manager Express Backup counter heap corruption attempt (more info ...) | attempted-admin | 2008-4563 | 34077 | URL | |
| 15437 | SERVER-OTHER IBM Tivoli Storage Manager Express Backup message length heap corruption attempt (more info ...) | attempted-admin | 2008-4563 | 34077 | URL | |
| 15477 | SERVER-WEBAPP Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (more info ...) | misc-attack | 2008-5457 | |||
| 15479 | SERVER-OTHER RealNetworks Helix Server RTSP Request Proxy-Require header heap buffer overflow attempt (more info ...) | attempted-admin | 2008-5911 | 33059 | ||
| 15489 | PUA-OTHER Cerulean Studios Trillian image filename handling XML tag overflow attempt (more info ...) | attempted-user | 2008-5401 | |||
| 15516 | FILE-IDENTIFY AVI multimedia file download request (more info ...) | misc-activity | URL | |||
| 15554 | SERVER-ORACLE Application Server 10g OPMN service format string vulnerability exploit attempt (more info ...) | attempted-admin | 2009-0993 | 34461 | ||
| 15571 | SERVER-OTHER RealNetworks Helix Server RTSP SETUP stack buffer overflow attempt (more info ...) | attempted-admin | 2008-5911 | 33059 | ||
| 15573 | SERVER-OTHER RealNetworks Helix Server RTSP SET_PARAMETER heap buffer overflow attempt (more info ...) | attempted-admin | 2008-5911 | 33059 | ||
| 15708 | SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (more info ...) | attempted-admin | 2009-1628 | 35494 | ||
| 15726 | SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (more info ...) | attempted-user | 2009-1420 | 35267 | ||
| 15865 | FILE-IDENTIFY MP4 file download request (more info ...) | misc-activity | URL | |||
| 15900 | FILE-IDENTIFY Audio Interchange file download request (more info ...) | misc-activity | ||||
| 15943 | SERVER-OTHER CA Multiple Products Console Server login credentials handling overflow attempt (more info ...) | attempted-user | 2007-2522 | 23906 | ||
| 15966 | FILE-OTHER F-Secure Anti-Virus LHA processing buffer overflow attempt (more info ...) | attempted-user | 2004-0234 | 10243 | ||
| 15968 | SERVER-OTHER LANDesk Management Suite QIP service heal packet buffer overflow attempt (more info ...) | attempted-admin | 2008-2468 | 31193 | URL | |
| 15970 | SERVER-OTHER Subversion svn pProtocol string parsing heap overflow attempt (more info ...) | attempted-admin | 2004-0413 | 10519 | ||
| 15972 | SERVER-OTHER single byte encoded name response (more info ...) | misc-attack | 2004-0444 | |||
| 15978 | SERVER-WEBAPP Macromedia JRun 4 mod_jrun buffer overflow attempt (more info ...) | attempted-user | 2004-0646 | 11245 | ||
| 15986 | SERVER-SAMBA Samba unicode filename buffer overflow attempt (more info ...) | misc-attack | 2004-0882 | 11678 | ||
| 15987 | FILE-IDENTIFY DXF file download request (more info ...) | misc-activity | URL | |||
| 16001 | FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (more info ...) | attempted-user | 2007-0462 | 22207 | ||
| 16015 | SERVER-OTHER Norton Internet Security NBNS response processing stack overflow attempt (more info ...) | attempted-admin | 2004-0444 | 10333 | ||
| 16080 | SERVER-OTHER KAME racoon X509 certificate verification bypass attempt (more info ...) | attempted-user | 2004-0607 | 10546 | ||
| 16191 | SERVER-ORACLE Oracle Secure Backup Administration server authentication bypass attempt - via GET (more info ...) | attempted-admin | 2009-1977 | 35672 | URL | |
| 16192 | SERVER-ORACLE Secure Backup Administration server authentication bypass attempt (more info ...) | attempted-admin | 2010-0904 | 41596 | URL | |
| 16196 | SERVER-OTHER Symantec Backup Exec System Recovery Manager unauthorized file upload attempt (more info ...) | misc-activity | 2008-0457 | |||
| 16204 | SERVER-OTHER HP OpenView Network Node Manager ovlaunch host field overflow attempt (more info ...) | attempted-user | 2008-4562 | 33668 | ||
| 16205 | FILE-IDENTIFY BMP file download request (more info ...) | misc-activity | URL | |||
| 16217 | SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 45 integer overflow attempt (more info ...) | attempted-admin | 2008-2438 | 34738 | ||
| 16286 | FILE-IDENTIFY TrueType font file download request (more info ...) | misc-activity | URL | |||
| 16296 | FILE-OTHER Kaspersky antivirus library heap buffer overflow - with optional fields (more info ...) | attempted-user | 2005-3142 | 14998 | ||
| 16332 | SERVER-OTHER Symantec System Center Alert Management System untrusted command execution attempt (more info ...) | policy-violation | 2009-1431 | 34675 | ||
| 16438 | SERVER-ORACLE WebLogic Server Node Manager arbitrary command execution attempt (more info ...) | attempted-admin | 2010-0073 | 37926 | URL | |
| 16444 | SERVER-OTHER HP StorageWorks storage mirroring double take service code execution attempt (more info ...) | attempted-admin | 2008-1661 | URL | ||
| 16486 | MALWARE-BACKDOOR Arucer backdoor traffic - command execution attempt (more info ...) | trojan-activity | 2010-0103 | URL | ||
| 16487 | MALWARE-BACKDOOR Arucer backdoor traffic - yes command attempt (more info ...) | trojan-activity | 2010-0103 | URL | ||
| 16488 | MALWARE-BACKDOOR Arucer backdoor traffic - write file attempt (more info ...) | trojan-activity | 2010-0103 | URL | ||
| 16514 | SERVER-OTHER Trillian AIM XML tag handling heap buffer overflow attempt (more info ...) | attempted-user | 2008-5403 | 32645 | URL | |
| 16529 | FILE-IDENTIFY JPEG file download request (more info ...) | misc-activity | URL | |||
| 16555 | SERVER-WEBAPP HP Openview Network Node Manager OvAcceptLang overflow attempt (more info ...) | attempted-user | 2009-0921 | 34134 | ||
| 16601 | FILE-OTHER Amaya web editor XML and HTML Parser Buffer overflow attempt (more info ...) | attempted-user | 2009-0323 | 33047 | ||
| 16604 | SERVER-WEBAPP HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow attempt (more info ...) | attempted-user | 2009-4179 | 37261 | ||
| 16685 | SERVER-OTHER IBM Tivoli Storage Manager Client dsmagent.exe NodeName length buffer overflow attempt (more info ...) | attempted-admin | 2008-4828 | 34803 | URL | |
| 16798 | FILE-OTHER Orbit Downloader long URL buffer overflow attempt (more info ...) | attempted-user | 2009-0187 | |||
| 17229 | FILE-IDENTIFY Tiff little endian file magic detected (more info ...) | misc-activity | URL | |||
| 17230 | FILE-IDENTIFY Tiff big endian file magic detected (more info ...) | misc-activity | URL | |||
| 17259 | FILE-IDENTIFY MOV file download request (more info ...) | misc-activity | URL | |||
| 17305 | FILE-OTHER ClamAV libclamav PE file handling integer overflow attempt (more info ...) | attempted-user | 2008-0318 | |||
| 17314 | FILE-IDENTIFY OLE document file magic detected (more info ...) | misc-activity | ||||
| 17380 | FILE-IDENTIFY PNG file download request (more info ...) | misc-activity | ||||
| 17394 | FILE-IDENTIFY GIF file download request (more info ...) | misc-activity | ||||
| 17396 | SERVER-OTHER VNC client authentication response (more info ...) | protocol-command-decode | ||||
| 17397 | SERVER-OTHER VNCViewer Authenticate buffer overflow attempt (more info ...) | attempted-user | 2009-0388 | 33568 | ||
| 17441 | FILE-IDENTIFY LNK file download request (more info ...) | misc-activity | ||||
| 17445 | SERVER-OTHER Symantec Backup Exec System Recovery Manager unauthorized file upload attempt (more info ...) | misc-activity | 2008-0457 | URL | ||
| 17530 | SERVER-OTHER HP OpenView Storage Data Protector Stack Buffer Overflow (more info ...) | attempted-admin | 2007-2881 | |||
| 17536 | SERVER-WEBAPP generic server HTTP Auth Header buffer overflow attempt (more info ...) | attempted-user | 2009-0183 | 33554 | ||
| 17540 | FILE-IDENTIFY LZH file download request (more info ...) | misc-activity | ||||
| 17625 | SERVER-ORACLE Database Core RDBMS component denial of service attempt (more info ...) | attempted-dos | 2007-5530 | 26108 | ||
| 17632 | PROTOCOL-SNMP Castle Rock Computing SNMPc Network Manager community string attempted stack overflow (more info ...) | attempted-admin | 2008-2214 | 28990 | ||
| 17693 | SERVER-MAIL MailEnable NTLM Authentication buffer overflow attempt (more info ...) | attempted-admin | 2006-5176 | 20290 | URL | |
| 17697 | POLICY-SOCIAL GnuPG Message Packet Length overflow attempt (more info ...) | attempted-user | 2006-3746 | URL | ||
| 17723 | OS-WINDOWS possible SMB replay attempt - overlapping encryption keys detected (more info ...) | attempted-user | 2010-0231 | URL | ||
| 17732 | FILE-IDENTIFY TIFF file download request (more info ...) | misc-activity | URL | |||
| 17733 | FILE-IDENTIFY XML file download request (more info ...) | misc-activity | ||||
| 17751 | FILE-IDENTIFY OpenType Font file download request (more info ...) | misc-activity | ||||
| 18097 | BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (more info ...) | attempted-user | 2009-3732 | |||
| 18234 | FILE-IDENTIFY QuickDraw/PICT file download request (more info ...) | misc-activity | ||||
| 18248 | SERVER-OTHER Unisys Business Information Server stack buffer overflow attempt (more info ...) | attempted-admin | 2009-1628 | 35494 | ||
| 18327 | PROTOCOL-SCADA Kingview HMI heap overflow attempt (more info ...) | attempted-admin | 2011-0406 | 45727 | ||
| 18475 | SERVER-WEBAPP HP Openview OvWebHelp.exe buffer overflow (more info ...) | attempted-admin | 2009-4178 | 37340 | URL | |
| 18480 | SERVER-WEBAPP HP openview network node manager ovlogin.exe buffer overflow - userid parameter (more info ...) | attempted-admin | 2009-4176 | 37330 | URL | |
| 18587 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 267 buffer overflow attempt (more info ...) | attempted-admin | 2007-2280 | 37396 | URL | |
| 18648 | PROTOCOL-SCADA IGSS IGSSDataServer.exe file upload/download attempt (more info ...) | attempted-user | 2011-1567 | 46936 | ||
| 18651 | PROTOCOL-SCADA IGSS IGSSDataServer.exe report template overflow attempt (more info ...) | attempted-admin | 2011-1567 | 46936 | ||
| 18654 | PROTOCOL-SCADA IGSS IGSSDataServer.exe format string attempt (more info ...) | attempted-admin | 2011-1568 | 46936 | ||
| 18656 | PROTOCOL-SCADA IGSS IGSSDataServer.exe strep overflow attempt (more info ...) | attempted-admin | 2011-1567 | 46936 | ||
| 18659 | PROTOCOL-SCADA RealWin 2.1 SCPC_INITIALIZE overflow attempt (more info ...) | attempted-admin | 2010-4142 | 44150 | ||
| 18745 | SERVER-WEBAPP HP Power Manager formExportDataLogs buffer overflow attempt (more info ...) | attempted-user | 2009-3999 | 37866 | ||
| 18751 | SERVER-WEBAPP Samba SWAT HTTP Authentication overflow attempt (more info ...) | attempted-user | 2004-0600 | 10780 | ||
| 18754 | SERVER-OTHER HP Data Protector Backup Client Service code execution attempt (more info ...) | suspicious-filename-detect | 2011-0922 | |||
| 18795 | SERVER-WEBAPP HP OpenView Network Node Manager ovet_demandpoll.exe format string execution attempt (more info ...) | attempted-admin | 2010-1550 | 40065 | ||
| 18802 | SERVER-WEBAPP HP Power Manager formExportDataLogs directory traversal attempt (more info ...) | web-application-attack | 2009-4000 | 37866 | ||
| 18926 | PROTOCOL-SNMP Multiple vendors AgentX receive_agentx integer overflow attempt (more info ...) | attempted-admin | 2010-1319 | 39561 | ||
| 18930 | SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe Template format string code execution attempt (more info ...) | attempted-user | 2011-0270 | 45762 | ||
| 18999 | SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (more info ...) | attempted-admin | 2010-2703 | 41829 | ||
| 19104 | SERVER-OTHER HP OpenView Storage Data Protector Cell Manager heap overflow attempt (more info ...) | attempted-admin | 2007-2281 | 37386 | ||
| 19105 | SERVER-OTHER HP Data Protector Manager MMD service buffer overflow attempt (more info ...) | attempted-admin | 45128 | |||
| 19136 | SERVER-WEBAPP CA XOsoft Multiple Products entry_point.aspx buffer overflow attempt (more info ...) | attempted-user | 2010-1223 | 39238 | URL | |
| 19211 | FILE-IDENTIFY ZIP archive file download request (more info ...) | misc-activity | ||||
| 19289 | FILE-IDENTIFY MHTML file download request (more info ...) | misc-activity | URL | |||
| 19430 | FILE-IDENTIFY MIDI file download request (more info ...) | misc-activity | ||||
| 19649 | SERVER-OTHER HP Intelligent Management Center dbman buffer overflow attempt (more info ...) | attempted-admin | 2011-1850 | 47789 | ||
| 19747 | MALWARE-BACKDOOR Win.Trojan.GGDoor.22 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19812 | SERVER-OTHER CA Total Defense Suite UNCWS getDBConfigSettings credential information disclosure attempt (more info ...) | attempted-admin | 2011-0406 | 47356 | ||
| 19907 | FILE-IDENTIFY PICT file magic detected (more info ...) | misc-activity | ||||
| 19938 | SERVER-OTHER IBM Tivoli Directory Server ibmslapd.exe stack buffer overflow attempt (more info ...) | attempted-admin | 2011-1206 | URL | ||
| 19998 | PUA-ADWARE IP address disclosure to advertisement sites attempt (more info ...) | policy-violation | URL | |||
| 20052 | PROTOCOL-SCADA IntelliCom NetBiter config utility hostname overflow attempt (more info ...) | attempted-admin | 2009-4462 | 37325 | URL | |
| 20134 | SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (more info ...) | attempted-admin | 2011-1865 | 48486 | ||
| 20135 | SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (more info ...) | attempted-admin | 2011-1865 | 48486 | ||
| 20176 | PROTOCOL-SCADA DAQFactory NETB protcol stack overflow attempt (more info ...) | attempted-admin | 2011-3492 | URL | ||
| 20179 | SERVER-WEBAPP HP OpenView NNM ovlogin.exe userid parameter buffer overflow attempt (more info ...) | attempted-user | 2009-3846 | 37295 | URL | |
| 20180 | SERVER-WEBAPP HP OpenView NNM ovlogin.exe passwd parameter buffer overflow attempt (more info ...) | attempted-user | 2009-3846 | 37295 | URL | |
| 20214 | PROTOCOL-SCADA Measuresoft ScadaPro msvcrt.dll local command execution attempt (more info ...) | attempted-admin | 2011-3497 | |||
| 20450 | FILE-IDENTIFY MPEG video stream file magic detected (more info ...) | misc-activity | ||||
| 20451 | FILE-IDENTIFY MPEG sys stream file magic detected (more info ...) | misc-activity | ||||
| 20459 | FILE-IDENTIFY GIF file magic detected (more info ...) | misc-activity | ||||
| 20463 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20464 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20465 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20466 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20467 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20468 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20469 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 20471 | FILE-IDENTIFY RIFX file magic detected (more info ...) | misc-activity | ||||
| 20477 | FILE-IDENTIFY ELF file magic detected (more info ...) | misc-activity | ||||
| 20478 | FILE-IDENTIFY PNG file magic detected (more info ...) | misc-activity | ||||
| 20480 | FILE-IDENTIFY JPEG file magic detection (more info ...) | misc-activity | ||||
| 20483 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 20486 | FILE-IDENTIFY RTF file magic detected (more info ...) | misc-activity | ||||
| 20493 | FILE-IDENTIFY jarpack file magic detected (more info ...) | misc-activity | ||||
| 20494 | FILE-IDENTIFY PDF file magic detected (more info ...) | misc-activity | ||||
| 20500 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20501 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20502 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20503 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20532 | SERVER-WEBAPP HP OpenView Storage Data Protector get file buffer overflow attempt (more info ...) | attempted-user | 2011-1729 | |||
| 20611 | SERVER-OTHER BOOTP overflow (more info ...) | attempted-admin | 1999-0799 | |||
| 20621 | FILE-IDENTIFY JAR file download request (more info ...) | misc-activity | ||||
| 20761 | SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (more info ...) | attempted-admin | 2011-1865 | 48486 | ||
| 20812 | PROTOCOL-TELNET FreeBSD telnetd enc_keyid overflow attempt (more info ...) | attempted-admin | 2011-4862 | 51182 | URL | |
| 20813 | PROTOCOL-TELNET FreeBSD telnetd dec_keyid overflow attempt (more info ...) | attempted-admin | 2011-4862 | 51182 | URL | |
| 20839 | FILE-IDENTIFY eSignal .quo file download request (more info ...) | misc-activity | URL | |||
| 20840 | FILE-IDENTIFY eSignal .por file download request (more info ...) | misc-activity | URL | |||
| 20841 | FILE-IDENTIFY eSignal .sum file download request (more info ...) | misc-activity | URL | |||
| 20842 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 20843 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 20874 | SERVER-OTHER IBM Tivoli Storage Manager Express Backup initialization packet (more info ...) | protocol-command-decode | ||||
| 20897 | FILE-IDENTIFY MIDI file magic detected (more info ...) | misc-activity | ||||
| 20898 | FILE-IDENTIFY MIDI file attachment detected (more info ...) | misc-activity | ||||
| 20899 | FILE-IDENTIFY MIDI file attachment detected (more info ...) | misc-activity | ||||
| 20907 | FILE-IDENTIFY DXF file attachment detected (more info ...) | misc-activity | ||||
| 20908 | FILE-IDENTIFY DXF file attachment detected (more info ...) | misc-activity | ||||
| 20950 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20951 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20952 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20953 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20954 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20955 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20956 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20957 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20958 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20959 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 20961 | FILE-IDENTIFY TTE file download request (more info ...) | misc-activity | URL | |||
| 20962 | FILE-IDENTIFY OTF file download request (more info ...) | misc-activity | URL | |||
| 20963 | FILE-IDENTIFY DIB file download request (more info ...) | misc-activity | URL | |||
| 20965 | FILE-IDENTIFY JPEG file download request (more info ...) | misc-activity | URL | |||
| 20966 | FILE-IDENTIFY JPEG file download request (more info ...) | misc-activity | URL | |||
| 20967 | FILE-IDENTIFY JPEG file download request (more info ...) | misc-activity | URL | |||
| 20969 | FILE-IDENTIFY M4A file download request (more info ...) | misc-activity | URL | |||
| 20970 | FILE-IDENTIFY M4P file download request (more info ...) | misc-activity | URL | |||
| 20971 | FILE-IDENTIFY M4R file download request (more info ...) | misc-activity | URL | |||
| 20972 | FILE-IDENTIFY M4V file magic request (more info ...) | misc-activity | URL | |||
| 20973 | FILE-IDENTIFY M4B file download request (more info ...) | misc-activity | URL | |||
| 20974 | FILE-IDENTIFY 3GP file download request (more info ...) | misc-activity | URL | |||
| 20975 | FILE-IDENTIFY 3G2 file download request (more info ...) | misc-activity | URL | |||
| 20976 | FILE-IDENTIFY K3G file download request (more info ...) | misc-activity | URL | |||
| 20977 | FILE-IDENTIFY SKM file download request (more info ...) | misc-activity | URL | |||
| 20978 | FILE-IDENTIFY TTE file attachment detected (more info ...) | misc-activity | ||||
| 20979 | FILE-IDENTIFY TTE file attachment detected (more info ...) | misc-activity | ||||
| 20980 | FILE-IDENTIFY OTF file attachment detected (more info ...) | misc-activity | ||||
| 20981 | FILE-IDENTIFY OTF file attachment detected (more info ...) | misc-activity | ||||
| 20991 | FILE-IDENTIFY TTF file magic detected (more info ...) | misc-activity | ||||
| 21035 | FILE-IDENTIFY PDF file attachment detected (more info ...) | misc-activity | ||||
| 21036 | FILE-IDENTIFY PDF file attachment detected (more info ...) | misc-activity | ||||
| 21044 | EXPLOIT-KIT Blackhole exploit kit landing page (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21045 | EXPLOIT-KIT Blackhole exploit kit landing page (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21059 | FILE-IDENTIFY AVI Video file magic detected (more info ...) | misc-activity | ||||
| 21068 | EXPLOIT-KIT Eleanore exploit kit landing page (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 21069 | EXPLOIT-KIT Eleanore exploit kit exploit fetch request (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 21070 | EXPLOIT-KIT Eleanore exploit kit pdf exploit page request (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 21071 | EXPLOIT-KIT Eleanore exploit kit post-exploit page request (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 21096 | EXPLOIT-KIT Crimepack exploit kit control panel access (more info ...) | policy-violation | 2010-0806 | |||
| 21097 | EXPLOIT-KIT Crimepack exploit kit post-exploit download request (more info ...) | successful-user | 2010-0806 | |||
| 21098 | EXPLOIT-KIT Crimepack exploit kit landing page (more info ...) | attempted-user | 2010-0806 | |||
| 21099 | EXPLOIT-KIT Crimepack exploit kit malicious pdf request (more info ...) | attempted-user | 2010-0806 | |||
| 21104 | MALWARE-TOOLS slowhttptest DoS tool (more info ...) | attempted-dos | URL | |||
| 21108 | EXPLOIT-KIT unknown exploit kit obfuscated landing page (more info ...) | attempted-user | URL | |||
| 21109 | FILE-IDENTIFY MPEG video stream file download request (more info ...) | misc-activity | ||||
| 21110 | FILE-IDENTIFY MPEG video stream file attachment detected (more info ...) | misc-activity | ||||
| 21111 | FILE-IDENTIFY MPEG video stream file attachment detected (more info ...) | misc-activity | ||||
| 21141 | EXPLOIT-KIT Blackhole exploit kit control panel access (more info ...) | policy-violation | 2012-4681 | URL | ||
| 21234 | SERVER-WEBAPP MKCOL Webdav Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2010-0361 | 37874 | ||
| 21236 | SERVER-WEBAPP UNLOCK Webdav Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2010-0361 | 37874 | ||
| 21247 | SERVER-OTHER IBM Lotusnotes s_viewname buffer overflow attempt (more info ...) | web-application-attack | 2003-0178 | 6871 | ||
| 21259 | EXPLOIT-KIT Blackhole exploit kit response (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21282 | FILE-IDENTIFY XSL file download request (more info ...) | misc-activity | URL | |||
| 21283 | FILE-IDENTIFY XSL file attachment detected (more info ...) | misc-activity | URL | |||
| 21284 | FILE-IDENTIFY XSL file attachment detected (more info ...) | misc-activity | URL | |||
| 21285 | FILE-IDENTIFY XSLT file download request (more info ...) | misc-activity | URL | |||
| 21286 | FILE-IDENTIFY XSLT file attachment detected (more info ...) | misc-activity | URL | |||
| 21287 | FILE-IDENTIFY XSLT file attachment detected (more info ...) | misc-activity | URL | |||
| 21288 | FILE-IDENTIFY XML download detected (more info ...) | misc-activity | ||||
| 21343 | EXPLOIT-KIT Blackhole exploit kit pdf request (more info ...) | suspicious-filename-detect | 2012-4681 | URL | ||
| 21344 | EXPLOIT-KIT Blackhole exploit kit pdf download (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21345 | EXPLOIT-KIT Blackhole exploit kit malicious jar request (more info ...) | suspicious-filename-detect | 2012-4681 | URL | ||
| 21346 | EXPLOIT-KIT Blackhole exploit kit malicious jar download (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21349 | SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (more info ...) | attempted-admin | 2009-3844 | 37250 | ||
| 21350 | SERVER-OTHER HP OpenView Storage Data Protector stack overflow attempt (more info ...) | attempted-admin | 2009-3844 | 37250 | ||
| 21407 | SERVER-OTHER Symantic multiple products VRTSweb code execution (more info ...) | attempted-admin | 2009-3027 | 37012 | URL | |
| 21410 | FILE-IDENTIFY paq8o file download request (more info ...) | misc-activity | ||||
| 21411 | FILE-IDENTIFY paq8o file attachment detected (more info ...) | misc-activity | ||||
| 21412 | FILE-IDENTIFY paq8o file attachment detected (more info ...) | misc-activity | ||||
| 21429 | FILE-PDF Possible unknown malicious PDF (more info ...) | attempted-user | 2010-0188 | |||
| 21453 | FILE-PDF Possible unknown malicious PDF (more info ...) | attempted-user | 2010-0188 | |||
| 21480 | FILE-IDENTIFY XML file magic detected (more info ...) | misc-activity | ||||
| 21488 | APP-DETECT User-Agent known user agent - GetRight (more info ...) | trojan-activity | URL | |||
| 21492 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21498 | FILE-IDENTIFY XML file magic detected (more info ...) | misc-activity | ||||
| 21499 | FILE-IDENTIFY XML file attachment detected (more info ...) | misc-activity | ||||
| 21500 | FILE-IDENTIFY XML file attachment detected (more info ...) | misc-activity | ||||
| 21509 | EXPLOIT-KIT Sakura exploit kit rhino jar request (more info ...) | attempted-user | 2011-3544 | URL | ||
| 21510 | EXPLOIT-KIT Sakura exploit kit logo transfer (more info ...) | string-detect | URL | |||
| 21517 | SERVER-WEBAPP JBoss admin-console access (more info ...) | attempted-recon | 2013-2185 | URL | ||
| 21539 | EXPLOIT-KIT Blackhole exploit kit landing page with specific header (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21549 | EXPLOIT-KIT Blackhole exploit kit landing page with specific header (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21581 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - BBB (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21613 | FILE-IDENTIFY PNG file attachment detected (more info ...) | misc-activity | ||||
| 21614 | FILE-IDENTIFY PNG file attachment detected (more info ...) | misc-activity | ||||
| 21620 | FILE-IDENTIFY WAV file magic detected (more info ...) | misc-activity | ||||
| 21623 | FILE-IDENTIFY QUO file attachment detected (more info ...) | misc-activity | ||||
| 21624 | FILE-IDENTIFY QUO file attachment detected (more info ...) | misc-activity | ||||
| 21625 | FILE-IDENTIFY POR file attachment detected (more info ...) | misc-activity | ||||
| 21626 | FILE-IDENTIFY POR file attachment detected (more info ...) | misc-activity | ||||
| 21627 | FILE-IDENTIFY SUM file attachment detected (more info ...) | misc-activity | ||||
| 21628 | FILE-IDENTIFY SUM file attachment detected (more info ...) | misc-activity | ||||
| 21640 | EXPLOIT-KIT Phoenix exploit kit landing page (more info ...) | attempted-user | 2012-0779 | |||
| 21646 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21648 | FILE-IDENTIFY QuickDraw/PICT file attachment detected (more info ...) | misc-activity | ||||
| 21649 | FILE-IDENTIFY QuickDraw/PICT file attachment detected (more info ...) | misc-activity | ||||
| 21650 | FILE-IDENTIFY QuickDraw/PICT file download request (more info ...) | misc-activity | ||||
| 21651 | FILE-IDENTIFY QuickDraw/PICT file attachment detected (more info ...) | misc-activity | ||||
| 21652 | FILE-IDENTIFY QuickDraw/PICT file attachment detected (more info ...) | misc-activity | ||||
| 21657 | EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 21658 | EXPLOIT-KIT Blackhole exploit kit landing page (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 21661 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - catch (more info ...) | attempted-user | 2012-4681 | URL | ||
| 21678 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21679 | EXPLOIT-KIT Bleeding Life exploit kit module call attempt (more info ...) | attempted-user | URL | |||
| 21680 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21681 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21682 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21683 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21684 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21685 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21686 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 21709 | FILE-IDENTIFY AIFF file attachment detected (more info ...) | misc-activity | ||||
| 21710 | FILE-IDENTIFY AIFF file attachment detected (more info ...) | misc-activity | ||||
| 21711 | FILE-IDENTIFY PFA file download request (more info ...) | misc-activity | ||||
| 21712 | FILE-IDENTIFY PFA file magic detected (more info ...) | misc-activity | ||||
| 21713 | FILE-IDENTIFY PFA file attachment detected (more info ...) | misc-activity | ||||
| 21714 | FILE-IDENTIFY PFA file attachment detected (more info ...) | misc-activity | ||||
| 21715 | FILE-IDENTIFY PFB file download request (more info ...) | misc-activity | ||||
| 21716 | FILE-IDENTIFY PFB file attachment detected (more info ...) | misc-activity | ||||
| 21717 | FILE-IDENTIFY PFB file attachment detected (more info ...) | misc-activity | ||||
| 21718 | FILE-IDENTIFY PFM file download request (more info ...) | misc-activity | ||||
| 21719 | FILE-IDENTIFY PFM file attachment detected (more info ...) | misc-activity | ||||
| 21720 | FILE-IDENTIFY PFM file attachment detected (more info ...) | misc-activity | ||||
| 21721 | FILE-IDENTIFY AFM file download request (more info ...) | misc-activity | ||||
| 21722 | FILE-IDENTIFY AFM file attachment detected (more info ...) | misc-activity | ||||
| 21723 | FILE-IDENTIFY AFM file attachment detected (more info ...) | misc-activity | ||||
| 21728 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21729 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21730 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21731 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21732 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21733 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21734 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21735 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21736 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21737 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21738 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21739 | FILE-IDENTIFY JPG file attachment detected (more info ...) | misc-activity | ||||
| 21744 | FILE-IDENTIFY AVI file attachment detected (more info ...) | misc-activity | ||||
| 21745 | FILE-IDENTIFY AVI file attachment detected (more info ...) | misc-activity | ||||
| 21746 | FILE-IDENTIFY RTF file attachment detected (more info ...) | misc-activity | ||||
| 21747 | FILE-IDENTIFY RTF file attachment detected (more info ...) | misc-activity | ||||
| 21766 | FILE-IMAGE Apple QuickDraw PICT images ARGB records handling memory corruption attempt (more info ...) | attempted-user | 2007-0462 | 22207 | ||
| 21806 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | |||
| 21815 | FILE-IDENTIFY LZH file attachment detected (more info ...) | misc-activity | ||||
| 21816 | FILE-IDENTIFY LZH file attachment detected (more info ...) | misc-activity | ||||
| 21845 | MALWARE-OTHER TDS Sutra - redirect received (more info ...) | trojan-activity | URL | |||
| 21851 | MALWARE-OTHER TDS Sutra - redirect received (more info ...) | trojan-activity | URL | |||
| 21854 | FILE-IDENTIFY LNK file attachment detected (more info ...) | misc-activity | ||||
| 21855 | FILE-IDENTIFY LNK file attachment detected (more info ...) | misc-activity | ||||
| 21856 | FILE-IDENTIFY ZIP file attachment detected (more info ...) | misc-activity | ||||
| 21857 | FILE-IDENTIFY ZIP file attachment detected (more info ...) | misc-activity | ||||
| 21861 | FILE-IDENTIFY WRF file attachment detected (more info ...) | misc-activity | ||||
| 21862 | FILE-IDENTIFY WRF file attachment detected (more info ...) | misc-activity | ||||
| 21872 | FILE-IDENTIFY GIF file attachment detected (more info ...) | misc-activity | ||||
| 21873 | FILE-IDENTIFY GIF file attachment detected (more info ...) | misc-activity | ||||
| 21874 | EXPLOIT-KIT Possible exploit kit post compromise activity - StrReverse (more info ...) | successful-user | 2012-4681 | |||
| 21875 | EXPLOIT-KIT Possible exploit kit post compromise activity - taskkill (more info ...) | successful-user | 2012-4681 | |||
| 21876 | EXPLOIT-KIT Blackhole exploit landing page with specific structure - Loading (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 21886 | FILE-IDENTIFY OpenType Font file attachment detected (more info ...) | misc-activity | ||||
| 21887 | FILE-IDENTIFY OpenType Font file attachment detected (more info ...) | misc-activity | ||||
| 21894 | FILE-IDENTIFY SVG file attachment detected (more info ...) | misc-activity | ||||
| 21895 | FILE-IDENTIFY SVG file attachment detected (more info ...) | misc-activity | ||||
| 21908 | FILE-IDENTIFY Portable Executable file attachment detected (more info ...) | misc-activity | ||||
| 21909 | FILE-IDENTIFY Portable Executable file attachment detected (more info ...) | misc-activity | ||||
| 21938 | PROTOCOL-TELNET RuggedCom default backdoor login attempt (more info ...) | attempted-admin | 2012-1803 | URL | ||
| 21939 | PROTOCOL-TELNET RuggedCom telnet initial banner (more info ...) | misc-activity | ||||
| 21940 | FILE-IDENTIFY EMF file magic detected (more info ...) | misc-activity | ||||
| 21949 | MALWARE-OTHER nikjju script injection (more info ...) | misc-activity | URL | |||
| 21999 | FILE-IDENTIFY OpenType Font file magic detection (more info ...) | misc-activity | ||||
| 22004 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22005 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22006 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22007 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22008 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22009 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22010 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22011 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22012 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 22039 | EXPLOIT-KIT Blackhole suspected landing page (more info ...) | attempted-user | 2012-4681 | URL | ||
| 22040 | EXPLOIT-KIT Blackhole suspected landing page (more info ...) | attempted-user | 2012-4681 | URL | ||
| 22041 | EXPLOIT-KIT Blackhole landing redirection page (more info ...) | attempted-user | 2012-4681 | URL | ||
| 22061 | MALWARE-OTHER Alureon - Malicious IFRAME load attempt (more info ...) | trojan-activity | URL | |||
| 22095 | MALWARE-BACKDOOR Win.Backdoor.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22949 | EXPLOIT-KIT Blackhole redirection attempt (more info ...) | attempted-user | 2012-4681 | URL | ||
| 22952 | SERVER-OTHER Iron Mountain connected backup opcode 13 processing command injection attempt (more info ...) | misc-attack | 2011-2397 | 50884 | ||
| 22971 | FILE-IDENTIFY MPEG Layer 3 playlist file attachment detected (more info ...) | misc-activity | ||||
| 22972 | FILE-IDENTIFY m3u playlist file file attachment detected (more info ...) | misc-activity | ||||
| 22993 | FILE-IDENTIFY MP4 file attachment detected (more info ...) | misc-activity | ||||
| 22994 | FILE-IDENTIFY MP4 file attachment detected (more info ...) | misc-activity | ||||
| 22997 | FILE-IDENTIFY MHTML file attachment detected (more info ...) | misc-activity | ||||
| 22998 | FILE-IDENTIFY MHTML file attachment detected (more info ...) | misc-activity | ||||
| 23002 | FILE-IDENTIFY CSV file attachment detected (more info ...) | misc-activity | ||||
| 23003 | FILE-IDENTIFY CSV file attachment detected (more info ...) | misc-activity | ||||
| 23056 | SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (more info ...) | attempted-admin | 2012-2611 | 53424 | ||
| 23058 | MALWARE-OTHER NeoSploit Malvertising - URI Requested (more info ...) | trojan-activity | ||||
| 23141 | EXPLOIT-KIT Fake transaction redirect page to exploit kit (more info ...) | attempted-user | URL | |||
| 23147 | EXPLOIT-KIT Suspicious taskkill script - StrReverse (more info ...) | attempted-user | URL | |||
| 23148 | EXPLOIT-KIT Suspicious StrReverse - Shell (more info ...) | attempted-user | URL | |||
| 23149 | EXPLOIT-KIT Suspicious StrReverse - Scripting.FileSystemObject (more info ...) | attempted-user | URL | |||
| 23156 | EXPLOIT-KIT Nuclear Pack exploit kit landing page (more info ...) | bad-unknown | 2012-4681 | URL | ||
| 23157 | EXPLOIT-KIT Nuclear Pack exploit kit binary download (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 23158 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch (more info ...) | attempted-user | 2012-4681 | URL | ||
| 23159 | EXPLOIT-KIT Blackhole exploit kit landing page download attempt (more info ...) | attempted-user | 2012-4681 | URL | ||
| 23167 | FILE-IDENTIFY MPG video stream file download request (more info ...) | misc-activity | ||||
| 23168 | FILE-IDENTIFY MPG video stream file attachment detected (more info ...) | misc-activity | ||||
| 23169 | FILE-IDENTIFY MPG video stream file attachment detected (more info ...) | misc-activity | ||||
| 23180 | FILE-PDF obfuscated header in PDF attachment (more info ...) | misc-activity | URL | |||
| 23182 | SERVER-OTHER Joomla com_maqmahelpdesk task parameter local file inclusion attempt (more info ...) | attempted-user | ||||
| 23218 | EXPLOIT-KIT Redkit Repeated Exploit Request Pattern (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 23221 | EXPLOIT-KIT Redkit Jar File Naming Algorithm (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23222 | EXPLOIT-KIT Redkit exploit kit landing page Received - applet and 5 digit jar attempt (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23223 | EXPLOIT-KIT Redkit exploit kit landing page Received - applet and code (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23224 | EXPLOIT-KIT Redkit exploit kit landing page Requested - 8Digit.html (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23225 | EXPLOIT-KIT Redkit exploit kit landing page Received - applet and flowbit (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 23240 | SERVER-SAMBA Samba malicious user defined array size and buffer attempt (more info ...) | attempted-admin | 2012-1182 | URL | ||
| 23322 | FILE-IDENTIFY TAR file download request (more info ...) | misc-activity | ||||
| 23341 | MALWARE-BACKDOOR Win.Backdoor.Tinrot.A runtime detection (more info ...) | trojan-activity | URL | |||
| 23355 | SERVER-OTHER Trend Micro Control Manager AddTask stack buffer overflow attempt (more info ...) | attempted-user | 2011-5001 | |||
| 23486 | FILE-IDENTIFY JOB file download request (more info ...) | misc-activity | ||||
| 23487 | FILE-IDENTIFY JOB file attachment detected (more info ...) | misc-activity | ||||
| 23488 | FILE-IDENTIFY JOB file attachment detected (more info ...) | misc-activity | ||||
| 23520 | FILE-PDF Possible unknown malicious PDF (more info ...) | attempted-user | 2010-0188 | |||
| 23521 | FILE-PDF Possible unknown malicious PDF (more info ...) | attempted-user | 2010-0188 | |||
| 23577 | FILE-OTHER VLC mms hostname buffer overflow attempt (more info ...) | attempted-user | 2012-1775 | URL | ||
| 23618 | MALWARE-OTHER Malvertising redirection attempt (more info ...) | trojan-activity | URL | |||
| 23619 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - prototype catch broken (more info ...) | attempted-user | 2012-4681 | URL | ||
| 23620 | MALWARE-OTHER Malvertising network attempted redirect (more info ...) | trojan-activity | URL | |||
| 23622 | EXPLOIT-KIT Blackhole exploit kit landing page request - tkr (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 23624 | SERVER-OTHER Ubisoft Uplay browser plugin backdoor attempt (more info ...) | attempted-user | 2012-4177 | URL | ||
| 23632 | SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0124 | 52431 | ||
| 23639 | FILE-IDENTIFY MPEG video stream file magic detected (more info ...) | misc-activity | ||||
| 23640 | FILE-IDENTIFY MPEG sys stream file magic detected (more info ...) | misc-activity | ||||
| 23647 | FILE-IDENTIFY GIF file magic detected (more info ...) | misc-activity | ||||
| 23651 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23652 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23653 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23654 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23655 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23656 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23657 | FILE-IDENTIFY JAR/ZIP file magic detected (more info ...) | misc-activity | ||||
| 23658 | FILE-IDENTIFY RIFX file magic detected (more info ...) | misc-activity | ||||
| 23663 | FILE-IDENTIFY ELF file magic detected (more info ...) | misc-activity | ||||
| 23664 | FILE-IDENTIFY PNG file magic detected (more info ...) | misc-activity | ||||
| 23667 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 23670 | FILE-IDENTIFY RTF file magic detected (more info ...) | misc-activity | ||||
| 23677 | FILE-IDENTIFY jarpack file magic detected (more info ...) | misc-activity | ||||
| 23678 | FILE-IDENTIFY PDF file magic detected (more info ...) | misc-activity | ||||
| 23682 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23683 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23684 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23685 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23709 | FILE-IDENTIFY Tiff little endian file magic detected (more info ...) | misc-activity | URL | |||
| 23710 | FILE-IDENTIFY Tiff big endian file magic detected (more info ...) | misc-activity | URL | |||
| 23711 | FILE-IDENTIFY OLE Document file magic detected (more info ...) | misc-activity | ||||
| 23723 | FILE-IDENTIFY M3U file magic detected (more info ...) | misc-activity | URL | |||
| 23725 | FILE-IDENTIFY Portable Executable binary file magic detected (more info ...) | misc-activity | ||||
| 23729 | FILE-IDENTIFY PICT file magic detected (more info ...) | misc-activity | ||||
| 23735 | FILE-IDENTIFY MIDI file magic detected (more info ...) | misc-activity | ||||
| 23738 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23739 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23740 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23741 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23742 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23743 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23744 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23745 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23746 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23747 | FILE-IDENTIFY MOV file magic detected (more info ...) | misc-activity | ||||
| 23748 | FILE-IDENTIFY TTF file magic detected (more info ...) | misc-activity | ||||
| 23754 | FILE-IDENTIFY AVI Video file magic detected (more info ...) | misc-activity | ||||
| 23758 | FILE-IDENTIFY XML file magic detected (more info ...) | misc-activity | ||||
| 23759 | FILE-IDENTIFY XML file magic detected (more info ...) | misc-activity | ||||
| 23760 | FILE-IDENTIFY WAV file magic detected (more info ...) | misc-activity | ||||
| 23762 | FILE-IDENTIFY PFA file magic detected (more info ...) | misc-activity | ||||
| 23766 | FILE-IDENTIFY EMF file magic detected (more info ...) | misc-activity | ||||
| 23781 | EXPLOIT-KIT Blackhole exploit kit landing page (more info ...) | trojan-activity | 2012-4681 | |||
| 23785 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.floor catch (more info ...) | attempted-user | 2012-4681 | |||
| 23786 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - Math.round catch (more info ...) | attempted-user | 2012-4681 | |||
| 23797 | EXPLOIT-KIT Blackhole redirection page (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 23798 | MALWARE-OTHER Malvertising redirection page (more info ...) | trojan-activity | URL | |||
| 23805 | BROWSER-WEBKIT WebKit button column memory corruption attempt (more info ...) | attempted-user | 2012-1520 | 54680 | ||
| 23807 | FILE-IDENTIFY JPEG2000 file download request (more info ...) | misc-activity | ||||
| 23808 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23809 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23810 | FILE-IDENTIFY JPEG2000 file download request (more info ...) | misc-activity | ||||
| 23811 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23812 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23813 | FILE-IDENTIFY JPEG2000 file download request (more info ...) | misc-activity | ||||
| 23814 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23815 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23816 | FILE-IDENTIFY JPEG2000 file download request (more info ...) | misc-activity | ||||
| 23817 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23818 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23819 | FILE-IDENTIFY JPEG2000 file download request (more info ...) | misc-activity | ||||
| 23820 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23821 | FILE-IDENTIFY JPEG2000 file attachment detected (more info ...) | misc-activity | ||||
| 23822 | FILE-IDENTIFY JPEG2000 file magic detected (more info ...) | misc-activity | ||||
| 23823 | FILE-IDENTIFY JPEG2000 file magic detected (more info ...) | misc-activity | ||||
| 23833 | MALWARE-OTHER Malvertising redirection campaign - blackmuscat (more info ...) | trojan-activity | URL | |||
| 23848 | EXPLOIT-KIT Blackhole redirection attempt (more info ...) | attempted-user | 2012-4681 | URL | ||
| 23849 | EXPLOIT-KIT Blackhole redirection attempt (more info ...) | attempted-user | 2012-4681 | URL | ||
| 23850 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - hwehes (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 23962 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure - fewbgazr catch (more info ...) | attempted-user | 2012-4681 | |||
| 23964 | PROTOCOL-SCADA BroadWin WebAccess Client format string exploit attempt (more info ...) | attempted-user | 2012-0242 | URL | ||
| 23965 | PROTOCOL-SCADA BroadWin WebAccess Client arbitrary memory corruption attempt (more info ...) | attempted-user | 2012-0242 | URL | ||
| 23979 | SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0124 | 52431 | ||
| 23980 | SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0124 | 52431 | ||
| 23981 | SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0124 | 52431 | ||
| 23982 | SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0124 | 52431 | ||
| 23983 | SERVER-OTHER HP Data Protector Express stack buffer overflow attempt (more info ...) | attempted-admin | 2012-0124 | 52431 | ||
| 24053 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (more info ...) | attempted-user | 2012-4681 | |||
| 24054 | EXPLOIT-KIT Blackhole exploit kit landing page with specific structure (more info ...) | attempted-user | 2012-4681 | |||
| 24099 | MALWARE-OTHER Malvertising redirection attempt (more info ...) | trojan-activity | URL | |||
| 24115 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24116 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24117 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24118 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24119 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24120 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24121 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24122 | MALWARE-BACKDOOR Win.Backdoor.Demtranc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24143 | MALWARE-OTHER Dorifel/Quervar/XDocCrypt query for machine name KASPERSKY (more info ...) | trojan-activity | URL | |||
| 24144 | MALWARE-OTHER Dorifel/Quervar/XDocCrypt download (more info ...) | trojan-activity | URL | |||
| 24145 | MALWARE-OTHER Dorifel/Quervar/XDocCrypt sent over email (more info ...) | trojan-activity | URL | |||
| 24147 | SERVER-WEBAPP HP OpenView Network Node Manager nnmRptConfig.exe multiple parameters buffer overflow attempt (more info ...) | attempted-user | 2011-0269 | 45762 | ||
| 24199 | SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (more info ...) | attempted-user | 2012-2174 | 54070 | ||
| 24200 | SERVER-MAIL IBM Lotus Notes URI handler command execution attempt (more info ...) | attempted-user | 2012-2174 | 54070 | ||
| 24206 | FILE-IDENTIFY LZH archive file magic detected (more info ...) | misc-activity | 2011-1213 | 48018 | ||
| 24213 | FILE-IDENTIFY MP4 file magic detected (more info ...) | misc-activity | ||||
| 24221 | SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (more info ...) | attempted-user | 2011-0923 | 46234 | ||
| 24222 | SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (more info ...) | attempted-user | 2011-0923 | 46234 | ||
| 24223 | SERVER-OTHER HP Data Protector client EXEC_CMD command execution attempt (more info ...) | attempted-user | 2011-0923 | 46234 | ||
| 24225 | MALWARE-OTHER malicious redirection attempt (more info ...) | bad-unknown | URL | |||
| 24226 | EXPLOIT-KIT Blackholev2 exploit kit landing page received (more info ...) | trojan-activity | 2012-4681 | |||
| 24228 | EXPLOIT-KIT Blackholev2 exploit kit landing page Received (more info ...) | misc-activity | 2012-4681 | |||
| 24231 | EXPLOIT-KIT Crimeboss exploit kit redirection attempt (more info ...) | trojan-activity | 2012-4681 | |||
| 24232 | EXPLOIT-KIT Crimeboss exploit kit outbound connection (more info ...) | trojan-activity | 2012-4681 | |||
| 24233 | EXPLOIT-KIT Crimeboss exploit kit outbound connection (more info ...) | trojan-activity | 2012-4681 | |||
| 24234 | EXPLOIT-KIT Crimeboss exploit kit outbound connection (more info ...) | trojan-activity | 2012-4681 | |||
| 24257 | MALWARE-OTHER mygeeksmail.dll download (more info ...) | trojan-activity | URL | |||
| 24258 | MALWARE-OTHER mygeeksmail.dll download (more info ...) | trojan-activity | URL | |||
| 24261 | MALWARE-OTHER Lanman2.dll download (more info ...) | trojan-activity | URL | |||
| 24262 | MALWARE-OTHER Lanman2.dll download (more info ...) | trojan-activity | URL | |||
| 24265 | MALWARE-OTHER Malicious UA detected on non-standard port (more info ...) | trojan-activity | URL | |||
| 24311 | MALWARE-OTHER Win.Trojan.Downloader download (more info ...) | trojan-activity | URL | |||
| 24312 | MALWARE-OTHER Win.Trojan.Downloader inbound email (more info ...) | trojan-activity | URL | |||
| 24342 | SERVER-WEBAPP JBoss web console access attempt (more info ...) | attempted-recon | 2013-2185 | URL | ||
| 24343 | SERVER-WEBAPP JBoss JMXInvokerServlet access attempt (more info ...) | attempted-admin | 2013-2185 | URL | ||
| 24344 | EXPLOIT-KIT Unknown exploit kit redirection page (more info ...) | trojan-activity | URL | |||
| 24408 | MALWARE-OTHER Win.Trojan.Miniflame download attempt (more info ...) | trojan-activity | URL | |||
| 24409 | MALWARE-OTHER Win.Trojan.Miniflame download attempt (more info ...) | trojan-activity | URL | |||
| 24410 | MALWARE-OTHER Win.Trojan.Gauss download attempt (more info ...) | trojan-activity | URL | |||
| 24411 | MALWARE-OTHER Win.Trojan.Gauss download attempt (more info ...) | trojan-activity | URL | |||
| 24425 | PROTOCOL-SCADA Sinapsi command injection attempt (more info ...) | web-application-attack | URL | |||
| 24455 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 24456 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 24457 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 24458 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 24463 | FILE-IDENTIFY TIFF file attachment detected (more info ...) | misc-activity | ||||
| 24464 | FILE-IDENTIFY TIFF file attachment detected (more info ...) | misc-activity | ||||
| 24472 | FILE-IDENTIFY FLV file attachment detected (more info ...) | misc-activity | ||||
| 24473 | FILE-IDENTIFY FLV file attachment detected (more info ...) | misc-activity | ||||
| 24480 | PROTOCOL-SCADA WellinTech Kingview HMI history server buffer overflow attempt (more info ...) | attempted-admin | 2011-4536 | |||
| 24501 | EXPLOIT-KIT Blackholev2 exploit kit fallback executable download (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 24515 | MALWARE-OTHER Win.Trojan.Lucuis malware file download (more info ...) | trojan-activity | URL | |||
| 24516 | MALWARE-OTHER Win.Trojan.Lucuis malware file download (more info ...) | trojan-activity | URL | |||
| 24530 | MALWARE-BACKDOOR Win.Trojan.Ransomlock runtime detection (more info ...) | trojan-activity | URL | |||
| 24536 | SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (more info ...) | attempted-admin | 2012-3274 | 55271 | ||
| 24537 | SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (more info ...) | attempted-admin | 2012-3274 | 55271 | ||
| 24538 | SERVER-OTHER HP Intelligent Management Center uam.exe stack buffer overflow attempt (more info ...) | attempted-admin | 2012-3274 | 55271 | ||
| 24543 | EXPLOIT-KIT Blackhole admin page inbound access attempt (more info ...) | misc-activity | 2012-4681 | |||
| 24544 | EXPLOIT-KIT Blackhole admin page outbound access attempt (more info ...) | misc-activity | 2012-4681 | |||
| 24546 | EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 24547 | EXPLOIT-KIT Blackhole exploit kit landing page download attempt (more info ...) | trojan-activity | 2012-4681 | |||
| 24548 | EXPLOIT-KIT Blackhole exploit kit landing page download attempt (more info ...) | trojan-activity | 2012-4681 | |||
| 24589 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24590 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24591 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24592 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24593 | EXPLOIT-KIT Blackholev2 exploit kit landing page received - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 24594 | MALWARE-OTHER Win.Trojan.MiniFlame C&C command response attempt (more info ...) | trojan-activity | URL | |||
| 24600 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24601 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24602 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24603 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24604 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24605 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24606 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24607 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24608 | EXPLOIT-KIT Blackholev2 exploit kit landing page download attempt (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 24609 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24610 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24611 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24612 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24613 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24614 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24615 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24616 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24617 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24618 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24619 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24620 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24621 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24622 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 24636 | EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 24637 | EXPLOIT-KIT Blackholev2 exploit kit redirection page - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 24638 | EXPLOIT-KIT Blackholev2 exploit kit redirection successful (more info ...) | trojan-activity | 2012-4681 | |||
| 24647 | SERVER-WEBAPP D-Link Wireless Router CAPTCHA data processing buffer overflow attempt (more info ...) | attempted-admin | 56330 | |||
| 24727 | MALWARE-OTHER HTML.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 24785 | EXPLOIT-KIT CritX exploit kit possible redirection attempt (more info ...) | trojan-activity | URL | |||
| 24788 | EXPLOIT-KIT CritX exploit kit PDF Exploit request structure (more info ...) | trojan-activity | URL | |||
| 24789 | EXPLOIT-KIT CritX exploit kit PDF Exploit download attempt (more info ...) | trojan-activity | URL | |||
| 24790 | EXPLOIT-KIT CritX exploit kit Portable Executable request (more info ...) | trojan-activity | URL | |||
| 24791 | EXPLOIT-KIT CritX exploit kit Portable Executable download (more info ...) | trojan-activity | URL | |||
| 24794 | EXPLOIT-KIT Multiple exploit kit Class download attempt (more info ...) | trojan-activity | ||||
| 24795 | EXPLOIT-KIT Multiple exploit kit Class download attempt (more info ...) | trojan-activity | ||||
| 24796 | EXPLOIT-KIT Multiple exploit kit Class download attempt (more info ...) | trojan-activity | ||||
| 24797 | EXPLOIT-KIT Multiple exploit kit Class download attempt (more info ...) | trojan-activity | ||||
| 24799 | MALWARE-OTHER OSX.Trojan.Imuler suspicious download (more info ...) | trojan-activity | URL | |||
| 24800 | MALWARE-OTHER OSX.Trojan.Imuler suspicious download (more info ...) | trojan-activity | URL | |||
| 24802 | SERVER-OTHER HP Database Archiving Software GIOP parsing buffer overflow attempt (more info ...) | attempted-user | 2011-4164 | |||
| 24816 | FILE-IDENTIFY MP4 file magic detected (more info ...) | misc-activity | ||||
| 24817 | FILE-IDENTIFY MP4 file magic detected (more info ...) | misc-activity | ||||
| 24820 | FILE-IDENTIFY Computer Graphics Metafile file download request (more info ...) | misc-activity | ||||
| 24821 | FILE-IDENTIFY Computer Graphics Metafile file attachment detected (more info ...) | misc-activity | ||||
| 24822 | FILE-IDENTIFY Computer Graphics Metafile file attachment detected (more info ...) | misc-activity | ||||
| 24839 | EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 24840 | EXPLOIT-KIT Sweet Orange exploit kit landing page - JAR redirection (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 24841 | EXPLOIT-KIT Sibhost exploit kit outbound JAR download attempt (more info ...) | trojan-activity | 2013-1493 | |||
| 24860 | EXPLOIT-KIT Blackholev2 exploit kit landing page - specific-structure (more info ...) | trojan-activity | 2013-0431 | |||
| 24861 | EXPLOIT-KIT Blackholev2 exploit kit landing page in an email (more info ...) | trojan-activity | 2013-0431 | |||
| 24862 | EXPLOIT-KIT Blackholev2 exploit kit landing page - specific-structure (more info ...) | trojan-activity | 2013-0431 | |||
| 24863 | EXPLOIT-KIT Blackholev2 exploit kit landing page in an email (more info ...) | trojan-activity | 2013-0431 | |||
| 24864 | EXPLOIT-KIT Blackholev2 exploit kit landing page - specific-structure (more info ...) | trojan-activity | 2013-0431 | |||
| 24865 | EXPLOIT-KIT Blackholev2 exploit kit landing page in an email (more info ...) | trojan-activity | 2013-0431 | |||
| 24883 | MALWARE-OTHER Compromised website response - leads to Exploit Kit (more info ...) | misc-activity | URL | |||
| 24884 | MALWARE-OTHER Compromised website response - leads to Exploit Kit (more info ...) | misc-activity | URL | |||
| 24888 | EXPLOIT-KIT Nuclear exploit kit landing page detected (more info ...) | trojan-activity | 2012-4681 | |||
| 24898 | SERVER-OTHER ABB Multiple Product RobNetScanHost.exe buffer overflow attempt (more info ...) | attempted-admin | 2012-0245 | URL | ||
| 24899 | MALWARE-OTHER Compromised Website response - leads to Exploit Kit (more info ...) | misc-activity | URL | |||
| 24900 | MALWARE-OTHER HTML.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 24901 | FILE-IDENTIFY JNLP file download request (more info ...) | misc-activity | ||||
| 24902 | FILE-IDENTIFY JNLP file attachment detected (more info ...) | misc-activity | ||||
| 24903 | FILE-IDENTIFY JNLP file attachment detected (more info ...) | misc-activity | ||||
| 24907 | SERVER-ORACLE Oracle Secure Backup exec_qr command injection attempt (more info ...) | attempted-user | 2008-5448 | |||
| 24913 | SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (more info ...) | attempted-user | 2010-1961 | 40638 | ||
| 24914 | SERVER-WEBAPP HP OpenView NNM ovutil.dll getProxiedStorageAddress buffer overflow attempt (more info ...) | attempted-user | 2010-1961 | 40638 | ||
| 24977 | EXPLOIT-KIT ProPack exploit kit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 24978 | EXPLOIT-KIT ProPack exploit kit outbound payload request (more info ...) | trojan-activity | URL | |||
| 24979 | EXPLOIT-KIT ProPack exploit kit outbound connection (more info ...) | trojan-activity | URL | |||
| 25001 | MALWARE-OTHER Win.Trojan.Narilam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25002 | MALWARE-OTHER Win.Trojan.Narilam variant inbound attachemtn (more info ...) | trojan-activity | URL | |||
| 25003 | SERVER-OTHER HP Archive Query Server stack overflow attempt (more info ...) | attempted-admin | 2011-4163 | |||
| 25015 | MALWARE-BACKDOOR Arucer backdoor traffic - NOP command attempt (more info ...) | trojan-activity | 2010-0103 | URL | ||
| 25018 | MALWARE-OTHER connection to malware sinkhole (more info ...) | trojan-activity | URL | |||
| 25031 | MALWARE-OTHER Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25043 | EXPLOIT-KIT Blackholev2 exploit kit url structure detected (more info ...) | trojan-activity | 2012-4681 | |||
| 25044 | EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25048 | EXPLOIT-KIT CritX exploit kit PDF Library exploit download (more info ...) | trojan-activity | URL | |||
| 25051 | EXPLOIT-KIT Redkit exploit kit landing page redirection (more info ...) | trojan-activity | 2012-4681 | |||
| 25053 | EXPLOIT-KIT Redkit outbound class retrieval (more info ...) | trojan-activity | 2012-4681 | |||
| 25059 | SERVER-OTHER SAP Business One License Manager buffer overflow attempt (more info ...) | attempted-admin | 2009-4988 | 35933 | ||
| 25084 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25085 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25086 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25087 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25088 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25089 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25090 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25091 | MALWARE-OTHER Win.Exploit.Hacktool suspicious file download (more info ...) | trojan-activity | URL | |||
| 25092 | MALWARE-OTHER Win.Exploit.Hacktool variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25094 | MALWARE-OTHER PERL.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 25095 | MALWARE-OTHER HTML.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 25136 | EXPLOIT-KIT Styx exploit kit plugin detection connection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25137 | EXPLOIT-KIT Styx exploit kit jar outbound connection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25138 | EXPLOIT-KIT Styx exploit kit pdf outbound connection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25139 | EXPLOIT-KIT Styx exploit kit eot outbound connection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25140 | EXPLOIT-KIT Styx exploit kit portable executable download request (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25255 | EXPLOIT-KIT Redkit exploit kit redirection attempt (more info ...) | trojan-activity | 2013-2423 | |||
| 25270 | FILE-OTHER overly large XML file MSXML heap overflow attempt (more info ...) | attempted-user | 2013-0006 | URL | ||
| 25275 | FILE-OTHER MSXML dynamic pointer casting arbitrary code execution attempt (more info ...) | attempted-user | 2013-0007 | URL | ||
| 25277 | MALWARE-OTHER Request for a non-legit postal receipt (more info ...) | misc-activity | URL | |||
| 25278 | MALWARE-BACKDOOR possible Htran setup command - listen (more info ...) | trojan-activity | URL | |||
| 25279 | MALWARE-BACKDOOR possible Htran setup command - slave (more info ...) | trojan-activity | URL | |||
| 25280 | MALWARE-BACKDOOR possible Htran setup command - tran (more info ...) | trojan-activity | URL | |||
| 25281 | MALWARE-BACKDOOR Htran banner (more info ...) | trojan-activity | URL | |||
| 25282 | MALWARE-BACKDOOR possible Htran setup command - listen (more info ...) | trojan-activity | URL | |||
| 25283 | MALWARE-BACKDOOR possible Htran setup command - slave (more info ...) | trojan-activity | URL | |||
| 25284 | MALWARE-BACKDOOR possible Htran setup command - tran (more info ...) | trojan-activity | URL | |||
| 25302 | EXPLOIT-KIT Multiple exploit kit malicious jar archive download (more info ...) | attempted-user | 2013-0422 | 57246 | URL | |
| 25318 | SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (more info ...) | attempted-admin | 2011-4051 | 50675 | ||
| 25319 | SERVER-WEBAPP InduSoft Web Studio arbitrary file upload attempt (more info ...) | attempted-admin | 2011-4051 | 50675 | ||
| 25347 | FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (more info ...) | attempted-user | 2012-0247 | |||
| 25348 | FILE-IMAGE ImageMagick EXIF resolutionunit handling memory corruption attempt (more info ...) | attempted-user | 2012-0247 | |||
| 25383 | EXPLOIT-KIT Multiple exploit kit Payload detection - info.exe (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25384 | EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.exe (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25385 | EXPLOIT-KIT Multiple exploit kit Payload detection - calc.exe (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25386 | EXPLOIT-KIT Multiple exploit kit Payload detection - about.exe (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25387 | EXPLOIT-KIT Multiple exploit kit Payload detection - readme.exe (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25388 | EXPLOIT-KIT Blackholev2 exploit kit redirection successful (more info ...) | trojan-activity | 2012-4681 | |||
| 25389 | EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 25390 | EXPLOIT-KIT Sweet Orange exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 25391 | EXPLOIT-KIT Sweet Orange exploit kit obfuscated payload download (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 25451 | INDICATOR-OBFUSCATION GIF header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25452 | INDICATOR-OBFUSCATION PNG header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25453 | INDICATOR-OBFUSCATION JPEG header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25454 | INDICATOR-OBFUSCATION DOC header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25455 | INDICATOR-OBFUSCATION GIF header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25456 | INDICATOR-OBFUSCATION PNG header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25457 | INDICATOR-OBFUSCATION JPEG header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25458 | INDICATOR-OBFUSCATION DOC header followed by PDF header (more info ...) | misc-activity | 2013-0624 | URL | ||
| 25460 | FILE-PDF Multiple products incomplete JP2K image geometry potentially malicious PDF detected (more info ...) | misc-activity | 2016-3319 | URL | ||
| 25461 | FILE-PDF OpenType parsing buffer overflow attempt (more info ...) | attempted-user | 2013-0604 | |||
| 25462 | FILE-PDF OpenType parsing buffer overflow attempt (more info ...) | attempted-user | 2013-0604 | |||
| 25463 | FILE-PDF OpenType parsing buffer overflow attempt (more info ...) | attempted-user | 2013-0604 | |||
| 25464 | FILE-PDF OpenType parsing buffer overflow attempt (more info ...) | attempted-user | 2013-0604 | |||
| 25513 | FILE-IDENTIFY Portable Executable download detected (more info ...) | misc-activity | ||||
| 25514 | FILE-IDENTIFY Portable Executable download detected (more info ...) | misc-activity | ||||
| 25515 | FILE-IDENTIFY Portable Executable binary file magic detected (more info ...) | misc-activity | ||||
| 25534 | SERVER-WEBAPP Sonicwall Global Management System authentication bypass attempt (more info ...) | attempted-admin | 2013-1359 | 57445 | ||
| 25538 | EXPLOIT-KIT Red Dot landing page (more info ...) | trojan-activity | 2013-0422 | URL | ||
| 25540 | EXPLOIT-KIT Red Dot executable retrieval attempt (more info ...) | trojan-activity | 2013-0422 | URL | ||
| 25558 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit redirection (more info ...) | trojan-activity | ||||
| 25559 | EXPLOIT-KIT JDB exploit kit landing page retrieval (more info ...) | trojan-activity | URL | |||
| 25560 | EXPLOIT-KIT JDB exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 25561 | EXPLOIT-KIT JDB exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 25568 | EXPLOIT-KIT Blackhole exploit kit landing page retrieval (more info ...) | trojan-activity | 2012-4681 | |||
| 25569 | EXPLOIT-KIT Blackholev2 exploit kit landing page (more info ...) | trojan-activity | 2012-4681 | |||
| 25578 | MALWARE-OTHER Fake postal receipt HTTP Response phishing attack (more info ...) | trojan-activity | URL | |||
| 25579 | MALWARE-OTHER Fake bookinginfo HTTP Response phishing attack (more info ...) | trojan-activity | URL | |||
| 25580 | MALWARE-OTHER Fake bookingdetails HTTP Response phishing attack (more info ...) | trojan-activity | URL | |||
| 25581 | SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (more info ...) | attempted-admin | 2013-0928 | 57472 | ||
| 25582 | SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (more info ...) | attempted-admin | 2013-0928 | 57472 | ||
| 25583 | SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (more info ...) | attempted-admin | 2013-0928 | 57472 | ||
| 25584 | SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (more info ...) | attempted-admin | 2013-0928 | 57472 | ||
| 25585 | SERVER-OTHER EMC AlphaStor Device Manager command injection attempt (more info ...) | attempted-admin | 2013-0928 | 57472 | ||
| 25589 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5962 | |||
| 25590 | EXPLOIT-KIT Blackholev2 exploit kit landing page - specific structure (more info ...) | trojan-activity | 2013-0431 | |||
| 25591 | EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (more info ...) | trojan-activity | 2013-0431 | |||
| 25592 | INDICATOR-OBFUSCATION obfuscated document command - used in IFRAMEr tool injection (more info ...) | trojan-activity | URL | |||
| 25601 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5961 | |||
| 25611 | EXPLOIT-KIT Blackholev2 exploit kit redirection successful (more info ...) | trojan-activity | 2012-4681 | |||
| 25612 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5960 | |||
| 25617 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5965 | |||
| 25618 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5964 | |||
| 25619 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5963 | |||
| 25620 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5959 | |||
| 25654 | SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (more info ...) | attempted-admin | 2011-1866 | 48488 | ||
| 25655 | SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (more info ...) | attempted-admin | 2011-1866 | 48488 | ||
| 25656 | SERVER-OTHER HP OpenView Storage Data Protector exec_cmd buffer overflow attempt (more info ...) | attempted-admin | 2011-1866 | 48488 | ||
| 25780 | SERVER-OTHER MiniUPnPd ExecuteSoapAction buffer overflow attempt (more info ...) | attempted-admin | 2013-1462 | |||
| 25798 | EXPLOIT-KIT Multiple exploit kit 32-alpha jar request (more info ...) | trojan-activity | 2012-4681 | |||
| 25801 | EXPLOIT-KIT Stamp exploit kit jar file request (more info ...) | trojan-activity | 2013-0431 | URL | ||
| 25803 | EXPLOIT-KIT Multiple exploit kit jar file dropped (more info ...) | trojan-activity | URL | |||
| 25804 | EXPLOIT-KIT Whitehole exploit kit malicious jar download attempt (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25806 | EXPLOIT-KIT Whitehole exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 25808 | EXPLOIT-KIT Fiesta exploit kit landing page detection - specific-structure (more info ...) | trojan-activity | 2012-4681 | |||
| 25821 | EXPLOIT-KIT CritX exploit kit possible plugin detection attempt (more info ...) | trojan-activity | URL | |||
| 25822 | EXPLOIT-KIT CritX exploit kit malicious PDF retrieval (more info ...) | trojan-activity | URL | |||
| 25824 | EXPLOIT-KIT CritX exploit kit malicious payload retrieval (more info ...) | trojan-activity | URL | |||
| 25849 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 25851 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 25852 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 25869 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25870 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25871 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25872 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25873 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25874 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25875 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25876 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25877 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25878 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25879 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25880 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25881 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25882 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25883 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25884 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25885 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25886 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25887 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25888 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25889 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25890 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25891 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25892 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25893 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25894 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25895 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25896 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25897 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25898 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25899 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25900 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25901 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25902 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25903 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25904 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25905 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25906 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25908 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25909 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25910 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25911 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25912 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25913 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25914 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25915 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25916 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25917 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25918 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25919 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25920 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25921 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25922 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25923 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25924 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25925 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25926 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25927 | MALWARE-TOOLS Dirt Jumper toolkit variant http flood attempt (more info ...) | attempted-dos | URL | |||
| 25948 | EXPLOIT-KIT redirection to driveby download (more info ...) | trojan-activity | ||||
| 25972 | EXPLOIT-KIT Redkit exploit kit three number PDF Request (more info ...) | trojan-activity | 2012-4681 | |||
| 25981 | APP-DETECT Chocoplayer successful installation (more info ...) | misc-activity | URL | |||
| 25988 | EXPLOIT-KIT Redkit exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 25989 | EXPLOIT-KIT Redkit exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 26013 | EXPLOIT-KIT Gong Da exploit kit redirection page received (more info ...) | trojan-activity | 2013-1493 | |||
| 26020 | EXPLOIT-KIT Sibhost exploit kit (more info ...) | trojan-activity | URL | |||
| 26030 | FILE-OTHER Known malicious jar archive download attempt (more info ...) | attempted-admin | 2013-1493 | 58238 | ||
| 26031 | EXPLOIT-KIT Blackholev2 exploit kit landing page (more info ...) | trojan-activity | 2013-0431 | |||
| 26033 | EXPLOIT-KIT Blackholev2 exploit kit iframe redirection attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 26034 | EXPLOIT-KIT Crimeboss exploit kit - stats access (more info ...) | trojan-activity | URL | |||
| 26040 | EXPLOIT-KIT Crimeboss exploit kit - Portable Executable download attempt (more info ...) | trojan-activity | URL | |||
| 26041 | EXPLOIT-KIT Crimeboss exploit kit - Portable Executable download attempt (more info ...) | trojan-activity | URL | |||
| 26042 | EXPLOIT-KIT Crimeboss exploit kit - stats loaded (more info ...) | trojan-activity | URL | |||
| 26043 | EXPLOIT-KIT Crimeboss exploit kit - Portable Executable download attempt (more info ...) | trojan-activity | URL | |||
| 26044 | EXPLOIT-KIT Crimeboss exploit kit - redirection attempt (more info ...) | trojan-activity | URL | |||
| 26045 | EXPLOIT-KIT Crimeboss exploit kit - setup (more info ...) | trojan-activity | URL | |||
| 26057 | FILE-IDENTIFY ZIP file download detected (more info ...) | misc-activity | ||||
| 26058 | FILE-IDENTIFY ZIP file attachment detected (more info ...) | misc-activity | ||||
| 26070 | FILE-EXECUTABLE Ichitaro JSMISC32.dll dll-load exploit attempt (more info ...) | attempted-user | 2013-0707 | URL | ||
| 26071 | FILE-EXECUTABLE Ichitaro JSMISC32.dll dll-load exploit attempt (more info ...) | attempted-user | 2013-0707 | URL | ||
| 26090 | EXPLOIT-KIT Styx exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26092 | INDICATOR-OBFUSCATION fromCharCode seen in exploit kit landing pages (more info ...) | trojan-activity | URL | |||
| 26093 | MALWARE-OTHER Compromised website response - leads to Exploit Kit (more info ...) | misc-activity | ||||
| 26094 | EXPLOIT-KIT Sweet Orange exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 26095 | EXPLOIT-KIT Neutrino exploit kit landing page (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 26096 | EXPLOIT-KIT Neutrino exploit kit landing page (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 26099 | EXPLOIT-KIT Neutrino exploit kit redirection page (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 26100 | EXPLOIT-KIT Neutrino exploit kit redirection page (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 26101 | INDICATOR-OBFUSCATION String.fromCharCode concatenation (more info ...) | trojan-activity | URL | |||
| 26103 | SERVER-OTHER HP LeftHand Virtual SAN hydra ping request buffer overflow attempt (more info ...) | attempted-admin | 2012-3285 | URL | ||
| 26105 | SERVER-OTHER BigAnt IM Server buffer overflow attempt (more info ...) | attempted-admin | 2012-6275 | 57214 | ||
| 26226 | EXPLOIT-KIT Crimeboss exploit kit redirection attempt (more info ...) | trojan-activity | 2012-4681 | |||
| 26227 | EXPLOIT-KIT Blackhole exploit kit landing page retrieval (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 26230 | SERVER-WEBAPP Alcatel-Lucent OmniPCX arbitrary command execution attempt (more info ...) | attempted-admin | 2007-3010 | 25694 | ||
| 26232 | EXPLOIT-KIT Sweet Orange exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 26233 | EXPLOIT-KIT Sweet Orange exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 26251 | FILE-IDENTIFY JPEG file magic detected (more info ...) | misc-activity | ||||
| 26252 | EXPLOIT-KIT Impact exploit kit landing page (more info ...) | trojan-activity | 2013-0422 | |||
| 26253 | EXPLOIT-KIT Blackhole exploit kit landing page (more info ...) | trojan-activity | 2012-4681 | |||
| 26261 | MALWARE-OTHER Fake postal receipt HTTP Response phishing attack (more info ...) | trojan-activity | URL | |||
| 26287 | APP-DETECT Absolute Software Computrace outbound connection - search.namequery.com (more info ...) | misc-activity | URL | |||
| 26293 | EXPLOIT-KIT Sakura exploit kit exploit request (more info ...) | trojan-activity | ||||
| 26294 | FILE-OTHER Watering Hole Campaign applet download (more info ...) | trojan-activity | 2013-0422 | |||
| 26295 | FILE-OTHER Watering Hole Campaign applet download (more info ...) | trojan-activity | 2011-3544 | |||
| 26296 | EXPLOIT-KIT Styx exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 26297 | EXPLOIT-KIT Styx exploit kit redirection page (more info ...) | trojan-activity | 2013-2423 | |||
| 26323 | EXPLOIT-KIT CritX exploit kit redirection page (more info ...) | trojan-activity | URL | |||
| 26326 | MALWARE-BACKDOOR DarkSeoul related wiper (more info ...) | trojan-activity | URL | |||
| 26328 | MALWARE-BACKDOOR Windows vernot download (more info ...) | trojan-activity | URL | |||
| 26332 | MALWARE-BACKDOOR Jokra dropper download (more info ...) | trojan-activity | URL | |||
| 26333 | SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (more info ...) | attempted-admin | 2012-3283 | URL | ||
| 26334 | SERVER-OTHER HP LeftHand Virtual SAN hydra diag request buffer overflow attempt (more info ...) | attempted-admin | 2012-3283 | URL | ||
| 26337 | EXPLOIT-KIT Blackhole exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 26338 | EXPLOIT-KIT IFRAMEr injection detection - leads to exploit kit (more info ...) | trojan-activity | 2012-4681 | |||
| 26341 | EXPLOIT-KIT Nuclear exploit kit landing page (more info ...) | trojan-activity | 2012-4681 | |||
| 26342 | EXPLOIT-KIT Nuclear exploit kit landing page - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 26343 | EXPLOIT-KIT Nuclear exploit kit landing page (more info ...) | trojan-activity | 2012-4681 | |||
| 26344 | EXPLOIT-KIT Redkit exploit kit landing page redirection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26345 | EXPLOIT-KIT Redkit exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26346 | EXPLOIT-KIT Redkit exploit kit payload requested (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26349 | EXPLOIT-KIT Redkit exploit kit obfuscated portable executable (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26350 | EXPLOIT-KIT TDS redirection - may lead to exploit kit (more info ...) | trojan-activity | 2013-2423 | |||
| 26351 | EXPLOIT-KIT Redkit exploit kit landing page redirection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26352 | INDICATOR-OBFUSCATION obfuscated portable executable - seen in exploit kits (more info ...) | trojan-activity | URL | |||
| 26366 | EXPLOIT-KIT Egypack exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 26367 | EXPLOIT-KIT Egypack exploit kit outbound connection (more info ...) | trojan-activity | URL | |||
| 26368 | EXPLOIT-KIT Egypack exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 26380 | MALWARE-OTHER UTF-8 BOM in zip file attachment detected (more info ...) | trojan-activity | ||||
| 26381 | MALWARE-OTHER UTF-8 BOM in zip file attachment detected (more info ...) | trojan-activity | ||||
| 26382 | MALWARE-OTHER UTF-8 BOM in zip file attachment detected (more info ...) | trojan-activity | ||||
| 26383 | EXPLOIT-KIT Redkit exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26384 | EXPLOIT-KIT Redkit exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26392 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 26394 | SERVER-OTHER Bopup Communications server buffer overflow attempt (more info ...) | attempted-user | 2009-2227 | 43836 | ||
| 26414 | PROTOCOL-SCADA CODESYS Gateway-Server executable file upload attempt (more info ...) | attempted-admin | 2012-4705 | 58032 | URL | |
| 26415 | PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (more info ...) | attempted-admin | 2012-4705 | 58032 | URL | |
| 26416 | SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (more info ...) | attempted-admin | 2012-5201 | 58385 | URL | |
| 26417 | SERVER-WEBAPP HP Intelligent Management Center mibFileUpload servlet arbitrary file upload attempt (more info ...) | attempted-admin | 2012-5201 | 58385 | URL | |
| 26421 | BROWSER-PLUGINS Metalink file download parameter buffer overflow attempt (more info ...) | attempted-user | 2008-1602 | |||
| 26422 | FILE-IDENTIFY Metalink File file attachment detected (more info ...) | misc-activity | ||||
| 26423 | FILE-IDENTIFY Metalink File file attachment detected (more info ...) | misc-activity | ||||
| 26424 | FILE-IDENTIFY Metalink File file download request (more info ...) | misc-activity | ||||
| 26434 | EXPLOIT-KIT Blackholev2 exploit kit jar file downloaded (more info ...) | trojan-activity | 2012-4681 | |||
| 26458 | FILE-IDENTIFY Stream redirector file download request (more info ...) | misc-activity | URL | |||
| 26470 | MALWARE-OTHER Win.Trojan.Zeus Spam 2013 dated zip/exe HTTP Response - potential malware download (more info ...) | trojan-activity | URL | |||
| 26488 | PROTOCOL-SCADA CODESYS Gateway-Server directory traversal attempt (more info ...) | attempted-admin | 2012-4705 | 58032 | URL | |
| 26495 | FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (more info ...) | attempted-admin | 2012-4711 | |||
| 26496 | FILE-OTHER WellinTech KingView KingMessage log file parsing buffer overflow attempt (more info ...) | attempted-admin | 2012-4711 | |||
| 26502 | PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (more info ...) | attempted-admin | 2012-4708 | |||
| 26503 | PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (more info ...) | attempted-admin | 2012-4708 | |||
| 26504 | PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (more info ...) | attempted-admin | 2012-4708 | |||
| 26508 | EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (more info ...) | trojan-activity | 2012-4681 | |||
| 26511 | EXPLOIT-KIT Sakura exploit kit redirection structure (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26526 | EXPLOIT-KIT Portable Executable downloaded with bad DOS stub (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26534 | EXPLOIT-KIT Stamp exploit kit portable executable download (more info ...) | trojan-activity | 2013-0431 | |||
| 26535 | EXPLOIT-KIT Multiple exploit kit landing page - specific structure (more info ...) | trojan-activity | 2013-0431 | |||
| 26536 | EXPLOIT-KIT Stamp exploit kit landing page (more info ...) | trojan-activity | 2013-0431 | |||
| 26537 | EXPLOIT-KIT Sakura exploit kit jar download detection (more info ...) | trojan-activity | 2013-2423 | |||
| 26538 | EXPLOIT-KIT Sakura exploit kit landing page received (more info ...) | trojan-activity | 2013-2423 | |||
| 26539 | EXPLOIT-KIT Sakura exploit kit pdf download detection (more info ...) | trojan-activity | 2013-2423 | |||
| 26540 | EXPLOIT-KIT iFramer injection - specific structure (more info ...) | trojan-activity | 2013-2423 | |||
| 26541 | EXPLOIT-KIT Multiple exploit kit successful redirection - jnlp bypass (more info ...) | trojan-activity | 2013-2423 | |||
| 26548 | SERVER-WEBAPP HP OpenView NNM webappmon.exe buffer overflow attempt (more info ...) | attempted-admin | 2010-2703 | 41829 | ||
| 26591 | EXPLOIT-KIT unknown exploit kit script injection attempt (more info ...) | trojan-activity | URL | |||
| 26599 | EXPLOIT-KIT Impact/Stamp exploit kit landing page (more info ...) | trojan-activity | 2013-0431 | |||
| 26600 | EXPLOIT-KIT Impact/Stamp exploit kit landing page (more info ...) | trojan-activity | 2013-0431 | |||
| 26610 | MALWARE-BACKDOOR Win.Backdoor.Dulevco.A runtime detection (more info ...) | trojan-activity | URL | |||
| 26611 | MALWARE-BACKDOOR Win.Backdoor.Dulevco.A runtime detection (more info ...) | trojan-activity | URL | |||
| 26617 | EXPLOIT-KIT iFramer injection - specific structure (more info ...) | trojan-activity | 2013-2423 | |||
| 26653 | EXPLOIT-KIT Multiple exploit kit landing page - specific structure (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 26655 | MALWARE-BACKDOOR Win.Backdoor.PCRat data upload (more info ...) | misc-activity | URL | |||
| 26660 | MALWARE-OTHER Fake delivery information phishing attack (more info ...) | trojan-activity | URL | |||
| 26664 | FILE-IMAGE BMP extremely large xpos opcodes (more info ...) | attempted-user | 2013-2729 | 59918 | URL | |
| 26665 | FILE-IMAGE BMP extremely large xpos opcodes (more info ...) | attempted-user | 2013-2729 | URL | ||
| 26670 | MALWARE-OTHER OSX.Trojan.KitM file download (more info ...) | trojan-activity | URL | |||
| 26671 | MALWARE-OTHER OSX.Trojan.KitM file download (more info ...) | trojan-activity | URL | |||
| 26698 | MALWARE-OTHER Compromised Website response - leads to Exploit Kit (more info ...) | trojan-activity | URL | |||
| 26773 | MALWARE-BACKDOOR Trojan.Midwgif.A runtime detection (more info ...) | trojan-activity | URL | |||
| 26778 | MALWARE-OTHER Win.Trojan.Kazy download attempt (more info ...) | trojan-activity | URL | |||
| 26796 | MALWARE-OTHER ANDR.Trojan.ZertSecurity encrypted information leak (more info ...) | trojan-activity | URL | |||
| 26797 | SERVER-WEBAPP Mutiny editdocument servlet arbitrary file access attempt (more info ...) | attempted-recon | 2013-0136 | |||
| 26798 | SERVER-WEBAPP Mutiny editdocument servlet arbitrary file upload attempt (more info ...) | attempted-admin | 2013-0136 | |||
| 26805 | EXPLOIT-KIT Redkit exploit kit encrypted binary download (more info ...) | trojan-activity | 2013-2423 | |||
| 26807 | EXPLOIT-KIT Redkit exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 26808 | EXPLOIT-KIT Goon/Infinity/Redkit exploit kit short jar request (more info ...) | trojan-activity | 2013-2423 | |||
| 26823 | MALWARE-BACKDOOR Backdoor.Win32.Neshgai.A runtime detection (more info ...) | trojan-activity | URL | |||
| 26842 | MALWARE-BACKDOOR Win.Backdoor.Boda Malware Checkin (more info ...) | trojan-activity | ||||
| 26881 | MALWARE-OTHER HTML.Dropper.Agent uri scheme detected (more info ...) | trojan-activity | URL | |||
| 26902 | FILE-IDENTIFY Android APK download request (more info ...) | misc-activity | ||||
| 26903 | FILE-IDENTIFY Android APK download file attachment detected (more info ...) | misc-activity | ||||
| 26904 | FILE-IDENTIFY Android APK download file attachment detected (more info ...) | misc-activity | ||||
| 26921 | MALWARE-OTHER Win.Trojan.Kazy download attempt (more info ...) | trojan-activity | URL | |||
| 26929 | SERVER-WEBAPP SAP ConfigServlet command execution attempt (more info ...) | attempted-admin | URL | |||
| 26933 | MALWARE-OTHER Clickserver ad harvesting redirection attempt (more info ...) | misc-activity | ||||
| 26934 | MALWARE-OTHER Clickserver ad harvesting redirection attempt (more info ...) | misc-activity | ||||
| 26949 | EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 26951 | EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Malvertising Campaign URI request (more info ...) | trojan-activity | URL | |||
| 26956 | EXPLOIT-KIT Topic exploit kit outbound connection - 1 (more info ...) | trojan-activity | URL | |||
| 26957 | EXPLOIT-KIT Topic exploit kit outbound connection - 2 (more info ...) | trojan-activity | URL | |||
| 26958 | EXPLOIT-KIT Topic exploit kit outbound connection - 3 (more info ...) | trojan-activity | URL | |||
| 26959 | EXPLOIT-KIT Topic exploit kit outbound connection - 4 (more info ...) | trojan-activity | URL | |||
| 26960 | EXPLOIT-KIT Zuponcic exploit kit landing page (more info ...) | trojan-activity | ||||
| 26961 | EXPLOIT-KIT Flim exploit kit landing page (more info ...) | trojan-activity | ||||
| 26962 | EXPLOIT-KIT Flim exploit kit portable executable download (more info ...) | trojan-activity | ||||
| 26963 | EXPLOIT-KIT Flim exploit kit outbound jar request (more info ...) | trojan-activity | ||||
| 26964 | EXPLOIT-KIT Flim exploit kit outbound jnlp request (more info ...) | trojan-activity | ||||
| 27005 | EXPLOIT-KIT Multiple exploit kit Portable Executable downloaded when mp3 is declared (more info ...) | trojan-activity | ||||
| 27006 | SERVER-WEBAPP HP OpenView Network Node Manager URI rping stack buffer overflow attempt (more info ...) | attempted-user | 2009-1420 | 35267 | ||
| 27024 | MALWARE-OTHER OSX.Trojan.Netweird.A file download attempt (more info ...) | trojan-activity | URL | |||
| 27026 | EXPLOIT-KIT Neutrino exploit kit landing page (more info ...) | trojan-activity | ||||
| 27034 | MALWARE-OTHER Win.Backdoor.Transhell file download (more info ...) | trojan-activity | URL | |||
| 27035 | MALWARE-OTHER Win.Backdoor.Transhell file download (more info ...) | trojan-activity | URL | |||
| 27040 | EXPLOIT-KIT Styx exploit kit plugin detection connection jorg (more info ...) | trojan-activity | 2013-2423 | |||
| 27041 | EXPLOIT-KIT Styx exploit kit plugin detection connection jlnp (more info ...) | trojan-activity | 2013-2423 | |||
| 27042 | EXPLOIT-KIT Styx exploit kit plugin detection connection jovf (more info ...) | trojan-activity | 2013-2423 | |||
| 27050 | MALWARE-OTHER Win.Trojan.Dokstormac file download (more info ...) | trojan-activity | URL | |||
| 27051 | MALWARE-OTHER Win.Trojan.Dokstormac file download (more info ...) | trojan-activity | URL | |||
| 27055 | MALWARE-OTHER Win.Trojan.Yakes download attempt (more info ...) | trojan-activity | URL | |||
| 27056 | MALWARE-OTHER Win.Trojan.Yakes download attempt (more info ...) | trojan-activity | URL | |||
| 27059 | MALWARE-OTHER OSX.Trojan.HackBack file download attempt (more info ...) | trojan-activity | URL | |||
| 27060 | MALWARE-OTHER OSX.Trojan.HackBack file upload attempt (more info ...) | trojan-activity | URL | |||
| 27067 | EXPLOIT-KIT Blackholev2 exploit kit landing page - specific structure (more info ...) | trojan-activity | 2013-2423 | |||
| 27071 | EXPLOIT-KIT Blackhole exploit kit landing page retrieval (more info ...) | trojan-activity | 2012-4681 | |||
| 27072 | EXPLOIT-KIT Blackhole exploit kit landing page retrieval (more info ...) | trojan-activity | 2012-4681 | |||
| 27073 | INDICATOR-OBFUSCATION obfuscated getElementsByTagName string - seen in exploit kits (more info ...) | trojan-activity | URL | |||
| 27074 | INDICATOR-OBFUSCATION obfuscated getElementsByTagName string - seen in exploit kits (more info ...) | trojan-activity | URL | |||
| 27078 | EXPLOIT-KIT Nailed exploit kit landing page - specific structure (more info ...) | trojan-activity | URL | |||
| 27079 | EXPLOIT-KIT Nailed exploit kit landing page stage 2 (more info ...) | trojan-activity | URL | |||
| 27080 | EXPLOIT-KIT Nailed exploit kit Firefox exploit download - autopwn (more info ...) | trojan-activity | 2013-0757 | URL | ||
| 27083 | EXPLOIT-KIT Nailed exploit kit jmxbean remote code execution exploit download - autopwn (more info ...) | trojan-activity | 2013-0422 | URL | ||
| 27084 | EXPLOIT-KIT Nailed exploit kit rhino remote code execution exploit download - autopwn (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 27085 | EXPLOIT-KIT Unknown Malvertising exploit kit Hostile Jar pipe.class (more info ...) | trojan-activity | ||||
| 27086 | EXPLOIT-KIT Unknown Malvertising exploit kit stage-1 redirect (more info ...) | trojan-activity | ||||
| 27104 | SERVER-WEBAPP HP System Management arbitrary command injection attempt (more info ...) | attempted-admin | 2013-3576 | 60471 | ||
| 27105 | SERVER-WEBAPP HP System Management arbitrary command injection attempt (more info ...) | attempted-admin | 2013-3576 | 60471 | ||
| 27108 | EXPLOIT-KIT Multiple exploit kit malicious jar file downloaded when exe is declared (more info ...) | trojan-activity | ||||
| 27110 | EXPLOIT-KIT Blackholev2/Cool exploit kit outbound portable executable request (more info ...) | trojan-activity | ||||
| 27113 | EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempt (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 27115 | MALWARE-OTHER DirtJumper denial of service attack traffic (more info ...) | attempted-dos | URL | |||
| 27121 | SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (more info ...) | protocol-command-decode | ||||
| 27122 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 buffer overflow attempt (more info ...) | attempted-admin | 2013-2330 | 60306 | URL | |
| 27123 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 259 buffer overflow attempt (more info ...) | attempted-admin | 2013-2329 | 60304 | URL | |
| 27124 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1092 buffer overflow attempt (more info ...) | attempted-admin | 2013-2331 | 60307 | URL | |
| 27125 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (more info ...) | attempted-admin | 2013-2333 | 60309 | URL | |
| 27140 | EXPLOIT-KIT Private exploit kit numerically named exe file dowload (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 27141 | EXPLOIT-KIT Private exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 27142 | EXPLOIT-KIT Private exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 27143 | EXPLOIT-KIT Private exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 27144 | EXPLOIT-KIT Private exploit kit outbound traffic (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 27170 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 buffer overflow attempt (more info ...) | attempted-admin | 2013-2334 | 60310 | URL | |
| 27197 | MALWARE-OTHER OSX.Trojan.Pintsized file download attempt (more info ...) | trojan-activity | URL | |||
| 27198 | MALWARE-OTHER OSX.Trojan.Pintsized file download attempt (more info ...) | trojan-activity | URL | |||
| 27217 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 260 buffer overflow attempt (more info ...) | attempted-admin | 2013-2332 | 60308 | URL | |
| 27228 | MALWARE-OTHER OSX.Trojan.Janicab file download attempt (more info ...) | attempted-admin | URL | |||
| 27229 | MALWARE-OTHER IFRAMEr Tool code injection attack (more info ...) | misc-activity | URL | |||
| 27242 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 27246 | MALWARE-OTHER Mac OSX FBI ransomware (more info ...) | trojan-activity | URL | |||
| 27261 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 215 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 27262 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 263 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 27264 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 227 buffer overflow attempt (more info ...) | attempted-admin | 2013-2335 | 60311 | URL | |
| 27271 | EXPLOIT-KIT iFramer toolkit injected iframe detected - specific structure (more info ...) | trojan-activity | 2012-4681 | |||
| 27273 | EXPLOIT-KIT Goon/Infinity exploit kit iframe redirection (more info ...) | trojan-activity | ||||
| 27539 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 234 buffer overflow attempt (more info ...) | attempted-admin | 2013-2326 | 60301 | URL | |
| 27542 | FILE-IDENTIFY Python bytecode file magic detected (more info ...) | misc-activity | ||||
| 27543 | FILE-IDENTIFY Python bytecode file magic detected (more info ...) | misc-activity | ||||
| 27548 | MALWARE-OTHER Osx.Trojan.Janicab file download attempt (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 27549 | MALWARE-OTHER Osx.Trojan.Janicab file download attempt (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 27550 | MALWARE-OTHER Compromised website response - leads to Exploit Kit (more info ...) | trojan-activity | ||||
| 27565 | MALWARE-OTHER HideMeBetter spam injection variant (more info ...) | trojan-activity | URL | |||
| 27571 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 235 buffer overflow attempt (more info ...) | attempted-admin | 2013-2325 | 60300 | URL | |
| 27598 | SERVER-WEBAPP Oracle Secure Backup Admin Server command injection attempt (more info ...) | web-application-attack | 2011-2261 | 48752 | ||
| 27617 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 264 buffer overflow attempt (more info ...) | attempted-admin | 2013-2327 | 60302 | URL | |
| 27646 | SERVER-OTHER HP LeftHand Virtual SAN hydra login request buffer overflow attempt (more info ...) | attempted-admin | 2013-2343 | 60884 | URL | |
| 27656 | BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (more info ...) | attempted-user | 2009-3732 | |||
| 27657 | BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (more info ...) | attempted-user | 2009-3732 | |||
| 27658 | BROWSER-PLUGINS VMWare Remote Console format string code execution attempt (more info ...) | attempted-user | 2009-3732 | |||
| 27695 | EXPLOIT-KIT Kore exploit kit landing page (more info ...) | trojan-activity | 2013-2471 | URL | ||
| 27696 | EXPLOIT-KIT Kore exploit kit landing page (more info ...) | trojan-activity | 2013-2471 | URL | ||
| 27702 | EXPLOIT-KIT Gong Da exploit kit landing page (more info ...) | trojan-activity | 2013-1493 | |||
| 27706 | EXPLOIT-KIT Gong Da exploit kit possible jar download (more info ...) | trojan-activity | 2013-1493 | |||
| 27738 | EXPLOIT-KIT Multiple exploit kit landing page (more info ...) | trojan-activity | ||||
| 27739 | EXPLOIT-KIT Multiple exploit kit redirection page (more info ...) | trojan-activity | ||||
| 27769 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 207 buffer overflow attempt (more info ...) | attempted-admin | 2013-2324 | 60299 | URL | |
| 27770 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 210 buffer overflow attempt (more info ...) | attempted-admin | 2013-2324 | 60299 | URL | |
| 27771 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 236 buffer overflow attempt (more info ...) | attempted-admin | 2013-2324 | 60299 | URL | |
| 27772 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 243 buffer overflow attempt (more info ...) | attempted-admin | 2013-2324 | 60299 | URL | |
| 27773 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 265 buffer overflow attempt (more info ...) | attempted-admin | 2013-2324 | 60299 | URL | |
| 27783 | EXPLOIT-KIT Neutrino exploit kit plugin detection page (more info ...) | trojan-activity | ||||
| 27813 | EXPLOIT-KIT Styx exploit kit landing page with payload (more info ...) | trojan-activity | 2013-2423 | |||
| 27814 | EXPLOIT-KIT Styx exploit kit landing page request (more info ...) | trojan-activity | 2013-2423 | |||
| 27815 | EXPLOIT-KIT Styx exploit kit malicious redirection attempt (more info ...) | trojan-activity | 2013-2423 | |||
| 27816 | EXPLOIT-KIT Multiple exploit kit jar file download attempt (more info ...) | trojan-activity | ||||
| 27865 | EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page request (more info ...) | trojan-activity | 2012-4681 | |||
| 27866 | EXPLOIT-KIT Blackholev2/Darkleech exploit kit landing page (more info ...) | trojan-activity | ||||
| 27873 | EXPLOIT-KIT Kore exploit kit outbound payload download attempt (more info ...) | trojan-activity | ||||
| 27876 | EXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download (more info ...) | trojan-activity | ||||
| 27877 | EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (more info ...) | trojan-activity | ||||
| 27878 | EXPLOIT-KIT Blackholev2/Cool exploit kit landing page (more info ...) | trojan-activity | ||||
| 27885 | EXPLOIT-KIT Teletubbies exploit kit payload download (more info ...) | trojan-activity | 2013-2465 | URL | ||
| 27886 | EXPLOIT-KIT Teletubbies exploit kit payload download (more info ...) | trojan-activity | 2010-1297 | URL | ||
| 27887 | EXPLOIT-KIT Teletubbies exploit kit payload download (more info ...) | trojan-activity | 2010-2884 | URL | ||
| 27888 | EXPLOIT-KIT Teletubbies exploit kit payload download (more info ...) | trojan-activity | 2010-0188 | URL | ||
| 27889 | EXPLOIT-KIT Teletubbies exploit kit payload download (more info ...) | trojan-activity | 2010-0188 | URL | ||
| 27890 | EXPLOIT-KIT Teletubbies exploit kit secondary payload (more info ...) | trojan-activity | URL | |||
| 27891 | EXPLOIT-KIT Teletubbies exploit kit secondary payload (more info ...) | trojan-activity | URL | |||
| 27893 | EXPLOIT-KIT Teletubbies exploit kit payload download (more info ...) | trojan-activity | 2008-2992 | URL | ||
| 27894 | EXPLOIT-KIT Multiple exploit kit Payload detection - about.dll (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 27895 | EXPLOIT-KIT Multiple exploit kit Payload detection - info.dll (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 27896 | EXPLOIT-KIT Multiple exploit kit Payload detection - contacts.dll (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 27897 | EXPLOIT-KIT Multiple exploit kit Payload detection - calc.dll (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 27898 | EXPLOIT-KIT Multiple exploit kit Payload detection - readme.dll (more info ...) | trojan-activity | 2012-4681 | URL | ||
| 27911 | EXPLOIT-KIT X2O exploit kit landing page (more info ...) | trojan-activity | ||||
| 27912 | EXPLOIT-KIT X2O exploit kit landing page (more info ...) | trojan-activity | ||||
| 27935 | EXPLOIT-KIT Styx exploit kit landing page (more info ...) | trojan-activity | ||||
| 27936 | EXPLOIT-KIT Styx exploit kit portable executable download (more info ...) | trojan-activity | ||||
| 27937 | SERVER-OTHER HP ProCurve Manager SNAC UpdateCertificatesServlet directory traversal attempt (more info ...) | attempted-admin | 2013-4812 | 62348 | URL | |
| 27941 | SERVER-OTHER HP ProCurve Manager SNAC UpdateDomainControllerServlet directory traversal attempt (more info ...) | attempted-admin | 2013-4811 | 62349 | URL | |
| 27942 | SERVER-WEBAPP Sophos Web Protection Appliance sblistpack arbitrary command execution attempt (more info ...) | attempted-admin | 2013-4984 | 62265 | URL | |
| 27956 | MALWARE-OTHER OSX.Trojan.Renepo rootkit download attempt (more info ...) | trojan-activity | URL | |||
| 27957 | MALWARE-OTHER OSX.Trojan.Renepo rootkit download attempt (more info ...) | trojan-activity | URL | |||
| 27958 | MALWARE-OTHER OSX.Trojan.Renepo rootkit download attempt (more info ...) | trojan-activity | URL | |||
| 27959 | MALWARE-OTHER OSX.Trojan.Renepo rootkit upload attempt (more info ...) | trojan-activity | URL | |||
| 27960 | MALWARE-OTHER OSX.Trojan.Renepo rootkit upload attempt (more info ...) | trojan-activity | URL | |||
| 27961 | MALWARE-OTHER OSX.Trojan.Renepo rootkit upload attempt (more info ...) | trojan-activity | URL | |||
| 27982 | APP-DETECT Dynamic Internet Technology Freegate application executable download attempt (more info ...) | misc-activity | URL | |||
| 27983 | APP-DETECT Dynamic Internet Technology Freegate application zip download attempt (more info ...) | misc-activity | URL | |||
| 27999 | APP-DETECT Possible Dynamic Internet Technology Frontgate application PING (more info ...) | misc-activity | URL | |||
| 28000 | APP-DETECT Dynamic Internet Technology Freegate application executable download attempt (more info ...) | misc-activity | URL | |||
| 28001 | APP-DETECT Dynamic Internet Technology Freegate application zip download attempt (more info ...) | misc-activity | URL | |||
| 28006 | MALWARE-OTHER Win.Trojan.Kuluoz outbound download request (more info ...) | trojan-activity | URL | |||
| 28015 | EXPLOIT-KIT g01pack exploit kit redirection attempt (more info ...) | trojan-activity | ||||
| 28016 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 28017 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 28018 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 28019 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 28020 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 28021 | EXPLOIT-KIT embedded iframe redirection - possible exploit kit indicator (more info ...) | trojan-activity | ||||
| 28022 | EXPLOIT-KIT embedded iframe redirection - IFRAMEr injection tool (more info ...) | trojan-activity | ||||
| 28029 | EXPLOIT-KIT Magnitude/Popads/Nuclear exploit kit jnlp request (more info ...) | trojan-activity | 2013-0431 | |||
| 28038 | EXPLOIT-KIT Sakura exploit kit successful redirection (more info ...) | trojan-activity | ||||
| 28054 | MALWARE-OTHER VBScript potential executable write attempt (more info ...) | trojan-activity | URL | |||
| 28138 | EXPLOIT-KIT DotkaChef/Rmayana exploit kit redirection attempt (more info ...) | trojan-activity | ||||
| 28194 | EXPLOIT-KIT X2O exploit kit landing page (more info ...) | trojan-activity | ||||
| 28196 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 28197 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 28198 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 28199 | EXPLOIT-KIT Bleeding Life exploit kit module call (more info ...) | attempted-user | URL | |||
| 28213 | EXPLOIT-KIT Neutrino exploit kit redirection received (more info ...) | trojan-activity | ||||
| 28227 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 211 buffer overflow attempt (more info ...) | attempted-admin | 2013-2333 | 60309 | URL | |
| 28236 | EXPLOIT-KIT Magnitude/Nuclear exploit kit landing page (more info ...) | trojan-activity | 2013-0431 | |||
| 28237 | EXPLOIT-KIT Magnitude/Nuclear exploit kit outbound pdf download attempt (more info ...) | trojan-activity | ||||
| 28240 | SERVER-WEBAPP D-Link DIR-100 User-Agent backdoor access attempt (more info ...) | attempted-admin | 2013-6026 | 62990 | URL | |
| 28265 | EXPLOIT-KIT Sweet Orange exploit kit landing page attempt (more info ...) | trojan-activity | ||||
| 28279 | PUA-ADWARE Wajam outbound connection - post install (more info ...) | trojan-activity | URL | |||
| 28280 | PUA-ADWARE Wajam outbound connection - post install (more info ...) | trojan-activity | URL | |||
| 28286 | FILE-OTHER overly large XML file MSXML heap overflow attempt (more info ...) | attempted-user | 2013-0006 | URL | ||
| 28289 | SERVER-WEBAPP Tenda W302R root remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 28290 | SERVER-WEBAPP Tenda W302R iwpriv remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 28307 | EXPLOIT-KIT Himan exploit kit landing page (more info ...) | trojan-activity | 2013-2551 | URL | ||
| 28324 | PUA-ADWARE FakeAV runtime detection (more info ...) | trojan-activity | ||||
| 28365 | MALWARE-OTHER Win.Trojan.Stoberox outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 28367 | FILE-IDENTIFY CIS file magic detected (more info ...) | misc-activity | ||||
| 28368 | FILE-IDENTIFY CIS file magic detected (more info ...) | misc-activity | ||||
| 28369 | FILE-IDENTIFY CIS file attachment detected (more info ...) | misc-activity | ||||
| 28370 | FILE-IDENTIFY CIS file attachment detected (more info ...) | misc-activity | ||||
| 28371 | PUA-ADWARE UpdateStar CIS file retrieval attempt (more info ...) | misc-activity | URL | |||
| 28372 | PUA-ADWARE UpdateStar encapsulated installer outbound connection (more info ...) | misc-activity | URL | |||
| 28381 | MALWARE-OTHER Win.Downloader.Temvice outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 28393 | SERVER-OTHER EMC Replication Manager irccd remote command execution attempt (more info ...) | attempted-admin | 2011-0647 | 46235 | ||
| 28401 | OS-MOBILE Android Andr.Trojan.MobileTx APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28402 | OS-MOBILE Android Andr.Trojan.MobileTx APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28403 | OS-MOBILE Android Andr.Trojan.MobileTx information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 28407 | SERVER-WEBAPP HP Intelligent Management Center BIMS UploadServlet arbitrary file upload attempt (more info ...) | attempted-admin | 2013-4822 | 62895 | URL | |
| 28408 | SERVER-WEBAPP ProcessMaker neoclassic skin arbitrary code execution attempt (more info ...) | attempted-admin | URL | |||
| 28409 | SERVER-WEBAPP ProcessMaker neoclassic skin arbitrary code execution attempt (more info ...) | attempted-admin | URL | |||
| 28413 | EXPLOIT-KIT Magnitude exploit kit embedded redirection attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 28423 | EXPLOIT-KIT Multiple exploit kit single digit exe detection (more info ...) | trojan-activity | ||||
| 28428 | EXPLOIT-KIT Glazunov exploit kit landing page (more info ...) | trojan-activity | 2013-2471 | URL | ||
| 28429 | EXPLOIT-KIT Glazunov exploit kit outbound jnlp download attempt (more info ...) | trojan-activity | 2013-2471 | URL | ||
| 28430 | EXPLOIT-KIT Glazunov exploit kit zip file download (more info ...) | trojan-activity | 2013-2471 | URL | ||
| 28449 | EXPLOIT-KIT Sakura exploit outbound connection attempt (more info ...) | trojan-activity | ||||
| 28450 | EXPLOIT-KIT Sakura exploit kit exploit payload retrieve attempt (more info ...) | trojan-activity | ||||
| 28474 | EXPLOIT-KIT Neutrino exploit kit outbound plugin detection response - generic detection (more info ...) | trojan-activity | 2013-2465 | |||
| 28475 | EXPLOIT-KIT Neutrino exploit kit outbound request - generic detection (more info ...) | trojan-activity | 2013-2465 | |||
| 28477 | EXPLOIT-KIT Styx exploit kit outbound pdf request (more info ...) | trojan-activity | 2013-2423 | |||
| 28478 | EXPLOIT-KIT Styx exploit kit landing page request (more info ...) | trojan-activity | 2013-2423 | |||
| 28483 | MALWARE-OTHER Win.Trojan.Magitart outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 28570 | FILE-IDENTIFY FDF file magic detected (more info ...) | misc-activity | URL | |||
| 28571 | FILE-IDENTIFY FDF file attachment detected (more info ...) | misc-activity | URL | |||
| 28572 | FILE-IDENTIFY FDF file attachment detected (more info ...) | misc-activity | URL | |||
| 28573 | FILE-IDENTIFY FDF file magic detected (more info ...) | misc-activity | URL | |||
| 28574 | FILE-IDENTIFY FDF file download request (more info ...) | misc-activity | URL | |||
| 28593 | EXPLOIT-KIT Multiple exploit kit payload download (more info ...) | trojan-activity | ||||
| 28596 | EXPLOIT-KIT Nuclear exploit kit payload request (more info ...) | trojan-activity | ||||
| 28608 | EXPLOIT-KIT Sakura exploit kit Atomic exploit download - specific-structure (more info ...) | trojan-activity | ||||
| 28609 | EXPLOIT-KIT Sakura exploit kit obfuscated exploit payload download (more info ...) | trojan-activity | URL | |||
| 28610 | EXPLOIT-KIT Sakura exploit kit exploit payload retreive attempt (more info ...) | trojan-activity | ||||
| 28611 | EXPLOIT-KIT Sakura exploit kit outbound connection attempt (more info ...) | trojan-activity | ||||
| 28612 | EXPLOIT-KIT Multiple exploit kit Silverlight exploit download (more info ...) | trojan-activity | 2013-3896 | URL | ||
| 28615 | EXPLOIT-KIT Angler exploit kit exploit download attempt (more info ...) | trojan-activity | 2013-3896 | URL | ||
| 28795 | EXPLOIT-KIT Goon/Infinity exploit kit payload download attempt (more info ...) | trojan-activity | 2012-0507 | URL | ||
| 28797 | EXPLOIT-KIT Multiple exploit kit binkey xored binary download attempt (more info ...) | trojan-activity | URL | |||
| 28798 | EXPLOIT-KIT Multiple exploit kit possibly malicious iframe embedded into a webpage (more info ...) | trojan-activity | ||||
| 28806 | INDICATOR-COMPROMISE potential malware download - single digit .exe file download (more info ...) | trojan-activity | URL | |||
| 28847 | MALWARE-OTHER Win.Backdoor.Tavdig download attempt (more info ...) | trojan-activity | URL | |||
| 28848 | MALWARE-OTHER Win.Backdoor.Tavdig download attempt (more info ...) | trojan-activity | URL | |||
| 28851 | SERVER-OTHER JBoss EJBInvokerServlet remote code execution attempt (more info ...) | web-application-attack | 2013-4810 | 62347 | ||
| 28883 | PUA-ADWARE Apponic CIS file retrieval attempt (more info ...) | misc-activity | URL | |||
| 28884 | PUA-ADWARE Apponic encapsulated installer outbound connection (more info ...) | misc-activity | URL | |||
| 28885 | PUA-ADWARE Apponic encapsulated installer outbound connection (more info ...) | misc-activity | URL | |||
| 28893 | BROWSER-OTHER known revoked certificate for Tresor CA (more info ...) | bad-unknown | URL | |||
| 28894 | FILE-IDENTIFY eSignal .ets file attachment detected (more info ...) | misc-activity | URL | |||
| 28895 | FILE-IDENTIFY eSignal .por file attachment detected (more info ...) | misc-activity | ||||
| 28896 | FILE-IDENTIFY eSignal .quo file attachment detected (more info ...) | misc-activity | ||||
| 28897 | FILE-IDENTIFY eSignal .sum file attachment detected (more info ...) | misc-activity | ||||
| 28898 | FILE-IDENTIFY eSignal .ets file attachment detected (more info ...) | misc-activity | URL | |||
| 28899 | FILE-IDENTIFY eSignal .por file attachment detected (more info ...) | misc-activity | ||||
| 28900 | FILE-IDENTIFY eSignal .sum file attachment detected (more info ...) | misc-activity | ||||
| 28901 | FILE-IDENTIFY eSignal .ets file download request (more info ...) | misc-activity | URL | |||
| 28902 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 28903 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 28904 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 28905 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 28906 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 28907 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 28911 | EXPLOIT-KIT Neutrino exploit kit initial outbound request - generic detection (more info ...) | trojan-activity | 2013-2465 | |||
| 28929 | PUA-ADWARE Amonetize installer outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 28966 | EXPLOIT-KIT HiMan exploit kit outbound POST connection (more info ...) | trojan-activity | ||||
| 28969 | EXPLOIT-KIT HiMan exploit kit outbound payload retreival - specific string (more info ...) | trojan-activity | ||||
| 29001 | EXPLOIT-KIT SPL2 exploit kit landing page detection (more info ...) | trojan-activity | ||||
| 29002 | EXPLOIT-KIT SPL2 exploit kit Silverlight plugin outbound connection attempt (more info ...) | trojan-activity | ||||
| 29003 | EXPLOIT-KIT SPL2 exploit kit jar exploit download (more info ...) | trojan-activity | ||||
| 29012 | MALWARE-OTHER Possible Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29013 | MALWARE-OTHER Possible Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29017 | SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (more info ...) | attempted-admin | 2013-4837 | 63475 | URL | |
| 29019 | SERVER-WEBAPP HP LoadRunner Virtual User Generator EmulationAdmin directory traversal attempt (more info ...) | attempted-admin | 2013-4838 | 63476 | URL | |
| 29023 | MALWARE-OTHER multi-hop iframe campaign client-side exploit attempt (more info ...) | trojan-activity | 2011-3402 | URL | ||
| 29024 | MALWARE-OTHER multi-hop iframe campaign client-side exploit attempt (more info ...) | trojan-activity | 2011-3402 | URL | ||
| 29025 | MALWARE-OTHER multi-hop iframe campaign client-side exploit attempt (more info ...) | trojan-activity | 2011-3402 | URL | ||
| 29027 | SERVER-WEBAPP Zimbra remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 29046 | SERVER-WEBAPP WhatsUp Gold ExportViewer.asp diretory traversal attempt (more info ...) | web-application-attack | 52745 | |||
| 29055 | MALWARE-BACKDOOR Win.Trojan.Descrantol variant data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 29090 | INDICATOR-COMPROMISE suspicious test for public IP - iframe.ip138.com (more info ...) | successful-recon-limited | ||||
| 29094 | MALWARE-BACKDOOR Win.Trojan.Shatekrat variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29105 | SERVER-WEBAPP ManageEngine Desktop Central LogUploader servlets directory traversal attempt (more info ...) | web-application-attack | 2021-44515 | 69493 | ||
| 29128 | EXPLOIT-KIT Stamp exploit kit plugin detection page (more info ...) | trojan-activity | 2013-0431 | |||
| 29129 | EXPLOIT-KIT Stamp exploit kit jar exploit download - specific structure (more info ...) | trojan-activity | 2013-0431 | |||
| 29130 | EXPLOIT-KIT Stamp exploit kit malicious payload download attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 29131 | EXPLOIT-KIT Stamp exploit kit PDF exploit retrieval attempt (more info ...) | trojan-activity | 2013-0431 | |||
| 29159 | SERVER-WEBAPP The Bug Genie openid_identifier cross site scripting attempt (more info ...) | web-application-attack | 64004 | |||
| 29160 | SERVER-WEBAPP The Bug Genie openid_identifier cross site scripting attempt (more info ...) | web-application-attack | 64004 | |||
| 29162 | FILE-IDENTIFY CIS file download request (more info ...) | misc-activity | ||||
| 29165 | EXPLOIT-KIT CritX exploit kit outbound jar request (more info ...) | trojan-activity | ||||
| 29166 | EXPLOIT-KIT CritX exploit kit payload download attempt (more info ...) | trojan-activity | ||||
| 29167 | EXPLOIT-KIT CritX exploit kit payload download attempt (more info ...) | trojan-activity | ||||
| 29170 | SERVER-WEBAPP NetWeaver internet sales module directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 29186 | EXPLOIT-KIT Nuclear exploit kit outbound connection (more info ...) | trojan-activity | ||||
| 29213 | INDICATOR-OBFUSCATION potential math library debugging (more info ...) | trojan-activity | URL | |||
| 29296 | SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (more info ...) | attempted-admin | 2013-2068 | 62745 | URL | |
| 29297 | SERVER-WEBAPP Red Hat CloudForms agent controller filename directory traversal attempt (more info ...) | attempted-admin | 2013-2068 | 62745 | URL | |
| 29360 | EXPLOIT-KIT Goon/Infinity exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 29361 | EXPLOIT-KIT Goon/Infinity exploit kit landing page (more info ...) | trojan-activity | ||||
| 29364 | MALWARE-OTHER Win.Trojan.Esjey outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 29387 | SERVER-WEBAPP Synology DiskStation Manager SLICEUPLOAD remote command execution attempt (more info ...) | attempted-admin | 2013-6955 | 64516 | ||
| 29390 | SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29391 | SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29392 | SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29439 | FILE-IDENTIFY MSI file download request (more info ...) | misc-activity | ||||
| 29445 | EXPLOIT-KIT Styx exploit kit fonts download page (more info ...) | trojan-activity | 2013-2423 | |||
| 29446 | EXPLOIT-KIT Styx exploit kit jar outbound connection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 29447 | EXPLOIT-KIT Multiple exploit kit payload download - scandsk.exe (more info ...) | bad-unknown | ||||
| 29448 | EXPLOIT-KIT Styx exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 29449 | EXPLOIT-KIT Styx exploit kit landing page (more info ...) | trojan-activity | 2013-2423 | |||
| 29450 | EXPLOIT-KIT Styx exploit kit outbound connection attempt (more info ...) | trojan-activity | 2013-2423 | |||
| 29452 | EXPLOIT-KIT Styx exploit kit landing page request (more info ...) | trojan-activity | 2013-2423 | |||
| 29453 | EXPLOIT-KIT Styx exploit kit eot outbound connection (more info ...) | trojan-activity | 2013-2423 | URL | ||
| 29462 | INDICATOR-SCAN User-Agent known malicious user-agent The Mole (more info ...) | misc-activity | URL | |||
| 29465 | FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (more info ...) | attempted-user | 2013-3248 | |||
| 29467 | FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (more info ...) | attempted-user | 2013-3248 | |||
| 29468 | FILE-OTHER Corel PDF fusion XPS stack buffer overflow attempt (more info ...) | attempted-user | 2013-3248 | |||
| 29485 | SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29486 | SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29487 | SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29488 | SERVER-WEBAPP EMC Connectrix Manager ManualBootImageUpload directory traversal attempt (more info ...) | attempted-admin | 2013-6810 | 64242 | ||
| 29504 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 29505 | PROTOCOL-SCADA IGSS dc.exe file execution directory traversal attempt (more info ...) | attempted-admin | 2011-1567 | |||
| 29510 | INDICATOR-OBFUSCATION Multiple character encodings detected (more info ...) | attempted-user | URL | |||
| 29526 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 29527 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 29528 | SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 46 integer overflow attempt (more info ...) | attempted-admin | 2008-2438 | 34738 | ||
| 29529 | SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 47 integer overflow attempt (more info ...) | attempted-admin | 2008-2438 | 34738 | ||
| 29530 | SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 54 integer overflow attempt (more info ...) | attempted-admin | 2008-2438 | 34738 | ||
| 29531 | SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 25 integer overflow attempt (more info ...) | attempted-admin | 2008-2438 | 34738 | ||
| 29532 | SERVER-OTHER OpenView Network Node Manager ovalarmsrv opcode 81 integer overflow attempt (more info ...) | attempted-admin | 2008-2438 | 34738 | ||
| 29534 | PROTOCOL-SCADA CODESYS Gateway-Server invalid memory access attempt (more info ...) | attempted-admin | 2012-4704 | 58032 | URL | |
| 29539 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29540 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29541 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29542 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29543 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29544 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29545 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29546 | FILE-MULTIMEDIA WAV processing buffer overflow attempt (more info ...) | misc-activity | 2012-4186 | 56135 | ||
| 29576 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29594 | SERVER-WEBAPP Airlive IP Camera information leak attempt (more info ...) | attempted-user | 2013-3686 | 60550 | ||
| 29603 | SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (more info ...) | suspicious-filename-detect | 2011-0922 | URL | ||
| 29604 | OS-OTHER CoDeSys Gateway Server Denial of Service attempt detected (more info ...) | attempted-dos | 2012-4707 | 58032 | ||
| 29610 | SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (more info ...) | attempted-admin | 2012-0202 | 52847 | URL | |
| 29611 | SERVER-OTHER IBM Cognos TM1 Server tm1admsd.exe buffer overflow attempt (more info ...) | attempted-admin | 2012-0202 | 52847 | URL | |
| 29612 | FILE-IDENTIFY XPS file attachment detected (more info ...) | misc-activity | ||||
| 29613 | FILE-IDENTIFY XPS file attachment detected (more info ...) | misc-activity | ||||
| 29614 | FILE-IDENTIFY XPS file download request (more info ...) | misc-activity | ||||
| 29630 | SERVER-OTHER HP OpenView Storage Data Protector buffer overflow attempt (more info ...) | suspicious-filename-detect | 2011-0922 | |||
| 29829 | SERVER-WEBAPP HNAP remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 29830 | SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 29831 | SERVER-WEBAPP Linksys E-series HNAP TheMoon remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 29864 | EXPLOIT-KIT Redkit exploit kit payload request (more info ...) | trojan-activity | URL | |||
| 29874 | MALWARE-BACKDOOR Win.Trojan.Dremseko outbound username enumeration (more info ...) | trojan-activity | URL | |||
| 29909 | SERVER-OTHER JBoss JMXInvokerServlet remote code execution attempt (more info ...) | misc-attack | 2013-4810 | 62347 | ||
| 29918 | MALWARE-OTHER Win.Keylogger.Vacky system information disclosure (more info ...) | trojan-activity | URL | |||
| 29937 | SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceR3Info buffer overflow attempt (more info ...) | attempted-admin | 2012-2611 | 53424 | ||
| 29991 | PUA-ADWARE The Best All Codecs App runtime detection (more info ...) | misc-activity | URL | |||
| 30001 | EXPLOIT-KIT Hello/LightsOut exploit kit landing page detected (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30003 | EXPLOIT-KIT Hello/LightsOut exploit kit payload download attempt (more info ...) | trojan-activity | 2013-1489 | URL | ||
| 30012 | SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (more info ...) | attempted-admin | 65181 | |||
| 30013 | SERVER-WEBAPP ESF pfSense Snort log view remote file inclusion attempt (more info ...) | attempted-admin | 65181 | |||
| 30033 | SERVER-WEBAPP ESF pfSense webConfigurator invalid input attempt (more info ...) | attempted-admin | URL | |||
| 30065 | INDICATOR-COMPROMISE ZenCart compromise attempt detected (more info ...) | trojan-activity | URL | |||
| 30066 | INDICATOR-COMPROMISE ZenCart malicious redirect attempt detected (more info ...) | trojan-activity | URL | |||
| 30070 | MALWARE-OTHER ANDR.Trojan.iBanking outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 30071 | MALWARE-OTHER ANDR.Trojan.iBanking outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 30072 | MALWARE-OTHER ANDR.Trojan.iBanking outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 30094 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 214 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 30095 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 216 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 30096 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 219 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 30097 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 257 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 30133 | EXPLOIT-KIT Stamp exploit kit landing page (more info ...) | trojan-activity | ||||
| 30134 | EXPLOIT-KIT Stamp exploit kit malicious payload delivery - specific string (more info ...) | trojan-activity | ||||
| 30137 | MALWARE-OTHER TDS Sutra - RULEZ cookie set (more info ...) | trojan-activity | URL | |||
| 30138 | MALWARE-OTHER TDS Sutra - RULEZ cookie (more info ...) | trojan-activity | URL | |||
| 30205 | SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6189 | 64557 | ||
| 30206 | SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6189 | 64557 | ||
| 30207 | SERVER-OTHER HP AIO Archive Query Server stack buffer overflow attempt (more info ...) | attempted-admin | 2013-6189 | 64557 | ||
| 30219 | EXPLOIT-KIT Nuclear exploit kit outbound jar request (more info ...) | trojan-activity | ||||
| 30220 | EXPLOIT-KIT Nuclear exploit kit outbound payload request (more info ...) | trojan-activity | ||||
| 30229 | INDICATOR-SHELLCODE Metasploit windows/shell stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30230 | INDICATOR-COMPROMISE suspicious test for public IP - www.dawhois.com (more info ...) | trojan-activity | URL | |||
| 30260 | PUA-ADWARE Lucky Leap Adware outbound connection (more info ...) | trojan-activity | URL | |||
| 30261 | PUA-ADWARE Lucky Leap Adware outbound connection (more info ...) | trojan-activity | URL | |||
| 30263 | SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (more info ...) | attempted-admin | 2013-6194 | 64647 | URL | |
| 30264 | SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (more info ...) | attempted-admin | 2013-6194 | 64647 | URL | |
| 30265 | SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (more info ...) | attempted-admin | 2013-6194 | 64647 | URL | |
| 30266 | SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (more info ...) | attempted-admin | 2013-6194 | 64647 | URL | |
| 30267 | SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (more info ...) | attempted-admin | 2013-6194 | 64647 | URL | |
| 30268 | SERVER-OTHER HP OpenView Storage Data Protector opcode 42 directory traversal attempt (more info ...) | attempted-admin | 2013-6194 | 64647 | URL | |
| 30274 | SERVER-WEBAPP LifeSize UVC remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 30306 | EXPLOIT-KIT SofosFO/Stamp exploit kit plugin detection page (more info ...) | trojan-activity | ||||
| 30312 | EXPLOIT-KIT WhiteLotus exploit kit plugin outbound detection (more info ...) | trojan-activity | ||||
| 30316 | EXPLOIT-KIT Goon/Infinity exploit kit landing page (more info ...) | trojan-activity | ||||
| 30317 | EXPLOIT-KIT Goon/Infinity exploit kit landing page (more info ...) | trojan-activity | ||||
| 30319 | EXPLOIT-KIT Goon/Infinity exploit kit malicious portable executable file request (more info ...) | trojan-activity | ||||
| 30320 | MALWARE-OTHER connection to malware sinkhole (more info ...) | trojan-activity | URL | |||
| 30325 | MALWARE-OTHER malicious iframe injection redirect attempt (more info ...) | trojan-activity | ||||
| 30471 | INDICATOR-SHELLCODE Metasploit payload windows_adduser (more info ...) | shellcode-detect | ||||
| 30480 | INDICATOR-SHELLCODE Metasploit payload windows_x64_meterpreter_reverse_https (more info ...) | shellcode-detect | ||||
| 30492 | PUA-ADWARE Win.Adware.Boaxxe suspicious advert traffic related to click fraud (more info ...) | trojan-activity | URL | |||
| 30493 | PUA-ADWARE Win.Adware.Boaxxe suspicious advert traffic related to click fraud (more info ...) | trojan-activity | URL | |||
| 30496 | PUA-ADWARE Win.Adware.Boaxxe suspicious advert traffic related to click fraud (more info ...) | trojan-activity | URL | |||
| 30507 | SERVER-OTHER MiniUPnPd ExecuteSoapAction buffer overflow attempt (more info ...) | attempted-admin | 2013-0230 | |||
| 30510 | SERVER-OTHER OpenSSL SSLv3 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30511 | SERVER-OTHER OpenSSL TLSv1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30512 | SERVER-OTHER OpenSSL TLSv1.1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30513 | SERVER-OTHER OpenSSL TLSv1.2 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30514 | SERVER-OTHER OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30515 | SERVER-OTHER OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30516 | SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30517 | SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30520 | SERVER-OTHER OpenSSL SSLv3 heartbeat read overrun attempt - vulnerable client response (more info ...) | attempted-recon | 2014-0160 | |||
| 30521 | SERVER-OTHER OpenSSL TLSv1 heartbeat read overrun attempt - vulnerable client response (more info ...) | attempted-recon | 2014-0160 | |||
| 30522 | SERVER-OTHER OpenSSL TLSv1.1 heartbeat read overrun attempt - vulnerable client response (more info ...) | attempted-recon | 2014-0160 | |||
| 30523 | SERVER-OTHER OpenSSL TLSv1.2 heartbeat read overrun attempt - vulnerable client response (more info ...) | attempted-recon | 2014-0160 | |||
| 30524 | SERVER-OTHER OpenSSL TLSv1.1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30525 | SERVER-OTHER OpenSSL TLSv1.2 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30533 | FILE-OTHER Kingsoft Writer long font name buffer overflow attempt (more info ...) | attempted-user | 2013-3934 | 61796 | ||
| 30534 | FILE-OTHER Kingsoft Writer long font name buffer overflow attempt (more info ...) | attempted-user | 2013-3934 | 61796 | ||
| 30549 | SERVER-OTHER OpenSSL Heartbleed masscan access exploitation attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30553 | SERVER-OTHER HP Data Protector Backup Client Service directory traversal attempt (more info ...) | attempted-user | 2013-2348 | URL | ||
| 30554 | SERVER-OTHER HP Data Protector Backup Client Service UTF directory traversal attempt (more info ...) | attempted-user | 2013-2348 | URL | ||
| 30555 | SERVER-OTHER HP Data Protector Backup Client Service UTF directory traversal attempt (more info ...) | attempted-user | 2013-2348 | URL | ||
| 30556 | SERVER-OTHER HP Data Protector Backup Client Service directory traversal attempt (more info ...) | attempted-user | 2013-2348 | URL | ||
| 30562 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 stack buffer overflow attempt (more info ...) | attempted-admin | 2014-0783 | URL | ||
| 30567 | MALWARE-OTHER Win.Trojan.Agent E-FAX phishing attempt (more info ...) | trojan-activity | URL | |||
| 30568 | MALWARE-OTHER Win.Trojan.Agent E-FAX phishing attempt (more info ...) | trojan-activity | URL | |||
| 30569 | MALWARE-OTHER Win.Trojan.Agent Funeral ceremony phishing attempt (more info ...) | trojan-activity | URL | |||
| 30711 | SERVER-OTHER OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30712 | SERVER-OTHER OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30713 | SERVER-OTHER OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30714 | SERVER-OTHER OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30715 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30716 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30717 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30718 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30719 | SERVER-OTHER OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30720 | SERVER-OTHER OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30721 | SERVER-OTHER OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30722 | SERVER-OTHER OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30723 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30724 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30725 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30726 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30727 | SERVER-OTHER OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30728 | SERVER-OTHER OpenVPN OpenSSL SSLv3 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30729 | SERVER-OTHER OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30730 | SERVER-OTHER OpenVPN OpenSSL TLSv1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30731 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30732 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30733 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30734 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 heartbeat read overrun attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30735 | SERVER-OTHER OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30736 | SERVER-OTHER OpenVPN OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30737 | SERVER-OTHER OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30738 | SERVER-OTHER OpenVPN OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30739 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30740 | SERVER-OTHER OpenVPN OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30741 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30742 | SERVER-OTHER OpenVPN OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30765 | PUA-TOOLBARS Inbox Public Transport Toolbar outbound connection (more info ...) | misc-activity | URL | |||
| 30766 | EXPLOIT-KIT Magnitude exploit kit landing page (more info ...) | trojan-activity | ||||
| 30774 | SERVER-WEBAPP Splunk collect file parameter directory traversal attempt (more info ...) | web-application-attack | 2013-6771 | 62632 | URL | |
| 30777 | SERVER-OTHER OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30778 | SERVER-OTHER OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30779 | SERVER-OTHER OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30780 | SERVER-OTHER OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30781 | SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30782 | SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30783 | SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30784 | SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30785 | SERVER-OTHER OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30786 | SERVER-OTHER OpenSSL TLSv1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30787 | SERVER-OTHER OpenSSL TLSv1.1 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30788 | SERVER-OTHER OpenSSL TLSv1.2 large heartbeat response - possible ssl heartbleed attempt (more info ...) | attempted-recon | 2014-0160 | |||
| 30797 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 RETR bkbcopyd buffer overflow attempt (more info ...) | attempted-user | 2014-0784 | 66114 | ||
| 30798 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 STOR bkbcopyd buffer overflow attempt (more info ...) | attempted-user | 2014-0784 | 66114 | ||
| 30799 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 ATTR bkbcopyd buffer overflow attempt (more info ...) | attempted-user | 2014-0784 | 66114 | ||
| 30800 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 XATR bkbcopyd buffer overflow attempt (more info ...) | attempted-user | 2014-0784 | 66114 | ||
| 30801 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 PMODE bkbcopyd buffer overflow attempt (more info ...) | attempted-user | 2014-0784 | 66114 | ||
| 30802 | PROTOCOL-SCADA Yokogawa CENTUM CS 3000 bkclogserv buffer overflow attempt (more info ...) | attempted-admin | 2014-0781 | 66130 | ||
| 30852 | EXPLOIT-KIT Angler exploit kit landing page - base64 encoded xml/jnlp statement (more info ...) | trojan-activity | ||||
| 30880 | OS-MOBILE Android Andr.Trojan.Waller information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 30905 | FILE-OTHER RARLAB WinRAR ZIP format filename spoof attempt (more info ...) | attempted-user | 66383 | URL | ||
| 30908 | FILE-OTHER RARLAB WinRAR ZIP format filename spoof attempt (more info ...) | attempted-user | 66383 | URL | ||
| 30920 | EXPLOIT-KIT Multiple exploit kit redirection gate (more info ...) | trojan-activity | ||||
| 30927 | PUA-ADWARE Win.Adware.Linkular variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30928 | SERVER-OTHER SAP NetWeaver dir content listing attempt (more info ...) | attempted-admin | ||||
| 30934 | EXPLOIT-KIT Goon/Infinity/Rig exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 30935 | EXPLOIT-KIT Goon/Infinity/Rig exploit kit landing page - specific structure (more info ...) | trojan-activity | ||||
| 30946 | MALWARE-OTHER Win.Trojan.Wysotot variant download attempt (more info ...) | trojan-activity | URL | |||
| 30948 | MALWARE-BACKDOOR Win.Backdoor.Hikit outbound banner response (more info ...) | trojan-activity | URL | |||
| 30959 | BROWSER-OTHER suspicious srcElement child element removal - possible use after free attempt (more info ...) | attempted-user | ||||
| 30968 | EXPLOIT-KIT CritX exploit kit landing page - redirection to font exploit (more info ...) | trojan-activity | ||||
| 30973 | EXPLOIT-KIT CritX exploit kit payload request (more info ...) | trojan-activity | URL | |||
| 30996 | SERVER-OTHER CMSimple remote file inclusion attempt (more info ...) | attempted-admin | URL | |||
| 30997 | INDICATOR-COMPROMISE Potential malware download - .doc.exe within .zip file (more info ...) | trojan-activity | ||||
| 30998 | INDICATOR-COMPROMISE Potential malware download - .gif.exe within .zip file (more info ...) | trojan-activity | ||||
| 30999 | INDICATOR-COMPROMISE Potential malware download - .jpeg.exe within .zip file (more info ...) | trojan-activity | ||||
| 31000 | INDICATOR-COMPROMISE Potential malware download - .jpg.exe within .zip file (more info ...) | trojan-activity | ||||
| 31001 | INDICATOR-COMPROMISE Potential malware download - .pdf.exe within .zip file (more info ...) | trojan-activity | ||||
| 31019 | PUA-ADWARE Win.Adware.OptimumInstaller variant outbound connection (more info ...) | policy-violation | URL | |||
| 31038 | FILE-IMAGE XnView PCT file processing buffer overflow attempt (more info ...) | attempted-user | 2013-2577 | URL | ||
| 31039 | FILE-IMAGE XnView PCT file processing buffer overflow attempt (more info ...) | attempted-user | 2013-2577 | URL | ||
| 31040 | FILE-IMAGE XnView PCT file processing buffer overflow attempt (more info ...) | attempted-user | 2013-2577 | URL | ||
| 31041 | FILE-IMAGE XnView PCT file processing buffer overflow attempt (more info ...) | attempted-user | 2013-2577 | URL | ||
| 31042 | PUA-ADWARE Win.Adware.Outbrowse installation attempt (more info ...) | policy-violation | URL | |||
| 31089 | PUA-ADWARE Win.Adware.CloseApp variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31091 | PUA-ADWARE Win.Adware.Inbox/PCFixSpeed/RebateInformer variant outbound connection (more info ...) | policy-violation | URL | |||
| 31094 | SERVER-WEBAPP Web Terria remote command execution attempt (more info ...) | attempted-admin | URL | |||
| 31146 | PUA-ADWARE Win.Adware.iBryte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31161 | SERVER-OTHER AuraCMS LFI attempt (more info ...) | attempted-admin | URL | |||
| 31184 | MALWARE-OTHER Win.Trojan.ZBerp variant download attempt (more info ...) | trojan-activity | URL | |||
| 31185 | MALWARE-OTHER Win.Trojan.ZBerp variant download attempt (more info ...) | trojan-activity | URL | |||
| 31214 | INDICATOR-COMPROMISE connection to zeus malware sinkhole (more info ...) | trojan-activity | URL | |||
| 31230 | EXPLOIT-KIT Bleeding Life exploit kit outbound connection (more info ...) | trojan-activity | ||||
| 31231 | EXPLOIT-KIT Bleeding Life exploit kit outbound connection (more info ...) | trojan-activity | ||||
| 31232 | EXPLOIT-KIT Bleeding Life exploit kit outbound jar request (more info ...) | trojan-activity | ||||
| 31238 | SERVER-OTHER Symantec pcAnywhere remote code execution attempt (more info ...) | attempted-admin | 2011-3478 | 51592 | ||
| 31274 | EXPLOIT-KIT CottonCastle exploit kit encrypted binary download (more info ...) | trojan-activity | URL | |||
| 31275 | EXPLOIT-KIT CottonCastle exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 31279 | EXPLOIT-KIT CottonCastle exploit kit decryption page outbound request (more info ...) | trojan-activity | 2014-0515 | URL | ||
| 31298 | EXPLOIT-KIT Goon/Infinity exploit kit landing page (more info ...) | trojan-activity | ||||
| 31305 | SERVER-WEBAPP Rocket Servergraph Admin Center fileRequestor directory traversal attempt (more info ...) | attempted-admin | 2014-3914 | 67779 | ||
| 31313 | PUA-ADWARE Ticno Multibar installation attempt (more info ...) | trojan-activity | URL | |||
| 31329 | MALWARE-OTHER Win.Trojan.Zbot variant download attempt (more info ...) | trojan-activity | URL | |||
| 31330 | SERVER-WEBAPP AlienVault OSSIM av-centerd update_system_info_debian_package command injection attempt (more info ...) | attempted-admin | 2014-3804 | 67312 | URL | |
| 31337 | SERVER-OTHER Nagios NRPE command execution attempt (more info ...) | attempted-admin | 2014-2913 | 66969 | ||
| 31339 | SERVER-WEBAPP Supermicro Intelligent Management Controller information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 31340 | SERVER-WEBAPP Supermicro Intelligent Management Controller information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 31361 | SERVER-OTHER OpenSSL DTLSv1.0 handshake fragment buffer overrun attempt (more info ...) | attempted-admin | 2014-0195 | 67900 | URL | |
| 31365 | SERVER-WEBAPP HP Power Manager remote code execution attempt (more info ...) | attempted-admin | 2010-4113 | 36933 | ||
| 31368 | SERVER-WEBAPP WebBBS arbitrary system command execution attempt (more info ...) | attempted-admin | 2002-1993 | 5048 | ||
| 31370 | EXPLOIT-KIT Angler exploit kit redirection page (more info ...) | trojan-activity | ||||
| 31430 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1017 attack attempt (more info ...) | protocol-command-decode | URL | |||
| 31431 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1017 attack attempt (more info ...) | protocol-command-decode | URL | |||
| 31432 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1017 attack attempt (more info ...) | attempted-dos | ||||
| 31487 | MALWARE-OTHER Game Over Zeus executable download detected (more info ...) | trojan-activity | URL | |||
| 31488 | MALWARE-OTHER Game Over Zeus executable download detected (more info ...) | trojan-activity | URL | |||
| 31505 | SERVER-WEBAPP AlienVault OSSIM av-centerd get_license command injection attempt (more info ...) | attempted-admin | 2014-3805 | 67998 | URL | |
| 31506 | SERVER-WEBAPP AlienVault OSSIM av-centerd get_log_line command injection attempt (more info ...) | attempted-admin | 2014-3805 | 67998 | URL | |
| 31510 | MALWARE-OTHER Win.Trojan.Injector outbound traffic (more info ...) | trojan-activity | URL | |||
| 31525 | SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (more info ...) | attempted-admin | 2013-6221 | 67989 | URL | |
| 31526 | SERVER-OTHER HP AutoPass License Server CommunicationServlet directory traversal attempt (more info ...) | attempted-admin | 2013-6221 | 67989 | URL | |
| 31529 | SERVER-OTHER D-Link Multiple Products HNAP request buffer overflow attempt (more info ...) | attempted-admin | 2014-3936 | 67651 | ||
| 31531 | INDICATOR-COMPROMISE MinerDeploy monitor request attempt (more info ...) | trojan-activity | URL | |||
| 31559 | MALWARE-BACKDOOR Win.Backdoor.Andromeda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31692 | EXPLOIT-KIT CritX exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 31699 | EXPLOIT-KIT Hanjuan exploit kit encrypted binary download (more info ...) | trojan-activity | URL | |||
| 31701 | EXPLOIT-KIT Hanjuan exploit kit Silverlight exploit request (more info ...) | trojan-activity | URL | |||
| 31734 | EXPLOIT-KIT Nuclear exploit kit landing page detection (more info ...) | trojan-activity | ||||
| 31741 | SERVER-OTHER Multi-Router Looking Glass remote command injection attempt (more info ...) | attempted-admin | 2014-3927 | URL | ||
| 31746 | MALWARE-BACKDOOR Backdoor.Perl.Shellbot outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 31769 | EXPLOIT-KIT Sweet Orange exploit kit outbound connection on non-standard port (more info ...) | trojan-activity | ||||
| 31771 | SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (more info ...) | web-application-attack | 2015-5371 | 75515 | ||
| 31798 | SERVER-WEBAPP HP Network Virtualization storedNtxFile directory traversal attempt (more info ...) | web-application-attack | 2014-2625 | 68849 | URL | |
| 31817 | MALWARE-OTHER Win.Trojan.Graftor variant retrieval of a DLL hosted as a JPG (more info ...) | trojan-activity | URL | |||
| 31819 | SERVER-WEBAPP HP Network Virtualization toServerObject directory traversal attempt (more info ...) | web-application-attack | 2014-2626 | 68851 | URL | |
| 31823 | SERVER-WEBAPP AlienVault OSSIM remote_task command injection attempt (more info ...) | attempted-admin | 2014-5210 | 69239 | URL | |
| 31846 | POLICY-OTHER HP Universal CMDB default credentials authentication attempt (more info ...) | policy-violation | 2014-2617 | 68363 | URL | |
| 31857 | EXPLOIT-KIT Scanbox exploit kit enumeration code detected (more info ...) | trojan-activity | URL | |||
| 31858 | EXPLOIT-KIT Scanbox exploit kit enumeration code detected (more info ...) | trojan-activity | URL | |||
| 31859 | EXPLOIT-KIT Scanbox exploit kit exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 31871 | FILE-IDENTIFY JPEG file magic detection (more info ...) | misc-activity | ||||
| 31873 | SERVER-WEBAPP Railo thumbnail.cfm remote file include attempt (more info ...) | web-application-attack | 2014-5468 | 69761 | ||
| 31898 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 31966 | EXPLOIT-KIT Astrum exploit kit payload delivery (more info ...) | trojan-activity | URL | |||
| 31967 | EXPLOIT-KIT Astrum exploit kit payload delivery (more info ...) | trojan-activity | URL | |||
| 31972 | EXPLOIT-KIT Astrum exploit kit payload delivery (more info ...) | trojan-activity | URL | |||
| 31983 | OS-OTHER DHCPv6 flood denial of service attempt (more info ...) | attempted-dos | 2018-0372 | URL | ||
| 31985 | OS-OTHER Malicious DHCP server bash environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 31986 | FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (more info ...) | attempted-user | 2014-2299 | 66066 | ||
| 31987 | FILE-OTHER Wireshark MPEG dissector stack buffer overflow attempt (more info ...) | attempted-user | 2014-2299 | 66066 | ||
| 31988 | EXPLOIT-KIT Gong Da exploit kit landing page (more info ...) | trojan-activity | ||||
| 32005 | MALWARE-BACKDOOR AlienSpy RAT outbound connection (more info ...) | trojan-activity | URL | |||
| 32006 | MALWARE-BACKDOOR AlienSpy RAT outbound connection (more info ...) | trojan-activity | URL | |||
| 32008 | MALWARE-OTHER Fake Delta Ticket HTTP Response phishing attack (more info ...) | trojan-activity | URL | |||
| 32038 | OS-OTHER Bash environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32039 | OS-OTHER Bash environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32043 | OS-OTHER Bash environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32045 | OS-OTHER Bash redir_stack here document handling denial of service attempt (more info ...) | attempted-dos | 2014-7186 | URL | ||
| 32046 | OS-OTHER Bash redir_stack here document handling denial of service attempt (more info ...) | attempted-dos | 2014-7186 | URL | ||
| 32055 | MALWARE-BACKDOOR Win.Backdoor.Blohi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32056 | SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6035 | 70169 | URL | |
| 32059 | PROTOCOL-SCADA KingSCADA Alarm Server stack buffer overflow attempt (more info ...) | attempted-admin | 2014-0787 | 66709 | ||
| 32069 | OS-OTHER Bash environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32084 | SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (more info ...) | attempted-admin | 2014-2624 | URL | ||
| 32085 | SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (more info ...) | attempted-admin | 2014-2624 | URL | ||
| 32127 | SERVER-WEBAPP PineApp Mail-SeCure livelog.htmlcommand injection attempt (more info ...) | attempted-admin | 61473 | |||
| 32165 | FILE-IDENTIFY SVG file magic detected (more info ...) | misc-activity | URL | |||
| 32207 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32208 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32209 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32210 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32211 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32212 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32213 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32214 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32215 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32216 | PROTOCOL-VOIP missing media application format parameter denial-of-service attempt (more info ...) | attempted-user | ||||
| 32217 | PROTOCOL-VOIP out of range port specification exploit attempt (more info ...) | attempted-dos | ||||
| 32218 | PROTOCOL-VOIP out of range port specification exploit attempt (more info ...) | attempted-dos | ||||
| 32251 | FILE-IDENTIFY Basic Control Engine file attachment detected (more info ...) | misc-activity | URL | |||
| 32252 | FILE-IDENTIFY Basic Control Engine file attachment detected (more info ...) | misc-activity | URL | |||
| 32253 | FILE-IDENTIFY Basic Control Engine file download request (more info ...) | misc-activity | URL | |||
| 32254 | FILE-OTHER GE Cimplicity CimView load remote file attempt (more info ...) | attempted-admin | URL | |||
| 32255 | FILE-OTHER GE Cimplicity CimView load remote file attempt (more info ...) | attempted-admin | URL | |||
| 32256 | FILE-OTHER GE Cimplicity bcl file loading external file attempt (more info ...) | attempted-admin | URL | |||
| 32257 | FILE-OTHER GE Cimplicity CimView load remote file attempt (more info ...) | attempted-admin | URL | |||
| 32258 | FILE-OTHER GE Cimplicity CimView load remote file attempt (more info ...) | attempted-admin | URL | |||
| 32260 | MALWARE-OTHER Sinkhole reply - irc-sinkhole.cert.pl (more info ...) | trojan-activity | ||||
| 32261 | SERVER-WEBAPP PineApp Mail-SeCure conflivelog.pl install license command injection attempt (more info ...) | web-application-attack | 61472 | |||
| 32342 | SERVER-OTHER AlienVault OSSIM framework backup_restore action command injection attempt (more info ...) | attempted-admin | 2014-5158 | 68998 | URL | |
| 32345 | SERVER-OTHER HP OpenView Storage Data Protector - initiate connection (more info ...) | protocol-command-decode | ||||
| 32347 | SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6035 | 70169 | URL | |
| 32348 | SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6034 | 70167 | URL | |
| 32349 | SERVER-WEBAPP ManageEngine FileCollector servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6035 | 70169 | URL | |
| 32370 | SERVER-OTHER AOL Instant Messenger goaway message buffer overflow attempt (more info ...) | misc-attack | 2004-0636 | 10889 | ||
| 32371 | SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (more info ...) | attempted-admin | 2014-2624 | URL | ||
| 32378 | FILE-IDENTIFY bmp file attachment detected (more info ...) | misc-activity | URL | |||
| 32380 | FILE-IDENTIFY dib file attachment detected (more info ...) | misc-activity | URL | |||
| 32386 | EXPLOIT-KIT Nuclear exploit kit outbound structure (more info ...) | trojan-activity | ||||
| 32387 | EXPLOIT-KIT Nuclear exploit kit jar file download (more info ...) | trojan-activity | ||||
| 32388 | EXPLOIT-KIT Nuclear exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 32390 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 32403 | SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (more info ...) | attempted-admin | 2014-2624 | URL | ||
| 32462 | SERVER-WEBAPP Belkin Multiple Devices buffer overflow attempt (more info ...) | attempted-admin | 2014-1635 | |||
| 32474 | OS-WINDOWS .NET Framework BinaryServerFormatterSink-ProcessMessage IMessage corruption attempt (more info ...) | attempted-user | 2014-4149 | URL | ||
| 32475 | OS-WINDOWS .NET Framework BinaryServerFormatterSink-ProcessMessage IMessage corruption attempt (more info ...) | attempted-user | 2014-4149 | URL | ||
| 32488 | INDICATOR-COMPROMISE .com- potentially malicious hostname (more info ...) | bad-unknown | ||||
| 32527 | SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (more info ...) | attempted-admin | 2014-8516 | 70895 | ||
| 32528 | SERVER-WEBAPP Visual Mining NetCharts directory traversal attempt (more info ...) | attempted-admin | 2014-8516 | 70895 | ||
| 32530 | SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (more info ...) | attempted-admin | 2014-2624 | URL | ||
| 32554 | EXPLOIT-KIT Hellspawn exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 32563 | SERVER-WEBAPP Visual Mining NetCharts arbitrary file upload attempt (more info ...) | attempted-admin | 2014-8516 | 70895 | ||
| 32578 | PUA-OTHER Request for known malware domain pierrejb.agora.eu.org (more info ...) | trojan-activity | ||||
| 32628 | SERVER-OTHER HP Network Node Manager ovopi.dll buffer overflow attempt (more info ...) | attempted-admin | 2014-2624 | URL | ||
| 32646 | INDICATOR-COMPROMISE Potential malware download - _pdf.exe within .zip file (more info ...) | trojan-activity | URL | |||
| 32709 | BROWSER-IE VBScript RegEx use-after-free attempt (more info ...) | attempted-user | 2014-6363 | URL | ||
| 32774 | SERVER-OTHER Siemens Simatic S7-300 PLC backdoor login attempt (more info ...) | suspicious-login | URL | |||
| 32775 | SERVER-OTHER Siemens Simatic S7-300 PLC remote memory dump (more info ...) | web-application-attack | URL | |||
| 32803 | EXPLOIT-KIT CK exploit kit landing page (more info ...) | trojan-activity | ||||
| 32845 | APP-DETECT Absolute Software Computrace outbound connection - 209.53.113.223 (more info ...) | misc-activity | URL | |||
| 32846 | APP-DETECT Absolute Software Computrace outbound connection - absolute.com (more info ...) | misc-activity | URL | |||
| 32847 | APP-DETECT Absolute Software Computrace outbound connection - bh.namequery.com (more info ...) | misc-activity | URL | |||
| 32848 | APP-DETECT Absolute Software Computrace outbound connection - namequery.nettrace.co.za (more info ...) | misc-activity | URL | |||
| 32849 | APP-DETECT Absolute Software Computrace outbound connection - search.us.namequery.com (more info ...) | misc-activity | URL | |||
| 32850 | APP-DETECT Absolute Software Computrace outbound connection - search2.namequery.com (more info ...) | misc-activity | URL | |||
| 32851 | APP-DETECT Absolute Software Computrace outbound connection - search64.namequery.com (more info ...) | misc-activity | URL | |||
| 32879 | EXPLOIT-KIT Nuclear exploit kit payload delivery (more info ...) | trojan-activity | ||||
| 32880 | EXPLOIT-KIT Nuclear exploit kit outbound payload request (more info ...) | trojan-activity | ||||
| 32967 | POLICY-OTHER ManageEngine Desktop Central DCPlugin insecure admin account creation attempt (more info ...) | policy-violation | 2014-7862 | 71849 | ||
| 32997 | SERVER-OTHER Sophos Web Appliance arbitrary command execution attempt (more info ...) | attempted-admin | 2014-2850 | |||
| 32998 | SERVER-OTHER Sophos Web Appliance arbitrary command execution attempt (more info ...) | attempted-admin | 2014-2850 | |||
| 33104 | SERVER-WEBAPP ManageEngine Multiple Products directory traversal attempt (more info ...) | web-application-attack | 2014-5301 | |||
| 33166 | SERVER-WEBAPP Ruby on Rails arbitrary Ruby object deserialization attempt (more info ...) | attempted-user | 2014-6140 | 71424 | ||
| 33167 | SERVER-WEBAPP Ruby on Rails arbitrary Ruby object deserialization attempt (more info ...) | attempted-user | 2014-6140 | 71424 | ||
| 33168 | SERVER-WEBAPP Ruby on Rails arbitrary Ruby object deserialization attempt (more info ...) | attempted-user | 2014-6140 | 71424 | ||
| 33169 | SERVER-WEBAPP Ruby on Rails arbitrary Ruby object deserialization attempt (more info ...) | attempted-user | 2014-6140 | 71424 | ||
| 33183 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 33185 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 33189 | SERVER-WEBAPP Samsung AllShare Cast command injection attempt (more info ...) | attempted-admin | URL | |||
| 33190 | SERVER-WEBAPP Samsung AllShare Cast command injection attempt (more info ...) | attempted-admin | URL | |||
| 33208 | MALWARE-OTHER Win.Trojan.Bladbindi obfuscated with Yano Obfuscator download attempt (more info ...) | trojan-activity | URL | |||
| 33225 | SERVER-MAIL Exim gethostbyname heap buffer overflow attempt (more info ...) | attempted-admin | 2015-0235 | 72325 | URL | |
| 33226 | SERVER-MAIL Exim gethostbyname heap buffer overflow attempt (more info ...) | attempted-admin | 2015-0235 | 72325 | URL | |
| 33280 | PUA-ADWARE Win.Adware.iBryte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33292 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | URL | |||
| 33304 | PUA-ADWARE Win.Adware.Gamevance variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33306 | MALWARE-OTHER connection to malware sinkhole (more info ...) | trojan-activity | URL | |||
| 33311 | PUA-ADWARE Win.Adware.OptimizerPro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33446 | SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (more info ...) | web-application-attack | 2014-7288 | 72308 | ||
| 33447 | SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (more info ...) | web-application-attack | 2014-7288 | 72308 | ||
| 33448 | SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (more info ...) | web-application-attack | 2014-7288 | 72308 | ||
| 33452 | PUA-TOOLBARS Win.Toolbar.Crossrider variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33483 | PUA-ADWARE Win.Adware.InstallMonster variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33553 | PUA-ADWARE Win.Adware.iBryte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33573 | SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (more info ...) | attempted-recon | 2014-7863 | |||
| 33574 | SERVER-WEBAPP ManageEngine Multiple Products FailOverHelperServlet information disclosure attempt (more info ...) | attempted-recon | 2014-7863 | |||
| 33597 | SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (more info ...) | web-application-attack | 2014-9404 | 71910 | ||
| 33598 | SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (more info ...) | web-application-attack | 2014-9404 | 71910 | ||
| 33599 | SERVER-WEBAPP ManageEngine Desktop Central MSP StatusUpdateServlet directory traversal attempt (more info ...) | web-application-attack | 2014-9404 | 71910 | ||
| 33663 | EXPLOIT-KIT Angler exploit kit outbound uri structure (more info ...) | trojan-activity | ||||
| 33665 | SERVER-OTHER HP Client Automation command injection attempt (more info ...) | attempted-admin | 2015-1497 | 72612 | ||
| 33711 | OS-WINDOWS Type one font out of bounds memory access attempt (more info ...) | attempted-user | 2015-0090 | URL | ||
| 33712 | OS-WINDOWS Type one font out of bounds memory access attempt (more info ...) | attempted-user | 2015-0090 | URL | ||
| 33722 | FILE-OTHER Type 1 font memory out-of-bounds read attempt (more info ...) | attempted-user | 2015-0092 | URL | ||
| 33723 | FILE-OTHER Type 1 font memory out-of-bounds read attempt (more info ...) | attempted-user | 2015-0092 | URL | ||
| 33758 | MALWARE-OTHER Win.Ransomware.CTB-Locker download attempt (more info ...) | trojan-activity | URL | |||
| 33759 | MALWARE-OTHER Win.Ransomware.CTB-Locker download attempt (more info ...) | trojan-activity | URL | |||
| 33812 | SERVER-WEBAPP Seagate NAS remote code execution attempt (more info ...) | attempted-admin | 2014-8687 | 72831 | ||
| 33813 | SERVER-WEBAPP Eclipse Foundation Jetty HttpParser information disclosure attempt (more info ...) | attempted-recon | 2015-2080 | 72768 | ||
| 33823 | MALWARE-BACKDOOR Win.Backdoor.Speccom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33874 | MALWARE-OTHER Win.Downloader.Latekonsul Runtime Detection (more info ...) | trojan-activity | URL | |||
| 33887 | SERVER-WEBAPP Citrix NetScaler xen_hotfix object parameter command injection attempt (more info ...) | web-application-attack | URL | |||
| 33888 | SERVER-WEBAPP Citrix NetScaler xen_hotfix object parameter command injection attempt (more info ...) | web-application-attack | URL | |||
| 33889 | SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 33890 | SERVER-WEBAPP Websense Triton CommandLineServlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 33894 | SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (more info ...) | web-application-attack | 2014-7236 | 70372 | ||
| 33895 | SERVER-WEBAPP TWiki debugenableplugins arbitrary perl code injection attempt (more info ...) | web-application-attack | 2014-7236 | 70372 | ||
| 33905 | EXPLOIT-KIT Rig exploit kit outbound communication (more info ...) | trojan-activity | ||||
| 33906 | EXPLOIT-KIT Rig exploit kit outbound communication (more info ...) | trojan-activity | ||||
| 33915 | SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (more info ...) | web-application-attack | 2014-7884 | 73071 | ||
| 33916 | SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (more info ...) | web-application-attack | 2014-7884 | 73071 | ||
| 33917 | SERVER-WEBAPP HP ArcSight Logger directory traversal attempt (more info ...) | web-application-attack | 2014-7884 | 73071 | ||
| 33936 | SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (more info ...) | web-application-attack | 2014-1628 | |||
| 33937 | SERVER-WEBAPP TRENDnet TN200 Network Storage System command injection attempt (more info ...) | web-application-attack | 2014-1628 | |||
| 33938 | SERVER-WEBAPP Seagate BlackArmor NAS send_test_email command injection attempt (more info ...) | web-application-attack | 2014-2701 | |||
| 33939 | MALWARE-OTHER Executable control panel file attachment detected (more info ...) | misc-activity | URL | |||
| 33940 | MALWARE-OTHER Executable control panel file attachment detected (more info ...) | misc-activity | URL | |||
| 33941 | MALWARE-OTHER Executable control panel file download request (more info ...) | misc-activity | URL | |||
| 33943 | MALWARE-OTHER Executable control panel file download request (more info ...) | misc-activity | URL | |||
| 33982 | EXPLOIT-KIT Nuclear exploit kit landing page detected (more info ...) | trojan-activity | 2015-0336 | |||
| 33983 | EXPLOIT-KIT Nuclear exploit kit obfuscated file download (more info ...) | trojan-activity | 2015-0336 | URL | ||
| 34194 | SERVER-WEBAPP RevSlider information disclosure attempt (more info ...) | web-application-attack | 2014-9734 | URL | ||
| 34300 | SERVER-WEBAPP D-Link multiple products HNAP SOAPAction header command injection attempt (more info ...) | attempted-admin | 2015-2051 | |||
| 34336 | MALWARE-OTHER Html.Phishing.Crea outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 34464 | SERVER-OTHER AsusWRT infosvr remote command execution attempt (more info ...) | attempted-admin | 2014-9583 | 71889 | ||
| 34471 | SERVER-WEBAPP Symantec Critical System Protection directory traversal attempt (more info ...) | attempted-admin | 2014-3440 | 72091 | ||
| 34500 | MALWARE-BACKDOOR Win.Backdoor.Wekby Torn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34604 | SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (more info ...) | web-application-attack | 2015-4031 | 74792 | ||
| 34605 | SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (more info ...) | web-application-attack | 2015-4031 | 74792 | ||
| 34606 | SERVER-WEBAPP Visual Mining NetCharts saveFile.jsp directory traversal attempt (more info ...) | web-application-attack | 2015-4031 | 74792 | ||
| 34615 | SERVER-WEBAPP Synology Photo Station exif description command injection attempt (more info ...) | web-application-attack | URL | |||
| 34616 | SERVER-WEBAPP Synology Photo Station exif description command injection attempt (more info ...) | web-application-attack | URL | |||
| 34617 | SERVER-WEBAPP Synology Photo Station exif description command injection attempt (more info ...) | web-application-attack | URL | |||
| 34618 | SERVER-WEBAPP Synology Photo Station exif description command injection attempt (more info ...) | web-application-attack | URL | |||
| 34633 | SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (more info ...) | web-application-attack | 2015-4032 | 74788 | ||
| 34634 | SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (more info ...) | web-application-attack | 2015-4032 | 74788 | ||
| 34635 | SERVER-WEBAPP Visual Mining NetCharts projectContents.jsp directory traversal attempt (more info ...) | web-application-attack | 2015-4032 | 74788 | ||
| 34716 | SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2015-8249 | |||
| 34717 | SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2015-8249 | |||
| 34718 | SERVER-WEBAPP ManageEngine Desktop Central FileUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2015-8249 | |||
| 34798 | SERVER-OTHER HP LoadRunner launcher.dll stack buffer overflow attempt (more info ...) | attempted-admin | 2015-2110 | 74737 | ||
| 34799 | SERVER-WEBAPP UPnP AddPortMapping SOAP action command injection attempt (more info ...) | attempted-admin | 2014-8361 | 74330 | ||
| 34938 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-1896 | 74024 | ||
| 34939 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-1896 | 74024 | ||
| 34940 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-1896 | 74024 | ||
| 34941 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-1896 | 74024 | ||
| 34942 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-1896 | 74024 | ||
| 34943 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-1896 | 74024 | ||
| 34948 | SERVER-WEBAPP Rocket Servergraph Admin Center userRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 34949 | SERVER-WEBAPP Rocket Servergraph Admin Center tsmRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 34967 | SERVER-OTHER Fortinet FSSO stack buffer overflow attempt (more info ...) | attempted-admin | 2015-2281 | 73206 | URL | |
| 34969 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | URL | |||
| 34970 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | URL | |||
| 34976 | SERVER-WEBAPP SysAid Help Desk getGfiUpgradeFile directory traversal attempt (more info ...) | web-application-attack | 2015-2996 | 75038 | ||
| 34977 | SERVER-WEBAPP SysAid Help Desk getGfiUpgradeFile directory traversal attempt (more info ...) | web-application-attack | 2015-2996 | 75038 | ||
| 34978 | SERVER-WEBAPP SysAid Help Desk getGfiUpgradeFile directory traversal attempt (more info ...) | web-application-attack | 2015-2996 | 75038 | ||
| 35003 | MALWARE-OTHER Win.Trojan.Malumpos malware download attempt (more info ...) | trojan-activity | URL | |||
| 35004 | MALWARE-OTHER Win.Trojan.Malumpos malware download attempt (more info ...) | trojan-activity | URL | |||
| 35024 | SERVER-WEBAPP Watchguard XCS mailqueue.spl command injection attempt (more info ...) | web-application-attack | URL | |||
| 35025 | SERVER-WEBAPP Watchguard XCS mailqueue.spl command injection attempt (more info ...) | web-application-attack | URL | |||
| 35026 | SERVER-WEBAPP Watchguard XCS mailqueue.spl command injection attempt (more info ...) | web-application-attack | URL | |||
| 35032 | SERVER-WEBAPP LANDesk Management Suite remote file include attempt (more info ...) | web-application-attack | 2014-5362 | 74190 | ||
| 35033 | SERVER-WEBAPP LANDesk Management Suite remote file include attempt (more info ...) | web-application-attack | 2014-5362 | 74190 | ||
| 35043 | SERVER-OTHER Apple Cups cupsd privilege escalation attempt (more info ...) | attempted-admin | 2015-1158 | 75098 | URL | |
| 35054 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-recon | ||||
| 35055 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-dos | ||||
| 35056 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-admin | ||||
| 35057 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-admin | ||||
| 35058 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-dos | ||||
| 35059 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-admin | ||||
| 35061 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-dos | ||||
| 35084 | EXPLOIT-KIT Null Hole exploit kit binary download request (more info ...) | trojan-activity | ||||
| 35085 | EXPLOIT-KIT Null Hole exploit kit malicious swf request (more info ...) | attempted-user | ||||
| 35090 | OS-MOBILE iOS lockdownd plist object buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35091 | OS-MOBILE iOS lockdownd plist object buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35222 | INDICATOR-COMPROMISE known malicious SSL certificate - Win.Trojan.Dridex (more info ...) | trojan-activity | URL | |||
| 35243 | SERVER-WEBAPP Accellion Secure File Sharing Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 35244 | SERVER-WEBAPP Accellion Secure File Sharing Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 35245 | SERVER-WEBAPP Accellion Secure File Sharing Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 35246 | SERVER-WEBAPP Accellion Secure File Sharing Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 35256 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 35257 | SERVER-WEBAPP Accellion FTA verify_oauth_token command injection attempt (more info ...) | web-application-attack | 2015-2857 | |||
| 35258 | SERVER-WEBAPP Accellion FTA verify_oauth_token command injection attempt (more info ...) | web-application-attack | 2015-2857 | |||
| 35259 | SERVER-WEBAPP Accellion FTA verify_oauth_token command injection attempt (more info ...) | web-application-attack | 2015-2857 | |||
| 35260 | SERVER-WEBAPP Accellion FTA verify_oauth_token command injection attempt (more info ...) | web-application-attack | 2015-2857 | |||
| 35302 | SERVER-WEBAPP Accellion FTA arbitrary file read attempt (more info ...) | attempted-recon | 2015-2856 | |||
| 35371 | MALWARE-BACKDOOR Win.Backdoor.Bimteni variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 35384 | MALWARE-BACKDOOR Win.Backdoor.Nicabown variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35432 | FILE-IDENTIFY M4A file magic detected (more info ...) | misc-activity | ||||
| 35433 | FILE-IDENTIFY M4A file magic detected (more info ...) | misc-activity | ||||
| 35434 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-3829 | |||
| 35435 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-3829 | |||
| 35677 | SERVER-WEBAPP Dell KACE Appliance KSudoClient privilege escalation attempt (more info ...) | attempted-admin | ||||
| 35687 | SERVER-WEBAPP Semantec Endpoint Protection Manager server elevated privilege code execution attempt (more info ...) | attempted-admin | 2015-1489 | |||
| 35688 | PROTOCOL-OTHER MiniUPNP rootdesc.xml file request (more info ...) | misc-activity | 2015-6031 | URL | ||
| 35690 | PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (more info ...) | attempted-user | 2015-6031 | URL | ||
| 35721 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (more info ...) | attempted-admin | URL | |||
| 35722 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0008 attack attempt (more info ...) | attempted-admin | URL | |||
| 35725 | FILE-MULTIMEDIA Matroska libmatroska ebml unicode string out of bounds read attempt (more info ...) | attempted-user | 2015-8789 | URL | ||
| 35726 | FILE-MULTIMEDIA Matroska libmatroska ebml unicode string out of bounds read attempt (more info ...) | attempted-user | 2015-8789 | URL | ||
| 35727 | FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (more info ...) | attempted-user | URL | |||
| 35728 | FILE-OTHER TRUFFLEHUNTER TALOS-2015-0011 attack attempt (more info ...) | attempted-user | URL | |||
| 35735 | OS-OTHER OS X DYLD_PRINT_TO_FILE privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 35736 | OS-OTHER OS X DYLD_PRINT_TO_FILE privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 35745 | INDICATOR-COMPROMISE Wild Neutron potential exploit attempt (more info ...) | trojan-activity | URL | |||
| 35769 | MALWARE-BACKDOOR Win.Backdoor.Cobrike inbound connection (more info ...) | trojan-activity | URL | |||
| 35770 | MALWARE-BACKDOOR Win.Backdoor.Cobrike outbound connection (more info ...) | trojan-activity | URL | |||
| 35795 | FILE-IDENTIFY ZSoft PCX file attachment detected (more info ...) | misc-activity | ||||
| 35796 | FILE-IDENTIFY ZSoft PCX file attachment detected (more info ...) | misc-activity | ||||
| 35797 | FILE-IDENTIFY ZSoft PCX file download request (more info ...) | misc-activity | ||||
| 35834 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (more info ...) | attempted-user | URL | |||
| 35835 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-CAN-0043 attack attempt (more info ...) | attempted-user | URL | |||
| 35845 | EXPLOIT-KIT Nuclear exploit kit landing page detected (more info ...) | attempted-user | ||||
| 35850 | SERVER-OTHER EMC Documentum Content Server privilege escalation attempt (more info ...) | attempted-admin | 2015-4532 | URL | ||
| 35852 | FILE-IDENTIFY JPEG file upload detected (more info ...) | misc-activity | ||||
| 35885 | POLICY-OTHER MBean retrieval attempt (more info ...) | attempted-user | URL | |||
| 35888 | PROTOCOL-SCADA SCADA Engine OPC Server arbitrary file upload attempt (more info ...) | attempted-admin | ||||
| 35892 | SERVER-OTHER GE Proficy Real-Time Information Portal arbitrary dll load attempt (more info ...) | attempted-admin | ||||
| 35893 | SERVER-OTHER GE Proficy Real-Time Information Portal arbitrary dll load attempt (more info ...) | attempted-admin | ||||
| 35894 | SERVER-OTHER HP OpenView Data Protector Omnilnet command injection attempt (more info ...) | attempted-admin | ||||
| 35896 | SERVER-OTHER GE Proficy CIMPLICITY Marquee Manager stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35897 | SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (more info ...) | attempted-admin | URL | |||
| 35898 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 35899 | SERVER-OTHER IBM Tivoli Storage Manager FastBack stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35900 | SERVER-OTHER IBM Tivoli Storage Manager FastBack stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35901 | SERVER-OTHER IBM Tivoli Storage Manager FastBack stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35902 | SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (more info ...) | attempted-admin | URL | |||
| 35903 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 35905 | SERVER-OTHER HP Network Node Manager pmd.exe request detected (more info ...) | protocol-command-decode | ||||
| 35906 | SERVER-OTHER HP Network Node Manager pmd.exe buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35907 | SERVER-OTHER HP Network Node Manager pmd.exe request detected (more info ...) | protocol-command-decode | ||||
| 35908 | SERVER-OTHER HP Network Node Manager pmd.exe buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35909 | SERVER-OTHER Siemens Desigo Insight buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 35910 | SERVER-OTHER Siemens Desigo Insight information disclosure attempt (more info ...) | attempted-admin | URL | |||
| 35911 | SERVER-OTHER Websense TRITON xml namespace buffer overflow attempt (more info ...) | attempted-dos | ||||
| 35912 | SERVER-OTHER Websense TRITON xml namespace buffer overflow attempt (more info ...) | attempted-dos | ||||
| 35920 | SERVER-OTHER General Electric Proficy memory leakage request attempt (more info ...) | attempted-recon | ||||
| 35922 | SERVER-WEBAPP Entrust Authority Enrollment Server stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35926 | SERVER-WEBAPP Oracle Identity Management authorization bypass attempt (more info ...) | attempted-admin | ||||
| 35927 | SERVER-WEBAPP Oracle Identity Management remote file execution attempt (more info ...) | policy-violation | ||||
| 36052 | SERVER-WEBAPP Silver Peak VXOA JSON interface hidden credentials authentication attempt (more info ...) | attempted-admin | URL | |||
| 36058 | FILE-IDENTIFY OLE Document upload detected (more info ...) | misc-activity | ||||
| 36071 | EXPLOIT-KIT Angler exploit kit browser version detection attempt (more info ...) | attempted-recon | ||||
| 36101 | SERVER-WEBAPP ManageEngine ServiceDesk ExportImport.do directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36102 | SERVER-WEBAPP ManageEngine ServiceDesk ExportImport.do directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36201 | EXPLOIT-KIT Scanbox exploit kit exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 36210 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0002 attack attempt (more info ...) | attempted-dos | URL | |||
| 36211 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0002 attack attempt (more info ...) | attempted-dos | URL | |||
| 36212 | FILE-OTHER Libgraphite LocaLookup out-of-bounds read attempt (more info ...) | attempted-user | 2016-1521 | URL | ||
| 36213 | FILE-OTHER Libgraphite LocaLookup out-of-bounds read attempt (more info ...) | attempted-user | 2016-1521 | URL | ||
| 36214 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1119 attack attempt (more info ...) | attempted-admin | URL | |||
| 36215 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1119 attack attempt (more info ...) | attempted-admin | URL | |||
| 36216 | FILE-OTHER libgraphite TTF opcode handling out of bounds read attempt (more info ...) | attempted-user | 2016-1521 | URL | ||
| 36217 | FILE-OTHER libgraphite TTF opcode handling out of bounds read attempt (more info ...) | attempted-user | 2016-1521 | URL | ||
| 36218 | OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (more info ...) | attempted-admin | URL | |||
| 36219 | OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (more info ...) | attempted-admin | URL | |||
| 36220 | OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (more info ...) | attempted-admin | URL | |||
| 36221 | OS-WINDOWS TRUFFLEHUNTER TALOS-CAN-0056 attack attempt (more info ...) | attempted-admin | URL | |||
| 36222 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0005 attack attempt (more info ...) | attempted-user | URL | |||
| 36223 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0005 attack attempt (more info ...) | attempted-user | URL | |||
| 36225 | FILE-OTHER Libgraphite empty feature list denial of service attempt (more info ...) | denial-of-service | 2016-1522 | URL | ||
| 36226 | FILE-OTHER Libgraphite empty feature list denial of service attempt (more info ...) | denial-of-service | 2016-1522 | URL | ||
| 36227 | FILE-OTHER Libgraphite empty feature list denial of service attempt (more info ...) | denial-of-service | 2016-1522 | URL | ||
| 36228 | FILE-OTHER Libgraphite empty feature list denial of service attempt (more info ...) | denial-of-service | 2016-1522 | URL | ||
| 36241 | MALWARE-OTHER self-signed SSL certificate transfer for EXEPROXY attempt (more info ...) | trojan-activity | ||||
| 36242 | SERVER-WEBAPP Reprise License Manager edit_lf_get_data directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36272 | SERVER-WEBAPP GE MDS PulseNet hidden credentials authentication attempt (more info ...) | attempted-admin | 2015-6456 | 76756 | URL | |
| 36286 | EXPLOIT-KIT Nuclear exploit kit browser detection attempt (more info ...) | attempted-recon | ||||
| 36307 | FILE-IMAGE Trimble SketchUp corrupt BMP RLE4 heap buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | |||
| 36308 | FILE-IMAGE Trimble SketchUp corrupt BMP RLE4 heap buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | |||
| 36309 | FILE-IMAGE Trimble SketchUp corrupt BMP RLE4 heap buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | |||
| 36310 | FILE-IMAGE Trimble SketchUp corrupt BMP RLE4 heap buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | |||
| 36315 | EXPLOIT-KIT Angler exploit kit relay traffic detected (more info ...) | trojan-activity | ||||
| 36330 | SERVER-WEBAPP Kaseya VSA uploader.aspx PathData directory traversal attempt (more info ...) | web-application-attack | 2015-6922 | |||
| 36332 | EXPLOIT-KIT Angler exploit kit relay traffic detected (more info ...) | trojan-activity | ||||
| 36333 | SERVER-WEBAPP GE MDS PulseNET FileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2015-6459 | 76756 | ||
| 36380 | SERVER-WEBAPP Borland AccuRev SaveContentServiceImpl servlet directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36385 | FILE-OTHER SIL LibGraphite BracketPairStack out of bounds access exploit attempt (more info ...) | attempted-user | 2016-1522 | URL | ||
| 36386 | FILE-OTHER SIL LibGraphite BracketPairStack out of bounds access exploit attempt (more info ...) | attempted-user | 2016-1522 | URL | ||
| 36387 | FILE-OTHER Libgraphite context item handling arbitrary code execution attempt (more info ...) | attempted-user | 2016-1523 | URL | ||
| 36388 | FILE-OTHER Libgraphite context item handling arbitrary code execution attempt (more info ...) | attempted-user | 2016-1523 | URL | ||
| 36457 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36542 | SERVER-WEBAPP HP OpenView Network Node Manager HTTP handling buffer overflow attempt (more info ...) | attempted-admin | 2008-1697 | 28569 | ||
| 36543 | EXPLOIT-KIT Hunter exploit kit landing page detected (more info ...) | attempted-user | URL | |||
| 36544 | SERVER-WEBAPP pChart script parameter directory traversal attempt (more info ...) | web-application-attack | ||||
| 36635 | EXPLOIT-KIT Angler exploit kit search uri request attempt (more info ...) | attempted-user | ||||
| 36636 | EXPLOIT-KIT Angler exploit kit index uri request attempt (more info ...) | attempted-user | ||||
| 36637 | EXPLOIT-KIT Angler exploit kit viewtopic uri request attempt (more info ...) | attempted-user | ||||
| 36658 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 36659 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 36660 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 36661 | FILE-OTHER Interactive Data eSignal stack buffer overflow attempt (more info ...) | attempted-user | 2011-3494 | |||
| 36748 | FILE-IDENTIFY TTF file attachment detected (more info ...) | misc-activity | ||||
| 36778 | SERVER-WEBAPP F5 BIG-IP iControl API arbitrary command execution attempt (more info ...) | attempted-admin | 2015-3628 | URL | ||
| 36785 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36788 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36790 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36793 | SERVER-WEBAPP Oracle BeeHive playAudioFile.jsp directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36794 | SERVER-WEBAPP Oracle BeeHive playAudioFile.jsp directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36795 | SERVER-WEBAPP Oracle BeeHive playAudioFile.jsp directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 36796 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36798 | EXPLOIT-KIT GongDa landing page detected (more info ...) | attempted-user | ||||
| 36801 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36802 | EXPLOIT-KIT Angler exploit kit browser version detection attempt (more info ...) | attempted-recon | ||||
| 36803 | SERVER-OTHER HP Intelligent Management Center img buffer overflow attempt (more info ...) | attempted-admin | 2011-1848 | 47789 | ||
| 36808 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36824 | EXPLOIT-KIT Known exploit kit obfuscation routine detected (more info ...) | attempted-user | 2014-6332 | URL | ||
| 36825 | PUA-ADWARE DealPly Adware variant outbound connection (more info ...) | misc-activity | URL | |||
| 36855 | FILE-OTHER Wireshark DECT packet dissector overflow attempt (more info ...) | attempted-user | 2011-1591 | 47392 | ||
| 36899 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36900 | SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (more info ...) | web-application-attack | 2010-4417 | 45854 | ||
| 36901 | SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (more info ...) | web-application-attack | 2010-4417 | 45854 | ||
| 36902 | SERVER-WEBAPP Oracle BeeHive showRecxml.jsp directory traversal attempt (more info ...) | web-application-attack | 2010-4417 | 45854 | ||
| 37016 | EXPLOIT-KIT DoloMalo exploit kit packer detected (more info ...) | trojan-activity | ||||
| 37039 | SERVER-WEBAPP Atlassian HipChat Plugin template injection remote code execution attempt (more info ...) | attempted-admin | 2015-5603 | 76698 | URL | |
| 37130 | FILE-IDENTIFY Obfuscated .wsf download attempt (more info ...) | policy-violation | URL | |||
| 37132 | FILE-IDENTIFY Obfuscated .wsf download attempt (more info ...) | policy-violation | URL | |||
| 37138 | SERVER-WEBAPP ManageEngine ServiceDesk FileDownload.jsp fName directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 37139 | SERVER-WEBAPP ManageEngine ServiceDesk FileDownload.jsp fName directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 37140 | SERVER-WEBAPP ManageEngine ServiceDesk FileDownload.jsp fName directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 37146 | SERVER-OTHER Juniper ScreenOS unauthorized backdoor access attempt (more info ...) | attempted-admin | 2015-7755 | URL | ||
| 37147 | SERVER-OTHER Seagate GoFlex Satellite hidden credentials authentication attempt (more info ...) | attempted-admin | 2015-2874 | 76547 | ||
| 37207 | EXPLOIT-KIT Neutrino exploit kit landing page (more info ...) | trojan-activity | ||||
| 37222 | MALWARE-OTHER Win.Worm.Pixipos Outbound Connection Attempt (more info ...) | trojan-activity | URL | |||
| 37242 | SERVER-WEBAPP D-Link DCS-900 Series Network Camera arbitrary file upload attempt (more info ...) | attempted-admin | 2015-2049 | |||
| 37285 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37286 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37287 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37289 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37290 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37292 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37312 | FILE-OTHER Mulitple products external entity data exfiltration attempt (more info ...) | misc-attack | 2015-5088 | URL | ||
| 37313 | FILE-OTHER Multiple products external entity data exfiltration attempt (more info ...) | misc-attack | 2015-5088 | URL | ||
| 37324 | SERVER-WEBAPP AVM FritzBox dsl_control stack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 37411 | SERVER-WEBAPP SevOne NMS hidden credentials authentication attempt (more info ...) | attempted-admin | URL | |||
| 37446 | SERVER-OTHER BigAnt server USV command buffer overflow attempt (more info ...) | misc-attack | 37520 | |||
| 37493 | FILE-OTHER lhasa decode_level3_header heap corruption attempt (more info ...) | attempted-user | 2016-2347 | URL | ||
| 37494 | FILE-OTHER lhasa decode_level3_header heap corruption attempt (more info ...) | attempted-user | 2016-2347 | URL | ||
| 37504 | SERVER-WEBAPP SAP HANA hdbindexserver buffer overflow attempt (more info ...) | attempted-admin | 2015-7986 | URL | ||
| 37517 | FILE-OTHER Apple OSX local privilege escalation attempt (more info ...) | attempted-user | 2016-1743 | URL | ||
| 37518 | FILE-OTHER Apple OSX local privilege escalation attempt (more info ...) | attempted-user | 2016-1743 | URL | ||
| 37519 | FILE-OTHER Intel HD Graphics Windows kernel driver local privilege escalation attempt (more info ...) | attempted-user | 2016-5647 | URL | ||
| 37520 | FILE-OTHER Intel HD Graphics Windows kernel driver local privilege escalation attempt (more info ...) | attempted-user | 2016-5647 | URL | ||
| 37525 | SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (more info ...) | policy-violation | 2015-7703 | 77278 | URL | |
| 37526 | SERVER-OTHER NTP arbitrary pidfile and driftfile overwrite attempt (more info ...) | policy-violation | 2015-7703 | 77278 | URL | |
| 37528 | EXPLOIT-KIT Nuclear exploit kit outbound uri request attempt (more info ...) | attempted-user | URL | |||
| 37529 | EXPLOIT-KIT Nuclear exploit kit iframe injection attempt (more info ...) | attempted-user | URL | |||
| 37548 | EXPLOIT-KIT Malicious iFrame redirection injection attempt (more info ...) | trojan-activity | ||||
| 37549 | EXPLOIT-KIT Malicious iFrame injection outbound URI request attempt (more info ...) | attempted-user | ||||
| 37550 | EXPLOIT-KIT Nuclear landing page detected (more info ...) | attempted-user | ||||
| 37551 | EXPLOIT-KIT Nuclear landing page detected (more info ...) | attempted-user | ||||
| 37622 | SERVER-WEBAPP Allen-Bradley Compact Logix cross site scripting attempt (more info ...) | attempted-user | ||||
| 37623 | SERVER-WEBAPP Allen-Bradley Compact Logix cross site scripting attempt (more info ...) | attempted-user | ||||
| 37624 | SERVER-WEBAPP Allen-Bradley Compact Logix cross site scripting attempt (more info ...) | attempted-user | ||||
| 37642 | PUA-ADWARE Win.Adware.Dealply outbound POST attempt (more info ...) | misc-activity | URL | |||
| 37651 | MALWARE-TOOLS Win.Trojan.Downloader outbound connection attempt (more info ...) | trojan-activity | ||||
| 37657 | SERVER-WEBAPP Headline Portal Engine HPEInc remote file include attempt (more info ...) | web-application-attack | 19663 | |||
| 37658 | SERVER-WEBAPP Headline Portal Engine HPEInc remote file include attempt (more info ...) | web-application-attack | 19663 | |||
| 37659 | SERVER-WEBAPP Headline Portal Engine HPEInc remote file include attempt (more info ...) | web-application-attack | 19663 | |||
| 37660 | SERVER-WEBAPP Headline Portal Engine HPEInc remote file include attempt (more info ...) | web-application-attack | 19663 | |||
| 37661 | SERVER-WEBAPP Headline Portal Engine HPEInc remote file include attempt (more info ...) | web-application-attack | 19663 | |||
| 37662 | SERVER-WEBAPP Headline Portal Engine HPEInc remote file include attempt (more info ...) | web-application-attack | 19663 | |||
| 37799 | FILE-OTHER Kingsoft Writer long font name buffer overflow attempt (more info ...) | attempted-user | 2013-3934 | 61796 | ||
| 37800 | FILE-OTHER Kingsoft Writer long font name buffer overflow attempt (more info ...) | attempted-user | 2013-3934 | 61796 | ||
| 37871 | EXPLOIT-KIT Angler exploit kit index uri request attempt (more info ...) | attempted-user | ||||
| 37872 | EXPLOIT-KIT Angler exploit kit viewthread uri request attempt (more info ...) | attempted-user | ||||
| 37873 | EXPLOIT-KIT Angler exploit kit view uri request attempt (more info ...) | attempted-user | ||||
| 37919 | EXPLOIT-KIT Gong da exploit kit landing page (more info ...) | trojan-activity | ||||
| 37957 | EXPLOIT-KIT Angler exploit kit view uri request attempt (more info ...) | attempted-user | ||||
| 37958 | EXPLOIT-KIT Angler exploit kit viewthread uri request attempt (more info ...) | attempted-user | ||||
| 38121 | EXPLOIT-KIT Angler exploit kit search uri request attempt (more info ...) | attempted-user | ||||
| 38133 | EXPLOIT-KIT Angler exploit kit gate redirector (more info ...) | attempted-user | ||||
| 38160 | EXPLOIT-KIT Angler exploit kit gate detected (more info ...) | trojan-activity | ||||
| 38161 | EXPLOIT-KIT Angler exploit kit index uri request attempt (more info ...) | attempted-user | ||||
| 38162 | EXPLOIT-KIT Angler exploit kit viewthread uri request attempt (more info ...) | attempted-user | ||||
| 38163 | EXPLOIT-KIT Angler exploit kit view uri request attempt (more info ...) | attempted-user | ||||
| 38164 | SERVER-WEBAPP Oracle Application Testing Suite UploadFileAction servlet directory traversal attempt (more info ...) | web-application-attack | 2016-0491 | 81169 | ||
| 38248 | SERVER-OTHER IBM Tivoli Storage Manager FastBack Server opcode 1329 buffer overflow attempt (more info ...) | attempted-admin | 2015-1924 | 75447 | ||
| 38254 | EXPLOIT-KIT Known malicious redirection attempt (more info ...) | attempted-user | URL | |||
| 38271 | SERVER-OTHER Wavelink Emulation License Server malicious URI code execution attempt (more info ...) | attempted-user | 2015-4059 | |||
| 38275 | EXPLOIT-KIT Neutrino exploit kit redirection attempt (more info ...) | trojan-activity | URL | |||
| 38279 | MALWARE-OTHER Win.Trojan.Samas variant download attempt (more info ...) | trojan-activity | URL | |||
| 38280 | MALWARE-OTHER Win.Trojan.Samas variant download attempt (more info ...) | trojan-activity | URL | |||
| 38286 | SERVER-WEBAPP Reprise License Manager actserver stack buffer overflow attempt (more info ...) | attempted-admin | 2015-6946 | URL | ||
| 38287 | SERVER-WEBAPP Reprise License Manager akey stack buffer overflow attempt (more info ...) | attempted-admin | 2015-6946 | URL | ||
| 38288 | SERVER-WEBAPP Reprise License Manager licfile stack buffer overflow attempt (more info ...) | attempted-admin | 2015-6946 | URL | ||
| 38303 | SERVER-WEBAPP Bonita BPM themeResource directory traversal attempt (more info ...) | web-application-attack | 2015-3897 | 75130 | ||
| 38312 | SERVER-OTHER Redis lua script integer overflow attempt (more info ...) | attempted-user | 2015-8080 | |||
| 38313 | SERVER-OTHER Redis lua script integer overflow attempt (more info ...) | attempted-user | 2015-8080 | |||
| 38327 | MALWARE-BACKDOOR ReGeorg proxy read attempt (more info ...) | misc-activity | URL | |||
| 38328 | MALWARE-BACKDOOR ReGeorg socks proxy connection attempt (more info ...) | misc-activity | URL | |||
| 38329 | MALWARE-BACKDOOR ReGeorg socks proxy initial connection attempt (more info ...) | misc-activity | URL | |||
| 38360 | MALWARE-OTHER Win.Trojan.Samas variant download attempt (more info ...) | trojan-activity | URL | |||
| 38361 | MALWARE-OTHER Win.Trojan.Samas variant download attempt (more info ...) | trojan-activity | URL | |||
| 38372 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38373 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38374 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38375 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38376 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38377 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38389 | SERVER-WEBAPP HID door command injection attempt (more info ...) | attempted-admin | URL | |||
| 38390 | SERVER-OTHER HP JetDirect PJL path traversal attempt (more info ...) | attempted-recon | 2010-4107 | 44882 | ||
| 38391 | SERVER-OTHER HP JetDirect PJL path traversal attempt (more info ...) | attempted-recon | 2010-4107 | 44882 | ||
| 38437 | EXPLOIT-KIT Angler exploit kit outbound uri structure (more info ...) | trojan-activity | ||||
| 38438 | EXPLOIT-KIT Angler exploit kit questions uri request attempt (more info ...) | attempted-user | ||||
| 38441 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38442 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38443 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38444 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38445 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38446 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38447 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38448 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38449 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38450 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38451 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38452 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38453 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38454 | MALWARE-OTHER Win.Trojan.Petya variant download attempt (more info ...) | trojan-activity | URL | |||
| 38518 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0481 | 81097 | ||
| 38519 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0481 | 81097 | ||
| 38520 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0481 | 81097 | ||
| 38521 | EXPLOIT-KIT Angler exploit kit redirect page detected (more info ...) | attempted-user | ||||
| 38522 | EXPLOIT-KIT Angler landing page detected (more info ...) | attempted-user | ||||
| 38523 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 38524 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 38525 | MALWARE-OTHER Win.Trojan.Troll dropper document file detected (more info ...) | trojan-activity | URL | |||
| 38526 | MALWARE-OTHER Win.Trojan.Troll dropper document file detected (more info ...) | trojan-activity | URL | |||
| 38529 | MALWARE-OTHER XBot CC Social Engineering (more info ...) | trojan-activity | URL | |||
| 38541 | INDICATOR-OBFUSCATION newline only separator evasion (more info ...) | non-standard-protocol | URL | |||
| 38555 | EXPLOIT-KIT Angler landing page detected (more info ...) | attempted-user | ||||
| 38579 | SERVER-WEBAPP Atvise denial of service attempt (more info ...) | attempted-dos | URL | |||
| 38582 | EXPLOIT-KIT Nuclear exploit kit landing page detected (more info ...) | attempted-user | ||||
| 38589 | EXPLOIT-KIT vbscript downloading executable attempt (more info ...) | attempted-user | ||||
| 38592 | EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (more info ...) | trojan-activity | URL | |||
| 38593 | EXPLOIT-KIT Nuclear Exploit Kit back end communications attempt (more info ...) | trojan-activity | URL | |||
| 38623 | FILE-OTHER GDCM DICOM image integer overflow attempt (more info ...) | attempted-user | 2015-8396 | |||
| 38624 | FILE-OTHER GDCM DICOM image integer overflow attempt (more info ...) | attempted-user | 2015-8396 | |||
| 38627 | FILE-OTHER libarchive zip_read_mac_metadata heap buffer overflow attempt (more info ...) | attempted-user | 2016-1541 | URL | ||
| 38628 | FILE-OTHER libarchive zip_read_mac_metadata heap buffer overflow attempt (more info ...) | attempted-user | 2016-1541 | URL | ||
| 38648 | SERVER-OTHER Trend Micro remote debugging URL handling remote code execution attempt (more info ...) | attempted-user | URL | |||
| 38649 | SERVER-OTHER Trend Micro remote debugging URL handling remote code execution attempt (more info ...) | attempted-user | URL | |||
| 38650 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38651 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38652 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38653 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38654 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38655 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38656 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38657 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38658 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38659 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38660 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38661 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38662 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38663 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38664 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38665 | MALWARE-OTHER PWOBot variant download attempt (more info ...) | trojan-activity | URL | |||
| 38671 | BROWSER-IE SFVRT-1021 attack attempt (more info ...) | attempted-user | ||||
| 38672 | BROWSER-IE SFVRT-1021 attack attempt (more info ...) | attempted-user | ||||
| 38682 | EXPLOIT-KIT Angler Exploit Kit email gate (more info ...) | trojan-activity | ||||
| 38683 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38684 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38685 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38686 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38687 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38688 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38689 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38690 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38691 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38692 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38693 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38694 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38695 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38696 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38697 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38698 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38699 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38700 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38701 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38702 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38703 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38704 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38705 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38706 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38707 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38708 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38709 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38710 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38711 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38712 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38713 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38714 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38715 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38716 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38717 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38718 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38719 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 38743 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38744 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38745 | MALWARE-OTHER known phishing x-mailer attempt (more info ...) | trojan-activity | ||||
| 38789 | SERVER-WEBAPP Oracle application testing suite DownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2016-0485 | |||
| 38790 | SERVER-WEBAPP Oracle application testing suite DownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2016-0485 | |||
| 38791 | SERVER-WEBAPP Oracle application testing suite DownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2016-0485 | |||
| 38796 | SERVER-OTHER Adroit denial of service attempt (more info ...) | attempted-dos | ||||
| 38849 | OS-WINDOWS Kaspersky Internet Security KLIF driver denial of service attempt (more info ...) | attempted-dos | 2016-4304 | URL | ||
| 38850 | OS-WINDOWS Kaspersky Internet Security KLIF driver denial of service attempt (more info ...) | attempted-dos | 2016-4304 | URL | ||
| 38860 | FILE-OTHER Oracle OIT ContentAccess libvs_mwkd out of bounds write attempt (more info ...) | attempted-user | 2016-3593 | URL | ||
| 38861 | FILE-OTHER Oracle OIT ContentAccess libvs_mwkd out of bounds write attempt (more info ...) | attempted-user | 2016-3593 | URL | ||
| 38871 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38876 | EXPLOIT-KIT Obfuscated exploit download attempt (more info ...) | attempted-user | URL | |||
| 38879 | SERVER-WEBAPP HP Enterprise Vertica validateAdminConfig command injection attempt (more info ...) | web-application-attack | 2016-2002 | URL | ||
| 38880 | SERVER-WEBAPP HP Enterprise Vertica validateAdminConfig command injection attempt (more info ...) | web-application-attack | 2016-2002 | URL | ||
| 38892 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38893 | MALWARE-OTHER Win.Trojan.Maktub variant download attempt (more info ...) | trojan-activity | URL | |||
| 38894 | SERVER-WEBAPP Jenkins CI Server insecure deserialization command execution attempt (more info ...) | attempted-admin | 2016-0792 | URL | ||
| 38934 | SERVER-WEBAPP Oracle Application Testing Suite actionservlet directory traversal attempt (more info ...) | attempted-user | 2016-0487 | |||
| 38939 | SERVER-WEBAPP ORACLE-SERVER Oracle Application Testing Suite filename directory traversal attempt (more info ...) | web-application-attack | 2016-0490 | |||
| 38945 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38946 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38947 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38948 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 38951 | PUA-ADWARE Win.Adware.OpenSoftwareUpdater variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 38952 | PUA-ADWARE Win.Adware.OpenSoftwareUpdater variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 38953 | PUA-ADWARE Win.Adware.OpenSoftwareUpdater variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 38965 | SERVER-WEBAPP VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (more info ...) | attempted-user | 2013-3520 | 60484 | URL | |
| 38968 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0476 | |||
| 38969 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0476 | |||
| 38970 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0476 | |||
| 38986 | SERVER-WEBAPP SAP NetWeaver xMII directory traversal attempt (more info ...) | web-application-attack | 2016-2389 | |||
| 38987 | SERVER-WEBAPP SAP NetWeaver xMII directory traversal attempt (more info ...) | web-application-attack | 2016-2389 | |||
| 38988 | SERVER-WEBAPP SAP NetWeaver xMII directory traversal attempt (more info ...) | web-application-attack | 2016-2389 | |||
| 39000 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39001 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39002 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39003 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39004 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39005 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39006 | FILE-IMAGE ImageMagick WWWDecodeDelegate command injection attempt (more info ...) | attempted-user | 2016-3714 | 89848 | URL | |
| 39058 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 39059 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 39066 | SERVER-OTHER Magento unauthenticated arbitrary file write attempt (more info ...) | attempted-admin | 2016-4010 | URL | ||
| 39070 | SERVER-WEBAPP Dlink local file disclosure attempt (more info ...) | web-application-attack | 64043 | |||
| 39078 | OS-WINDOWS Kaspersky Internet Security KLIF driver denial of service attempt (more info ...) | attempted-dos | 2016-4305 | URL | ||
| 39079 | OS-WINDOWS Kaspersky Internet Security KLIF driver denial of service attempt (more info ...) | attempted-dos | 2016-4305 | URL | ||
| 39087 | SERVER-WEBAPP Oracle Application Testing Suite arbitrary file read attempt (more info ...) | web-application-attack | 2016-0482 | |||
| 39088 | SERVER-WEBAPP Oracle Application Testing Suite arbitrary file read attempt (more info ...) | web-application-attack | 2016-0482 | |||
| 39089 | SERVER-WEBAPP Oracle Application Testing Suite arbitrary file read attempt (more info ...) | web-application-attack | 2016-0482 | |||
| 39090 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39091 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39092 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39093 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39094 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39095 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39096 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39097 | FILE-IMAGE ImageMagick and GraphicsMagick OpenBlob command injection attempt (more info ...) | attempted-user | 2016-5118 | |||
| 39128 | EXPLOIT-KIT Nuclear landing page detected (more info ...) | attempted-user | ||||
| 39129 | EXPLOIT-KIT Nuclear gate redirect attempt (more info ...) | attempted-user | ||||
| 39130 | EXPLOIT-KIT Obfuscated exploit download attempt (more info ...) | attempted-user | URL | |||
| 39165 | SERVER-WEBAPP iperf3 heap overflow remote code execution attempt (more info ...) | attempted-user | 2016-4303 | URL | ||
| 39188 | SERVER-WEBAPP Nagios XI backend API server side request forgery attempt (more info ...) | web-application-attack | URL | |||
| 39189 | PUA-TOOLBARS Win.Toolbar.Crossrider variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39198 | SERVER-WEBAPP D-Link authentication bypass attempt (more info ...) | attempted-admin | 45554 | |||
| 39241 | EXPLOIT-KIT Neutrino Exploit Kit exploitation attempt (more info ...) | attempted-user | ||||
| 39356 | MALWARE-OTHER Lamer outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 39357 | MALWARE-OTHER Flopex outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 39379 | FILE-EXECUTABLE Norton Antivirus ASPack heap corruption attempt (more info ...) | attempted-admin | 2016-2208 | URL | ||
| 39385 | FILE-OTHER Symantec Norton Antivirus ccScanw.dll Unpack ShortLZ memory corruption attempt (more info ...) | attempted-user | 2016-2207 | URL | ||
| 39386 | FILE-OTHER Symantec Norton Antivirus ccScanw.dll Unpack ShortLZ memory corruption attempt (more info ...) | attempted-user | 2016-2207 | URL | ||
| 39387 | SERVER-WEBAPP D-Link DAP-1160 authentication bypass attempt (more info ...) | attempted-admin | 41187 | |||
| 39391 | PROTOCOL-SCADA 3S CoDeSys Gateway Server stack buffer overflow attempt (more info ...) | attempted-admin | 2012-4708 | |||
| 39392 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 214 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 39393 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 215 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 39394 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 216 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 39395 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 219 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 39396 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 257 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 39397 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 263 buffer overflow attempt (more info ...) | attempted-admin | 2013-6195 | 64647 | URL | |
| 39398 | SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (more info ...) | attempted-user | 2016-3652 | 91444 | ||
| 39400 | SERVER-WEBAPP Symantec Decomposer Engine Dec2LHA buffer overflow attempt (more info ...) | attempted-user | 2016-2210 | |||
| 39401 | SERVER-WEBAPP Symantec Decomposer Engine Dec2LHA buffer overflow attempt (more info ...) | attempted-user | 2016-2210 | |||
| 39402 | FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (more info ...) | attempted-user | 2016-3646 | URL | ||
| 39403 | FILE-OTHER Symantec Antivirus ALPkOldFormatDecompressor out of bounds read attempt (more info ...) | attempted-user | 2016-3646 | URL | ||
| 39404 | SERVER-OTHER Symantec Endpoint Protection Manager cross site request forgery attempt (more info ...) | attempted-user | 2016-3653 | URL | ||
| 39405 | SERVER-OTHER Symantec Endpoint Protection Manager cross site request forgery attempt (more info ...) | attempted-user | 2016-3653 | URL | ||
| 39406 | SERVER-OTHER D-LINK DAP-1160 unauthenticated remote configuration attempt (more info ...) | attempted-admin | 41187 | URL | ||
| 39407 | SERVER-OTHER D-LINK DAP-1160 unauthenticated remote configuration attempt (more info ...) | attempted-admin | 41187 | URL | ||
| 39408 | SERVER-OTHER D-LINK DAP-1160 unauthenticated remote configuration attempt (more info ...) | attempted-admin | 41187 | URL | ||
| 39412 | SERVER-WEBAPP WANem WAN emulator command injection attempt (more info ...) | web-application-attack | URL | |||
| 39416 | PUA-OTHER RMS rmansys remote management tool cnc communication (more info ...) | misc-activity | URL | |||
| 39431 | FILE-OTHER Symantec TNEF decoder integer overflow attempt (more info ...) | attempted-admin | 2016-3645 | URL | ||
| 39432 | FILE-OTHER Symantec TNEF decoder integer overflow attempt (more info ...) | attempted-admin | 2016-3645 | URL | ||
| 39459 | SERVER-WEBAPP Oracle Web Cache HTTP header null byte injection attempt (more info ...) | web-application-attack | 2004-0385 | 9868 | ||
| 39466 | FILE-EXECUTABLE Symantec Norton Security IDSvix86 out of bounds read attempt (more info ...) | attempted-dos | 2016-5308 | URL | ||
| 39467 | FILE-EXECUTABLE Symantec Norton Security IDSvix86 out of bounds read attempt (more info ...) | attempted-dos | 2016-5308 | URL | ||
| 39468 | SERVER-WEBAPP ACTi ASOC command injection attempt (more info ...) | web-application-attack | URL | |||
| 39469 | SERVER-WEBAPP ACTi ASOC command injection attempt (more info ...) | web-application-attack | URL | |||
| 39470 | SERVER-WEBAPP ACTi ASOC command injection attempt (more info ...) | web-application-attack | URL | |||
| 39471 | SERVER-WEBAPP ACTi ASOC command injection attempt (more info ...) | web-application-attack | URL | |||
| 39473 | SERVER-WEBAPP Shopware getTemplateName directory traversal attempt (more info ...) | web-application-attack | 2016-3109 | 97979 | URL | |
| 39601 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39602 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39603 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39604 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39605 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39606 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39607 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2017-2870 | URL | ||
| 39608 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39609 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39610 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39611 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39612 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39613 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39614 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39615 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2017-2870 | URL | ||
| 39616 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39617 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39618 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39619 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39620 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39621 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39622 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39623 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39624 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39625 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39626 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39627 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39628 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39629 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39630 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39631 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39632 | FILE-IMAGE Multiple products TIFF tile size buffer overflow attempt (more info ...) | attempted-user | 2016-5875 | URL | ||
| 39634 | FILE-IMAGE Apple OSX EXR image invalid box2i attribute heap buffer overflow attempt (more info ...) | attempted-user | 2016-4629 | URL | ||
| 39635 | FILE-IMAGE Apple OSX EXR image invalid box2i attribute heap buffer overflow attempt (more info ...) | attempted-user | 2016-4629 | URL | ||
| 39637 | MALWARE-OTHER Win.Ransomware.Ranscam initial download attempt (more info ...) | trojan-activity | URL | |||
| 39638 | MALWARE-TOOLS Win.Packer.ConfuserEx packed .NET executable attempt (more info ...) | trojan-activity | URL | |||
| 39639 | SERVER-WEBAPP WebNMS Framework directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 39640 | SERVER-WEBAPP WebNMS Framework directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 39641 | SERVER-WEBAPP WebNMS Framework directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 39645 | SERVER-WEBAPP Drupal Coder Module insecure remote file deserialization attempt (more info ...) | web-application-attack | URL | |||
| 39683 | FILE-IMAGE Apple Core Graphics BMP img_decode_read memory corruption attempt (more info ...) | attempted-user | 2016-4637 | URL | ||
| 39684 | FILE-IMAGE Apple Core Graphics BMP img_decode_read memory corruption attempt (more info ...) | attempted-user | 2016-4637 | URL | ||
| 39713 | MALWARE-OTHER MKVIS outbound communication attempt (more info ...) | trojan-activity | ||||
| 39725 | SERVER-WEBAPP Drupal RESTWS restws_page_callback command injection attempt (more info ...) | attempted-admin | URL | |||
| 39726 | SERVER-WEBAPP Drupal RESTWS restws_page_callback command injection attempt (more info ...) | attempted-admin | URL | |||
| 39734 | MALWARE-OTHER Win.Trojan.Xtrat outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39744 | MALWARE-TOOLS CKnife penetration testing tool attempt (more info ...) | trojan-activity | ||||
| 39745 | MALWARE-OTHER Win.Trojan.FakeRean outbound connection detection (more info ...) | trojan-activity | URL | |||
| 39746 | MALWARE-OTHER Win.Ransomware.Apocalypse download attempt (more info ...) | trojan-activity | URL | |||
| 39747 | MALWARE-OTHER Win.Ransomware.Apocalypse download attempt (more info ...) | trojan-activity | URL | |||
| 39755 | MALWARE-OTHER Win.Trojan.Retefe variant malicious certificate installation page (more info ...) | trojan-activity | URL | |||
| 39756 | MALWARE-OTHER Win.Trojan.Retefe variant malicious certificate installation page (more info ...) | trojan-activity | URL | |||
| 39765 | SERVER-WEBAPP Ruby on Rails ActionPack inline content rendering code injection attempt (more info ...) | web-application-attack | 2016-2098 | |||
| 39766 | MALWARE-OTHER Win.Downloader.Ogimant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39768 | MALWARE-OTHER Win.Ransomware.Alfa download attempt (more info ...) | trojan-activity | URL | |||
| 39769 | MALWARE-OTHER Win.Ransomware.Alfa download attempt (more info ...) | trojan-activity | URL | |||
| 39771 | MALWARE-TOOLS CKnife penetration testing tool attempt (more info ...) | trojan-activity | ||||
| 39772 | MALWARE-TOOLS CKnife penetration testing tool attempt (more info ...) | trojan-activity | ||||
| 39773 | MALWARE-TOOLS CKnife penetration testing tool attempt (more info ...) | trojan-activity | ||||
| 39803 | MALWARE-OTHER Win.Adware.Dlhelper outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39804 | MALWARE-OTHER Win.Adware.Dlhelper outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39805 | MALWARE-OTHER Win.Adware.Dlhelper outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39806 | MALWARE-OTHER Win.Adware.Dlhelper outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39807 | MALWARE-OTHER Win.Trojan.Lethic outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39830 | MALWARE-OTHER Win.Trojan.CrypMIC outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39845 | SERVER-WEBAPP Netgear ReadyNAS Surveillance debugging_center_utils command injection attempt (more info ...) | web-application-attack | 2016-5674 | URL | ||
| 39846 | SERVER-WEBAPP Netgear ReadyNAS Surveillance debugging_center_utils command injection attempt (more info ...) | web-application-attack | 2016-5674 | URL | ||
| 39847 | SERVER-WEBAPP Netgear ReadyNAS Surveillance handle_daylightsaving command injection attempt (more info ...) | web-application-attack | 2016-5675 | URL | ||
| 39848 | SERVER-WEBAPP Netgear ReadyNAS Surveillance handle_daylightsaving command injection attempt (more info ...) | web-application-attack | 2016-5675 | URL | ||
| 39851 | INDICATOR-COMPROMISE Connection to malware sinkhole - CERT.PL (more info ...) | trojan-activity | URL | |||
| 39876 | PROTOCOL-SNMP Allen-Bradley MicroLogix PLC SNMP request via undocumented community string attempt (more info ...) | attempted-recon | 2016-5645 | URL | ||
| 39883 | FILE-IMAGE FreeImage library XPM handling out of bounds write attempt (more info ...) | attempted-user | 2016-5684 | URL | ||
| 39884 | FILE-IMAGE FreeImage library XPM handling out of bounds write attempt (more info ...) | attempted-user | 2016-5684 | URL | ||
| 39904 | MALWARE-OTHER Rtf.Dropper.Agent-1404614 download attempt (more info ...) | trojan-activity | URL | |||
| 39906 | MALWARE-OTHER Rtf.Dropper.Agent-1404614 download attempt (more info ...) | trojan-activity | URL | |||
| 39910 | SERVER-OTHER Flexera FlexNet Publisher stack buffer overflow attempt (more info ...) | attempted-admin | 2015-8277 | URL | ||
| 39914 | BROWSER-PLUGINS KingView clsid access attempt (more info ...) | attempted-user | 2013-6128 | |||
| 39915 | BROWSER-PLUGINS KingView clsid access attempt (more info ...) | attempted-user | 2013-6128 | |||
| 39916 | BROWSER-PLUGINS KingView clsid access attempt (more info ...) | attempted-user | 2013-6128 | |||
| 39917 | BROWSER-PLUGINS KingView clsid access attempt (more info ...) | attempted-user | 2013-6128 | |||
| 39924 | SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (more info ...) | attempted-admin | 2015-1949 | URL | ||
| 39930 | SERVER-WEBAPP Siemens IP-Camera credential disclosure attempt (more info ...) | attempted-admin | URL | |||
| 39974 | MALWARE-OTHER Andr.Trojan.KungFu variant download (more info ...) | trojan-activity | URL | |||
| 39975 | MALWARE-OTHER Andr.Trojan.KungFu variant download (more info ...) | trojan-activity | URL | |||
| 40017 | FILE-IDENTIFY Hierarchal Data Format file download request (more info ...) | misc-activity | URL | |||
| 40018 | FILE-IDENTIFY Hierarchal Data Format file attachment detected (more info ...) | misc-activity | URL | |||
| 40019 | FILE-IDENTIFY Hierarchal Data Format file attachment detected (more info ...) | misc-activity | URL | |||
| 40020 | FILE-IDENTIFY Hierarchal Data Format file magic detected (more info ...) | misc-activity | URL | |||
| 40021 | FILE-IDENTIFY Hierarchal Data Format file magic detected (more info ...) | misc-activity | URL | |||
| 40035 | FILE-IDENTIFY XLSB file magic detected (more info ...) | misc-activity | ||||
| 40036 | FILE-IDENTIFY XLSB file magic detected (more info ...) | misc-activity | ||||
| 40041 | SERVER-WEBAPP Meinberg LANTIME NTP appliance stack buffer overflow attempt (more info ...) | web-application-attack | 2016-3962 | URL | ||
| 40042 | SERVER-WEBAPP Meinberg LANTIME NTP appliance stack buffer overflow attempt (more info ...) | web-application-attack | 2016-3962 | URL | ||
| 40047 | SERVER-WEBAPP Belkin F9K1122 webpage buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 40050 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40051 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40052 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40053 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40054 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40055 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40056 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40057 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40132 | BROWSER-IE VBScript ADODB.Connection object use after free attempt (more info ...) | attempted-user | 2017-11913 | URL | ||
| 40133 | BROWSER-IE VBScript ADODB.Connection object use after free attempt (more info ...) | attempted-user | 2017-11913 | URL | ||
| 40191 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40192 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40193 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40194 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40195 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40196 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40197 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40198 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40199 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40200 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40201 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40202 | MALWARE-OTHER Win.Trojan.Swabfex download attempt (more info ...) | trojan-activity | URL | |||
| 40233 | EXPLOIT-KIT Sundown exploit kit landing page detected (more info ...) | attempted-user | URL | |||
| 40241 | SERVER-OTHER Fortigate Firewall HTTP cookie buffer overflow (more info ...) | attempted-admin | 2016-6909 | URL | ||
| 40299 | FILE-OTHER TRUFFLEHUNTER TALOS-2016-0195 attack attempt (more info ...) | attempted-user | URL | |||
| 40300 | FILE-OTHER TRUFFLEHUNTER TALOS-2016-0195 attack attempt (more info ...) | attempted-user | URL | |||
| 40314 | FILE-IMAGE OpenJPEG JPEG2000 MCC record parsing heap memory corruption attempt (more info ...) | attempted-user | 2016-8332 | URL | ||
| 40315 | FILE-IMAGE OpenJPEG JPEG2000 MCC record parsing heap memory corruption attempt (more info ...) | attempted-user | 2016-8332 | URL | ||
| 40336 | FILE-PDF Iceni Argus ipfSetColourStroke stack buffer overflow attempt (more info ...) | attempted-user | 2016-8333 | URL | ||
| 40337 | FILE-PDF Iceni Argus ipfSetColourStroke stack buffer overflow attempt (more info ...) | attempted-user | 2016-8333 | URL | ||
| 40358 | SERVER-OTHER IBM Tivoli Storage Manager FastBack opcode 1301 remote code execution attempt (more info ...) | attempted-admin | 2015-1986 | URL | ||
| 40360 | SERVER-OTHER OpenSSL OCSP Status Request Extension denial of service attempt (more info ...) | attempted-dos | 2016-6304 | URL | ||
| 40382 | SERVER-OTHER Easy File Sharing Server remote code execution attempt (more info ...) | attempted-user | URL | |||
| 40387 | FILE-IDENTIFY Windows registry hive file magic detected (more info ...) | misc-activity | ||||
| 40388 | FILE-IDENTIFY Windows registry hive file attachment detected (more info ...) | misc-activity | ||||
| 40389 | FILE-IDENTIFY Windows registry hive file attachment detected (more info ...) | misc-activity | ||||
| 40390 | FILE-IDENTIFY Windows registry hive file magic detected (more info ...) | misc-activity | ||||
| 40391 | FILE-IDENTIFY Windows registry hive file download request (more info ...) | misc-activity | ||||
| 40422 | SERVER-OTHER IBM Tivoli Storage Manager FastBack opcode 4115 remote code execution attempt (more info ...) | attempted-admin | 2015-4931 | URL | ||
| 40429 | FILE-PDF Foxit PDF Reader JBIG2 parser out of bounds read attempt (more info ...) | attempted-recon | 2016-8334 | URL | ||
| 40430 | FILE-PDF Foxit PDF Reader JBIG2 parser out of bounds read attempt (more info ...) | attempted-recon | 2016-8334 | URL | ||
| 40446 | SERVER-WEBAPP Avtech IP Camera unauthenticated config access attempt (more info ...) | attempted-admin | URL | |||
| 40451 | SERVER-WEBAPP Symantec Messaging Gateway KavaChart Component directory traversal attempt (more info ...) | web-application-attack | 2016-5312 | |||
| 40468 | SERVER-OTHER Memcached append opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40469 | SERVER-OTHER Memcached append opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40470 | SERVER-OTHER Memcached prepend opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40471 | SERVER-OTHER Memcached prepend opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40472 | SERVER-OTHER Memcached appendq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40473 | SERVER-OTHER Memcached appendq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40474 | SERVER-OTHER Memcached prependq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40475 | SERVER-OTHER Memcached prependq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8704 | URL | ||
| 40476 | SERVER-OTHER Memcached set opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 40477 | SERVER-OTHER Memcached setq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 40478 | SERVER-OTHER Memcached add opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 40479 | SERVER-OTHER Memcached addq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 40480 | SERVER-OTHER Memcached replace opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 40481 | SERVER-OTHER Memcached replaceq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 40482 | SERVER-OTHER Memcached SASL auth opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8706 | URL | ||
| 40483 | SERVER-OTHER Memcached SASL auth opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8706 | URL | ||
| 40488 | FILE-EXECUTABLE Hopper Disassembler ELF section header memory corruption attempt (more info ...) | attempted-user | 2016-8390 | URL | ||
| 40489 | FILE-EXECUTABLE Hopper Disassembler ELF section header memory corruption attempt (more info ...) | attempted-user | 2016-8390 | URL | ||
| 40493 | SERVER-WEBAPP Ektron ServerControlWS.asmx XSL transform code injection attempt (more info ...) | web-application-attack | 2015-0931 | URL | ||
| 40524 | SERVER-WEBAPP Trend Micro SafeSync JSON API ad_sync_now command injection attempt (more info ...) | web-application-attack | 92919 | URL | ||
| 40750 | SERVER-WEBAPP D-Link DIR Series Routers HNAP stack buffer overflow attempt (more info ...) | attempted-admin | 2016-6563 | 94130 | ||
| 40753 | EXPLOIT-KIT Rig exploit kit outbound communication (more info ...) | trojan-activity | ||||
| 40756 | FILE-PDF Nitro Pro PDF Font Widths tag out of bounds read attempt (more info ...) | attempted-user | 2016-8711 | URL | ||
| 40757 | FILE-PDF Nitro Pro PDF Font Widths tag out of bounds read attempt (more info ...) | attempted-user | 2016-8711 | URL | ||
| 40758 | SERVER-OTHER Moxa AWK-3131A backdoor root account access attempt (more info ...) | attempted-admin | 2016-8717 | URL | ||
| 40766 | SERVER-OTHER IBM Tivoli Storage Manager FastBack directory traversal attempt (more info ...) | attempted-admin | 2015-1941 | URL | ||
| 40772 | PUA-ADWARE Win.Trojan.Miuref variant outbound connection (more info ...) | misc-activity | URL | |||
| 40776 | FILE-PDF Nitro Pro out of bounds memory write attempt (more info ...) | attempted-user | 2016-8709 | URL | ||
| 40777 | FILE-PDF Nitro Pro out of bounds memory write attempt (more info ...) | attempted-user | 2016-8709 | URL | ||
| 40778 | FILE-PDF Acrobat Reader Open Cascade Library memory corruption attempt (more info ...) | attempted-user | 2016-6940 | URL | ||
| 40779 | FILE-PDF Acrobat Reader Open Cascade Library memory corruption attempt (more info ...) | attempted-user | 2016-6940 | URL | ||
| 40784 | SERVER-WEBAPP ZyXEL TR-064 SetNTPServers command injection attempt (more info ...) | attempted-admin | URL | |||
| 40785 | SERVER-WEBAPP Sophos Web Security Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 40786 | SERVER-WEBAPP Sophos Web Security Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 40791 | FILE-OTHER HDF5 msg_dtype H5T_ARRAY heap buffer overflow attempt (more info ...) | attempted-user | 2016-4330 | URL | ||
| 40792 | FILE-OTHER HDF5 msg_dtype H5T_ARRAY heap buffer overflow attempt (more info ...) | attempted-user | 2016-4330 | URL | ||
| 40793 | FILE-OTHER HDF5 msg_dtype H5T_ARRAY heap buffer overflow attempt (more info ...) | attempted-user | 2016-4330 | URL | ||
| 40794 | FILE-OTHER HDF5 msg_dtype H5T_ARRAY heap buffer overflow attempt (more info ...) | attempted-user | 2016-4330 | URL | ||
| 40801 | FILE-OTHER HDF5 H5Z_NBIT filter heap buffer overflow attempt (more info ...) | attempted-user | 2016-4331 | URL | ||
| 40802 | FILE-OTHER HDF5 H5Z_NBIT filter heap buffer overflow attempt (more info ...) | attempted-user | 2016-4331 | URL | ||
| 40803 | FILE-OTHER HDF5 H5O_dtype_decode_helper heap buffer overflow attempt (more info ...) | attempted-user | 2016-4333 | URL | ||
| 40804 | FILE-OTHER HDF5 H5O_dtype_decode_helper heap buffer overflow attempt (more info ...) | attempted-user | 2016-4333 | URL | ||
| 40805 | FILE-OTHER HDF5 object modification time out of bounds write attempt (more info ...) | attempted-user | 2016-4332 | URL | ||
| 40806 | FILE-OTHER HDF5 object modification time out of bounds write attempt (more info ...) | attempted-user | 2016-4332 | URL | ||
| 40807 | FILE-OTHER HDF5 symbol table message out of bounds write attempt (more info ...) | attempted-user | 2016-4332 | URL | ||
| 40808 | FILE-OTHER HDF5 symbol table message out of bounds write attempt (more info ...) | attempted-user | 2016-4332 | URL | ||
| 40809 | FILE-OTHER HDF5 new object modification time out of bounds write attempt (more info ...) | attempted-user | 2016-4332 | URL | ||
| 40810 | FILE-OTHER HDF5 new object modification time out of bounds write attempt (more info ...) | attempted-user | 2016-4332 | URL | ||
| 40829 | INDICATOR-COMPROMISE potential Squiblydoo application whitelisting bypass attempt (more info ...) | attempted-user | URL | |||
| 40830 | INDICATOR-COMPROMISE potential Squiblydoo application whitelisting bypass attempt (more info ...) | attempted-user | URL | |||
| 40843 | SERVER-OTHER OpenSSL SSLv3 warning denial of service attempt (more info ...) | attempted-dos | 2016-8610 | |||
| 40855 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40856 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40857 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40858 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40859 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40860 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40861 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40862 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40863 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40864 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40865 | SERVER-WEBAPP Bassmaster Batch remote code execution attempt (more info ...) | attempted-admin | 2014-7205 | |||
| 40866 | PROTOCOL-OTHER TP-Link TDDP SET_CONFIG type buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 40871 | MALWARE-OTHER Virut CnC command reply (more info ...) | trojan-activity | URL | |||
| 40880 | SERVER-WEBAPP Multiple products invalid HTTP request attempt (more info ...) | attempted-dos | 2016-8723 | URL | ||
| 40889 | SERVER-WEBAPP Barracuda WAF UPDATE_scan_information_in_use command injection attempt (more info ...) | web-application-attack | 2017-6320 | URL | ||
| 40897 | SERVER-OTHER ntpd mrulist control message command null pointer dereference attempt (more info ...) | attempted-dos | 2016-7434 | 94448 | URL | |
| 40898 | OS-OTHER Joyent SmartOS ioctl integer underflow attempt (more info ...) | attempted-admin | 2016-9031 | URL | ||
| 40899 | OS-OTHER Joyent SmartOS ioctl integer underflow attempt (more info ...) | attempted-admin | 2016-9031 | URL | ||
| 40900 | OS-OTHER Joyent SmartOS file system name buffer overflow attempt (more info ...) | attempted-admin | 2016-9034 | URL | ||
| 40901 | OS-OTHER Joyent SmartOS file system name buffer overflow attempt (more info ...) | attempted-admin | 2016-9034 | URL | ||
| 40902 | OS-OTHER Joyent SmartOS file system path buffer overflow attempt (more info ...) | attempted-admin | 2016-9035 | URL | ||
| 40903 | OS-OTHER Joyent SmartOS file system path buffer overflow attempt (more info ...) | attempted-admin | 2016-9035 | URL | ||
| 40905 | SERVER-WEBAPP Oracle Weblogic default credentials login attempt (more info ...) | attempted-admin | URL | |||
| 40907 | PROTOCOL-OTHER TP-Link TDDP Get_config configuration leak attempt (more info ...) | attempted-recon | URL | |||
| 40912 | MALWARE-OTHER Win.Trojan.Flokibot variant download attempt (more info ...) | trojan-activity | URL | |||
| 40913 | MALWARE-OTHER Win.Trojan.Flokibot variant download attempt (more info ...) | trojan-activity | URL | |||
| 40914 | FILE-IMAGE ImageMagick LibTIFF invalid SamplesPerPixel buffer overflow attempt (more info ...) | attempted-user | 2016-8707 | URL | ||
| 40915 | FILE-IMAGE ImageMagick LibTIFF invalid SamplesPerPixel buffer overflow attempt (more info ...) | attempted-user | 2016-8707 | URL | ||
| 40919 | FILE-PDF Iceni ArgusPDF convertor malformed embedded TTF file cmap table memory corruption attempt (more info ...) | attempted-user | 2016-8386 | URL | ||
| 40920 | FILE-PDF Iceni ArgusPDF convertor malformed embedded TTF file cmap table memory corruption attempt (more info ...) | attempted-user | 2016-8386 | URL | ||
| 40923 | FILE-PDF Iceni Argus PDF font-encoding glyphmap adjustment code execution vulnerability attempt (more info ...) | attempted-user | 2016-8388 | URL | ||
| 40924 | FILE-PDF Iceni Argus PDF font-encoding glyphmap adjustment code execution vulnerability attempt (more info ...) | attempted-user | 2016-8388 | URL | ||
| 40925 | FILE-PDF Iceni Argus PDF TextToPolys rasterization code execution vulnerability attempt (more info ...) | attempted-user | 2016-8389 | URL | ||
| 40926 | FILE-PDF Iceni Argus PDF TextToPolys rasterization code execution vulnerability attempt (more info ...) | attempted-user | 2016-8389 | URL | ||
| 40934 | FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (more info ...) | attempted-user | 2016-8823 | URL | ||
| 40935 | FILE-EXECUTABLE Nvidia Windows kernel mode driver denial of service attempt (more info ...) | attempted-user | 2016-8823 | URL | ||
| 40979 | FILE-IDENTIFY ico file download request (more info ...) | misc-activity | ||||
| 40980 | FILE-IDENTIFY ico file attachment detected (more info ...) | misc-activity | ||||
| 40981 | FILE-IDENTIFY ico file attachment detected (more info ...) | misc-activity | ||||
| 40995 | SERVER-OTHER Alcatel Lucent OmniVista arbitrary command execution attempt (more info ...) | attempted-admin | 2016-9796 | 94649 | ||
| 41026 | SERVER-WEBAPP Advantech WebAccess Dashboard remote code execution attempt (more info ...) | attempted-admin | 2016-0854 | 80745 | URL | |
| 41030 | SERVER-WEBAPP Nagios Core Configuration Manager command injection attempt (more info ...) | web-application-attack | 2013-6875 | |||
| 41035 | EXPLOIT-KIT Sundown Exploit Kit redirection attempt (more info ...) | trojan-activity | ||||
| 41036 | SERVER-WEBAPP Trend Micro InterScan WSA ManagePatches servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 41037 | SERVER-WEBAPP Trend Micro InterScan WSA domains command injection attempt (more info ...) | web-application-attack | URL | |||
| 41038 | SERVER-WEBAPP Trend Micro InterScan WSA testConfiguration command injection attempt (more info ...) | web-application-attack | URL | |||
| 41039 | SERVER-WEBAPP Trend Micro InterScan WSA wmi_domain_controllers command injection attempt (more info ...) | web-application-attack | URL | |||
| 41080 | SERVER-OTHER Tarantool xrow_header_decode out of bounds read attempt (more info ...) | attempted-dos | 2016-9037 | URL | ||
| 41081 | SERVER-OTHER Tarantool initial connection banner detected (more info ...) | protocol-command-decode | URL | |||
| 41082 | SERVER-OTHER Tarantool Msgpuck mp_check denial of service vulnerability attempt (more info ...) | attempted-dos | 2016-9036 | URL | ||
| 41084 | EXPLOIT-KIT Sundown Exploit kit landing page obfuscation detected (more info ...) | attempted-user | URL | |||
| 41085 | SERVER-WEBAPP Moxa AWK-3131A webSetPingTrace command injection attempt (more info ...) | web-application-attack | 2016-8721 | URL | ||
| 41092 | EXPLOIT-KIT Rig Exploit Kit landing page obfuscation detected (more info ...) | attempted-user | URL | |||
| 41095 | SERVER-WEBAPP Netgear WNR2000 authentication bypass attempt (more info ...) | attempted-admin | 2016-10176 | URL | ||
| 41096 | SERVER-WEBAPP Netgear WNR2000 hidden_lang_avi stack buffer overflow attempt (more info ...) | attempted-admin | 2016-10174 | URL | ||
| 41102 | SERVER-WEBAPP Moxa AWK-3131A web application cross site scripting attempt (more info ...) | attempted-user | 2016-8719 | URL | ||
| 41103 | SERVER-WEBAPP Moxa AWK-3131A web application cross site scripting attempt (more info ...) | attempted-user | 2016-8719 | URL | ||
| 41104 | SERVER-WEBAPP Moxa AWK-3131A web application cross site scripting attempt (more info ...) | attempted-user | 2016-8719 | URL | ||
| 41105 | SERVER-WEBAPP Moxa AWK-3131A web application cross site scripting attempt (more info ...) | attempted-user | 2016-8719 | URL | ||
| 41120 | FILE-IMAGE ImageMagick PostScript decode delegate command injection attempt (more info ...) | attempted-user | URL | |||
| 41121 | FILE-IMAGE ImageMagick PostScript decode delegate command injection attempt (more info ...) | attempted-user | URL | |||
| 41196 | FILE-PDF Nitro Pro PDF Reader out of bounds write attempt (more info ...) | attempted-user | 2016-8713 | URL | ||
| 41197 | FILE-PDF Nitro Pro PDF Reader out of bounds write attempt (more info ...) | attempted-user | 2016-8713 | URL | ||
| 41212 | SERVER-OTHER Aerospike Database Server digest_ripe message field out of bounds read attempt (more info ...) | attempted-user | 2016-9050 | URL | ||
| 41213 | SERVER-OTHER Aerospike Database Server client batch request exploit attempt (more info ...) | attempted-admin | 2016-9051 | URL | ||
| 41216 | SERVER-OTHER Aerospike Database Server si_prop stack buffer overflow attempt (more info ...) | attempted-user | 2016-9054 | URL | ||
| 41217 | OS-OTHER Joyent SmartOS add entries denial of service attempt (more info ...) | attempted-dos | 2016-9040 | URL | ||
| 41218 | OS-OTHER Joyent SmartOS add entries denial of service attempt (more info ...) | attempted-dos | 2016-9040 | URL | ||
| 41224 | FILE-PDF Artifex MuPDF JBIG2 negative width value out of bounds read attempt (more info ...) | attempted-user | 2016-8729 | URL | ||
| 41225 | FILE-PDF Artifex MuPDF JBIG2 negative width value out of bounds read attempt (more info ...) | attempted-user | 2016-8729 | URL | ||
| 41306 | FILE-EXECUTABLE Invincea-X SboxDrv.sys local privilege escalation attempt (more info ...) | attempted-admin | 2016-9038 | URL | ||
| 41307 | FILE-EXECUTABLE Invincea-X SboxDrv.sys local privilege escalation attempt (more info ...) | attempted-admin | 2016-9038 | URL | ||
| 41310 | FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (more info ...) | attempted-user | 2016-8710 | URL | ||
| 41311 | FILE-IMAGE libBPG restore_tqb_pixel out of bounds write attempt (more info ...) | attempted-user | 2016-8710 | URL | ||
| 41312 | FILE-EXECUTABLE Invincea Dell Protected Workspace InvProtectDrv sandbox escape attempt (more info ...) | attempted-user | 2016-8732 | URL | ||
| 41313 | FILE-EXECUTABLE Invincea Dell Protected Workspace InvProtectDrv sandbox escape attempt (more info ...) | attempted-user | 2016-8732 | URL | ||
| 41314 | EXPLOIT-KIT Rig exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 41327 | FILE-PDF Iceni Argus ipStringCreate integer overflow attempt (more info ...) | attempted-user | 2017-2777 | URL | ||
| 41328 | FILE-PDF Iceni Argus ipStringCreate integer overflow attempt (more info ...) | attempted-user | 2017-2777 | URL | ||
| 41344 | FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (more info ...) | attempted-user | 2016-9043 | URL | ||
| 41345 | FILE-OTHER CorelDRAW X8 EMF invalid ihBrush field value out of bounds read attempt (more info ...) | attempted-user | 2016-9043 | URL | ||
| 41346 | SERVER-WEBAPP Western Digital MyCloud command injection attempt (more info ...) | web-application-attack | 2016-10108 | |||
| 41347 | SERVER-WEBAPP Western Digital MyCloud command injection attempt (more info ...) | web-application-attack | 2016-10108 | |||
| 41348 | SERVER-WEBAPP Western Digital MyCloud command injection attempt (more info ...) | web-application-attack | 2016-10108 | |||
| 41349 | SERVER-WEBAPP Western Digital MyCloud command injection attempt (more info ...) | web-application-attack | 2016-10108 | |||
| 41350 | FILE-OTHER Apple Garageband .band file out of bounds write attempt (more info ...) | attempted-user | 2017-2372 | URL | ||
| 41351 | FILE-OTHER Apple Garageband .band file out of bounds write attempt (more info ...) | attempted-user | 2017-2372 | URL | ||
| 41360 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (more info ...) | attempted-user | URL | |||
| 41361 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (more info ...) | attempted-user | URL | |||
| 41362 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (more info ...) | attempted-user | URL | |||
| 41363 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0270 attack attempt (more info ...) | attempted-user | URL | |||
| 41364 | PROTOCOL-OTHER ARM mbed TLS x509 invalid public key remote code execution attempt (more info ...) | attempted-user | URL | |||
| 41367 | SERVER-OTHER NTPD zero origin timestamp denial of service attempt (more info ...) | attempted-dos | 2016-9042 | URL | ||
| 41370 | FILE-OTHER National Instruments LabVIEW LvVarientUnflatten remote code execution attempt (more info ...) | attempted-user | 2017-2775 | URL | ||
| 41371 | FILE-OTHER National Instruments LabVIEW LvVarientUnflatten remote code execution attempt (more info ...) | attempted-user | 2017-2775 | URL | ||
| 41372 | FILE-IMAGE Oracle Outside In libvs_gif out of bounds write attempt (more info ...) | attempted-admin | URL | |||
| 41373 | FILE-IMAGE Oracle Outside In libvs_gif out of bounds write attempt (more info ...) | attempted-admin | URL | |||
| 41387 | SERVER-WEBAPP ZyXEL P660HN ADSL Router logset.asp command injection attempt (more info ...) | web-application-attack | URL | |||
| 41388 | SERVER-WEBAPP ZyXEL P660HN ADSL Router viewlog.asp command injection attempt (more info ...) | web-application-attack | URL | |||
| 41401 | SERVER-WEBAPP Billion 5200W ADSL Router adv_remotelog.asp command injection attempt (more info ...) | web-application-attack | URL | |||
| 41402 | SERVER-WEBAPP Billion 5200W ADSL Router tools_time.asp command injection attempt (more info ...) | web-application-attack | URL | |||
| 41447 | FILE-OTHER Apple GarageBand out of bounds write attempt (more info ...) | attempted-user | 2017-2374 | URL | ||
| 41448 | FILE-OTHER Apple GarageBand out of bounds write attempt (more info ...) | attempted-user | 2017-2374 | URL | ||
| 41466 | SERVER-OTHER TRUFFLEHUNTER TALOS-2016-0278 attack attempt (more info ...) | attempted-recon | 2017-2782 | URL | ||
| 41470 | FILE-PDF MuPDF Fitz library font glyph scaling code execution vulnerability attempt (more info ...) | attempted-user | 2016-8728 | URL | ||
| 41471 | FILE-PDF MuPDF Fitz library font glyph scaling code execution vulnerability attempt (more info ...) | attempted-user | 2016-8728 | URL | ||
| 41489 | SERVER-WEBAPP Sophos Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2016-9553 | 95853 | URL | |
| 41490 | SERVER-WEBAPP Sophos Web Security Appliance command injection attempt (more info ...) | web-application-attack | 2016-9553 | 95853 | URL | |
| 41505 | SERVER-OTHER Pharos PopUp Printer Client DecodeString heap overflow attempt (more info ...) | attempted-admin | 2017-2785 | URL | ||
| 41506 | SERVER-OTHER Pharos PopUp Printer Client DecodeString heap overflow attempt (more info ...) | attempted-admin | 2017-2785 | URL | ||
| 41508 | SERVER-OTHER Pharos PopUp Printer Client Memcpy heap overflow attempt (more info ...) | attempted-admin | 2017-2787 | URL | ||
| 41509 | SERVER-OTHER Pharos PopUp Printer Client DecodeBinary heap buffer overflow attempt (more info ...) | attempted-admin | 2017-2788 | URL | ||
| 41510 | SERVER-OTHER Pharos PopUp Printer Client DecodeBinary heap buffer overflow attempt (more info ...) | attempted-admin | 2017-2788 | URL | ||
| 41520 | SERVER-OTHER Ge Fanuc Proficy WebView DOS attempt (more info ...) | attempted-dos | URL | |||
| 41535 | SERVER-WEBAPP Broadwin WebAccess DOS attempt (more info ...) | attempted-dos | 2012-0241 | |||
| 41547 | SERVER-OTHER TLS client hello session resumption detected (more info ...) | protocol-command-decode | URL | |||
| 41548 | SERVER-OTHER F5 BIG-IP TLS session ticket implementation uninitialized memory disclosure attempt (more info ...) | attempted-recon | 2016-9244 | URL | ||
| 41597 | FILE-OTHER Windows Uniscribe remote code execution vulnerability attempt (more info ...) | attempted-user | 2017-0014 | URL | ||
| 41598 | FILE-OTHER Windows Uniscribe remote code execution vulnerability attempt (more info ...) | attempted-user | 2017-0014 | URL | ||
| 41642 | SERVER-WEBAPP TP-LINK AC750 ping diagnostic command injection attempt (more info ...) | web-application-attack | URL | |||
| 41646 | PROTOCOL-SCADA BB-Elec ethernet gateway DOS attempt (more info ...) | attempted-dos | URL | |||
| 41658 | MALWARE-OTHER Win.Trojan.MagicHound dropper document file detected (more info ...) | trojan-activity | URL | |||
| 41659 | MALWARE-OTHER Win.Trojan.MagicHound dropper document file detected (more info ...) | trojan-activity | URL | |||
| 41677 | SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration export attempt (more info ...) | attempted-recon | 2016-9314 | URL | ||
| 41678 | SERVER-WEBAPP Trend Micro InterScan Web Security Appliance insecure configuration import attempt (more info ...) | attempted-admin | 2016-9314 | URL | ||
| 41732 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 41733 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 41734 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 41735 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 41743 | PROTOCOL-SCADA TwinCAT PLC DOS attempt (more info ...) | attempted-dos | URL | |||
| 41752 | PROTOCOL-SCADA PowerNet Twin Client DOS attempt (more info ...) | attempted-dos | URL | |||
| 41771 | MALWARE-TOOLS slowhttptest DoS tool (more info ...) | attempted-dos | URL | |||
| 41778 | PROTOCOL-SCADA Yokogawa CS3000 BKFSim_vhfd buffer overflow attempt (more info ...) | attempted-admin | 2014-3888 | |||
| 41781 | SERVER-WEBAPP carel plantvisorpro3 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 41782 | SERVER-WEBAPP carel plantvisorpro3 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 41783 | EXPLOIT-KIT Rig exploit kit URL outbound communication (more info ...) | trojan-activity | ||||
| 41790 | SERVER-WEBAPP Brocade Network Advisor CliMonitorReportServlet directory traversal attempt (more info ...) | web-application-attack | 2016-8207 | 95691 | URL | |
| 41808 | FILE-IMAGE ImageMagick mvg processing command server side request forgery attempt (more info ...) | attempted-user | 2016-3718 | URL | ||
| 41809 | FILE-IMAGE ImageMagick mvg processing command server side request forgery attempt (more info ...) | attempted-user | 2016-3718 | URL | ||
| 41814 | SERVER-WEBAPP NetGain Enterprise Manager arbitrary command execution attempt (more info ...) | attempted-admin | URL | |||
| 41815 | SERVER-WEBAPP NetGain Enterprise Manager arbitrary command execution attempt (more info ...) | attempted-admin | URL | |||
| 41917 | SERVER-WEBAPP Carel PlantVisorPRO default login attempt (more info ...) | web-application-attack | URL | |||
| 41970 | FILE-IMAGE GDI+ malformed EMF comment heap access violation attempt (more info ...) | attempted-user | 2017-0060 | URL | ||
| 41971 | FILE-IMAGE GDI+ malformed EMF comment heap access violation attempt (more info ...) | attempted-user | 2017-0060 | URL | ||
| 41999 | OS-OTHER Apple OSX and iOS x509 certificate name constraints parsing use after free attempt (more info ...) | attempted-admin | 2017-2485 | URL | ||
| 42005 | SERVER-WEBAPP Logsign JSON API validate_file command injection attempt (more info ...) | attempted-admin | URL | |||
| 42014 | BROWSER-OTHER TRUFFLEHUNTER SFVRT-1024 attack attempt (more info ...) | attempted-recon | ||||
| 42018 | EXPLOIT-KIT Exploit Kit EITest Gate redirection attempt detected (more info ...) | trojan-activity | ||||
| 42074 | PROTOCOL-SCADA TraceMode Runtime DOS attempt (more info ...) | attempted-dos | URL | |||
| 42075 | PROTOCOL-SCADA TraceMode Runtime DOS attempt (more info ...) | attempted-dos | URL | |||
| 42088 | FILE-IMAGE Corel Photo Paint invalid ImageLength memory corruption attempt (more info ...) | attempted-user | 2017-2804 | URL | ||
| 42089 | FILE-IMAGE Corel Photo Paint invalid ImageLength memory corruption attempt (more info ...) | attempted-user | 2017-2804 | URL | ||
| 42090 | FILE-IMAGE Corel Photo Paint invalid ImageLength memory corruption attempt (more info ...) | attempted-user | 2017-2804 | URL | ||
| 42091 | FILE-IMAGE Corel Photo Paint invalid ImageLength memory corruption attempt (more info ...) | attempted-user | 2017-2804 | URL | ||
| 42102 | SERVER-WEBAPP Trend Micro SafeSync command injection attempt (more info ...) | web-application-attack | URL | |||
| 42103 | SERVER-WEBAPP Trend Micro SafeSync command injection attempt (more info ...) | web-application-attack | URL | |||
| 42104 | SERVER-WEBAPP Trend Micro SafeSync command injection attempt (more info ...) | web-application-attack | URL | |||
| 42107 | SERVER-WEBAPP EyesOfNetwork module command injection attempt (more info ...) | web-application-attack | 2017-6087 | URL | ||
| 42108 | SERVER-WEBAPP EyesOfNetwork module command injection attempt (more info ...) | web-application-attack | 2017-6087 | URL | ||
| 42111 | INDICATOR-OBFUSCATION Base64 encoded String.fromCharCode (more info ...) | misc-activity | URL | |||
| 42112 | BROWSER-OTHER multiple browsers content security policy bypass attempt (more info ...) | policy-violation | 2017-5033 | |||
| 42131 | SERVER-WEBAPP Cambium Networks ePMP 1000 command injection attempt (more info ...) | web-application-attack | URL | |||
| 42132 | SERVER-WEBAPP Cambium Networks ePMP 1000 command injection attempt (more info ...) | web-application-attack | URL | |||
| 42140 | FILE-IMAGE Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability attempt (more info ...) | attempted-user | 2016-8730 | URL | ||
| 42141 | FILE-IMAGE Corel PHOTO-PAINT X8 GIF Filter Code Execution Vulnerability attempt (more info ...) | attempted-user | 2016-8730 | URL | ||
| 42142 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0303 attack attempt (more info ...) | attempted-user | 2017-2807 | URL | ||
| 42143 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0303 attack attempt (more info ...) | attempted-user | 2017-2807 | URL | ||
| 42146 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0304 attack attempt (more info ...) | attempted-user | 2017-2808 | URL | ||
| 42147 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0304 attack attempt (more info ...) | attempted-user | 2017-2808 | URL | ||
| 42177 | FILE-OTHER IrfanView JPEG2000 reference tile width value buffer overflow attempt (more info ...) | attempted-user | 2017-2813 | URL | ||
| 42178 | FILE-OTHER IrfanView JPEG2000 reference tile width value buffer overflow attempt (more info ...) | attempted-user | 2017-2813 | URL | ||
| 42179 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-2811 attack attempt (more info ...) | attempted-user | 2017-2811 | URL | ||
| 42180 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-2811 attack attempt (more info ...) | attempted-user | 2017-2811 | URL | ||
| 42191 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (more info ...) | attempted-user | 2017-2812 | URL | ||
| 42192 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (more info ...) | attempted-user | 2017-2812 | URL | ||
| 42193 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (more info ...) | attempted-user | 2017-2812 | URL | ||
| 42194 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0309 attack attempt (more info ...) | attempted-user | 2017-2812 | URL | ||
| 42195 | FILE-OTHER Tablib yaml.load code execution attempt (more info ...) | attempted-user | 2017-2810 | URL | ||
| 42196 | FILE-OTHER Tablib yaml.load code execution attempt (more info ...) | attempted-user | 2017-2810 | URL | ||
| 42220 | SERVER-WEBAPP BlueCoat CAS report-email command injection attempt (more info ...) | web-application-attack | 2016-9091 | URL | ||
| 42221 | SERVER-WEBAPP Moxa private key disclosure attempt (more info ...) | web-application-attack | 2017-7455 | |||
| 42222 | SERVER-WEBAPP Moxa MX Studio login page denial of service attempt (more info ...) | attempted-dos | 2017-7456 | |||
| 42232 | SERVER-OTHER TopSec Firewall cookie header command injection attempt (more info ...) | attempted-user | URL | |||
| 42235 | SERVER-OTHER NTP malformed config request denial of service attempt (more info ...) | denial-of-service | 2017-6464 | URL | ||
| 42244 | SERVER-WEBAPP Information Builders WebFOCUS Business Intelligence Portal command injection attempt (more info ...) | web-application-attack | 2017-9044 | URL | ||
| 42245 | SERVER-WEBAPP Information Builders WebFOCUS Business Intelligence Portal command injection attempt (more info ...) | web-application-attack | 2017-9044 | URL | ||
| 42246 | SERVER-WEBAPP Information Builders WebFOCUS Business Intelligence Portal command injection attempt (more info ...) | web-application-attack | 2017-9044 | URL | ||
| 42247 | SERVER-WEBAPP Information Builders WebFOCUS Business Intelligence Portal command injection attempt (more info ...) | web-application-attack | 2017-9044 | URL | ||
| 42257 | FILE-IDENTIFY ISO file magic detected (more info ...) | misc-activity | URL | |||
| 42258 | FILE-IDENTIFY ISO file attachment detected (more info ...) | misc-activity | URL | |||
| 42259 | FILE-IDENTIFY ISO file attachment detected (more info ...) | misc-activity | URL | |||
| 42260 | FILE-IDENTIFY ISO file attachment detected (more info ...) | misc-activity | URL | |||
| 42261 | FILE-IDENTIFY ISO file magic detected (more info ...) | misc-activity | URL | |||
| 42262 | FILE-IDENTIFY ISO file download request (more info ...) | misc-activity | URL | |||
| 42273 | FILE-PDF Poppler DCTStream readScan heap buffer overflow attempt (more info ...) | attempted-user | 2017-2814 | URL | ||
| 42274 | FILE-PDF Poppler DCTStream readScan heap buffer overflow attempt (more info ...) | attempted-user | 2017-2814 | URL | ||
| 42285 | FILE-PDF Multiple Products malformed JP2K codestream out of bounds read attempt (more info ...) | attempted-user | 2017-8737 | URL | ||
| 42286 | FILE-PDF Multiple Products malformed JP2K codestream out of bounds read attempt (more info ...) | attempted-user | 2017-8737 | URL | ||
| 42290 | SERVER-WEBAPP Openfire userimportexport plugin XML external entity injection attempt (more info ...) | web-application-attack | 2017-2815 | URL | ||
| 42291 | SERVER-WEBAPP AlienVault OSSIM API get_host_fqdn host_ip command injection attempt (more info ...) | web-application-attack | URL | |||
| 42311 | FILE-PDF Multiple Products malformed JP2K codestream out of bounds read attempt (more info ...) | attempted-user | 2018-8464 | URL | ||
| 42312 | FILE-PDF Multiple Products malformed JP2K codestream out of bounds read attempt (more info ...) | attempted-user | 2018-8464 | URL | ||
| 42313 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0322 attack attempt (more info ...) | attempted-user | 2017-2821 | URL | ||
| 42314 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0322 attack attempt (more info ...) | attempted-user | 2017-2821 | URL | ||
| 42321 | FILE-OTHER Power Software PowerISO invalid primary volume descriptor header use after free attempt (more info ...) | attempted-user | 2017-2823 | URL | ||
| 42322 | FILE-OTHER Power Software PowerISO invalid primary volume descriptor header use after free attempt (more info ...) | attempted-user | 2017-2823 | URL | ||
| 42326 | SERVER-OTHER Zabbix Server Trapper code execution attempt (more info ...) | attempted-admin | 2017-2825 | URL | ||
| 42337 | INDICATOR-COMPROMISE Zabbix Proxy configuration containing script detected (more info ...) | attempted-user | 2017-2825 | URL | ||
| 42345 | SERVER-WEBAPP Tenable Appliance simpleupload.py command injection attempt (more info ...) | web-application-attack | 2017-8051 | URL | ||
| 42346 | SERVER-WEBAPP Tenable Appliance simpleupload.py command injection attempt (more info ...) | web-application-attack | 2017-8051 | URL | ||
| 42347 | SERVER-WEBAPP Tenable Appliance simpleupload.py command injection attempt (more info ...) | web-application-attack | 2017-8051 | URL | ||
| 42355 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42356 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42357 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42358 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42359 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42360 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42361 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42362 | SERVER-OTHER 389-ds-base bind code execution attempt (more info ...) | attempted-admin | 2017-2668 | |||
| 42372 | POLICY-OTHER eicar file detected (more info ...) | misc-activity | URL | |||
| 42373 | POLICY-OTHER eicar file detected (more info ...) | misc-activity | URL | |||
| 42374 | POLICY-OTHER eicar file detected (more info ...) | misc-activity | URL | |||
| 42375 | POLICY-OTHER eicar file detected (more info ...) | misc-activity | URL | |||
| 42376 | POLICY-OTHER eicar file detected (more info ...) | misc-activity | URL | |||
| 42392 | SERVER-WEBAPP Yealink VoIP phone directory traversal attempt (more info ...) | web-application-attack | 2013-5756 | 68053 | ||
| 42393 | SERVER-WEBAPP Yealink VoIP phone directory traversal attempt (more info ...) | web-application-attack | 2013-5756 | 68053 | ||
| 42394 | SERVER-WEBAPP Yealink VoIP phone directory traversal attempt (more info ...) | web-application-attack | 2013-5756 | 68053 | ||
| 42396 | EXPLOIT-KIT Blacole inbound malformed pdf download attempt (more info ...) | trojan-activity | URL | |||
| 42397 | EXPLOIT-KIT Blacole inbound malformed pdf download attempt (more info ...) | trojan-activity | URL | |||
| 42406 | SERVER-WEBAPP WePresent WiPG admin backdoor login attempt (more info ...) | attempted-admin | URL | |||
| 42410 | SERVER-WEBAPP WePresent WiPG rdtool backdoor login attempt (more info ...) | attempted-admin | URL | |||
| 42411 | SERVER-WEBAPP WePresent WiPG session id check bypass attempt (more info ...) | attempted-admin | URL | |||
| 42432 | SERVER-WEBAPP Foscam IP Camera command injection attempt (more info ...) | web-application-attack | 2017-2873 | URL | ||
| 42433 | SERVER-WEBAPP Foscam IP Camera command injection attempt (more info ...) | web-application-attack | 2017-2873 | URL | ||
| 42434 | SERVER-WEBAPP Foscam IP Camera command injection attempt (more info ...) | web-application-attack | 2017-2873 | URL | ||
| 42435 | SERVER-WEBAPP Foscam IP Camera callbackJson directory traversal attempt (more info ...) | web-application-attack | 2017-2829 | URL | ||
| 42436 | SERVER-WEBAPP Foscam IP Camera callbackJson directory traversal attempt (more info ...) | web-application-attack | 2017-2829 | URL | ||
| 42437 | SERVER-WEBAPP Foscam IP Camera multipart boundary stack buffer overflow attempt (more info ...) | web-application-attack | 2017-2830 | URL | ||
| 42467 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42468 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42469 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42470 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42471 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42472 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42473 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42474 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42475 | FILE-PDF malformed embedded JPEG2000 image information disclosure attempt (more info ...) | misc-activity | 2017-3029 | URL | ||
| 42476 | FILE-PDF malformed embedded JPEG2000 image information disclosure attempt (more info ...) | misc-activity | 2017-3029 | URL | ||
| 42477 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42478 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42479 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42480 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42481 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42482 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42483 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42484 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | |||
| 42485 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42486 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42487 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42488 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42806 | EXPLOIT-KIT Rig Exploit Kit URL outbound communication (more info ...) | attempted-user | ||||
| 42822 | MALWARE-OTHER Win.Downloader.Carp variant download attempt (more info ...) | trojan-activity | URL | |||
| 42823 | MALWARE-OTHER Win.Downloader.Carp variant download attempt (more info ...) | trojan-activity | URL | |||
| 42824 | MALWARE-OTHER Win.Downloader.Carp variant download attempt (more info ...) | trojan-activity | URL | |||
| 42825 | MALWARE-OTHER Win.Downloader.Carp variant download attempt (more info ...) | trojan-activity | URL | |||
| 42826 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42827 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42828 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42829 | SERVER-WEBAPP Edimax 802.11AC repeater command injection attempt (more info ...) | web-application-attack | 2015-5536 | URL | ||
| 42842 | SERVER-WEBAPP Reprise License Manager edit_lf_get_data directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 42843 | SERVER-WEBAPP Unitrends Enterprise Backup Appliance download-files command injection attempt (more info ...) | web-application-attack | 2017-7283 | URL | ||
| 42853 | SERVER-WEBAPP Serviio Media Server checkStreamUrl command injection attempt (more info ...) | web-application-attack | URL | |||
| 42854 | SERVER-WEBAPP Serviio Media Server checkStreamUrl command injection attempt (more info ...) | web-application-attack | URL | |||
| 42887 | SERVER-OTHER ntpq flagstr buffer overflow attempt (more info ...) | attempted-user | 2017-6460 | URL | ||
| 42890 | FILE-OTHER AfterMidnight post exploitation tool aftermidnight.dll dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 42891 | FILE-OTHER AfterMidnight post exploitation tool request for aftermidnight.dll over SMB attempt (more info ...) | attempted-user | URL | |||
| 42910 | FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (more info ...) | attempted-user | 2017-3042 | URL | ||
| 42911 | FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (more info ...) | attempted-user | 2017-3042 | URL | ||
| 42912 | FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (more info ...) | attempted-user | 2017-3042 | URL | ||
| 42913 | FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (more info ...) | attempted-user | 2017-3042 | URL | ||
| 42914 | FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (more info ...) | attempted-user | 2017-3042 | URL | ||
| 42915 | FILE-PDF Acrobat Reader TIFF malformed IFD tag heap overflow attempt (more info ...) | attempted-user | 2017-3042 | URL | ||
| 42918 | FILE-IDENTIFY ISO file attachment detected (more info ...) | misc-activity | ||||
| 42920 | SERVER-WEBAPP LogRhythm Network Monitor JSON configuration API command injection attempt (more info ...) | web-application-attack | URL | |||
| 42941 | PROTOCOL-OTHER FreeRDP PER length integer underflow attempt (more info ...) | attempted-user | 2017-2835 | URL | ||
| 42947 | INDICATOR-OBFUSCATION Dridex String.prototype function definition obfuscation attempt (more info ...) | misc-activity | URL | |||
| 42951 | SERVER-WEBAPP Oracle Fusion Middleware MapViewer arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2017-3230 | 97746 | URL | |
| 42952 | SERVER-WEBAPP Oracle Fusion Middleware MapViewer directory traversal attempt (more info ...) | web-application-attack | 2017-3230 | 97746 | URL | |
| 42953 | SERVER-WEBAPP Oracle Fusion Middleware MapViewer directory traversal attempt (more info ...) | web-application-attack | 2017-3230 | 97746 | URL | |
| 42954 | SERVER-WEBAPP Oracle Fusion Middleware MapViewer directory traversal attempt (more info ...) | web-application-attack | 2017-3230 | 97746 | URL | |
| 42956 | SERVER-WEBAPP Brocade Network Advisor CliMonitorReportServlet directory traversal attempt (more info ...) | web-application-attack | 2016-8207 | 95691 | URL | |
| 42957 | SERVER-WEBAPP Brocade Network Advisor CliMonitorReportServlet directory traversal attempt (more info ...) | web-application-attack | 2016-8207 | 95691 | URL | |
| 42973 | PROTOCOL-OTHER FreeRDP RSA modulus length integer underflow attempt (more info ...) | attempted-user | 2017-2836 | URL | ||
| 42974 | PROTOCOL-OTHER FreeRDP invalid cbCompanyName out of bounds read attempt (more info ...) | attempted-user | 2017-2838 | URL | ||
| 42975 | PROTOCOL-OTHER FreeRDP invalid EncryptedPlatformChallenge null pointer dereference attempt (more info ...) | attempted-user | 2017-2839 | URL | ||
| 42998 | PROTOCOL-OTHER FreeRDP invalid MCS serverRandomLen out of bounds read attempt (more info ...) | attempted-user | 2017-2837 | URL | ||
| 42999 | SERVER-WEBAPP Brocade Network Advisor directory traversal attempt (more info ...) | web-application-attack | 2016-8206 | |||
| 43004 | SERVER-SAMBA Samba is_known_pipe arbitrary module load code execution attempt (more info ...) | attempted-user | 2017-7494 | URL | ||
| 43005 | SERVER-WEBAPP Foscam setWifiSetting command psk stack buffer overflow attempt (more info ...) | attempted-admin | 2017-2851 | URL | ||
| 43045 | SERVER-OTHER RaySharp DVR administrative interface access attempt (more info ...) | attempted-admin | URL | |||
| 43060 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0355 attack attempt (more info ...) | attempted-admin | 2017-2853 | URL | ||
| 43061 | SERVER-WEBAPP Foscam changeUserName command passwd file injection attempt (more info ...) | attempted-admin | 2017-2850 | URL | ||
| 43064 | SERVER-OTHER NetBackup bprd remote file write attempt (more info ...) | attempted-admin | 2017-8857 | URL | ||
| 43077 | SERVER-WEBAPP Trend Micro InterScan WSA ManagePatches servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43078 | SERVER-WEBAPP Trend Micro InterScan WSA ManagePatches servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43079 | SERVER-WEBAPP Trend Micro InterScan WSA ManagePatches servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43093 | SERVER-WEBAPP CA Unified Infrastructure Management download_lar servelet directory traversal attempt (more info ...) | web-application-attack | 2016-5803 | URL | ||
| 43095 | FILE-IMAGE ImageMagick SyncExifProfile out-of-bounds memory read attempt (more info ...) | attempted-user | 2016-7799 | URL | ||
| 43096 | FILE-IMAGE ImageMagick SyncExifProfile out-of-bounds memory read attempt (more info ...) | attempted-user | 2016-7799 | URL | ||
| 43097 | FILE-IMAGE ImageMagick SyncExifProfile out-of-bounds memory read attempt (more info ...) | attempted-user | 2016-7799 | URL | ||
| 43098 | FILE-IMAGE ImageMagick SyncExifProfile out-of-bounds memory read attempt (more info ...) | attempted-user | 2016-7799 | URL | ||
| 43109 | SERVER-OTHER Magento unauthenticated arbitrary file write attempt (more info ...) | attempted-admin | 2016-4010 | URL | ||
| 43120 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0356 attack attempt (more info ...) | attempted-user | 2017-16367 | URL | ||
| 43121 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0356 attack attempt (more info ...) | attempted-user | 2017-16367 | URL | ||
| 43148 | PROTOCOL-SCADA Rockwell Automation CIP challenge-response buffer overflow attempt (more info ...) | attempted-admin | ||||
| 43149 | PROTOCOL-SCADA Rockwell Automation CIP certificate request unknown certificate detected (more info ...) | policy-violation | ||||
| 43150 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0362 attack attempt (more info ...) | attempted-dos | 2017-2858 | URL | ||
| 43151 | SERVER-WEBAPP Trend Micro InterScan WSA PacFileManagement servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43152 | SERVER-WEBAPP Trend Micro InterScan WSA PacFileManagement servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43153 | SERVER-WEBAPP Trend Micro InterScan WSA PacFileManagement servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43154 | SERVER-WEBAPP Trend Micro InterScan WSA PacFileManagement servlet command injection attempt (more info ...) | web-application-attack | URL | |||
| 43167 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0361 attack attempt (more info ...) | attempted-user | URL | |||
| 43168 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0361 attack attempt (more info ...) | attempted-user | URL | |||
| 43178 | SERVER-WEBAPP VICIdial user_authorization command injection attempt (more info ...) | attempted-admin | URL | |||
| 43181 | FILE-OTHER Oniguruma expression parser out of bounds write attempt (more info ...) | attempted-user | 2017-9226 | |||
| 43182 | FILE-OTHER Oniguruma expression parser out of bounds write attempt (more info ...) | attempted-user | 2017-9226 | |||
| 43191 | SERVER-WEBAPP Symantec Messaging Gateway performBackupNow.do command injection attempt (more info ...) | web-application-attack | 2017-6326 | URL | ||
| 43192 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0364 attack attempt (more info ...) | attempted-dos | 2017-2860 | URL | ||
| 43211 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0365 attack attempt (more info ...) | attempted-dos | 2017-2861 | URL | ||
| 43212 | FILE-PDF Iceni Infix PDF parsing out of bounds write attempt (more info ...) | attempted-user | 2017-2863 | URL | ||
| 43213 | FILE-PDF Iceni Infix PDF parsing out of bounds write attempt (more info ...) | attempted-user | 2017-2863 | URL | ||
| 43216 | INDICATOR-OBFUSCATION HTTP payload not fully gzip compressed attempt (more info ...) | misc-activity | URL | |||
| 43221 | MALWARE-OTHER Win.Trojan-Downloader.Jadtree GET request of RAR file to server (more info ...) | trojan-activity | URL | |||
| 43237 | SERVER-WEBAPP SysAid Enterprise auth bypass and remote file upload attempt (more info ...) | attempted-admin | ||||
| 43249 | SERVER-WEBAPP Nuxeo CMS BatchUploadObject arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2017-5869 | 97083 | URL | |
| 43250 | SERVER-WEBAPP Nuxeo CMS BatchUploadObject directory traversal attempt (more info ...) | web-application-attack | 2017-5869 | 97083 | URL | |
| 43251 | SERVER-WEBAPP Trend Micro InterScan WSA LogSettingHandler command injection attempt (more info ...) | web-application-attack | URL | |||
| 43255 | INDICATOR-SHELLCODE single byte x86 xor decryption routine (more info ...) | shellcode-detect | ||||
| 43256 | INDICATOR-OBFUSCATION Rig EK fromCharCode offset 33 obfuscated getElementsByTagName call (more info ...) | policy-violation | URL | |||
| 43257 | SERVER-WEBAPP CA eHealth command injection command injection attempt (more info ...) | web-application-attack | 2016-6152 | URL | ||
| 43258 | SERVER-WEBAPP CA eHealth command injection command injection attempt (more info ...) | web-application-attack | 2016-6152 | URL | ||
| 43272 | SERVER-WEBAPP Advantech WebAccess openWidget directory traversal attempt directory traversal attempt (more info ...) | web-application-attack | 2016-0855 | URL | ||
| 43273 | SERVER-WEBAPP Advantech WebAccess openWidget directory traversal attempt directory traversal attempt (more info ...) | web-application-attack | 2016-0855 | URL | ||
| 43274 | SERVER-WEBAPP Advantech WebAccess openWidget directory traversal attempt directory traversal attempt (more info ...) | web-application-attack | 2016-0855 | URL | ||
| 43291 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated application deployment attempt (more info ...) | attempted-recon | 2001-1371 | |||
| 43307 | SERVER-WEBAPP csSearch setup attempt (more info ...) | web-application-activity | 2002-0495 | 4368 | ||
| 43366 | SERVER-WEBAPP Piwigo directory traversal attempt (more info ...) | web-application-attack | 2013-1469 | |||
| 43402 | SERVER-WEBAPP HP Intelligent Management Center directory traversal directory traversal attempt (more info ...) | web-application-attack | 2014-2618 | 68540 | ||
| 43403 | SERVER-WEBAPP HP Intelligent Management Center directory traversal directory traversal attempt (more info ...) | web-application-attack | 2014-2618 | 68540 | ||
| 43404 | SERVER-WEBAPP HP Intelligent Management Center directory traversal directory traversal attempt (more info ...) | web-application-attack | 2014-2618 | 68540 | ||
| 43437 | SERVER-WEBAPP GoAutoDial cpanel command injection attempt (more info ...) | web-application-attack | 2015-2845 | 74281 | ||
| 43438 | SERVER-WEBAPP GoAutoDial cpanel command injection attempt (more info ...) | web-application-attack | 2015-2845 | 74281 | ||
| 43442 | MALWARE-OTHER Win.Ransomware.Sorebrect download attempt (more info ...) | trojan-activity | URL | |||
| 43443 | MALWARE-OTHER Win.Ransomware.Sorebrect download attempt (more info ...) | trojan-activity | URL | |||
| 43464 | SERVER-OTHER HP Intelligent Management Center dbman RestartDB opcode command injection attempt (more info ...) | attempted-admin | 2017-5816 | 98469 | URL | |
| 43483 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0369 attack attempt (more info ...) | attempted-admin | URL | |||
| 43484 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0369 attack attempt (more info ...) | attempted-admin | URL | |||
| 43485 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0369 attack attempt (more info ...) | attempted-admin | URL | |||
| 43486 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0368 attack attempt (more info ...) | attempted-admin | URL | |||
| 43488 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0372 attack attempt (more info ...) | attempted-admin | 2017-2890 | URL | ||
| 43489 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0374 attack attempt (more info ...) | attempted-admin | 2017-2869 | URL | ||
| 43494 | SERVER-WEBAPP Lets Encrypt SSL certificate for domain resembling appleid (more info ...) | misc-attack | ||||
| 43518 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0373 attack attempt (more info ...) | attempted-admin | 2017-2867 | URL | ||
| 43545 | SERVER-WEBAPP HPE System Management Homepage buffer overflow attempt (more info ...) | attempted-admin | 2016-4395 | 93961 | ||
| 43548 | SERVER-WEBAPP Brocade Network Advisor remote code execution attempt (more info ...) | web-application-attack | 2016-8204 | 95695 | URL | |
| 43549 | SERVER-WEBAPP AlienVault Unified Security Manager authentication bypass attempt (more info ...) | attempted-admin | ||||
| 43552 | SERVER-WEBAPP ReadyDesk upload remote code execution attempt (more info ...) | web-application-attack | ||||
| 43553 | SERVER-WEBAPP ReadyDesk upload remote code execution attempt (more info ...) | web-application-attack | ||||
| 43554 | SERVER-WEBAPP ReadyDesk upload remote code execution attempt (more info ...) | web-application-attack | ||||
| 43556 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0382 attack attempt (more info ...) | attempted-admin | 2017-2876 | URL | ||
| 43557 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0384 attack attempt (more info ...) | attempted-admin | 2017-2877 | URL | ||
| 43558 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0379 attack attempt (more info ...) | misc-activity | 2017-2872 | URL | ||
| 43559 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0378 attack attempt (more info ...) | misc-activity | 2017-2871 | URL | ||
| 43561 | SERVER-OTHER Aerospike Database Server si_prop stack buffer overflow attempt (more info ...) | attempted-user | 2016-9054 | URL | ||
| 43583 | SERVER-WEBAPP CA eHealth command injection attempt (more info ...) | web-application-attack | 2016-6152 | 80698 | URL | |
| 43584 | SERVER-WEBAPP CA eHealth command injection attempt (more info ...) | web-application-attack | 2016-6152 | 80698 | URL | |
| 43585 | SERVER-WEBAPP CA eHealth command injection attempt (more info ...) | web-application-attack | 2016-6152 | 80698 | URL | |
| 43586 | SERVER-WEBAPP CA eHealth command injection attempt (more info ...) | web-application-attack | 2016-6152 | 80698 | URL | |
| 43588 | SERVER-WEBAPP Brocade Network Advisor directory traversal attempt (more info ...) | web-application-attack | 2016-8205 | 95694 | URL | |
| 43589 | SERVER-WEBAPP Brocade Network Advisor directory traversal attempt (more info ...) | web-application-attack | 2016-8205 | 95694 | URL | |
| 43590 | SERVER-WEBAPP Brocade Network Advisor directory traversal attempt (more info ...) | web-application-attack | 2016-8205 | 95694 | URL | |
| 43603 | FILE-OTHER Schneider Electric ClearSCADA malicious OPF file (more info ...) | attempted-admin | 2014-0779 | |||
| 43604 | FILE-OTHER Schneider Electric ClearSCADA malicious OPF file (more info ...) | attempted-admin | 2014-0779 | |||
| 43625 | SERVER-WEBAPP Axis M3004 remote code execution attempt (more info ...) | attempted-user | 2017-9765 | |||
| 43645 | SERVER-WEBAPP SonicWall Secure Remote Access diagnostics command injection attempt (more info ...) | web-application-attack | 2016-9682 | 96375 | URL | |
| 43646 | SERVER-WEBAPP SonicWall Secure Remote Access diagnostics command injection attempt (more info ...) | web-application-attack | 2016-9682 | 96375 | URL | |
| 43647 | SERVER-WEBAPP SonicWall Secure Remote Access diagnostics command injection attempt (more info ...) | web-application-attack | 2016-9682 | 96375 | URL | |
| 43684 | MALWARE-OTHER Win.Trojan.Nemucod variant file download (more info ...) | trojan-activity | URL | |||
| 43685 | MALWARE-OTHER Win.Trojan.Nemucod variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43686 | MALWARE-OTHER Win.Trojan.NemucodAES variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43688 | SERVER-WEBAPP SonicWall Secure Remote Access viewcert command injection attempt (more info ...) | web-application-attack | 2016-9684 | 96375 | URL | |
| 43689 | SERVER-WEBAPP SonicWall Secure Remote Access viewcert command injection attempt (more info ...) | web-application-attack | 2016-9684 | 96375 | URL | |
| 43690 | SERVER-WEBAPP SonicWall Secure Remote Access viewcert command injection attempt (more info ...) | web-application-attack | 2016-9684 | 96375 | URL | |
| 43695 | SERVER-WEBAPP Trend Micro InterScan WSA DeployWizard command injection attempt (more info ...) | web-application-attack | URL | |||
| 43696 | SERVER-WEBAPP Trend Micro InterScan WSA DeployWizard command injection attempt (more info ...) | web-application-attack | URL | |||
| 43697 | SERVER-WEBAPP Trend Micro InterScan WSA DeployWizard command injection attempt (more info ...) | web-application-attack | URL | |||
| 43709 | SERVER-WEBAPP SonicWall Secure Remote Access gencsr command injection attempt (more info ...) | web-application-attack | URL | |||
| 43710 | SERVER-WEBAPP SonicWall Secure Remote Access gencsr command injection attempt (more info ...) | web-application-attack | URL | |||
| 43711 | SERVER-WEBAPP SonicWall Secure Remote Access gencsr command injection attempt (more info ...) | web-application-attack | URL | |||
| 43713 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0385 attack attempt (more info ...) | attempted-admin | 2017-2878 | URL | ||
| 43723 | SERVER-WEBAPP FCRing sfuss remote file include attempt (more info ...) | web-application-attack | 2007-1133 | 22693 | ||
| 43724 | SERVER-WEBAPP FCRing sfuss remote file include attempt (more info ...) | web-application-attack | 2007-1133 | 22693 | ||
| 43793 | SERVER-WEBAPP Symantec SEPM management console cross site scripting attempt (more info ...) | attempted-user | 2016-3652 | 91444 | ||
| 43819 | SERVER-WEBAPP Kaspersky Anti-Virus directory traversal attempt (more info ...) | web-application-attack | 2017-9812 | 99330 | URL | |
| 43820 | SERVER-WEBAPP Kaspersky Anti-Virus directory traversal attempt (more info ...) | web-application-attack | 2017-9812 | 99330 | URL | |
| 43821 | SERVER-WEBAPP Kaspersky Anti-Virus directory traversal attempt (more info ...) | web-application-attack | 2017-9812 | 99330 | URL | |
| 43822 | SERVER-WEBAPP Advantech SUSIAccess Server downloadCSV.jsp directory traversal attempt (more info ...) | web-application-attack | 2016-9349 | 94629 | URL | |
| 43823 | SERVER-WEBAPP Advantech SUSIAccess Server downloadCSV.jsp directory traversal attempt (more info ...) | web-application-attack | 2016-9349 | 94629 | URL | |
| 43824 | SERVER-WEBAPP Advantech SUSIAccess Server downloadCSV.jsp directory traversal attempt (more info ...) | web-application-attack | 2016-9349 | 94629 | URL | |
| 43849 | SERVER-OTHER HP Intelligent Management Center dbman RestoreZipFile opcode command injection attempt (more info ...) | attempted-admin | 2017-5821 | 98493 | URL | |
| 43850 | SERVER-OTHER HP Intelligent Management Center dbman BackupZipFile opcode command injection attempt (more info ...) | attempted-admin | 2017-5820 | 98493 | URL | |
| 43855 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0394 attack attempt (more info ...) | attempted-user | 2017-2887 | URL | ||
| 43856 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0394 attack attempt (more info ...) | attempted-user | 2017-2887 | URL | ||
| 43857 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (more info ...) | attempted-user | 2019-5087 | URL | ||
| 43858 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (more info ...) | attempted-user | 2019-5087 | URL | ||
| 43859 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (more info ...) | attempted-user | 2019-5087 | URL | ||
| 43860 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0395 attack attempt (more info ...) | attempted-user | 2019-5087 | URL | ||
| 43861 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0397 attack attempt (more info ...) | attempted-admin | 2017-2890 | URL | ||
| 43862 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0393 attack attempt (more info ...) | attempted-user | 2017-2886 | URL | ||
| 43863 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0393 attack attempt (more info ...) | attempted-user | 2017-2886 | URL | ||
| 43877 | FILE-PDF Acrobat Reader PDFDocEncoding object WinAnsiEncoding memory corruption attempt (more info ...) | attempted-user | 2017-11263 | URL | ||
| 43878 | FILE-PDF Acrobat Reader PDFDocEncoding object WinAnsiEncoding memory corruption attempt (more info ...) | attempted-user | 2017-11263 | URL | ||
| 43883 | FILE-PDF Acrobat Reader FontDescriptor object type confusion attempt (more info ...) | attempted-user | 2017-11221 | URL | ||
| 43884 | FILE-PDF Acrobat Reader FontDescriptor object type confusion attempt (more info ...) | attempted-user | 2017-11221 | URL | ||
| 43891 | MALWARE-OTHER Win.Malware.Emotet variant lateral propagation (more info ...) | trojan-activity | URL | |||
| 43892 | MALWARE-OTHER Win.Malware.Emotet variant lateral propagation (more info ...) | trojan-activity | URL | |||
| 43895 | SERVER-WEBAPP SonicWall Secure Remote Access sitecustomization command injection attempt (more info ...) | web-application-attack | URL | |||
| 43896 | SERVER-WEBAPP SonicWall Secure Remote Access sitecustomization command injection attempt (more info ...) | web-application-attack | URL | |||
| 43897 | SERVER-WEBAPP SonicWall Secure Remote Access sitecustomization command injection attempt (more info ...) | web-application-attack | URL | |||
| 43898 | SERVER-WEBAPP SonicWall Secure Remote Access sitecustomization command injection attempt (more info ...) | web-application-attack | URL | |||
| 43931 | EXPLOIT-KIT RIG exploit kit shellcode detected (more info ...) | attempted-user | ||||
| 43975 | MALWARE-OTHER Win.Trojan.Hermit variant malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 43976 | MALWARE-OTHER Win.Trojan.Hermit variant malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 43986 | PROTOCOL-SCADA Schneider Electroc ModbusDrv.exe buffer overflow attempt (more info ...) | attempted-admin | 2013-0662 | |||
| 44012 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0411 attack attempt (more info ...) | policy-violation | 2017-2898 | URL | ||
| 44070 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0418 attack attempt (more info ...) | misc-attack | 2017-2912 | URL | ||
| 44071 | SERVER-OTHER Objectivity DB lock server buffer overflow attempt (more info ...) | attempted-admin | ||||
| 44078 | MALWARE-OTHER Win.Trojan.Nemucod file download (more info ...) | trojan-activity | URL | |||
| 44082 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0420 attack attempt (more info ...) | misc-attack | 2017-2913 | URL | ||
| 44097 | FILE-PDF Foxit Reader launchURL Command Injection Remote Code Execution attempt (more info ...) | attempted-admin | 2017-10951 | |||
| 44116 | SERVER-WEBAPP Symantec Messaging Gateway localBackupFileSelection command injection attempt (more info ...) | web-application-attack | 2017-6327 | 100135 | URL | |
| 44117 | SERVER-WEBAPP Symantec Messaging Gateway localBackupFileSelection command injection attempt (more info ...) | web-application-attack | 2017-6327 | 100135 | URL | |
| 44118 | SERVER-WEBAPP Symantec Messaging Gateway localBackupFileSelection command injection attempt (more info ...) | web-application-attack | 2017-6327 | 100135 | URL | |
| 44151 | PROTOCOL-SCADA CODESYS Gateway-Server invalid memory access attempt (more info ...) | attempted-admin | 2012-4704 | 58032 | URL | |
| 44160 | SERVER-OTHER tcpdump ISAKMP parser buffer overflow attempt (more info ...) | attempted-user | 2017-5205 | |||
| 44161 | SERVER-OTHER tcpdump ISAKMP parser buffer overflow attempt (more info ...) | attempted-user | 2017-5205 | |||
| 44167 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0412 attack attempt (more info ...) | attempted-user | 2017-2905 | URL | ||
| 44168 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0412 attack attempt (more info ...) | attempted-user | 2017-2905 | URL | ||
| 44178 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0427 attack attempt (more info ...) | attempted-user | 2017-2920 | URL | ||
| 44179 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0427 attack attempt (more info ...) | attempted-user | 2017-2920 | URL | ||
| 44186 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0425 attack attempt (more info ...) | attempted-user | 2017-2918 | URL | ||
| 44187 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0425 attack attempt (more info ...) | attempted-user | 2017-2918 | URL | ||
| 44189 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0421 attack attempt (more info ...) | attempted-user | 2017-2914 | URL | ||
| 44191 | SERVER-OTHER HP Intelligent Management Center dbman BackupDBase opcode command injection attempt (more info ...) | attempted-admin | 2017-8954 | 99925 | URL | |
| 44202 | SERVER-OTHER Sybase M-Business Anywhere agSoap.exe closing tag buffer overflow attempt (more info ...) | attempted-admin | 47775 | |||
| 44223 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44224 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44225 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44226 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44227 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44228 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44229 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44230 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0406 attack attempt (more info ...) | attempted-user | 2017-2899 | URL | ||
| 44237 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44238 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44239 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44240 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44241 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44242 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44243 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44244 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0410 attack attempt (more info ...) | attempted-user | 2017-2903 | URL | ||
| 44245 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (more info ...) | attempted-user | 2017-2902 | URL | ||
| 44246 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (more info ...) | attempted-user | 2017-2902 | URL | ||
| 44247 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (more info ...) | attempted-user | 2017-2902 | URL | ||
| 44248 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0409 attack attempt (more info ...) | attempted-user | 2017-2902 | URL | ||
| 44249 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0411 attack attempt (more info ...) | attempted-user | 2017-2904 | URL | ||
| 44250 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0411 attack attempt (more info ...) | attempted-user | 2017-2904 | URL | ||
| 44251 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0408 attack attempt (more info ...) | attempted-user | 2017-2901 | URL | ||
| 44252 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0408 attack attempt (more info ...) | attempted-user | 2017-2901 | URL | ||
| 44253 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44254 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44255 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44256 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44257 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44258 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44259 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44260 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0415 attack attempt (more info ...) | attempted-user | 2017-2908 | URL | ||
| 44261 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (more info ...) | attempted-user | 2017-2907 | URL | ||
| 44262 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (more info ...) | attempted-user | 2017-2907 | URL | ||
| 44263 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (more info ...) | attempted-user | 2017-2907 | URL | ||
| 44264 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0414 attack attempt (more info ...) | attempted-user | 2017-2907 | URL | ||
| 44265 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0413 attack attempt (more info ...) | attempted-user | 2017-2906 | URL | ||
| 44266 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2017-0413 attack attempt (more info ...) | attempted-user | 2017-2906 | URL | ||
| 44269 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0434 attack attempt (more info ...) | attempted-user | 2017-12082 | URL | ||
| 44270 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0434 attack attempt (more info ...) | attempted-user | 2017-12082 | URL | ||
| 44287 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0433 attack attempt (more info ...) | attempted-user | 2017-12099 | URL | ||
| 44288 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0433 attack attempt (more info ...) | attempted-user | 2017-12099 | URL | ||
| 44294 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0432 attack attempt (more info ...) | attempted-user | URL | |||
| 44295 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0432 attack attempt (more info ...) | attempted-user | URL | |||
| 44297 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0435 attack attempt (more info ...) | attempted-recon | 2017-12083 | URL | ||
| 44310 | SERVER-WEBAPP Oracle Secure Backup web tool command injection attempt (more info ...) | web-application-attack | 2011-2261 | |||
| 44311 | SERVER-WEBAPP Oracle Secure Backup web tool command injection attempt (more info ...) | web-application-attack | 2011-2261 | |||
| 44312 | SERVER-WEBAPP Oracle Secure Backup web tool command injection attempt (more info ...) | web-application-attack | 2011-2261 | |||
| 44318 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0438 attack attempt (more info ...) | attempted-user | 2017-12105 | URL | ||
| 44319 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0438 attack attempt (more info ...) | attempted-user | 2017-12105 | URL | ||
| 44321 | SERVER-WEBAPP NEC Express Cluster DeleteWorkDirectory.js command injection attempt (more info ...) | web-application-attack | URL | |||
| 44322 | SERVER-WEBAPP NEC Express Cluster DeleteWorkDirectory.js command injection attempt (more info ...) | web-application-attack | URL | |||
| 44337 | SERVER-OTHER HP Intelligent Management Center dbman RestoreDBase opcode command injection attempt (more info ...) | attempted-admin | 2017-5817 | 98469 | URL | |
| 44344 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0439 attack attempt (more info ...) | attempted-user | 2021-1439 | URL | ||
| 44353 | FILE-OTHER WSDL soap endpoint location code injection attempt (more info ...) | attempted-user | 2017-8759 | URL | ||
| 44354 | FILE-OTHER WSDL soap endpoint location code injection attempt (more info ...) | attempted-user | 2017-8759 | URL | ||
| 44376 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0452 attack attempt (more info ...) | attempted-user | 2017-12100 | URL | ||
| 44377 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0452 attack attempt (more info ...) | attempted-user | 2017-12100 | URL | ||
| 44380 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0450 attack attempt (more info ...) | attempted-user | 2017-12098 | URL | ||
| 44381 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0449 attack attempt (more info ...) | attempted-user | 2017-12097 | URL | ||
| 44383 | SERVER-WEBAPP D-Link router firmware update attempt (more info ...) | misc-attack | URL | |||
| 44384 | SERVER-WEBAPP D-Link router stack based buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 44385 | SERVER-WEBAPP D-Link router stack based buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 44386 | SERVER-WEBAPP D-Link router stack based buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 44387 | SERVER-WEBAPP D-Link router stack based buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 44397 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0453 attack attempt (more info ...) | attempted-user | 2017-12101 | URL | ||
| 44398 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0453 attack attempt (more info ...) | attempted-user | 2017-12101 | URL | ||
| 44435 | SERVER-WEBAPP DenyAll WAF authentication token disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44441 | FILE-IDENTIFY Blender blend file magic detected (more info ...) | misc-activity | ||||
| 44442 | FILE-IDENTIFY Blender blend file magic detected (more info ...) | misc-activity | ||||
| 44444 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0455 attack attempt (more info ...) | attempted-user | 2017-12103 | URL | ||
| 44445 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0455 attack attempt (more info ...) | attempted-user | 2017-12103 | URL | ||
| 44446 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0454 attack attempt (more info ...) | attempted-user | 2017-12102 | URL | ||
| 44447 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0454 attack attempt (more info ...) | attempted-user | 2017-12102 | URL | ||
| 44448 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0456 attack attempt (more info ...) | attempted-user | 2017-12104 | URL | ||
| 44449 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0456 attack attempt (more info ...) | attempted-user | 2017-12104 | URL | ||
| 44473 | FILE-OTHER ZIP file name overflow attempt (more info ...) | attempted-user | 2016-4519 | 46375 | ||
| 44474 | MALWARE-OTHER GHBkdr TLS Change Cipher spoof runtime detection (more info ...) | trojan-activity | URL | |||
| 44475 | MALWARE-OTHER GHBkdr TLS Handshake spoof runtime detection (more info ...) | trojan-activity | URL | |||
| 44483 | SERVER-OTHER Supervisord remote code execution attempt (more info ...) | attempted-user | 2017-11610 | URL | ||
| 44497 | SERVER-WEBAPP Faleemi IP Cameras information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44501 | SERVER-OTHER Advantech WebAccess buffer overflow attempt (more info ...) | attempted-user | 2016-0851 | URL | ||
| 44502 | SERVER-OTHER Advantech WebAccess buffer overflow attempt (more info ...) | attempted-user | 2016-0851 | URL | ||
| 44504 | SERVER-WEBAPP Symantec Endpoint Protection Manager directory traversal attempt (more info ...) | web-application-attack | 2016-5307 | 91443 | ||
| 44505 | SERVER-WEBAPP Symantec Endpoint Protection Manager directory traversal attempt (more info ...) | web-application-attack | 2016-5307 | 91443 | ||
| 44506 | SERVER-WEBAPP Symantec Endpoint Protection Manager directory traversal attempt (more info ...) | web-application-attack | 2016-5307 | 91443 | ||
| 44508 | BROWSER-IE scripting engine memory corruption vulnerability attempt (more info ...) | attempted-admin | 2017-11793 | |||
| 44509 | BROWSER-IE scripting engine memory corruption vulnerability attempt (more info ...) | attempted-admin | 2017-11793 | |||
| 44524 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0459 attack attempt (more info ...) | attempted-user | 2017-12107 | URL | ||
| 44525 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0459 attack attempt (more info ...) | attempted-user | 2017-12107 | URL | ||
| 44537 | SERVER-WEBAPP NEC ExpressCluster UploadFile.js arbitrary file upload attempt (more info ...) | web-application-attack | URL | |||
| 44538 | SERVER-WEBAPP NEC ExpressCluster LogCollect.js command injection attempt (more info ...) | web-application-attack | URL | |||
| 44539 | SERVER-WEBAPP NEC ExpressCluster LogCollect.js command injection attempt (more info ...) | web-application-attack | URL | |||
| 44544 | FILE-PDF Nitro Pro PDF document field dereference use after free attempt (more info ...) | attempted-user | URL | |||
| 44545 | FILE-PDF Nitro Pro PDF document field dereference use after free attempt (more info ...) | attempted-user | URL | |||
| 44546 | FILE-PDF Nitro Pro use after free remote code execution attempt (more info ...) | attempted-user | ||||
| 44547 | FILE-PDF Nitro Pro use after free remote code execution attempt (more info ...) | attempted-user | ||||
| 44582 | SERVER-WEBAPP Trend Micro widget system authentication bypass attempt (more info ...) | attempted-admin | URL | |||
| 44624 | SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (more info ...) | web-application-attack | ||||
| 44625 | SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (more info ...) | web-application-attack | ||||
| 44626 | SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (more info ...) | web-application-attack | ||||
| 44627 | SERVER-WEBAPP TP-Link syslog.filter.json command injection attempt (more info ...) | web-application-attack | ||||
| 44634 | SERVER-OTHER IBM Tivoli Storage Manager FastBack command injection attempt (more info ...) | attempted-admin | 2015-1938 | URL | ||
| 44641 | POLICY-OTHER SERVER-WEBAPP Symantec Endpoint Protection Manager authentication lock bypass attempt (more info ...) | attempted-admin | 2016-3648 | |||
| 44646 | MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SVCCTL remote service attempt (more info ...) | trojan-activity | URL | |||
| 44647 | MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SMB2 transfer attempt (more info ...) | trojan-activity | URL | |||
| 44648 | MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SMB transfer attempt (more info ...) | trojan-activity | URL | |||
| 44649 | MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SMB2 transfer attempt (more info ...) | trojan-activity | URL | |||
| 44650 | MALWARE-OTHER Win.Ransomware.BadRabbit propagation via SMB transfer attempt (more info ...) | trojan-activity | URL | |||
| 44658 | SERVER-WEBAPP Unitrends Enterprise Backup storage API command injection attempt (more info ...) | web-application-attack | 2017-12478 | URL | ||
| 44687 | SERVER-WEBAPP Netgear DGN1000 series routers authentication bypass attempt (more info ...) | attempted-admin | 60281 | URL | ||
| 44688 | SERVER-WEBAPP Netgear DGN1000 series routers arbitrary command execution attempt (more info ...) | attempted-admin | 60281 | URL | ||
| 44707 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (more info ...) | attempted-dos | 2017-12119 | URL | ||
| 44708 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (more info ...) | attempted-dos | 2017-12119 | URL | ||
| 44709 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (more info ...) | attempted-dos | 2017-12119 | URL | ||
| 44710 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (more info ...) | attempted-dos | 2017-12119 | URL | ||
| 44711 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (more info ...) | attempted-dos | 2017-12119 | URL | ||
| 44712 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0471 attack attempt (more info ...) | attempted-dos | 2017-12119 | URL | ||
| 44728 | INDICATOR-COMPROMISE Meterpreter payload download attempt (more info ...) | trojan-activity | ||||
| 44743 | SERVER-OTHER libupnp command buffer overflow attempt (more info ...) | attempted-admin | 2012-5962 | |||
| 44792 | SERVER-WEBAPP Node.js V8 Debugging Protocol command injection attempt (more info ...) | policy-violation | URL | |||
| 44835 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0472 attack attempt (more info ...) | web-application-attack | 2017-12120 | URL | ||
| 44836 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0472 attack attempt (more info ...) | web-application-attack | 2017-12120 | URL | ||
| 44837 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0472 attack attempt (more info ...) | web-application-attack | 2017-12120 | URL | ||
| 44840 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0473 attack attempt (more info ...) | web-application-attack | 2017-12121 | URL | ||
| 44841 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0473 attack attempt (more info ...) | web-application-attack | 2017-12121 | URL | ||
| 44842 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0473 attack attempt (more info ...) | web-application-attack | 2017-12121 | URL | ||
| 44847 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0482 attack attempt (more info ...) | web-application-attack | 2017-14434 | URL | ||
| 44848 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0482 attack attempt (more info ...) | web-application-attack | 2017-14434 | URL | ||
| 44849 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0482 attack attempt (more info ...) | web-application-attack | 2017-14434 | URL | ||
| 44850 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0477 attack attempt (more info ...) | web-application-attack | 2017-12125 | URL | ||
| 44851 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0477 attack attempt (more info ...) | web-application-attack | 2017-12125 | URL | ||
| 44852 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0477 attack attempt (more info ...) | web-application-attack | 2017-12125 | URL | ||
| 44858 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0474 attack attempt (more info ...) | attempted-dos | 2017-14437 | URL | ||
| 44863 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0483 attack attempt (more info ...) | attempted-admin | 2017-14447 | URL | ||
| 44866 | SERVER-WEBAPP Xplico decoding manager daemon command injection attempt (more info ...) | web-application-attack | 2017-16666 | URL | ||
| 44875 | INDICATOR-COMPROMISE Malicious VBA script detected (more info ...) | attempted-admin | ||||
| 44877 | SERVER-OTHER Citrix XenApp and XenDesktop XML service memory corruption attempt (more info ...) | attempted-admin | 2008-3257 | 48898 | ||
| 44910 | SERVER-OTHER Altiris Express Server Engine stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 44949 | FILE-PDF Acrobat TrueTypeFont file out of bounds read attempt (more info ...) | attempted-user | 2017-16417 | URL | ||
| 44950 | FILE-PDF Acrobat TrueTypeFont file out of bounds read attempt (more info ...) | attempted-user | 2017-16417 | URL | ||
| 44967 | FILE-PDF Acrobat malformed html tag out of bounds read attempt (more info ...) | attempted-user | 2017-16394 | URL | ||
| 44968 | FILE-PDF Acrobat malformed html tag out of bounds read attempt (more info ...) | attempted-user | 2017-16394 | URL | ||
| 44981 | MALWARE-OTHER Win.Ransomware.Kristina encryption over SMB attempt (more info ...) | trojan-activity | URL | |||
| 44982 | MALWARE-OTHER Win.Ransomware.Kristina encryption over SMB attempt (more info ...) | trojan-activity | URL | |||
| 45001 | SERVER-WEBAPP Netgear WNR2000 information leak attempt (more info ...) | attempted-recon | 2016-10175 | URL | ||
| 45002 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45003 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45004 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45005 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45006 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45007 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45008 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45009 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45010 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45011 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45012 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45013 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45014 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45015 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45016 | FILE-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-7525 | URL | ||
| 45017 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0497 attack attempt (more info ...) | attempted-user | 2018-3839 | URL | ||
| 45018 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0497 attack attempt (more info ...) | attempted-user | 2018-3839 | URL | ||
| 45019 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0490 attack attempt (more info ...) | attempted-user | 2020-6082 | URL | ||
| 45020 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0490 attack attempt (more info ...) | attempted-user | 2020-6082 | URL | ||
| 45021 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0491 attack attempt (more info ...) | attempted-user | 2017-14442 | URL | ||
| 45022 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0491 attack attempt (more info ...) | attempted-user | 2017-14442 | URL | ||
| 45025 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0489 attack attempt (more info ...) | attempted-user | 2017-14440 | URL | ||
| 45026 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0489 attack attempt (more info ...) | attempted-user | 2017-14440 | URL | ||
| 45033 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0488 attack attempt (more info ...) | attempted-user | 2017-12122 | URL | ||
| 45034 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0488 attack attempt (more info ...) | attempted-user | 2017-12122 | URL | ||
| 45037 | SERVER-WEBAPP Joomla LDAP authentication plugin information disclosure exploitation attempt (more info ...) | web-application-attack | 2017-14596 | URL | ||
| 45038 | SERVER-WEBAPP Joomla LDAP authentication plugin information disclosure exploitation attempt (more info ...) | web-application-attack | 2017-14596 | URL | ||
| 45039 | SERVER-WEBAPP Joomla LDAP authentication plugin information disclosure exploitation attempt (more info ...) | web-application-attack | 2017-14596 | URL | ||
| 45046 | SERVER-OTHER Exim malformed BDAT code execution attempt (more info ...) | attempted-admin | 2017-16943 | |||
| 45047 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0499 attack attempt (more info ...) | attempted-user | 2017-14450 | URL | ||
| 45048 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0499 attack attempt (more info ...) | attempted-user | 2017-14450 | URL | ||
| 45073 | SERVER-WEBAPP Wireless IP Camera WIFICAM information leak attempt (more info ...) | attempted-recon | 2017-8225 | |||
| 45074 | SERVER-SAMBA Samba unsigned connections attempt (more info ...) | attempted-user | 2017-12150 | URL | ||
| 45081 | SERVER-OTHER Geutebrueck GCore web server buffer overflow attempt (more info ...) | attempted-admin | 2017-11517 | |||
| 45088 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0502 attack attempt (more info ...) | attempted-user | 2017-14455 | URL | ||
| 45089 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0501 attack attempt (more info ...) | attempted-admin | URL | |||
| 45094 | SERVER-WEBAPP MediaWiki arbitrary file write attempt (more info ...) | attempted-user | 2017-0372 | |||
| 45102 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0505 attack attempt (more info ...) | attempted-user | URL | |||
| 45103 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0505 attack attempt (more info ...) | attempted-user | URL | |||
| 45105 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0504 attack attempt (more info ...) | attempted-user | URL | |||
| 45106 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0504 attack attempt (more info ...) | attempted-user | URL | |||
| 45109 | SERVER-WEBAPP OrientDB remote code execution attempt (more info ...) | attempted-user | 2017-11467 | URL | ||
| 45110 | SERVER-WEBAPP OrientDB privilege escalation attempt (more info ...) | attempted-user | 2017-11467 | URL | ||
| 45115 | SERVER-MAIL Multiple products non-ascii sender address spoofing attempt (more info ...) | misc-attack | 2018-0819 | URL | ||
| 45116 | SERVER-MAIL Multiple products non-ascii sender address spoofing attempt (more info ...) | misc-attack | 2018-0819 | URL | ||
| 45117 | SERVER-WEBAPP Huawei DeviceUpgrade command injection attempt (more info ...) | web-application-attack | 2017-17215 | |||
| 45118 | SERVER-MAIL Multiple products non-ascii sender address spoofing attempt (more info ...) | misc-attack | 2018-0819 | URL | ||
| 45119 | SERVER-MAIL Multiple products non-ascii sender address spoofing attempt (more info ...) | misc-attack | 2018-0819 | URL | ||
| 45136 | INDICATOR-COMPROMISE Metasploit PowerShell CLI Download and Run attempt (more info ...) | attempted-user | URL | |||
| 45137 | INDICATOR-COMPROMISE Metasploit run hidden powershell attempt (more info ...) | attempted-user | URL | |||
| 45158 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0506 attack attempt (more info ...) | attempted-user | 2017-14458 | URL | ||
| 45159 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0506 attack attempt (more info ...) | attempted-user | 2017-14458 | URL | ||
| 45199 | SERVER-OTHER limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt (more info ...) | attempted-recon | 2017-6168 | URL | ||
| 45201 | SERVER-OTHER limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt (more info ...) | attempted-recon | 2017-6168 | URL | ||
| 45216 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2017-0509 attack attempt (more info ...) | attempted-dos | URL | |||
| 45217 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2017-0509 attack attempt (more info ...) | attempted-dos | URL | |||
| 45219 | SERVER-WEBAPP Embedthis GoAhead LD_preload code execution attempt (more info ...) | attempted-admin | 2017-17562 | |||
| 45236 | SERVER-WEBAPP Palo Alto Networks Firewall cms_changeDeviceContext.esp session injection attempt (more info ...) | attempted-admin | 2017-15944 | 102079 | URL | |
| 45237 | SERVER-WEBAPP Axis Communications IP camera SSI command injection attempt (more info ...) | web-application-attack | URL | |||
| 45238 | SERVER-WEBAPP Axis Communications IP camera SSI command injection attempt (more info ...) | web-application-attack | URL | |||
| 45248 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0510 attack attempt (more info ...) | attempted-recon | 2017-14461 | URL | ||
| 45250 | SERVER-WEBAPP Delta IEM DIAEnergie file upload attempt (more info ...) | attempted-admin | URL | |||
| 45253 | SERVER-OTHER Dahua DVR hard-coded root login attempt (more info ...) | attempted-admin | 2013-3612 | |||
| 45254 | SERVER-OTHER Polycom HDX Series remote code execution attempt (more info ...) | attempted-user | URL | |||
| 45255 | SERVER-SAMBA Samba tree connect andx memory corruption attempt (more info ...) | attempted-user | 2017-14746 | |||
| 45261 | SERVER-WEBAPP Vivotek IP Cameras remote stack buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 45266 | POLICY-OTHER CoinHive Miner client detected (more info ...) | policy-violation | URL | |||
| 45268 | POLICY-OTHER CoinHive Miner client detected (more info ...) | policy-violation | URL | |||
| 45304 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-admin | 2017-3506 | 97884 | URL | |
| 45312 | SERVER-WEBAPP Vicon Security and Infinova filterIp command injection attempt (more info ...) | web-application-attack | URL | |||
| 45313 | SERVER-WEBAPP Vicon Security and Infinova filterIp command injection attempt (more info ...) | web-application-attack | URL | |||
| 45318 | SERVER-WEBAPP Citrix NetScaler SD-WAN command injection attempt (more info ...) | web-application-attack | 2017-6316 | URL | ||
| 45319 | SERVER-WEBAPP Citrix NetScaler SD-WAN command injection attempt (more info ...) | web-application-attack | 2017-6316 | URL | ||
| 45357 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45358 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45359 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45360 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45361 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45362 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45363 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45364 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45365 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45366 | OS-OTHER Intel x86 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45367 | OS-OTHER Intel x64 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45368 | OS-OTHER Intel x64 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45393 | SERVER-OTHER Quest Privilege Manager pmmasterd buffer overflow attempt (more info ...) | attempted-admin | 2017-6553 | URL | ||
| 45397 | PUA-ADWARE Osx.Adware.SurfBuyer adware outbound connection detected (more info ...) | trojan-activity | URL | |||
| 45398 | PUA-ADWARE Osx.Adware.SurfBuyer adware outbound connection detected (more info ...) | trojan-activity | URL | |||
| 45401 | SERVER-WEBAPP Fortinet FortiOS redir parameter cross site scripting attempt (more info ...) | attempted-user | 2017-14186 | 101955 | ||
| 45412 | SERVER-WEBAPP Asus RT-AC88U deleteOfflineClients memory corruption attempt (more info ...) | attempted-admin | 2017-12754 | |||
| 45414 | SERVER-WEBAPP DotNetNuke DNNPersonalization remote code execution attempt (more info ...) | attempted-admin | 2017-9822 | URL | ||
| 45418 | OS-OTHER Apple macOS IOHIDeous exploit download attempt (more info ...) | attempted-user | URL | |||
| 45419 | OS-OTHER Apple macOS IOHIDeous exploit download attempt (more info ...) | attempted-user | URL | |||
| 45441 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0511 attack attempt (more info ...) | attempted-admin | 2018-3832 | URL | ||
| 45443 | OS-OTHER Intel x64 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45444 | OS-OTHER Intel x64 side-channel analysis information leak attempt (more info ...) | attempted-recon | 2017-5754 | |||
| 45447 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45448 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45449 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45450 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45451 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45452 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45453 | SERVER-WEBAPP Linksys WVBR0-25 Wireless Video Bridge command injection attempt (more info ...) | attempted-user | 2017-17411 | |||
| 45465 | SERVER-WEBAPP Splunk daemon default admin credentials login attempt (more info ...) | attempted-admin | 2018-0095 | URL | ||
| 45480 | SERVER-WEBAPP Cambium cnPilot r200/r201 directory traversal attempt (more info ...) | web-application-attack | 2017-5261 | URL | ||
| 45481 | SERVER-WEBAPP Cambium cnPilot r200/r201 directory traversal attempt (more info ...) | web-application-attack | 2017-5261 | URL | ||
| 45482 | SERVER-WEBAPP Cambium cnPilot r200/r201 directory traversal attempt (more info ...) | web-application-attack | 2017-5261 | URL | ||
| 45484 | MALWARE-OTHER Win.Ransomware.Samsam propagation via SMB transfer attempt (more info ...) | trojan-activity | URL | |||
| 45485 | MALWARE-OTHER Win.Ransomware.Samsam propagation via SMB2 transfer attempt (more info ...) | trojan-activity | URL | |||
| 45486 | MALWARE-OTHER Win.Ransomware.Samsam upload attempt (more info ...) | trojan-activity | URL | |||
| 45493 | SERVER-WEBAPP Seagate Personal Cloud getLogs.psp command injection attempt (more info ...) | web-application-attack | 2018-5347 | URL | ||
| 45494 | SERVER-WEBAPP Seagate Personal Cloud uploadTelemetry.psp command injection attempt (more info ...) | web-application-attack | 2018-5347 | URL | ||
| 45495 | SERVER-WEBAPP Seagate Personal Cloud getLogs.psp command injection attempt (more info ...) | web-application-attack | 2018-5347 | URL | ||
| 45496 | SERVER-WEBAPP Seagate Personal Cloud uploadTelemetry.psp command injection attempt (more info ...) | web-application-attack | 2018-5347 | URL | ||
| 45497 | SERVER-WEBAPP Cambium ePMP and cnPilot command execution attempt (more info ...) | attempted-admin | 2017-5259 | URL | ||
| 45498 | SERVER-WEBAPP Cambium ePMP and cnPilot command execution attempt (more info ...) | attempted-admin | 2017-5259 | URL | ||
| 45502 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0515 attack attempt (more info ...) | attempted-user | 2018-3835 | URL | ||
| 45503 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0515 attack attempt (more info ...) | attempted-user | 2018-3835 | URL | ||
| 45504 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0514 attack attempt (more info ...) | attempted-user | URL | |||
| 45505 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0514 attack attempt (more info ...) | attempted-user | URL | |||
| 45506 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0517 attack attempt (more info ...) | attempted-user | 2018-4996 | URL | ||
| 45507 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0517 attack attempt (more info ...) | attempted-user | 2018-4996 | URL | ||
| 45521 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0518 attack attempt (more info ...) | attempted-admin | URL | |||
| 45522 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0518 attack attempt (more info ...) | attempted-admin | URL | |||
| 45548 | FILE-EXECUTABLE Win.Trojan.CoinMiner attempted download (more info ...) | trojan-activity | URL | |||
| 45549 | PUA-OTHER XMRig cryptocurrency mining pool connection attempt (more info ...) | policy-violation | URL | |||
| 45550 | PUA-OTHER CPUMiner-Multi cryptocurrency mining pool connection attempt (more info ...) | policy-violation | URL | |||
| 45555 | SERVER-WEBAPP MikroTik RouterOS jsproxy readPostData memory corruption attempt (more info ...) | attempted-admin | URL | |||
| 45558 | FILE-OTHER Multiple products XML Import Command buffer overflow attempt (more info ...) | attempted-user | 2017-7310 | 97237 | ||
| 45559 | FILE-OTHER Multiple products XML Import Command buffer overflow attempt (more info ...) | attempted-user | 2017-7310 | 97237 | ||
| 45565 | MALWARE-OTHER Win.Trojan.Ursnif variant download attempt (more info ...) | trojan-activity | URL | |||
| 45592 | SERVER-WEBAPP Cambium cnPilot r200 and r201 configuration file download attempt (more info ...) | web-application-attack | 2017-5260 | URL | ||
| 45599 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0520 attack attempt (more info ...) | attempted-user | 2018-3838 | URL | ||
| 45600 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0520 attack attempt (more info ...) | attempted-user | 2018-3838 | URL | ||
| 45602 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0522 attack attempt (more info ...) | attempted-dos | URL | |||
| 45603 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0522 attack attempt (more info ...) | attempted-dos | URL | |||
| 45608 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0525 attack attempt (more info ...) | attempted-user | 2018-3842 | URL | ||
| 45609 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0525 attack attempt (more info ...) | attempted-user | 2018-3842 | URL | ||
| 45682 | SERVER-OTHER HP Integrated Lights-Out HTTP headers processing buffer overflow attempt (more info ...) | attempted-admin | 2017-12542 | 100467 | URL | |
| 45697 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (more info ...) | attempted-user | 2018-3847 | URL | ||
| 45698 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (more info ...) | attempted-user | 2018-3847 | URL | ||
| 45699 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (more info ...) | attempted-user | 2018-3847 | URL | ||
| 45700 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0530 attack attempt (more info ...) | attempted-user | 2018-3847 | URL | ||
| 45701 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3849 | URL | ||
| 45702 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3849 | URL | ||
| 45703 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45704 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45705 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45706 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45707 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45708 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45709 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45710 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45711 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45712 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45713 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45714 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0529 attack attempt (more info ...) | attempted-user | 2018-3846 | URL | ||
| 45715 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0532 attack attempt (more info ...) | attempted-admin | 2018-3850 | URL | ||
| 45716 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0532 attack attempt (more info ...) | attempted-admin | 2018-3850 | URL | ||
| 45721 | SERVER-WEBAPP Ulterius web server directory traversal attempt (more info ...) | web-application-attack | 2017-16806 | URL | ||
| 45722 | SERVER-WEBAPP Ulterius web server directory traversal attempt (more info ...) | web-application-attack | 2017-16806 | URL | ||
| 45752 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0533 attack attempt (more info ...) | attempted-user | URL | |||
| 45753 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0533 attack attempt (more info ...) | attempted-user | URL | |||
| 45778 | SERVER-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-17485 | URL | ||
| 45779 | SERVER-OTHER Jackson databind deserialization remote code execution attempt (more info ...) | attempted-user | 2017-17485 | URL | ||
| 45782 | FILE-OTHER EMF EmrText object out of bounds read attempt (more info ...) | attempted-user | 2018-4883 | URL | ||
| 45783 | FILE-OTHER EMF EmrText object out of bounds read attempt (more info ...) | attempted-user | 2018-4883 | URL | ||
| 45804 | SERVER-OTHER Disk Savvy Enterprise buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 45809 | INDICATOR-OBFUSCATION Coinhive cryptocurrency miner obfuscated detected (more info ...) | misc-activity | ||||
| 45810 | INDICATOR-OBFUSCATION Coinhive cryptocurrency miner obfuscated detected (more info ...) | misc-activity | ||||
| 45811 | FILE-OTHER EMF embedded image out of bound read attempt (more info ...) | misc-activity | 2018-4884 | URL | ||
| 45812 | FILE-OTHER EMF embedded image out of bound read attempt (more info ...) | misc-activity | 2018-4884 | URL | ||
| 45817 | MALWARE-OTHER Win.Ransomware.Thanatos ransomware inbound download attempt (more info ...) | trojan-activity | URL | |||
| 45818 | MALWARE-OTHER Win.Ransomware.Thanatos ransomware inbound download attempt (more info ...) | trojan-activity | URL | |||
| 45823 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0536 attack attempt (more info ...) | attempted-user | 2018-3853 | URL | ||
| 45824 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0536 attack attempt (more info ...) | attempted-user | 2018-3853 | URL | ||
| 45825 | PUA-OTHER XMR-Stak cryptocurrency mining pool connection attempt (more info ...) | policy-violation | URL | |||
| 45830 | SERVER-OTHER limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt (more info ...) | attempted-recon | 2017-6168 | URL | ||
| 45831 | MALWARE-TOOLS TLS-Attacker tool connection attempt - known SSL client random (more info ...) | network-scan | URL | |||
| 45837 | SERVER-ORACLE Oracle Application Test Suite server arbitrary JSP file upload attempt (more info ...) | web-application-attack | 2016-0491 | 81169 | URL | |
| 45840 | SERVER-WEBAPP SERVER-WEBAPP Open WebMail userstat.pl command injection attempt (more info ...) | web-application-attack | 10316 | |||
| 45841 | SERVER-WEBAPP SERVER-WEBAPP Open WebMail userstat.pl command injection attempt (more info ...) | web-application-attack | 10316 | |||
| 45842 | SERVER-WEBAPP SERVER-WEBAPP Open WebMail userstat.pl command injection attempt (more info ...) | web-application-attack | 10316 | |||
| 45843 | SERVER-WEBAPP SERVER-WEBAPP Open WebMail userstat.pl command injection attempt (more info ...) | web-application-attack | 10316 | |||
| 45857 | SERVER-WEBAPP HPE Intelligent Management Center Platform /rptviewer/servlets/redirectviewer directory traversal attempt (more info ...) | web-application-attack | 2017-8983 | URL | ||
| 45858 | SERVER-WEBAPP HPE Intelligent Management Center Platform /rptviewer/servlets/redirectviewer directory traversal attempt (more info ...) | web-application-attack | 2017-8983 | URL | ||
| 45859 | SERVER-WEBAPP HPE Intelligent Management Center Platform /rptviewer/servlets/redirectviewer directory traversal attempt (more info ...) | web-application-attack | 2017-8983 | URL | ||
| 45872 | SERVER-WEBAPP Reliance SCADA directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 45891 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0539 attack attempt (more info ...) | web-application-attack | 2018-3856 | URL | ||
| 45904 | MALWARE-BACKDOOR CobaltStrike inbound beacon download (more info ...) | trojan-activity | URL | |||
| 45905 | MALWARE-BACKDOOR CobaltStrike inbound beacon download (more info ...) | trojan-activity | URL | |||
| 45911 | SERVER-WEBAPP ManageEngine Applications Manager testCredential.do command injection attempt (more info ...) | web-application-attack | 2018-7890 | URL | ||
| 45912 | SERVER-WEBAPP ManageEngine Applications Manager testCredential.do command injection attempt (more info ...) | web-application-attack | 2018-7890 | URL | ||
| 45913 | SERVER-WEBAPP ManageEngine Applications Manager testCredential.do command injection attempt (more info ...) | web-application-attack | 2018-7890 | URL | ||
| 45922 | EXPLOIT-KIT Terror EK exe download attempt (more info ...) | attempted-user | ||||
| 45923 | EXPLOIT-KIT Terror EK dll download attempt (more info ...) | attempted-user | ||||
| 45925 | EXPLOIT-KIT Terror EK page access attempt (more info ...) | attempted-user | ||||
| 45926 | SERVER-OTHER Flexense Syncbreeze buffer overflow attempt (more info ...) | attempted-user | 2018-6537 | |||
| 45927 | FILE-OTHER Sophos Tester Tool dll-load exploit attempt (more info ...) | attempted-user | 2018-6318 | URL | ||
| 45928 | FILE-OTHER Sophos Tester Tool dll-load exploit attempt (more info ...) | attempted-user | 2018-6318 | URL | ||
| 45935 | SERVER-OTHER Memcached set opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 45936 | SERVER-OTHER Memcached setq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 45937 | SERVER-OTHER Memcached add opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 45938 | SERVER-OTHER Memcached addq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 45939 | SERVER-OTHER Memcached replace opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 45940 | SERVER-OTHER Memcached replaceq opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2017-9951 | URL | ||
| 45949 | PUA-OTHER Coinhive TLS server hello attempt (more info ...) | misc-attack | ||||
| 45950 | PUA-OTHER Coinhive TLS client hello attempt (more info ...) | misc-attack | ||||
| 45951 | PUA-OTHER Authedmine TLS server hello attempt (more info ...) | misc-attack | ||||
| 45952 | PUA-OTHER Authedmine TLS client hello attempt (more info ...) | misc-attack | ||||
| 45955 | PUA-OTHER XMRMiner cryptocurrency mining pool connection attempt (more info ...) | policy-violation | URL | |||
| 45976 | SERVER-WEBAPP Pivotal Spring Data REST PATCH request remote code execution attempt (more info ...) | web-application-attack | 2017-8046 | URL | ||
| 45981 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0540 attack attempt (more info ...) | attempted-user | URL | |||
| 45982 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0540 attack attempt (more info ...) | attempted-user | URL | |||
| 45985 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (more info ...) | attempted-user | 2018-3860 | URL | ||
| 45986 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (more info ...) | attempted-user | 2018-3860 | URL | ||
| 45987 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (more info ...) | attempted-user | 2018-3860 | URL | ||
| 45988 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0544 attack attempt (more info ...) | attempted-user | 2018-3860 | URL | ||
| 45991 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (more info ...) | attempted-user | 2018-3859 | URL | ||
| 45992 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (more info ...) | attempted-user | 2018-3859 | URL | ||
| 45993 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (more info ...) | attempted-user | 2018-3859 | URL | ||
| 45994 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0543 attack attempt (more info ...) | attempted-user | 2018-3859 | URL | ||
| 45997 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (more info ...) | attempted-user | 2018-3862 | URL | ||
| 45998 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (more info ...) | attempted-user | 2018-3862 | URL | ||
| 45999 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (more info ...) | attempted-user | 2018-3862 | URL | ||
| 46000 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0542 attack attempt (more info ...) | attempted-user | 2018-3862 | URL | ||
| 46001 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0541 attack attempt (more info ...) | attempted-user | 2018-3857 | URL | ||
| 46002 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0541 attack attempt (more info ...) | attempted-user | 2018-3857 | URL | ||
| 46003 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46004 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46005 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46006 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46007 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46008 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46009 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46010 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46011 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46012 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46013 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46014 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46015 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46016 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46017 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46018 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46019 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46020 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46021 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46022 | FILE-OTHER TRUFFLEHUNTER SFVRT-1035 attack attempt (more info ...) | attempted-admin | ||||
| 46079 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0548 attack attempt (more info ...) | attempted-admin | 2018-3866 | URL | ||
| 46091 | MALWARE-OTHER VBscript downloader detected (more info ...) | trojan-activity | URL | |||
| 46092 | MALWARE-OTHER VBscript downloader detected (more info ...) | trojan-activity | URL | |||
| 46130 | SERVER-OTHER cPanel Mailman privilege escalation attempt (more info ...) | attempted-user | ||||
| 46131 | SERVER-OTHER cPanel Mailman privilege escalation attempt (more info ...) | attempted-user | ||||
| 46142 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0551 attack attempt (more info ...) | web-application-attack | 2017-16349 | URL | ||
| 46149 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0554 attack attempt (more info ...) | attempted-admin | 2018-3872 | URL | ||
| 46150 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (more info ...) | attempted-admin | 2018-3873 | URL | ||
| 46151 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (more info ...) | attempted-admin | 2018-3874 | URL | ||
| 46152 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (more info ...) | attempted-admin | 2018-3875 | URL | ||
| 46153 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (more info ...) | attempted-admin | 2018-3876 | URL | ||
| 46154 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (more info ...) | attempted-admin | 2018-3877 | URL | ||
| 46155 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0555 attack attempt (more info ...) | attempted-admin | 2018-3878 | URL | ||
| 46157 | SERVER-WEBAPP Oracle Hospitality Simphony MICROS directory traversal attempt (more info ...) | web-application-attack | 2018-2636 | |||
| 46158 | SERVER-WEBAPP Oracle Hospitality Simphony MICROS directory traversal attempt (more info ...) | web-application-attack | 2018-2636 | |||
| 46159 | SERVER-WEBAPP Oracle Hospitality Simphony MICROS directory traversal attempt (more info ...) | web-application-attack | 2018-2636 | |||
| 46165 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3882 | URL | ||
| 46166 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3882 | URL | ||
| 46167 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3883 | URL | ||
| 46168 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3883 | URL | ||
| 46169 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3884 | URL | ||
| 46170 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3884 | URL | ||
| 46171 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3885 | URL | ||
| 46172 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0560 attack attempt (more info ...) | web-application-attack | 2018-3885 | URL | ||
| 46173 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0568 attack attempt (more info ...) | attempted-dos | URL | |||
| 46174 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0568 attack attempt (more info ...) | attempted-dos | URL | |||
| 46175 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0559 attack attempt (more info ...) | web-application-attack | 2018-3881 | URL | ||
| 46186 | FILE-OTHER TrueType Font Windows EOT font engine remote code execution attempt (more info ...) | attempted-admin | 2018-1016 | URL | ||
| 46187 | FILE-OTHER TrueType Font Windows EOT font engine remote code execution attempt (more info ...) | attempted-admin | 2018-1016 | URL | ||
| 46211 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0556 attack attempt (more info ...) | web-application-attack | 2018-3926 | URL | ||
| 46216 | SERVER-WEBAPP DIAEnergie credential request attempt (more info ...) | attempted-admin | ||||
| 46222 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0561 attack attempt (more info ...) | attempted-user | 2018-3886 | URL | ||
| 46223 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0561 attack attempt (more info ...) | attempted-user | 2018-3886 | URL | ||
| 46224 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0562 attack attempt (more info ...) | attempted-user | 2018-3887 | URL | ||
| 46225 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0562 attack attempt (more info ...) | attempted-user | 2018-3887 | URL | ||
| 46232 | SERVER-WEBAPP Mango Automation arbitrary JSP file upload attempt (more info ...) | attempted-admin | ||||
| 46237 | PUA-OTHER Cryptocurrency Miner outbound connection attempt (more info ...) | policy-violation | URL | |||
| 46241 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0564 attack attempt (more info ...) | attempted-user | 2018-3889 | URL | ||
| 46242 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0564 attack attempt (more info ...) | attempted-user | 2018-3889 | URL | ||
| 46273 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46274 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46275 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46276 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46277 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46278 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46279 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46280 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46281 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46282 | SERVER-SAMBA Samba spoolss denial of service attempt (more info ...) | denial-of-service | 2018-1050 | URL | ||
| 46288 | MALWARE-BACKDOOR JSP webshell transfer attempt (more info ...) | trojan-activity | ||||
| 46289 | MALWARE-BACKDOOR JSP webshell transfer attempt (more info ...) | trojan-activity | ||||
| 46290 | MALWARE-BACKDOOR JSP webshell backdoor detected (more info ...) | trojan-activity | ||||
| 46291 | MALWARE-BACKDOOR JSP webshell backdoor file management attempt (more info ...) | trojan-activity | ||||
| 46292 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0569 attack attempt (more info ...) | attempted-user | URL | |||
| 46293 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0569 attack attempt (more info ...) | attempted-user | URL | |||
| 46296 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0570 attack attempt (more info ...) | attempted-admin | 2018-3897 | URL | ||
| 46301 | SERVER-OTHER QNAP QTS X-Forwarded-For buffer overflow (more info ...) | web-application-attack | URL | |||
| 46303 | SERVER-WEBAPP Antsle antman authentication bypass attempt (more info ...) | web-application-attack | 2018-7739 | |||
| 46305 | SERVER-WEBAPP QNAP WTS 4.2.1 command injection attempt (more info ...) | web-application-attack | ||||
| 46306 | SERVER-WEBAPP QNAP WTS 4.2.1 command injection attempt (more info ...) | web-application-attack | ||||
| 46307 | SERVER-WEBAPP QNAP WTS 4.2.1 command injection attempt (more info ...) | web-application-attack | ||||
| 46308 | SERVER-WEBAPP QNAP WTS 4.2.1 command injection attempt (more info ...) | web-application-attack | ||||
| 46309 | SERVER-OTHER QNAP NVR/NAS Heap/Stack Overflow attempt (more info ...) | attempted-admin | ||||
| 46310 | SERVER-OTHER QNAP NVR/NAS Heap/Stack Overflow attempt (more info ...) | attempted-admin | ||||
| 46316 | SERVER-WEBAPP Drupal 8 remote code execution attempt (more info ...) | attempted-admin | 2018-7600 | URL | ||
| 46319 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0573 attack attempt (more info ...) | attempted-admin | 2018-3905 | URL | ||
| 46321 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0574 attack attempt (more info ...) | attempted-admin | 2018-3904 | URL | ||
| 46322 | SERVER-WEBAPP Netgear DGN2200B stored cross-site scripting attempt (more info ...) | attempted-user | URL | |||
| 46323 | SERVER-WEBAPP Netgear DGN2200B stored cross-site scripting attempt (more info ...) | attempted-user | URL | |||
| 46329 | SERVER-WEBAPP SearchBlox unauthorized access attempt (more info ...) | attempted-user | 2015-7919 | URL | ||
| 46330 | SERVER-WEBAPP SearchBlox unauthorized access attempt (more info ...) | attempted-user | 2015-7919 | URL | ||
| 46331 | SERVER-WEBAPP SearchBlox unauthorized access attempt (more info ...) | attempted-user | 2015-7919 | URL | ||
| 46332 | SERVER-WEBAPP SearchBlox unauthorized access attempt (more info ...) | attempted-user | 2015-7919 | URL | ||
| 46348 | SERVER-WEBAPP NetIQ Access Manager Identity Server directory traversal attempt (more info ...) | web-application-attack | 2017-14803 | |||
| 46349 | SERVER-WEBAPP NetIQ Access Manager Identity Server directory traversal attempt (more info ...) | web-application-attack | 2017-14803 | |||
| 46350 | SERVER-WEBAPP NetIQ Access Manager Identity Server directory traversal attempt (more info ...) | web-application-attack | 2017-14803 | |||
| 46365 | PUA-OTHER CoinHive Miner client detected (more info ...) | misc-attack | URL | |||
| 46366 | PUA-OTHER CryptoNight webassembly download attempt (more info ...) | misc-attack | ||||
| 46367 | FILE-IDENTIFY WebAssembly file download detected (more info ...) | misc-attack | URL | |||
| 46368 | MALWARE-BACKDOOR JSP Web shell upload attempt (more info ...) | trojan-activity | URL | |||
| 46369 | MALWARE-BACKDOOR JSP Web shell access attempt (more info ...) | trojan-activity | URL | |||
| 46370 | PUA-OTHER Moonify Miner client detected (more info ...) | misc-attack | URL | |||
| 46371 | PUA-OTHER Moonify TLS server hello attempt (more info ...) | misc-attack | ||||
| 46372 | PUA-OTHER Moonify TLS client hello attempt (more info ...) | misc-attack | ||||
| 46377 | SERVER-OTHER libgd heap-overflow attempt (more info ...) | web-application-attack | 2016-3074 | |||
| 46388 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0579 attack attempt (more info ...) | attempted-dos | URL | |||
| 46389 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0579 attack attempt (more info ...) | attempted-dos | URL | |||
| 46393 | FILE-IDENTIFY WebAssembly file detected (more info ...) | misc-attack | URL | |||
| 46394 | FILE-IDENTIFY WebAssembly file attachment detected (more info ...) | misc-activity | URL | |||
| 46396 | FILE-EXECUTABLE Win.Ransomware.Rapid download attempt (more info ...) | trojan-activity | URL | |||
| 46397 | FILE-EXECUTABLE Win.Ransomware.Rapid download attempt (more info ...) | trojan-activity | URL | |||
| 46410 | PUA-OTHER Mineralt TLS client hello attempt (more info ...) | misc-attack | ||||
| 46411 | PUA-OTHER Mineralt TLS server hello attempt (more info ...) | misc-attack | ||||
| 46429 | OS-WINDOWS Total Meltdown side-channel information leak attempt (more info ...) | attempted-admin | 2018-1038 | URL | ||
| 46430 | OS-WINDOWS Total Meltdown side-channel information leak attempt (more info ...) | attempted-admin | 2018-1038 | URL | ||
| 46431 | OS-WINDOWS Total Meltdown side-channel information leak attempt (more info ...) | attempted-admin | 2018-1038 | URL | ||
| 46432 | OS-WINDOWS Total Meltdown side-channel information leak attempt (more info ...) | attempted-admin | 2018-1038 | URL | ||
| 46445 | SERVER-OTHER Oracle WebLogic unsafe deserialization remote code execution attempt detected (more info ...) | attempted-user | 2019-2890 | URL | ||
| 46446 | SERVER-OTHER Oracle Weblogic unsafe deserialization remote code execution attempt detected (more info ...) | attempted-user | 2018-3245 | URL | ||
| 46451 | SERVER-WEBAPP Drupal unsafe internal attribute remote code execution attempt (more info ...) | attempted-user | 2018-7602 | URL | ||
| 46452 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0586 attack attempt (more info ...) | attempted-user | 2018-3922 | URL | ||
| 46453 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0586 attack attempt (more info ...) | attempted-user | 2018-3922 | URL | ||
| 46455 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0587 attack attempt (more info ...) | attempted-user | 2018-3923 | URL | ||
| 46456 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0587 attack attempt (more info ...) | attempted-user | 2018-3923 | URL | ||
| 46457 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0588 attack attempt (more info ...) | attempted-user | 2018-3924 | URL | ||
| 46458 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0588 attack attempt (more info ...) | attempted-user | 2018-3924 | URL | ||
| 46459 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0585 attack attempt (more info ...) | attempted-user | 2018-3921 | URL | ||
| 46460 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0585 attack attempt (more info ...) | attempted-user | 2018-3921 | URL | ||
| 46466 | OS-WINDOWS Windows NTFS NtfsFindExistingLcb denial of service attempt (more info ...) | denial-of-service | ||||
| 46467 | OS-WINDOWS Windows NTFS NtfsFindExistingLcb denial of service attempt (more info ...) | denial-of-service | ||||
| 46473 | SERVER-OTHER Spring Data Commons remote code execution attempt (more info ...) | attempted-user | 2018-1273 | |||
| 46474 | SERVER-OTHER Quest Appliance NetVault Backup buffer overflow attempt (more info ...) | attempted-admin | 2018-1161 | |||
| 46486 | PUA-ADWARE Slimware Utilities variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46509 | SERVER-WEBAPP Unitrends Enterprise Backup API command injection attempt (more info ...) | web-application-attack | 2018-6328 | URL | ||
| 46510 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1143 | |||
| 46511 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1143 | |||
| 46512 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1143 | |||
| 46513 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1143 | |||
| 46514 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1144 | |||
| 46515 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1144 | |||
| 46516 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1144 | |||
| 46517 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router command injection attempt (more info ...) | web-application-attack | 2018-1144 | |||
| 46520 | SERVER-WEBAPP WebPort 1.16.2 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46521 | SERVER-WEBAPP WebPort 1.16.2 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46522 | SERVER-WEBAPP WebPort 1.16.2 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46524 | SERVER-WEBAPP OpenEMR 5.0 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46525 | SERVER-WEBAPP OpenEMR 5.0 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46526 | SERVER-WEBAPP OpenEMR 5.0 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46527 | SERVER-WEBAPP LibreEHR 2.0.0 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46528 | SERVER-WEBAPP LibreEHR 2.0.0 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46529 | SERVER-WEBAPP LibreEHR 2.0.0 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46530 | SERVER-WEBAPP Dream Report ASPX file upload attempt (more info ...) | web-application-attack | URL | |||
| 46531 | SERVER-WEBAPP SearchBlox suspicious configuration upload attempt (more info ...) | web-application-attack | URL | |||
| 46532 | SERVER-WEBAPP SearchBlox suspicious configuration upload attempt (more info ...) | web-application-attack | URL | |||
| 46534 | SERVER-WEBAPP NetGear DGN2200B command injection attempt (more info ...) | web-application-attack | URL | |||
| 46535 | SERVER-WEBAPP NetGear DGN2200B command injection attempt (more info ...) | web-application-attack | URL | |||
| 46536 | SERVER-WEBAPP NetGear DGN2200B command injection attempt (more info ...) | web-application-attack | URL | |||
| 46537 | SERVER-WEBAPP NetGear DGN2200B command injection attempt (more info ...) | web-application-attack | URL | |||
| 46541 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0589 attack attempt (more info ...) | attempted-dos | URL | |||
| 46542 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0589 attack attempt (more info ...) | attempted-dos | URL | |||
| 46550 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0590 attack attempt (more info ...) | attempted-user | 2018-12756 | URL | ||
| 46551 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0590 attack attempt (more info ...) | attempted-user | 2018-12756 | URL | ||
| 46596 | OS-WINDOWS dxgkrnl.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-8165 | URL | ||
| 46597 | OS-WINDOWS dxgkrnl.sys privilege escalation attempt (more info ...) | attempted-admin | 2018-8165 | URL | ||
| 46605 | SERVER-ORACLE Oracle Access Manager authentication bypass attempt (more info ...) | attempted-admin | 2018-2879 | |||
| 46610 | SERVER-MAIL EHLO user overflow attempt (more info ...) | attempted-admin | 2019-16928 | 13772 | ||
| 46620 | SERVER-WEBAPP SAP Internet Graphics Server image converter information leak attempt (more info ...) | web-application-attack | 2018-2395 | URL | ||
| 46621 | SERVER-WEBAPP SAP Internet Graphics Server image converter arbitrary file upload attempt (more info ...) | web-application-attack | 2018-2395 | URL | ||
| 46622 | SERVER-WEBAPP SAP Internet Graphics Server buffer overflow attempt (more info ...) | attempted-user | 2018-2396 | |||
| 46623 | SERVER-WEBAPP SAP Internet Graphics Server buffer overflow attempt (more info ...) | attempted-user | 2018-2394 | |||
| 46624 | SERVER-WEBAPP GPON Router authentication bypass and command injection attempt (more info ...) | web-application-attack | 2018-10562 | URL | ||
| 46625 | SERVER-WEBAPP GPON Router authentication bypass and command injection attempt (more info ...) | web-application-attack | 2018-10562 | URL | ||
| 46626 | SERVER-WEBAPP GPON Router authentication bypass and command injection attempt (more info ...) | web-application-attack | 2018-10562 | URL | ||
| 46627 | SERVER-WEBAPP GPON Router authentication bypass and command injection attempt (more info ...) | web-application-attack | 2018-10562 | URL | ||
| 46634 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0592 attack attempt (more info ...) | attempted-user | URL | |||
| 46635 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0592 attack attempt (more info ...) | attempted-user | URL | |||
| 46665 | SERVER-WEBAPP Digital Guardian Management Console arbitrary file upload attempt (more info ...) | web-application-attack | 2018-10173 | |||
| 46666 | SERVER-WEBAPP Digital Guardian Management Console arbitrary file upload attempt (more info ...) | web-application-attack | 2018-10173 | |||
| 46682 | SERVER-MAIL Multiple products email with crafted MIME parts direct exfiltration attempt (more info ...) | attempted-recon | URL | |||
| 46683 | SERVER-MAIL Multiple products email with crafted MIME parts direct exfiltration attempt (more info ...) | attempted-recon | URL | |||
| 46684 | SERVER-MAIL Multiple products email with crafted MIME parts direct exfiltration attempt (more info ...) | attempted-recon | URL | |||
| 46685 | SERVER-MAIL Multiple products email with crafted MIME parts direct exfiltration attempt (more info ...) | attempted-recon | URL | |||
| 46740 | SERVER-WEBAPP Kubernetes Kubelet arbitrary command execution attempt (more info ...) | attempted-user | 2018-0268 | URL | ||
| 46741 | SERVER-WEBAPP Kubernetes Kubelet arbitrary command execution attempt (more info ...) | attempted-user | 2018-0268 | URL | ||
| 46751 | MALWARE-OTHER Win.Ransomware.SynAck download attempt (more info ...) | trojan-activity | URL | |||
| 46752 | MALWARE-OTHER Win.Ransomware.SynAck download attempt (more info ...) | trojan-activity | URL | |||
| 46775 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46776 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46777 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46778 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46793 | OS-WINDOWS Malicious zip download attempt (more info ...) | attempted-user | ||||
| 46794 | OS-WINDOWS Malicious vbscript download attempt (more info ...) | attempted-user | ||||
| 46802 | SERVER-WEBAPP Anti-Web directory traversal attempt (more info ...) | web-application-attack | 2017-9097 | |||
| 46803 | SERVER-WEBAPP Anti-Web directory traversal attempt (more info ...) | web-application-attack | 2017-9097 | |||
| 46804 | SERVER-WEBAPP Anti-Web directory traversal attempt (more info ...) | web-application-attack | 2017-9097 | |||
| 46805 | SERVER-WEBAPP BA Systems BAS Web information disclosure attempt (more info ...) | attempted-user | 2017-17974 | |||
| 46806 | SERVER-WEBAPP BA Systems BAS Web information disclosure attempt (more info ...) | attempted-user | 2017-17974 | |||
| 46817 | SERVER-WEBAPP FLIR Breakstream 2300 unauthenticated information disclosure attempt (more info ...) | attempted-user | 2018-3813 | |||
| 46819 | MALWARE-OTHER Win.Ransomware.Satan payload download (more info ...) | trojan-activity | URL | |||
| 46823 | SERVER-WEBAPP Spring Security OAuth remote code execution attempt (more info ...) | attempted-admin | 2018-1260 | |||
| 46840 | MALWARE-OTHER GPON exploit download attempt (more info ...) | trojan-activity | 2018-10561 | URL | ||
| 46841 | MALWARE-OTHER GPON exploit download attempt (more info ...) | trojan-activity | 2018-10561 | URL | ||
| 46849 | SERVER-WEBAPP IBM QRadar SIEM command injection attempt (more info ...) | web-application-attack | 2018-1418 | URL | ||
| 46850 | SERVER-WEBAPP IBM QRadar SIEM ForensicsAnalysisServlet authentication bypass attempt (more info ...) | web-application-attack | 2018-1418 | URL | ||
| 46851 | SERVER-WEBAPP IBM QRadar SIEM command injection attempt (more info ...) | web-application-attack | 2018-1418 | URL | ||
| 46852 | SERVER-WEBAPP IBM QRadar SIEM command injection attempt (more info ...) | web-application-attack | 2018-1418 | URL | ||
| 46854 | BROWSER-OTHER Electron nodeIntegration bypass exploit attempt (more info ...) | attempted-user | 2018-1000136 | URL | ||
| 46855 | BROWSER-OTHER Electron nodeIntegration bypass exploit attempt (more info ...) | attempted-user | 2018-1000136 | URL | ||
| 46858 | OS-OTHER TRUFFLEHUNTER TALOS-2018-0614 attack attempt (more info ...) | attempted-admin | URL | |||
| 46859 | OS-OTHER TRUFFLEHUNTER TALOS-2018-0614 attack attempt (more info ...) | attempted-admin | URL | |||
| 46864 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0606 attack attempt (more info ...) | attempted-user | 2018-3997 | URL | ||
| 46865 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0606 attack attempt (more info ...) | attempted-user | 2018-3997 | URL | ||
| 46867 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0604 attack attempt (more info ...) | web-application-attack | 2018-3937 | URL | ||
| 46868 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0604 attack attempt (more info ...) | web-application-attack | 2018-3937 | URL | ||
| 46869 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0604 attack attempt (more info ...) | web-application-attack | 2018-3937 | URL | ||
| 46874 | PUA-ADWARE Win.Pua.Softonic installer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46877 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0605 attack attempt (more info ...) | attempted-admin | 2018-3938 | URL | ||
| 46898 | SERVER-WEBAPP Atlassian OAuth plugin multiple versions server side request forgery attempt (more info ...) | web-application-attack | 2017-9506 | URL | ||
| 46921 | SERVER-WEBAPP Quest DR Series Disk Backup Login.pm command injection attempt (more info ...) | web-application-attack | 2018-11143 | URL | ||
| 46923 | SERVER-OTHER Mitsubishi Electric E-Designer Status_bit buffer overflow attempt (more info ...) | attempted-admin | 2017-9638 | |||
| 46924 | SERVER-OTHER Mitsubishi Electric E-Designer Status_bit buffer overflow attempt (more info ...) | attempted-admin | 2017-9638 | |||
| 46925 | SERVER-OTHER Mitsubishi Electric E-Designer font field buffer overflow attempt (more info ...) | attempted-admin | 2017-9638 | |||
| 46926 | SERVER-OTHER Mitsubishi Electric E-Designer font field buffer overflow attempt (more info ...) | attempted-admin | 2017-9638 | |||
| 46955 | OS-WINDOWS Windows 10 access control privilege escalation attempt (more info ...) | attempted-admin | 2018-1036 | URL | ||
| 46956 | OS-WINDOWS Windows 10 access control privilege escalation attempt (more info ...) | attempted-admin | 2018-1036 | URL | ||
| 46961 | OS-WINDOWS Windows Desktop Bridge privilege escalation attempt (more info ...) | attempted-admin | 2018-8214 | URL | ||
| 46962 | OS-WINDOWS Windows Desktop Bridge privilege escalation attempt (more info ...) | attempted-admin | 2018-8214 | URL | ||
| 46971 | SERVER-WEBAPP Quest DR Series Disk Backup UsersService.pm update method command injection attempt (more info ...) | web-application-attack | 2018-11144 | URL | ||
| 46972 | SERVER-WEBAPP Quest DR Series Disk Backup UsersService.pm update method command injection attempt (more info ...) | web-application-attack | 2018-11144 | URL | ||
| 46973 | SERVER-WEBAPP Quest DR Series Disk Backup UsersService.pm delete method command injection attempt (more info ...) | web-application-attack | 2018-11145 | URL | ||
| 46974 | SERVER-WEBAPP Quest DR Series Disk Backup UsersService.pm update_pw method command injection attempt (more info ...) | web-application-attack | 2018-11146 | URL | ||
| 46982 | SERVER-WEBAPP Quest DR Series Disk Backup SchedulesService.pm command injection attempt (more info ...) | web-application-attack | 2018-11150 | URL | ||
| 46986 | MALWARE-OTHER Win.Ransomware.Annabelle file download (more info ...) | trojan-activity | URL | |||
| 46987 | MALWARE-OTHER Win.Ransomware.Annabelle file download (more info ...) | trojan-activity | URL | |||
| 46988 | MALWARE-OTHER Win.Ransomware.MBRLock file download (more info ...) | trojan-activity | URL | |||
| 46989 | MALWARE-OTHER Win.Ransomware.MBRLock file download (more info ...) | trojan-activity | URL | |||
| 46990 | OS-OTHER Apple macOS and iOS fgetattrlist kernel heap overflow attempt (more info ...) | attempted-admin | 2018-4243 | |||
| 46991 | OS-OTHER Apple macOS and iOS fgetattrlist kernel heap overflow attempt (more info ...) | attempted-admin | 2018-4243 | |||
| 46997 | SERVER-WEBAPP XiongMai NVR login.htm buffer overflow attempt (more info ...) | attempted-admin | 2018-10088 | URL | ||
| 46999 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47000 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47001 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47002 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47017 | SERVER-WEBAPP Quest DR Series Disk Backup CompressionService.pm command injection attempt (more info ...) | web-application-attack | 2018-11152 | URL | ||
| 47020 | MALWARE-OTHER Portable Executable containing CoinHive download attempt (more info ...) | policy-violation | URL | |||
| 47021 | MALWARE-OTHER Portable Executable containing CoinHive download attempt (more info ...) | policy-violation | URL | |||
| 47022 | BROWSER-WEBKIT Apple WebKit memory corruption attempt (more info ...) | attempted-user | 2018-4233 | URL | ||
| 47023 | BROWSER-WEBKIT Apple WebKit memory corruption attempt (more info ...) | attempted-user | 2018-4233 | URL | ||
| 47028 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0621 attack attempt (more info ...) | attempted-dos | URL | |||
| 47029 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0621 attack attempt (more info ...) | attempted-dos | URL | |||
| 47031 | SERVER-WEBAPP Quest DR Series Disk Backup LicenseService.pm command injection attempt (more info ...) | web-application-attack | 2018-11155 | URL | ||
| 47037 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0619 attack attempt (more info ...) | attempted-admin | 2018-3950 | URL | ||
| 47039 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0618 attack attempt (more info ...) | web-application-attack | 2018-3949 | URL | ||
| 47040 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0618 attack attempt (more info ...) | web-application-attack | 2018-3949 | URL | ||
| 47049 | SERVER-WEBAPP CA Unified Infrastructure Management download_lar servelet directory traversal attempt (more info ...) | web-application-attack | 2016-5803 | URL | ||
| 47050 | SERVER-WEBAPP CA Unified Infrastructure Management download_lar servelet directory traversal attempt (more info ...) | web-application-attack | 2016-5803 | URL | ||
| 47062 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0620 attack attempt (more info ...) | attempted-admin | 2018-3951 | URL | ||
| 47074 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0623 attack attempt (more info ...) | attempted-user | URL | |||
| 47075 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0623 attack attempt (more info ...) | attempted-user | URL | |||
| 47077 | MALWARE-OTHER HTA script hidden window execution attempt (more info ...) | trojan-activity | URL | |||
| 47085 | SERVER-WEBAPP Advantech WebAccess authentication bypass attempt (more info ...) | web-application-attack | 2017-5152 | URL | ||
| 47104 | SERVER-WEBAPP LibreHealthIO LibreEHR directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47105 | SERVER-WEBAPP LibreHealthIO LibreEHR directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47106 | SERVER-WEBAPP LibreHealthIO LibreEHR directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47133 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0625 attack attempt (more info ...) | web-application-attack | 2018-3955 | URL | ||
| 47134 | SERVER-WEBAPP ZyXEL Armor Series Routers ozkerz command injection attempt (more info ...) | web-application-attack | URL | |||
| 47135 | SERVER-WEBAPP ZyXEL Armor Series Routers ozkerz command injection attempt (more info ...) | web-application-attack | URL | |||
| 47136 | SERVER-WEBAPP HP VAN SDN Controller uninstall action arbitrary command execution attempt (more info ...) | attempted-admin | URL | |||
| 47137 | SERVER-WEBAPP HP VAN SDN Controller default token authentication attempt (more info ...) | attempted-admin | URL | |||
| 47138 | SERVER-WEBAPP HP VAN SDN Controller default credentials authentication attempt (more info ...) | attempted-admin | URL | |||
| 47145 | SERVER-WEBAPP Quest DR Series Disk Backup EmailRelayHostService.pm command injection attempt (more info ...) | web-application-attack | 2018-11156 | URL | ||
| 47216 | SERVER-WEBAPP Quest DR Series Disk Backup StorageService.pm command injection attempt (more info ...) | web-application-attack | 2018-11158 | URL | ||
| 47234 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0627 attack attempt (more info ...) | attempted-user | 2018-3963 | URL | ||
| 47272 | OS-OTHER DHCPv6 flood denial of service attempt (more info ...) | attempted-dos | 2018-0372 | URL | ||
| 47273 | OS-OTHER DHCPv6 flood denial of service attempt (more info ...) | attempted-dos | 2018-0372 | URL | ||
| 47278 | MALWARE-OTHER Win.Ransomware.Gandcrab variant network share encryption attempt (more info ...) | trojan-activity | URL | |||
| 47326 | MALWARE-OTHER known malicious user-agent string - DanaBot (more info ...) | trojan-activity | URL | |||
| 47336 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0638 attack attempt (more info ...) | attempted-user | 2018-3976 | URL | ||
| 47337 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0638 attack attempt (more info ...) | attempted-user | 2018-3976 | URL | ||
| 47340 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0639 attack attempt (more info ...) | attempted-user | URL | |||
| 47341 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0639 attack attempt (more info ...) | attempted-user | URL | |||
| 47342 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0637 attack attempt (more info ...) | attempted-admin | 2018-3972 | URL | ||
| 47347 | SERVER-WEBAPP QNAP QCenter API account information disclosure attempt (more info ...) | attempted-recon | 2018-0706 | URL | ||
| 47348 | SERVER-WEBAPP QNAP QCenter API set_VM_passwd command injection attempt (more info ...) | attempted-admin | 2018-0707 | URL | ||
| 47349 | SERVER-WEBAPP QNAP QCenter API set_VM_passwd command injection attempt (more info ...) | attempted-admin | 2018-0707 | URL | ||
| 47358 | SERVER-WEBAPP CCTV-DVR command injection attempt (more info ...) | attempted-admin | URL | |||
| 47389 | SERVER-WEBAPP Oracle WebLogic Server arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2018-2894 | 104763 | URL | |
| 47390 | SERVER-WEBAPP Oracle WebLogic Server arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2018-2894 | 104763 | URL | |
| 47391 | SERVER-WEBAPP QNAP QCenter API set_VM_network command injection attempt (more info ...) | web-application-attack | 2018-0708 | URL | ||
| 47392 | SERVER-WEBAPP QNAP QCenter API set_VM_network command injection attempt (more info ...) | web-application-attack | 2018-0708 | URL | ||
| 47393 | SERVER-WEBAPP QNAP QCenter API command injection attempt (more info ...) | attempted-admin | 2018-0709 | URL | ||
| 47417 | PUA-ADWARE Slimware Utilities variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47418 | PUA-ADWARE Slimware Utilities variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47423 | SERVER-WEBAPP QNAP QCenter API date_config command injection attempt (more info ...) | web-application-attack | 2018-0709 | URL | ||
| 47428 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0645 attack attempt (more info ...) | attempted-user | 2018-3977 | URL | ||
| 47429 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0645 attack attempt (more info ...) | attempted-user | 2018-3977 | URL | ||
| 47437 | SERVER-WEBAPP Weblog Expert Web Server denial of service attempt (more info ...) | web-application-attack | 2018-7582 | |||
| 47440 | FILE-OTHER InPage reader remote code execution attemptt (more info ...) | attempted-user | 2017-12824 | |||
| 47441 | FILE-OTHER InPage reader remote code execution attemptt (more info ...) | attempted-user | 2017-12824 | |||
| 47453 | MALWARE-OTHER Win.Trojan.Gorgon attempted download (more info ...) | trojan-activity | URL | |||
| 47454 | MALWARE-OTHER Win.Trojan.Gorgon attempted download (more info ...) | trojan-activity | URL | |||
| 47458 | SERVER-WEBAPP Multiple products command injection attempt (more info ...) | web-application-attack | 2023-27076 | |||
| 47459 | SERVER-WEBAPP Multiple products command injection attempt (more info ...) | web-application-attack | 2023-27076 | |||
| 47460 | SERVER-WEBAPP Multiple products command injection attempt (more info ...) | web-application-attack | 2023-27076 | |||
| 47470 | SERVER-WEBAPP HomeMatic CCU2 remote arbitrary code execution attempt (more info ...) | attempted-user | 2018-7297 | |||
| 47506 | SERVER-WEBAPP Sitecore CMS default.aspx directory traversal attempt (more info ...) | web-application-attack | 2018-7669 | URL | ||
| 47507 | SERVER-WEBAPP Sitecore CMS default.aspx directory traversal attempt (more info ...) | web-application-attack | 2018-7669 | URL | ||
| 47508 | SERVER-WEBAPP Sitecore CMS default.aspx directory traversal attempt (more info ...) | web-application-attack | 2018-7669 | URL | ||
| 47514 | SERVER-WEBAPP Quest NetVault Backup Server checksession authentication bypass attempt (more info ...) | web-application-attack | 2018-1163 | |||
| 47535 | PUA-ADWARE Magic Downloader BHO variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47536 | PUA-ADWARE Magic Downloader BHO variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47542 | SERVER-WEBAPP Quest DR Series Disk Backup StorageGroupService.pm command injection attempt (more info ...) | web-application-attack | 2018-11160 | URL | ||
| 47545 | SERVER-WEBAPP MicroFocus Secure Messaging Gateway command injection attempt (more info ...) | web-application-attack | 2018-12465 | URL | ||
| 47558 | SERVER-WEBAPP Advantech WebAccess CertUpdate directory traversal attempt (more info ...) | web-application-attack | 2018-5445 | 102781 | URL | |
| 47559 | SERVER-WEBAPP Advantech WebAccess CertUpdate directory traversal attempt (more info ...) | web-application-attack | 2018-5445 | 102781 | URL | |
| 47560 | SERVER-WEBAPP Advantech WebAccess CertUpdate directory traversal attempt (more info ...) | web-application-attack | 2018-5445 | 102781 | URL | |
| 47561 | SERVER-WEBAPP Schneider Electric U.motion Builder directory traversal attempt (more info ...) | web-application-attack | 2018-7787 | 104447 | ||
| 47562 | SERVER-WEBAPP Schneider Electric U.motion Builder directory traversal attempt (more info ...) | web-application-attack | 2018-7787 | 104447 | ||
| 47563 | SERVER-WEBAPP Schneider Electric U.motion Builder directory traversal attempt (more info ...) | web-application-attack | 2018-7787 | 104447 | ||
| 47595 | OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (more info ...) | attempted-recon | 2018-3646 | |||
| 47596 | OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (more info ...) | attempted-recon | 2018-3646 | |||
| 47597 | OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (more info ...) | attempted-recon | 2018-3646 | |||
| 47598 | OS-OTHER Intel x86 L1 data cache side-channel analysis information leak attempt (more info ...) | attempted-recon | 2018-3646 | |||
| 47599 | SERVER-WEBAPP GitList searchTree git grep arbitrary command execution attempt (more info ...) | attempted-user | ||||
| 47604 | PROTOCOL-SCADA Rockwell Automation Allen-Bradley MicroLogix controller buffer overflow attempt (more info ...) | attempted-dos | 2017-16740 | 102474 | URL | |
| 47605 | SERVER-WEBAPP Joomla Gridbox app cross site scripting attempt (more info ...) | attempted-user | 2018-11690 | |||
| 47606 | SERVER-WEBAPP Quest DR Series Disk Backup DiagnosticsService.pm command injection attempt (more info ...) | web-application-attack | 2018-11165 | URL | ||
| 47613 | SERVER-WEBAPP Joomla Proclaim biblestudy backup access attempt (more info ...) | attempted-recon | ||||
| 47614 | SERVER-WEBAPP Quest DR Series Disk Backup ReplicationsService.pm command injection attempt (more info ...) | web-application-attack | 2018-11166 | URL | ||
| 47622 | SERVER-WEBAPP Piltz PASvisu denial of service attempt (more info ...) | attempted-dos | URL | |||
| 47632 | SERVER-WEBAPP Cogent DataHub arbitrary command execution attempt (more info ...) | attempted-admin | URL | |||
| 47641 | SERVER-WEBAPP IceWarp Mail Server directory traversal attempt (more info ...) | web-application-attack | 2015-1503 | |||
| 47642 | SERVER-WEBAPP IceWarp Mail Server directory traversal attempt (more info ...) | web-application-attack | 2015-1503 | |||
| 47643 | SERVER-WEBAPP IceWarp Mail Server directory traversal attempt (more info ...) | web-application-attack | 2015-1503 | |||
| 47644 | SERVER-WEBAPP IceWarp Mail Server directory traversal attempt (more info ...) | web-application-attack | 2015-1503 | |||
| 47645 | SERVER-WEBAPP IceWarp Mail Server directory traversal attempt (more info ...) | web-application-attack | 2015-1503 | |||
| 47646 | SERVER-WEBAPP IceWarp Mail Server directory traversal attempt (more info ...) | web-application-attack | 2015-1503 | |||
| 47651 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47652 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47653 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47654 | INDICATOR-COMPROMISE SettingContent-ms file type download attempt (more info ...) | attempted-user | 2018-8414 | URL | ||
| 47664 | SERVER-WEBAPP Dicoogle directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47665 | SERVER-WEBAPP ASUS RP-AC52 SetAVTransportURI SOAP action command injection attempt (more info ...) | attempted-admin | URL | |||
| 47671 | SERVER-WEBAPP Quest DR Series Disk Backup EmailAlertsService.pm command injection attempt (more info ...) | web-application-attack | 2018-11174 | URL | ||
| 47673 | SERVER-WEBAPP Quest DR Series Disk Backup NetworkInterfaceService.pm command injection attempt (more info ...) | web-application-attack | 2018-11175 | URL | ||
| 47674 | SERVER-WEBAPP Quest DR Series Disk Backup EncryptionService.pm command injection attempt (more info ...) | web-application-attack | 2018-11177 | URL | ||
| 47684 | SERVER-OTHER Mikrotik RouterOS directory traversal attempt (more info ...) | attempted-user | 2018-14847 | |||
| 47712 | SERVER-WEBAPP Quest DR Series Disk Backup CloudPortalService.pm command injection attempt (more info ...) | web-application-attack | 2018-11180 | URL | ||
| 47716 | SERVER-WEBAPP HP Client Automation Server directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 47721 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0670 attack attempt (more info ...) | attempted-user | 2019-7358 | URL | ||
| 47722 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0670 attack attempt (more info ...) | attempted-user | 2019-7358 | URL | ||
| 47727 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0662 attack attempt (more info ...) | attempted-user | 2018-3994 | URL | ||
| 47728 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0662 attack attempt (more info ...) | attempted-user | 2018-3994 | URL | ||
| 47729 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0659 attack attempt (more info ...) | attempted-admin | 2018-3991 | URL | ||
| 47744 | SERVER-WEBAPP Quest DR Series Disk Backup CustomerPortalService.pm command injection attempt (more info ...) | web-application-attack | 2018-11182 | URL | ||
| 47750 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0657 attack attempt (more info ...) | attempted-admin | 2018-3990 | URL | ||
| 47751 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0657 attack attempt (more info ...) | attempted-admin | 2018-3990 | URL | ||
| 47798 | SERVER-WEBAPP Trend Micro Email Encryption Gateway XML external entity injection attempt (more info ...) | web-application-attack | 2018-6225 | |||
| 47801 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0673 attack attempt (more info ...) | attempted-admin | 2018-4005 | URL | ||
| 47802 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0673 attack attempt (more info ...) | attempted-admin | 2018-4005 | URL | ||
| 47803 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0675 attack attempt (more info ...) | attempted-admin | 2018-4008 | URL | ||
| 47804 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0675 attack attempt (more info ...) | attempted-admin | 2018-4008 | URL | ||
| 47810 | SERVER-WEBAPP Oracle Glassfish unauthenticated directory traversal attempt (more info ...) | web-application-attack | 2017-1000028 | URL | ||
| 47812 | SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2018-15675 | URL | ||
| 47813 | SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2018-15675 | URL | ||
| 47814 | SERVER-WEBAPP CloudByte ElastiStor imageUploadServlet directory traversal attempt (more info ...) | web-application-attack | 2018-15675 | URL | ||
| 47815 | SERVER-WEBAPP CloudByte ElastiStor LicenseServlet directory traversal attempt (more info ...) | web-application-attack | 2018-15675 | URL | ||
| 47816 | SERVER-WEBAPP CloudByte ElastiStor LicenseServlet arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2018-15675 | URL | ||
| 47829 | SERVER-OTHER JBoss Richfaces expression language injection attempt (more info ...) | attempted-user | 2018-12532 | URL | ||
| 47840 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (more info ...) | attempted-user | URL | |||
| 47841 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0680 attack attempt (more info ...) | attempted-user | URL | |||
| 47844 | MALWARE-OTHER Win.Downloader.DDECmdExec variant download (more info ...) | trojan-activity | URL | |||
| 47845 | MALWARE-OTHER Win.Downloader.DDECmdExec variant download (more info ...) | trojan-activity | URL | |||
| 47846 | MALWARE-OTHER Win.Downloader.DDECmdExec variant download (more info ...) | trojan-activity | URL | |||
| 47847 | MALWARE-OTHER Win.Downloader.DDECmdExec variant download (more info ...) | trojan-activity | URL | |||
| 47848 | MALWARE-OTHER Win.Downloader.DDECmdExec variant download (more info ...) | trojan-activity | URL | |||
| 47849 | MALWARE-OTHER Win.Downloader.DDECmdExec variant download (more info ...) | trojan-activity | URL | |||
| 47861 | SERVER-WEBAPP Opsview Web Management Console testnotification command injection attempt (more info ...) | web-application-attack | 2018-16146 | URL | ||
| 47863 | SERVER-WEBAPP Opsview Web Management Console test_rancid_connection command injection attempt (more info ...) | web-application-attack | 2018-16144 | URL | ||
| 47864 | SERVER-WEBAPP Opsview Web Management Console test_rancid_connection command injection attempt (more info ...) | web-application-attack | 2018-16144 | URL | ||
| 47865 | SERVER-WEBAPP Opsview Web Management Console test_rancid_connection command injection attempt (more info ...) | web-application-attack | 2018-16144 | URL | ||
| 47866 | MALWARE-OTHER Html.Dropper.Xbash variant obfuscated powershell invocation (more info ...) | trojan-activity | URL | |||
| 47867 | MALWARE-OTHER Html.Dropper.Xbash variant obfuscated powershell invocation (more info ...) | trojan-activity | URL | |||
| 47868 | MALWARE-OTHER Img.Trojan.Xbash variant PNG file with an embedded Windows executable (more info ...) | trojan-activity | URL | |||
| 47869 | MALWARE-OTHER Img.Trojan.Xbash variant PNG file with an embedded Windows executable (more info ...) | trojan-activity | URL | |||
| 47913 | POLICY-OTHER Magecart redirect page detected (more info ...) | policy-violation | ||||
| 47914 | POLICY-OTHER Magecart js page injection attempt (more info ...) | policy-violation | ||||
| 47915 | POLICY-OTHER Magecart js page injection attempt (more info ...) | policy-violation | ||||
| 47917 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0682 attack attempt (more info ...) | attempted-user | URL | |||
| 47918 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0682 attack attempt (more info ...) | attempted-user | URL | |||
| 48038 | SERVER-OTHER Western Digital My Cloud authentication bypass attempt (more info ...) | attempted-admin | 2018-17153 | |||
| 48064 | SERVER-WEBAPP WP plugin Localize My Post directory traversal attempt (more info ...) | web-application-attack | 2018-16299 | URL | ||
| 48065 | SERVER-WEBAPP WP plugin Localize My Post directory traversal attempt (more info ...) | web-application-attack | 2018-16299 | URL | ||
| 48066 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0685 attack attempt (more info ...) | attempted-admin | 2018-4014 | URL | ||
| 48067 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0684 attack attempt (more info ...) | attempted-admin | 2018-4013 | URL | ||
| 48068 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0684 attack attempt (more info ...) | attempted-admin | 2018-4013 | URL | ||
| 48069 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0689 attack attempt (more info ...) | attempted-admin | 2018-4018 | URL | ||
| 48070 | SERVER-WEBAPP WP plugin Wechat Broadcast directory traversal attempt (more info ...) | web-application-attack | 2018-16283 | URL | ||
| 48071 | SERVER-WEBAPP WP plugin Wechat Broadcast remote file inclusion attempt (more info ...) | web-application-attack | 2018-16283 | URL | ||
| 48076 | PUA-ADWARE Win.Adware.Wajam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48077 | PUA-ADWARE Win.Adware.Wajam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48078 | PUA-ADWARE Win.Adware.OneSystemCare download attempt (more info ...) | trojan-activity | URL | |||
| 48097 | SERVER-WEBAPP D-Link DIR-816 syslogIp command injection attempt (more info ...) | web-application-attack | 2018-17064 | URL | ||
| 48098 | SERVER-WEBAPP D-Link DIR-816 syslogIp command injection attempt (more info ...) | web-application-attack | 2018-17064 | URL | ||
| 48099 | SERVER-WEBAPP D-Link DIR-816 syslogIp command injection attempt (more info ...) | web-application-attack | 2018-17064 | URL | ||
| 48105 | FILE-MULTIMEDIA libvorbis VORBIS audio data out of bounds write attempt (more info ...) | attempted-user | 2018-5146 | |||
| 48106 | FILE-MULTIMEDIA libvorbis VORBIS audio data out of bounds write attempt (more info ...) | attempted-user | 2018-5146 | |||
| 48110 | FILE-PDF Foxit Reader uninitialized pointer leak attempt (more info ...) | attempted-user | 2018-9948 | |||
| 48111 | FILE-PDF Foxit Reader text annotations use after free attempt (more info ...) | attempted-user | 2018-9958 | |||
| 48112 | FILE-PDF Foxit Reader uninitialized pointer leak attempt (more info ...) | attempted-user | 2018-9958 | |||
| 48113 | FILE-PDF Foxit Reader text annotations use after free attempt (more info ...) | attempted-user | 2018-9958 | |||
| 48141 | SERVER-WEBAPP D-Link DIR-816 diagnosis command injection attempt (more info ...) | web-application-attack | 2018-17068 | URL | ||
| 48142 | SERVER-WEBAPP D-Link DIR-816 diagnosis command injection attempt (more info ...) | web-application-attack | 2018-17068 | URL | ||
| 48143 | SERVER-WEBAPP D-Link DIR-816 diagnosis command injection attempt (more info ...) | web-application-attack | 2018-17068 | URL | ||
| 48159 | FILE-OTHER WECON LeviStudio UMP file stack buffer overflow attempt (more info ...) | attempted-user | 2018-10602 | |||
| 48164 | SERVER-WEBAPP HPE Intelligent Management Center FileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2017-5795 | |||
| 48178 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0690 attack attempt (more info ...) | web-application-attack | 2018-4021 | URL | ||
| 48179 | SERVER-OTHER HPE Intelligent Management Center imcwlandm stack buffer overflow attempt (more info ...) | attempted-admin | 2017-5805 | |||
| 48180 | SERVER-OTHER HPE Intelligent Management Center imcwlandm stack buffer overflow attempt (more info ...) | attempted-admin | 2017-5805 | |||
| 48181 | SERVER-OTHER HPE Intelligent Management Center imcwlandm stack buffer overflow attempt (more info ...) | attempted-admin | 2017-5805 | |||
| 48182 | SERVER-OTHER HPE Intelligent Management Center imcwlandm stack buffer overflow attempt (more info ...) | attempted-admin | 2017-5805 | |||
| 48183 | SERVER-OTHER HPE Intelligent Management Center imcwlandm stack buffer overflow attempt (more info ...) | attempted-admin | 2017-5805 | |||
| 48184 | SERVER-OTHER HPE Intelligent Management Center imcwlandm stack buffer overflow attempt (more info ...) | attempted-admin | 2017-5805 | |||
| 48185 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 48186 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 48187 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 48188 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 48189 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 48190 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 48206 | SERVER-WEBAPP Netgear WNAP devices boardData command injection attempt (more info ...) | web-application-attack | 2016-1555 | URL | ||
| 48207 | SERVER-WEBAPP Netgear WNAP devices boardData command injection attempt (more info ...) | web-application-attack | 2016-1555 | URL | ||
| 48208 | SERVER-WEBAPP Netgear WNAP devices boardData command injection attempt (more info ...) | web-application-attack | 2016-1555 | URL | ||
| 48235 | SERVER-OTHER NUUO NVRMini2 stack based buffer overflow attempt (more info ...) | attempted-admin | 2018-1149 | URL | ||
| 48247 | FILE-PDF Foxit Reader TypedArray uninitialized memory disclosure attempt (more info ...) | attempted-user | ||||
| 48248 | FILE-PDF Foxit Reader TypedArray uninitialized memory disclosure attempt (more info ...) | attempted-user | ||||
| 48256 | SERVER-WEBAPP Rubedo CMS Directory Traversal Attempt directory traversal attempt (more info ...) | web-application-attack | 2018-16836 | URL | ||
| 48257 | SERVER-WEBAPP Imperva SecureSphere command injection attempt (more info ...) | web-application-attack | URL | |||
| 48273 | SERVER-WEBAPP Cockpit CMS media API directory traversal attempt (more info ...) | web-application-attack | 2018-15540 | URL | ||
| 48274 | SERVER-WEBAPP Cockpit CMS media API directory traversal attempt (more info ...) | web-application-attack | 2018-15540 | URL | ||
| 48297 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0705 attack attempt (more info ...) | attempted-admin | 2019-5011 | URL | ||
| 48298 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0705 attack attempt (more info ...) | attempted-admin | 2019-5011 | URL | ||
| 48303 | INDICATOR-OBFUSCATION RTF file objdata hex-escape obfuscation attempt (more info ...) | attempted-user | ||||
| 48304 | INDICATOR-OBFUSCATION RTF file objdata hex-escape obfuscation attempt (more info ...) | attempted-user | ||||
| 48305 | INDICATOR-OBFUSCATION RTF file objdata hlsrc obfuscation attempt (more info ...) | attempted-user | ||||
| 48306 | INDICATOR-OBFUSCATION RTF file objdata hlsrc obfuscation attempt (more info ...) | attempted-user | ||||
| 48380 | SERVER-WEBAPP Quest DR Series Disk Backup SupportPortalService.pm command injection attempt (more info ...) | web-application-attack | 2018-11185 | URL | ||
| 48411 | SERVER-WEBAPP ManageEngine Firewall Analyzer oputilsServlet unauthorized API key disclosure attempt (more info ...) | attempted-recon | 2018-17283 | URL | ||
| 48418 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0714 attack attempt (more info ...) | attempted-user | URL | |||
| 48419 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0714 attack attempt (more info ...) | attempted-user | URL | |||
| 48420 | MALWARE-OTHER Win.Trojan.Bondupdater payload delivery attempt (more info ...) | trojan-activity | URL | |||
| 48421 | MALWARE-OTHER Win.Trojan.Bondupdater payload delivery attempt (more info ...) | trojan-activity | URL | |||
| 48427 | SERVER-WEBAPP Quest DR Series Disk Backup DateTimeService.pm command injection attempt (more info ...) | web-application-attack | 2018-11186 | URL | ||
| 48428 | SERVER-WEBAPP Quest DR Series Disk Backup GlobalViewService.pm command injection attempt (more info ...) | web-application-attack | 2018-11188 | URL | ||
| 48433 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0724 attack attempt (more info ...) | attempted-admin | 2018-4053 | URL | ||
| 48434 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0724 attack attempt (more info ...) | attempted-admin | 2018-4053 | URL | ||
| 48440 | EXPLOIT-KIT Qadars exploit kit attempt (more info ...) | web-application-attack | ||||
| 48456 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0730 attack attempt (more info ...) | web-application-attack | 2018-4056 | URL | ||
| 48457 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0730 attack attempt (more info ...) | web-application-attack | 2018-4056 | URL | ||
| 48459 | BROWSER-IE TRUFFLEHUNTER TALOS-2018-0734 attack attempt (more info ...) | attempted-user | URL | |||
| 48460 | BROWSER-IE TRUFFLEHUNTER TALOS-2018-0734 attack attempt (more info ...) | attempted-user | URL | |||
| 48468 | MALWARE-OTHER Win.Trojan.tRat variant inbound payload attempt (more info ...) | trojan-activity | URL | |||
| 48469 | MALWARE-OTHER Win.Trojan.tRat variant inbound payload attempt (more info ...) | trojan-activity | URL | |||
| 48481 | SERVER-OTHER Oracle WebLogic remote code execution attempt (more info ...) | attempted-user | 2018-3191 | URL | ||
| 48482 | SERVER-OTHER Oracle WebLogic remote code execution attempt (more info ...) | attempted-user | 2018-3191 | URL | ||
| 48483 | SERVER-OTHER Oracle WebLogic remote code execution attempt (more info ...) | attempted-user | 2018-3191 | URL | ||
| 48500 | SERVER-OTHER Kubernetes API Server bypass attempt (more info ...) | attempted-admin | 2018-1002105 | URL | ||
| 48501 | MALWARE-TOOLS Win.Tool.Delete variant download detected (more info ...) | attempted-user | URL | |||
| 48502 | MALWARE-TOOLS Win.Tool.Delete variant download detected (more info ...) | attempted-user | URL | |||
| 48522 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0738 attack attempt (more info ...) | attempted-dos | URL | |||
| 48523 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0738 attack attempt (more info ...) | attempted-dos | URL | |||
| 48524 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0735 attack attempt (more info ...) | attempted-dos | URL | |||
| 48525 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0741 attack attempt (more info ...) | attempted-user | URL | |||
| 48529 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0744 attack attempt (more info ...) | attempted-user | 2018-4060 | URL | ||
| 48530 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0744 attack attempt (more info ...) | attempted-user | 2018-4060 | URL | ||
| 48545 | SERVER-OTHER LSIS XP-Manager denial of service attempt (more info ...) | attempted-dos | ||||
| 48546 | BROWSER-WEBKIT WebKit RegEx engine optimization arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 48547 | BROWSER-WEBKIT WebKit RegEx engine optimization arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 48548 | SERVER-OTHER Kubernetes API Server bypass attempt (more info ...) | attempted-admin | 2018-1002105 | URL | ||
| 48553 | FILE-IDENTIFY Omron CX-Supervisor project file file download request (more info ...) | misc-activity | URL | |||
| 48554 | FILE-IDENTIFY Omron CX-Supervisor project file file attachment detected (more info ...) | misc-activity | URL | |||
| 48555 | FILE-IDENTIFY Omron CX-Supervisor project file file attachment detected (more info ...) | misc-activity | URL | |||
| 48556 | FILE-IDENTIFY Omron CX-Supervisor project file file attachment detected (more info ...) | misc-activity | URL | |||
| 48557 | FILE-OTHER Omron CX-Supervisor malicious project file download attempt (more info ...) | attempted-user | URL | |||
| 48563 | SERVER-WEBAPP Pilz PASvisu arbitrary file upload attempt (more info ...) | web-application-attack | ||||
| 48574 | INDICATOR-COMPROMISE malicious jquery.js load attempt (more info ...) | attempted-user | URL | |||
| 48575 | INDICATOR-COMPROMISE malicious jquery.js load attempt (more info ...) | attempted-user | URL | |||
| 48593 | PROTOCOL-VOIP SIP over SCTP wildcard VIA address attempt (more info ...) | attempted-dos | 2018-15454 | URL | ||
| 48600 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0755 attack attempt (more info ...) | attempted-recon | 2018-4071 | URL | ||
| 48603 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0756 attack attempt (more info ...) | attempted-user | 2018-4073 | URL | ||
| 48614 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0752 attack attempt (more info ...) | web-application-attack | 2018-4067 | URL | ||
| 48615 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0748 attack attempt (more info ...) | attempted-admin | 2018-4063 | URL | ||
| 48616 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0748 attack attempt (more info ...) | attempted-admin | 2018-4063 | URL | ||
| 48617 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0746 attack attempt (more info ...) | attempted-admin | 2018-4061 | URL | ||
| 48619 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0750 attack attempt (more info ...) | attempted-user | 2018-4065 | URL | ||
| 48621 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0749 attack attempt (more info ...) | attempted-user | 2018-4064 | URL | ||
| 48638 | SERVER-WEBAPP ZyXEL Armor Series Routers photobak command injection attempt (more info ...) | web-application-attack | URL | |||
| 48639 | SERVER-WEBAPP ZyXEL Armor Series Routers photobak command injection attempt (more info ...) | web-application-attack | URL | |||
| 48689 | FILE-OTHER TRUFFLEHUNTER SFVRT-1038 attack attempt (more info ...) | attempted-admin | ||||
| 48690 | FILE-OTHER TRUFFLEHUNTER SFVRT-1038 attack attempt (more info ...) | attempted-admin | ||||
| 48691 | BROWSER-IE TRUFFLEHUNTER SFVRT-1039 attack attempt (more info ...) | attempted-recon | ||||
| 48692 | BROWSER-IE TRUFFLEHUNTER SFVRT-1039 attack attempt (more info ...) | attempted-recon | ||||
| 48715 | MALWARE-OTHER Js.Dropper.Ramnit payload drop attempt (more info ...) | trojan-activity | URL | |||
| 48716 | MALWARE-OTHER Js.Trojan.MagentoCore infected page detected (more info ...) | trojan-activity | URL | |||
| 48717 | MALWARE-OTHER Js.Trojan.MagentoCore infected page detected (more info ...) | trojan-activity | URL | |||
| 48718 | MALWARE-OTHER Win.Trojan.Occamy inbound payload attempt (more info ...) | trojan-activity | URL | |||
| 48719 | MALWARE-OTHER Js.Trojan.Coinminer variant infected page detected (more info ...) | trojan-activity | URL | |||
| 48720 | MALWARE-OTHER Js.Trojan.Coinminer variant infected page detected (more info ...) | trojan-activity | URL | |||
| 48735 | SERVER-WEBAPP MailCleaner managetracing searchAction command injection attempt (more info ...) | web-application-attack | 2018-20323 | URL | ||
| 48736 | SERVER-WEBAPP MailCleaner managetracing searchAction command injection attempt (more info ...) | web-application-attack | 2018-20323 | URL | ||
| 48737 | SERVER-WEBAPP MailCleaner managetracing searchAction command injection attempt (more info ...) | web-application-attack | 2018-20323 | URL | ||
| 48740 | SERVER-WEBAPP Tridium Niagara default administrator account login attempt (more info ...) | attempted-admin | 2017-16748 | URL | ||
| 48741 | MALWARE-OTHER Js.Trojan.Agent variant inbound payload attempt (more info ...) | trojan-activity | URL | |||
| 48742 | MALWARE-OTHER Js.Trojan.Agent variant inbound payload attempt (more info ...) | trojan-activity | URL | |||
| 48743 | MALWARE-OTHER Js.Trojan.Agent variant inbound payload attempt (more info ...) | trojan-activity | URL | |||
| 48747 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0751 attack attempt (more info ...) | web-application-attack | 2018-4066 | URL | ||
| 48784 | MALWARE-OTHER Win.Worm.Shamoon propagation via SMB2 transfer attempt (more info ...) | trojan-activity | URL | |||
| 48803 | MALWARE-OTHER samsam.exe file name detected (more info ...) | trojan-activity | URL | |||
| 48804 | MALWARE-OTHER Ransomware SamSam variant detected (more info ...) | trojan-activity | URL | |||
| 48805 | MALWARE-OTHER Ransomware SamSam variant detected (more info ...) | trojan-activity | URL | |||
| 48811 | MALWARE-OTHER SamSam associated file (more info ...) | trojan-activity | URL | |||
| 48812 | MALWARE-OTHER Ransomware SamSam variant detected (more info ...) | trojan-activity | URL | |||
| 48813 | MALWARE-OTHER Ransomware SamSam variant detected (more info ...) | trojan-activity | URL | |||
| 48814 | MALWARE-OTHER Ransomware SamSam variant detected (more info ...) | trojan-activity | URL | |||
| 48815 | SERVER-WEBAPP Kibana Console for Elasticsearch local file inclusion attempt (more info ...) | web-application-attack | 2018-17246 | URL | ||
| 48826 | SERVER-WEBAPP Delta Industrial Automation Robot DRAStudio directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 48850 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0760 attack attempt (more info ...) | attempted-admin | 2019-5013 | URL | ||
| 48851 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0760 attack attempt (more info ...) | attempted-admin | 2019-5013 | URL | ||
| 48852 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0757 attack attempt (more info ...) | attempted-dos | URL | |||
| 48853 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0757 attack attempt (more info ...) | attempted-dos | URL | |||
| 48856 | MALWARE-OTHER Win.Trojan.L0rdix binary download attempt (more info ...) | trojan-activity | URL | |||
| 48869 | MALWARE-OTHER Js.Dropper.Agent variant inbound payload download (more info ...) | trojan-activity | URL | |||
| 48870 | MALWARE-OTHER Js.Dropper.Agent variant inbound payload download (more info ...) | trojan-activity | URL | |||
| 48871 | MALWARE-OTHER Win.Trojan.Mimikatz inbound payload download (more info ...) | trojan-activity | URL | |||
| 49042 | PUA-ADWARE Osx.Adware.FairyTail variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49043 | PUA-ADWARE Osx.Adware.Genieo variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49044 | PUA-ADWARE Osx.Adware.MacSearch variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49045 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0762 attack attempt (more info ...) | attempted-user | URL | |||
| 49046 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0762 attack attempt (more info ...) | attempted-user | URL | |||
| 49070 | MALWARE-OTHER Win.Ransomware.Anatova variant detected (more info ...) | trojan-activity | URL | |||
| 49071 | MALWARE-OTHER Win.Ransomware.Anatova variant detected (more info ...) | trojan-activity | URL | |||
| 49072 | MALWARE-OTHER Win.Ransomware.Anatova variant network share encryption attempt (more info ...) | trojan-activity | URL | |||
| 49085 | FILE-OTHER Ghostscript PostScript remote code execution attempt (more info ...) | attempted-user | 2019-6116 | |||
| 49086 | FILE-OTHER Ghostscript PostScript remote code execution attempt (more info ...) | attempted-user | 2019-6116 | |||
| 49088 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0773 attack attempt (more info ...) | attempted-admin | 2019-5015 | URL | ||
| 49089 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0773 attack attempt (more info ...) | attempted-admin | 2019-5015 | URL | ||
| 49090 | SERVER-SAMBA Samba is_known_pipe arbitrary module load code execution attempt (more info ...) | attempted-user | 2017-7494 | URL | ||
| 49098 | SERVER-WEBAPP Joomla Easy Shop local file inclusion attempt (more info ...) | web-application-attack | URL | |||
| 49111 | PUA-OTHER XMRig cryptocurrency miner download attempt (more info ...) | policy-violation | ||||
| 49171 | OS-WINDOWS NTLM authentication relay attempt (more info ...) | attempted-user | 2018-8581 | URL | ||
| 49189 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0778 attack attempt (more info ...) | attempted-user | URL | |||
| 49190 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0778 attack attempt (more info ...) | attempted-user | URL | |||
| 49191 | SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt (more info ...) | attempted-user | 2018-1216 | |||
| 49194 | PUA-OTHER XMR-Stak cryptocurrency mining pool connection attempt (more info ...) | policy-violation | URL | |||
| 49195 | SERVER-OTHER Multiple products runc arbitrary code execution attempt (more info ...) | attempted-admin | 2019-5736 | |||
| 49198 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0783 attack attempt (more info ...) | web-application-attack | 2019-5022 | URL | ||
| 49205 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0779 attack attempt (more info ...) | attempted-user | URL | |||
| 49206 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0779 attack attempt (more info ...) | attempted-user | URL | |||
| 49237 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0781 attack attempt (more info ...) | attempted-dos | 2019-5020 | URL | ||
| 49238 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0781 attack attempt (more info ...) | attempted-dos | 2019-5020 | URL | ||
| 49252 | SERVER-OTHER HP iNode Management Center iNodeMngChecker buffer overflow attempt (more info ...) | attempted-user | 2011-1867 | |||
| 49282 | SERVER-WEBAPP Magecart inbound scan for vulnerable plugin attempt (more info ...) | web-application-attack | ||||
| 49289 | FILE-OTHER WinRAR ACE remote code execution attempt (more info ...) | attempted-user | 2018-20250 | URL | ||
| 49290 | FILE-OTHER WinRAR ACE remote code execution attempt (more info ...) | attempted-user | 2018-20250 | URL | ||
| 49362 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0787 attack attempt (more info ...) | attempted-recon | 2019-10323 | URL | ||
| 49363 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0786 attack attempt (more info ...) | attempted-recon | 2019-5025 | URL | ||
| 49418 | SERVER-WEBAPP Orange LiveBox unauthorized credentials access attempt (more info ...) | attempted-recon | 2018-20377 | URL | ||
| 49449 | SERVER-OTHER ASP webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49450 | SERVER-OTHER CFM webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49451 | SERVER-OTHER ASP webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49452 | SERVER-OTHER Perl webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49453 | SERVER-OTHER CFM webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49454 | SERVER-OTHER CFM webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49455 | SERVER-OTHER Perl webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49459 | SERVER-OTHER Perl webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49460 | SERVER-OTHER ASP webshell upload attempt (more info ...) | attempted-user | URL | |||
| 49486 | FILE-OTHER Snapd dirty_sock exploit download attempt (more info ...) | attempted-user | 2019-7304 | URL | ||
| 49487 | FILE-OTHER Snapd dirty_sock exploit download attempt (more info ...) | attempted-user | 2019-7304 | URL | ||
| 49488 | FILE-OTHER Snapd dirty_sock exploit download attempt (more info ...) | attempted-user | 2019-7304 | URL | ||
| 49489 | FILE-OTHER Snapd dirty_sock exploit download attempt (more info ...) | attempted-user | 2019-7304 | URL | ||
| 49498 | SERVER-WEBAPP Jenkins Groovy metaprogramming remote code execution attempt (more info ...) | attempted-admin | 2019-1003002 | URL | ||
| 49499 | SERVER-WEBAPP Jenkins Groovy metaprogramming remote code execution attempt (more info ...) | attempted-admin | 2019-1003002 | URL | ||
| 49502 | SERVER-WEBAPP Ruby on Rails render file directory traversal attempt (more info ...) | web-application-attack | 2019-5418 | |||
| 49503 | SERVER-WEBAPP Ruby on Rails render file directory traversal attempt (more info ...) | web-application-attack | 2019-5418 | |||
| 49522 | SERVER-WEBAPP Magecart infected page outbound request attempt (more info ...) | web-application-attack | ||||
| 49529 | INDICATOR-COMPROMISE Responder poisoner download attempt (more info ...) | misc-attack | URL | |||
| 49530 | INDICATOR-COMPROMISE Responder poisoner download attempt (more info ...) | misc-attack | URL | |||
| 49531 | INDICATOR-COMPROMISE Responder poisoner download attempt (more info ...) | misc-attack | URL | |||
| 49532 | INDICATOR-COMPROMISE Responder poisoner download attempt (more info ...) | misc-attack | URL | |||
| 49535 | MALWARE-OTHER Win.Ransomware.Yatron payload download attempt (more info ...) | trojan-activity | URL | |||
| 49536 | MALWARE-OTHER Win.Ransomware.Yatron payload download attempt (more info ...) | trojan-activity | URL | |||
| 49569 | MALWARE-OTHER PowerShell invocation with ExecutionPolicy Bypass attempt (more info ...) | trojan-activity | URL | |||
| 49598 | SERVER-WEBAPP Fiberhome AN5506-04-F RP2669 cross site scripting attempt (more info ...) | attempted-user | 2019-9556 | URL | ||
| 49620 | SERVER-WEBAPP Advantech WebAccess Dashboard directory traversal attempt (more info ...) | web-application-attack | 2018-15706 | URL | ||
| 49621 | SERVER-WEBAPP Advantech WebAccess Dashboard directory traversal attempt (more info ...) | web-application-attack | 2018-15706 | URL | ||
| 49622 | SERVER-WEBAPP Advantech WebAccess Dashboard directory traversal attempt (more info ...) | web-application-attack | 2018-15706 | URL | ||
| 49628 | OS-WINDOWS Huawei PCManager device driver privilege escalation attempt (more info ...) | attempted-admin | 2019-5242 | |||
| 49629 | OS-WINDOWS Huawei PCManager device driver privilege escalation attempt (more info ...) | attempted-admin | 2019-5242 | |||
| 49630 | OS-WINDOWS Huawei PCManager device driver privilege escalation attempt (more info ...) | attempted-admin | 2019-5242 | |||
| 49631 | OS-WINDOWS Huawei PCManager device driver privilege escalation attempt (more info ...) | attempted-admin | 2019-5242 | |||
| 49642 | SERVER-WEBAPP Multiple PACS Server directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49643 | SERVER-WEBAPP Multiple PACS Server directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49644 | SERVER-WEBAPP Multiple PACS Server directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49648 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0793 attack attempt (more info ...) | attempted-user | 2019-5031 | URL | ||
| 49649 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0793 attack attempt (more info ...) | attempted-user | 2019-5031 | URL | ||
| 49667 | SERVER-WEBAPP Flexpaper and Flowpaper command injection attempt (more info ...) | web-application-attack | 2018-11686 | URL | ||
| 49668 | SERVER-WEBAPP Flexpaper and Flowpaper deletion of configuration file attempt (more info ...) | web-application-attack | 2018-11686 | URL | ||
| 49669 | SERVER-WEBAPP Flexpaper and Flowpaper potential arbitrary file deletion attempt (more info ...) | web-application-attack | 2018-11686 | URL | ||
| 49670 | SERVER-OTHER Hashicorp Consul services API remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 49671 | INDICATOR-COMPROMISE Script execution from TOR attempt (more info ...) | attempted-admin | URL | |||
| 49684 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0796 attack attempt (more info ...) | attempted-user | URL | |||
| 49685 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0796 attack attempt (more info ...) | attempted-user | URL | |||
| 49690 | INDICATOR-SHELLCODE KernelFuzzer system call 64 bit (more info ...) | shellcode-detect | ||||
| 49691 | INDICATOR-SHELLCODE KernelFuzzer system call 64 bit (more info ...) | shellcode-detect | ||||
| 49694 | OS-WINDOWS Windows CSRSS privilege escalation attempt (more info ...) | attempted-admin | 2019-0735 | URL | ||
| 49695 | OS-WINDOWS Windows CSRSS privilege escalation attempt (more info ...) | attempted-admin | 2019-0735 | URL | ||
| 49766 | MALWARE-OTHER Win.Ransomware.Cr1ptT0r download attempt (more info ...) | trojan-activity | URL | |||
| 49767 | MALWARE-OTHER Win.Ransomware.Cr1ptT0r download attempt (more info ...) | trojan-activity | URL | |||
| 49770 | MALWARE-OTHER Win.Trojan.Imminent variant download attempt (more info ...) | trojan-activity | URL | |||
| 49771 | MALWARE-OTHER Win.Trojan.Imminent variant download attempt (more info ...) | trojan-activity | URL | |||
| 49817 | SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (more info ...) | web-application-attack | ||||
| 49818 | SERVER-WEBAPP Trend Micro DDEI directory traversal attempt (more info ...) | web-application-attack | ||||
| 49837 | SERVER-WEBAPP Tpshop remote file include attempt (more info ...) | web-application-attack | 2018-9919 | URL | ||
| 49838 | SERVER-WEBAPP Tpshop remote file include attempt (more info ...) | web-application-attack | 2018-9919 | URL | ||
| 49839 | SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (more info ...) | web-application-attack | 2018-15138 | URL | ||
| 49840 | SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (more info ...) | web-application-attack | 2018-15138 | URL | ||
| 49841 | SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (more info ...) | web-application-attack | 2018-15138 | URL | ||
| 49842 | SERVER-WEBAPP LG-Ericsson iPECS NMS 30M directory traversal attempt (more info ...) | web-application-attack | 2018-15138 | URL | ||
| 49850 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (more info ...) | attempted-user | URL | |||
| 49851 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0804 attack attempt (more info ...) | attempted-user | URL | |||
| 49865 | FILE-OTHER Multiple Products XML external entity information disclosure attempt (more info ...) | misc-attack | 2019-9670 | URL | ||
| 49888 | MALWARE-OTHER Doc.Dropper.Emotet malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 49889 | MALWARE-OTHER Doc.Dropper.Emotet malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 49890 | SERVER-OTHER HP OpenView Storage Data Protector arbitrary command execution attempt (more info ...) | attempted-admin | 2014-2623 | |||
| 49891 | SERVER-OTHER HP OpenView Storage Data Protector arbitrary command execution attempt (more info ...) | attempted-admin | 2014-2623 | |||
| 49892 | SERVER-OTHER HP OpenView Storage Data Protector arbitrary command execution attempt (more info ...) | attempted-admin | 2014-2623 | |||
| 49893 | SERVER-OTHER HP OpenView Storage Data Protector arbitrary command execution attempt (more info ...) | attempted-admin | 2014-2623 | |||
| 49894 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0812 attack attempt (more info ...) | attempted-user | URL | |||
| 49895 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0812 attack attempt (more info ...) | attempted-user | URL | |||
| 49896 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0813 attack attempt (more info ...) | attempted-user | URL | |||
| 49897 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0813 attack attempt (more info ...) | attempted-user | URL | |||
| 49898 | SERVER-WEBAPP Zimbra SSRF privilege escalation attempt (more info ...) | attempted-admin | 2019-9621 | URL | ||
| 49899 | SERVER-WEBAPP Oracle Business Intelligence and XML Publisher XML external entity injection attempt (more info ...) | web-application-attack | 2019-2616 | URL | ||
| 49900 | BROWSER-PLUGINS HP OPOS driver stack buffer overflow attempt (more info ...) | attempted-admin | 2014-7891 | |||
| 49901 | BROWSER-PLUGINS HP OPOS ToneIndicator stack buffer overflow attempt (more info ...) | attempted-admin | 2014-7890 | |||
| 49902 | BROWSER-PLUGINS HP OPOS ToneIndicator stack buffer overflow attempt (more info ...) | attempted-user | 2014-7890 | |||
| 49903 | BROWSER-PLUGINS HP OPOS ToneIndicator stack buffer overflow attempt (more info ...) | attempted-user | 2014-7890 | |||
| 49906 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0814 attack attempt (more info ...) | attempted-user | 2019-5045 | URL | ||
| 49907 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0814 attack attempt (more info ...) | attempted-user | 2019-5045 | URL | ||
| 49908 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0815 attack attempt (more info ...) | attempted-user | 2019-5046 | URL | ||
| 49909 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0815 attack attempt (more info ...) | attempted-user | 2019-5046 | URL | ||
| 49912 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0811 attack attempt (more info ...) | attempted-user | 2019-5044 | URL | ||
| 49921 | SERVER-WEBAPP Rocket Servergraph Admin Center userRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 49922 | SERVER-WEBAPP Rocket Servergraph Admin Center userRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 49923 | SERVER-WEBAPP Rocket Servergraph Admin Center userRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 49924 | SERVER-WEBAPP Rocket Servergraph Admin Center tsmRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 49925 | SERVER-WEBAPP Rocket Servergraph Admin Center tsmRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 49926 | SERVER-WEBAPP Rocket Servergraph Admin Center tsmRequest command injection attempt (more info ...) | web-application-attack | 2014-3915 | |||
| 49927 | BROWSER-PLUGINS HP OPOS Point of Sale Driver stack buffer overflow attempt (more info ...) | attempted-user | 2014-7891 | |||
| 49933 | MALWARE-OTHER Xls.Dropper.RogueRobin file download attempt (more info ...) | trojan-activity | URL | |||
| 49934 | MALWARE-OTHER Xls.Dropper.RogueRobin file download attempt (more info ...) | trojan-activity | URL | |||
| 49935 | MALWARE-OTHER Win.Trojan.RogueRobin executable file download attempt (more info ...) | trojan-activity | URL | |||
| 49936 | MALWARE-OTHER Win.Trojan.RogueRobin executable file download attempt (more info ...) | trojan-activity | URL | |||
| 49942 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 49943 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 49944 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 49945 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-admin | 2019-2725 | 97884 | URL | |
| 49946 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-admin | 2019-2725 | 97884 | URL | |
| 49958 | MALWARE-OTHER Win.Ransomware.Clop download attempt (more info ...) | attempted-user | URL | |||
| 49959 | MALWARE-OTHER Win.Ransomware.Clop download attempt (more info ...) | attempted-user | URL | |||
| 49960 | MALWARE-OTHER Win.Ransomware.Clop download attempt (more info ...) | attempted-user | URL | |||
| 49961 | MALWARE-OTHER Win.Ransomware.Clop download attempt (more info ...) | attempted-user | URL | |||
| 49965 | SERVER-WEBAPP Atlassian confluence widget remote code execution attempt (more info ...) | web-application-attack | 2019-3396 | |||
| 49966 | SERVER-WEBAPP Oracle Business Intelligence directory traversal attempt (more info ...) | web-application-attack | 2019-2588 | URL | ||
| 49967 | SERVER-WEBAPP Oracle Business Intelligence directory traversal attempt (more info ...) | web-application-attack | 2019-2588 | URL | ||
| 49980 | SERVER-OTHER SAP NetWeaver Gateway arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 49981 | SERVER-OTHER SAP NetWeaver Gateway arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 50001 | SERVER-OTHER SAP NetWeaver Gateway arbitrary command execution attempt (more info ...) | attempted-user | URL | |||
| 50002 | SERVER-OTHER SAP NetWeaver Gateway arbitrary command execution attempt (more info ...) | attempted-user | URL | |||
| 50003 | SERVER-OTHER SAP NetWeaver Message Server RFC server registration attempt (more info ...) | attempted-user | URL | |||
| 50014 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50015 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50016 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50017 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50018 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50019 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50020 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50021 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50022 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50023 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50024 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50025 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2725 | URL | ||
| 50033 | BROWSER-WEBKIT Apple WebKit updateReferencedText use-after-free attempt (more info ...) | attempted-user | 2018-4315 | URL | ||
| 50034 | BROWSER-WEBKIT Apple WebKit updateReferencedText use-after-free attempt (more info ...) | attempted-user | 2018-4315 | URL | ||
| 50041 | SERVER-WEBAPP Jenkins CI Server ASTTest code execution attempt (more info ...) | attempted-user | 2018-1000861 | URL | ||
| 50042 | MALWARE-OTHER Win.Dropper.Fareit variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 50043 | MALWARE-OTHER Win.Dropper.Fareit variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 50044 | MALWARE-OTHER Win.Dropper.FormBook variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 50045 | MALWARE-OTHER Win.Dropper.FormBook variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 50046 | MALWARE-OTHER Win.Trojan.GenKryptik variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 50047 | MALWARE-OTHER Win.Trojan.GenKryptik variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 50065 | MALWARE-OTHER Win.Ransomware.Robinhood variant file transfer attempt (more info ...) | trojan-activity | URL | |||
| 50066 | MALWARE-OTHER Win.Ransomware.Robinhood variant file transfer attempt (more info ...) | trojan-activity | URL | |||
| 50084 | OS-WINDOWS Windows Kernel Registry Virtualization privilege escalation attempt (more info ...) | attempted-admin | 2019-0881 | URL | ||
| 50085 | OS-WINDOWS Windows Kernel Registry Virtualization privilege escalation attempt (more info ...) | attempted-admin | 2019-0881 | URL | ||
| 50093 | INDICATOR-COMPROMISE Responder poisoner HTTP attack attempt (more info ...) | misc-attack | URL | |||
| 50094 | INDICATOR-COMPROMISE Responder poisoner HTTP attack attempt (more info ...) | misc-attack | URL | |||
| 50095 | INDICATOR-COMPROMISE Responder poisoner self-signed certificate attempt (more info ...) | misc-attack | URL | |||
| 50096 | INDICATOR-COMPROMISE Responder poisoner toolkit download attempt (more info ...) | misc-attack | URL | |||
| 50098 | INDICATOR-COMPROMISE Responder poisoner HTTP attack attempt (more info ...) | misc-attack | URL | |||
| 50099 | INDICATOR-COMPROMISE Responder poisoner HTTP attack attempt (more info ...) | misc-attack | URL | |||
| 50102 | INDICATOR-COMPROMISE Responder poisoner LDAP attack attempt (more info ...) | misc-attack | URL | |||
| 50103 | INDICATOR-COMPROMISE Responder poisoner SMB negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 50104 | INDICATOR-COMPROMISE Responder poisoner SMB negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 50105 | INDICATOR-COMPROMISE Responder poisoner SMB negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 50106 | INDICATOR-COMPROMISE Responder poisoner SMB attack attempt (more info ...) | misc-attack | URL | |||
| 50112 | MALWARE-OTHER Win.Ransomware.Agent ransom note transfer over SMB (more info ...) | trojan-activity | URL | |||
| 50113 | MALWARE-OTHER Win.Ransomware.MegaLocker ransom note transfer over SMB (more info ...) | trojan-activity | URL | |||
| 50119 | FILE-OTHER Windows GDI font out-of-bounds read attempt (more info ...) | attempted-user | 2019-0758 | URL | ||
| 50120 | FILE-OTHER Windows GDI font out-of-bounds read attempt (more info ...) | attempted-user | 2019-0758 | URL | ||
| 50168 | SERVER-WEBAPP Atlassian Confluence Data Center and Server directory traversal attempt (more info ...) | web-application-attack | 2019-3398 | URL | ||
| 50169 | SERVER-WEBAPP Atlassian Confluence Data Center and Server directory traversal attempt (more info ...) | web-application-attack | 2019-3398 | URL | ||
| 50170 | SERVER-WEBAPP Atlassian Confluence Data Center and Server directory traversal attempt (more info ...) | web-application-attack | 2019-3398 | URL | ||
| 50176 | SERVER-OTHER Horos DICOM Medical Image Viewer stack overflow attempt (more info ...) | attempted-user | URL | |||
| 50198 | OS-WINDOWS Windows DACL privilege escalation attempt (more info ...) | attempted-user | 2019-1130 | URL | ||
| 50199 | OS-WINDOWS Windows DACL privilege escalation attempt (more info ...) | attempted-user | 2019-1130 | URL | ||
| 50202 | INDICATOR-COMPROMISE Peppa Pig botnet outbound scan attempt (more info ...) | misc-activity | URL | |||
| 50207 | OS-WINDOWS Windows Installer bypass privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 50208 | OS-WINDOWS Windows Installer bypass privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 50265 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0842 attack attempt (more info ...) | attempted-user | 2019-5058 | URL | ||
| 50266 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0842 attack attempt (more info ...) | attempted-user | 2019-5058 | URL | ||
| 50269 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0843 attack attempt (more info ...) | attempted-user | 2019-5060 | URL | ||
| 50270 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0843 attack attempt (more info ...) | attempted-user | 2019-5060 | URL | ||
| 50273 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0841 attack attempt (more info ...) | attempted-user | 2019-5057 | URL | ||
| 50274 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0841 attack attempt (more info ...) | attempted-user | 2019-5057 | URL | ||
| 50276 | MALWARE-BACKDOOR Win.Backdoor.Chopper webshell inbound request attempt (more info ...) | trojan-activity | URL | |||
| 50277 | MALWARE-BACKDOOR Win.Backdoor.Chopper webshell inbound request attempt (more info ...) | trojan-activity | URL | |||
| 50278 | MALWARE-BACKDOOR MultiOS.Backdoor.Agent webshell implant attempt (more info ...) | trojan-activity | URL | |||
| 50279 | MALWARE-OTHER Doc.Trojan.Xshell variant download attempt (more info ...) | trojan-activity | URL | |||
| 50280 | MALWARE-OTHER Doc.Trojan.Xshell variant download attempt (more info ...) | trojan-activity | URL | |||
| 50293 | BROWSER-WEBKIT Apple Webkit updateDescendantDependentFlags use-after-free attempt (more info ...) | attempted-user | 2018-4317 | URL | ||
| 50294 | BROWSER-WEBKIT Apple Webkit updateDescendantDependentFlags use-after-free attempt (more info ...) | attempted-user | 2018-4317 | URL | ||
| 50295 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0845 attack attempt (more info ...) | attempted-user | URL | |||
| 50296 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0845 attack attempt (more info ...) | attempted-user | URL | |||
| 50304 | SERVER-WEBAPP OpenDreamBox 2.0.0 Plugin WebAdmin command injection attempt (more info ...) | web-application-attack | 2017-14135 | URL | ||
| 50305 | SERVER-WEBAPP OpenDreamBox 2.0.0 Plugin WebAdmin command injection attempt (more info ...) | web-application-attack | 2017-14135 | |||
| 50307 | SERVER-WEBAPP OpenDreamBox 2.0.0 Plugin WebAdmin command injection attempt (more info ...) | web-application-attack | 2017-14135 | |||
| 50308 | SERVER-WEBAPP Dell KACE K1000 command injection attempt (more info ...) | web-application-attack | URL | |||
| 50309 | SERVER-WEBAPP Dell KACE K1000 command injection attempt (more info ...) | web-application-attack | URL | |||
| 50310 | SERVER-WEBAPP Dell KACE K1000 command injection attempt (more info ...) | web-application-attack | URL | |||
| 50311 | SERVER-WEBAPP Dell KACE K1000 command injection attempt (more info ...) | web-application-attack | URL | |||
| 50312 | SERVER-WEBAPP HooToo HT-TMO5 Travel router command injection attempt (more info ...) | web-application-attack | 2018-20841 | |||
| 50314 | SERVER-WEBAPP HooToo HT-TMO5 Travel router command injection attempt (more info ...) | web-application-attack | 2018-20841 | |||
| 50315 | SERVER-WEBAPP HooToo HT-TMO5 Travel router command injection attempt (more info ...) | web-application-attack | 2018-20841 | |||
| 50316 | SERVER-WEBAPP Asus DSL-N12E_C1 1.1.2.3_345 command injection attempt (more info ...) | web-application-attack | 2018-15887 | |||
| 50317 | SERVER-WEBAPP Asus DSL-N12E_C1 1.1.2.3_345 command injection attempt (more info ...) | web-application-attack | 2018-15887 | |||
| 50318 | SERVER-WEBAPP Asus DSL-N12E_C1 1.1.2.3_345 command injection attempt (more info ...) | web-application-attack | 2018-15887 | |||
| 50319 | SERVER-WEBAPP Asus DSL-N12E_C1 1.1.2.3_345 command injection attempt (more info ...) | web-application-attack | 2018-15887 | |||
| 50321 | SERVER-WEBAPP MiCasaVerde VeraLite remote code execution attempt (more info ...) | web-application-attack | 2016-6255 | URL | ||
| 50322 | SERVER-WEBAPP MiCasaVerde VeraLite remote code execution attempt (more info ...) | web-application-attack | 2013-4863 | URL | ||
| 50323 | SERVER-WEBAPP Crestron AM platform command injection attempt (more info ...) | web-application-attack | 2019-3929 | URL | ||
| 50324 | SERVER-WEBAPP Crestron AM platform command injection attempt (more info ...) | web-application-attack | 2019-3929 | URL | ||
| 50325 | SERVER-WEBAPP Crestron AM platform command injection attempt (more info ...) | web-application-attack | 2019-3929 | URL | ||
| 50326 | SERVER-WEBAPP Crestron AM platform command injection attempt (more info ...) | web-application-attack | 2019-3929 | URL | ||
| 50327 | SERVER-WEBAPP LG SuperSignEz CMS command injection attempt (more info ...) | web-application-attack | 2018-17173 | URL | ||
| 50328 | SERVER-WEBAPP LG SuperSignEz CMS command injection attempt (more info ...) | web-application-attack | 2018-17173 | URL | ||
| 50329 | SERVER-WEBAPP LG SuperSignEz CMS command injection attempt (more info ...) | web-application-attack | 2018-17173 | URL | ||
| 50330 | SERVER-WEBAPP LG SuperSignEz CMS command injection attempt (more info ...) | web-application-attack | 2018-17173 | URL | ||
| 50331 | SERVER-WEBAPP Asustor ADM command injection attempt (more info ...) | web-application-attack | 2018-11510 | URL | ||
| 50332 | SERVER-WEBAPP Asustor ADM command injection attempt (more info ...) | web-application-attack | 2018-11510 | URL | ||
| 50333 | SERVER-WEBAPP Asustor ADM command injection attempt (more info ...) | web-application-attack | 2018-11510 | URL | ||
| 50334 | SERVER-WEBAPP Asustor ADM command injection attempt (more info ...) | web-application-attack | 2018-11510 | URL | ||
| 50340 | SERVER-WEBAPP Schneider Electric U.Motion Builder command injection attempt (more info ...) | web-application-attack | 2018-7841 | URL | ||
| 50341 | SERVER-WEBAPP Schneider Electric U.Motion Builder command injection attempt (more info ...) | web-application-attack | 2018-7841 | URL | ||
| 50342 | SERVER-WEBAPP Schneider Electric U.Motion Builder command injection attempt (more info ...) | web-application-attack | 2018-7841 | URL | ||
| 50343 | SERVER-WEBAPP Schneider Electric U.Motion Builder command injection attempt (more info ...) | web-application-attack | 2018-7841 | URL | ||
| 50344 | SERVER-WEBAPP VMWare NSX SD-WAN Edge command injection attempt (more info ...) | web-application-attack | 2018-6961 | URL | ||
| 50345 | SERVER-WEBAPP VMWare NSX SD-WAN Edge command injection attempt (more info ...) | web-application-attack | 2018-6961 | URL | ||
| 50346 | SERVER-WEBAPP VMWare NSX SD-WAN Edge command injection attempt (more info ...) | web-application-attack | 2018-6961 | URL | ||
| 50347 | SERVER-WEBAPP VMWare NSX SD-WAN Edge command injection attempt (more info ...) | web-application-attack | 2018-6961 | URL | ||
| 50351 | MALWARE-OTHER Win.Trojan.Karkoff variant download attempt (more info ...) | attempted-user | URL | |||
| 50352 | MALWARE-OTHER Win.Trojan.Karkoff binary download attempt (more info ...) | attempted-user | URL | |||
| 50354 | MALWARE-OTHER Win.Trojan.Karkoff variant download attempt (more info ...) | attempted-user | URL | |||
| 50355 | MALWARE-OTHER Win.Trojan.Karkoff binary download attempt (more info ...) | attempted-user | URL | |||
| 50356 | SERVER-MAIL Exim remote command execution attempt (more info ...) | attempted-admin | 2019-10149 | URL | ||
| 50375 | OS-WINDOWS Windows kernel win32k driver elevation of privilege attempt (more info ...) | attempted-admin | 2019-1065 | URL | ||
| 50376 | OS-WINDOWS Windows kernel win32k driver elevation of privilege attempt (more info ...) | attempted-admin | 2019-1065 | URL | ||
| 50377 | MALWARE-OTHER Doc.Downloader.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 50378 | MALWARE-OTHER Win.Trojan.Sodinokibi variant download attempt (more info ...) | trojan-activity | URL | |||
| 50379 | MALWARE-OTHER Doc.Downloader.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 50390 | INDICATOR-COMPROMISE SMBRelay tool use attempt (more info ...) | trojan-activity | URL | |||
| 50391 | INDICATOR-COMPROMISE SMBRelay tool use attempt (more info ...) | trojan-activity | URL | |||
| 50392 | SERVER-WEBAPP Belkin Wemo UPnP command injection attempt (more info ...) | web-application-attack | 2019-12780 | URL | ||
| 50409 | MALWARE-TOOLS Win.Trojan.OilRig jason bruteforcing tool download attempt (more info ...) | trojan-activity | URL | |||
| 50410 | MALWARE-TOOLS Win.Trojan.OilRig jason bruteforcing tool download attempt (more info ...) | trojan-activity | URL | |||
| 50411 | OS-WINDOWS Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0984 | URL | ||
| 50412 | OS-WINDOWS Windows Common Log File System Driver privilege escalation attempt (more info ...) | attempted-admin | 2019-0984 | URL | ||
| 50428 | SERVER-WEBAPP Oracle WebLogic Server authenticated arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2019-2618 | URL | ||
| 50455 | SERVER-WEBAPP IBM WebSphere Application Server remote code execution attempt (more info ...) | attempted-user | 2019-4279 | URL | ||
| 50463 | INDICATOR-COMPROMISE Mimikatz use via SMB attempt (more info ...) | misc-attack | URL | |||
| 50464 | INDICATOR-COMPROMISE Responder poisoner NetServer enumeration attempt (more info ...) | misc-attack | URL | |||
| 50465 | INDICATOR-COMPROMISE Responder poisoner SMB negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 50466 | INDICATOR-COMPROMISE Responder poisoner SMB negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 50467 | INDICATOR-COMPROMISE Mimikatz use via SMB attempt (more info ...) | misc-attack | URL | |||
| 50468 | INDICATOR-COMPROMISE Responder poisoner SMB negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 50473 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2729 | URL | ||
| 50474 | SERVER-ORACLE Oracle WebLogic Server remote command execution attempt (more info ...) | attempted-user | 2019-2729 | URL | ||
| 50475 | MALWARE-BACKDOOR JSP Web shell access attempt (more info ...) | attempted-user | URL | |||
| 50476 | MALWARE-BACKDOOR JSP Web shell transfer attempt (more info ...) | attempted-user | URL | |||
| 50477 | MALWARE-BACKDOOR JSP Web shell transfer attempt (more info ...) | attempted-user | URL | |||
| 50478 | MALWARE-TOOLS Win.Trojan.CoinMiner dropper transfer attempt (more info ...) | trojan-activity | URL | |||
| 50479 | MALWARE-TOOLS Win.Trojan.CoinMiner dropper transfer attempt (more info ...) | trojan-activity | URL | |||
| 50490 | SERVER-WEBAPP TYPO3 PharStreamWrapper Package directory traversal attempt (more info ...) | web-application-attack | 2019-11831 | URL | ||
| 50491 | SERVER-WEBAPP TYPO3 PharStreamWrapper Package directory traversal attempt (more info ...) | web-application-attack | 2019-11831 | URL | ||
| 50495 | MALWARE-OTHER Win.Trojan.Waterbug variant malicious VBScript download attempt (more info ...) | trojan-activity | URL | |||
| 50496 | MALWARE-OTHER Win.Trojan.Waterbug variant malicious VBScript download attempt (more info ...) | trojan-activity | URL | |||
| 50502 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0848 attack attempt (more info ...) | attempted-dos | URL | |||
| 50503 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0848 attack attempt (more info ...) | attempted-dos | URL | |||
| 50504 | SERVER-WEBAPP Ruby on Rails Active Storage deserialization remote code execution attempt (more info ...) | attempted-user | 2019-5420 | URL | ||
| 50505 | MALWARE-TOOLS Malicious HTML application download attempt (more info ...) | trojan-activity | URL | |||
| 50506 | MALWARE-TOOLS Malicious HTML application download attempt (more info ...) | trojan-activity | URL | |||
| 50509 | EXPLOIT-KIT Spelevo Exploit Kit landing page detected (more info ...) | attempted-user | ||||
| 50511 | EXPLOIT-KIT Spelevo Exploit Kit browser exploit page detected (more info ...) | attempted-user | ||||
| 50517 | INDICATOR-COMPROMISE undocumented SMB dialect request attempt (more info ...) | misc-attack | URL | |||
| 50619 | OS-WINDOWS Executable DICOM 10 file download attempt (more info ...) | attempted-user | 2019-11687 | URL | ||
| 50620 | OS-WINDOWS Executable DICOM 10 file download attempt (more info ...) | attempted-user | 2019-11687 | URL | ||
| 50629 | MALWARE-OTHER Win.Trojan.Bemstour download attempt (more info ...) | attempted-admin | ||||
| 50630 | MALWARE-OTHER Win.Trojan.Bemstour download attempt (more info ...) | attempted-admin | ||||
| 50631 | MALWARE-OTHER Win.Trojan.Bemstour download attempt (more info ...) | attempted-admin | ||||
| 50632 | MALWARE-OTHER Win.Trojan.Bemstour download attempt (more info ...) | attempted-admin | ||||
| 50638 | SERVER-WEBAPP WIFICAM Wireless IP Camera command injection attempt (more info ...) | attempted-user | 2017-18377 | |||
| 50639 | SERVER-WEBAPP WIFICAM Wireless IP Camera command injection attempt (more info ...) | attempted-user | 2017-18377 | |||
| 50640 | SERVER-WEBAPP WIFICAM Wireless IP Camera command injection attempt (more info ...) | attempted-user | 2017-18377 | |||
| 50641 | SERVER-WEBAPP WIFICAM Wireless IP Camera command injection attempt (more info ...) | attempted-user | 2017-18377 | |||
| 50644 | MALWARE-OTHER Win.Ransomware.Ryuk variant download attempt (more info ...) | trojan-activity | ||||
| 50645 | MALWARE-OTHER Win.Ransomware.Ryuk variant download attempt (more info ...) | trojan-activity | ||||
| 50659 | POLICY-OTHER Oracle WebLogic Server blacklisted class use attempt (more info ...) | policy-violation | 2019-2729 | URL | ||
| 50660 | POLICY-OTHER Oracle WebLogic Server blacklisted class use attempt (more info ...) | policy-violation | 2019-2729 | URL | ||
| 50676 | OS-WINDOWS Windows Remote Desktop Protocol Client information disclosure attempt (more info ...) | attempted-user | 2019-1108 | URL | ||
| 50677 | OS-WINDOWS Windows Remote Desktop Protocol Client information disclosure attempt (more info ...) | attempted-user | 2019-1108 | URL | ||
| 50682 | OS-WINDOWS Windows kernel win32k driver elevation of privilege attempt (more info ...) | attempted-user | 2019-1073 | URL | ||
| 50683 | OS-WINDOWS Windows kernel win32k driver elevation of privilege attempt (more info ...) | attempted-admin | 2019-1073 | URL | ||
| 50712 | MALWARE-OTHER Win.Trojan.Trickbot sample download attempt (more info ...) | trojan-activity | URL | |||
| 50713 | MALWARE-OTHER Win.Trojan.Trickbot sample download attempt (more info ...) | trojan-activity | URL | |||
| 50730 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0856 attack attempt (more info ...) | attempted-user | 2019-5067 | URL | ||
| 50731 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0856 attack attempt (more info ...) | attempted-user | 2019-5067 | URL | ||
| 50738 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0855 attack attempt (more info ...) | attempted-user | 2019-5066 | URL | ||
| 50739 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0855 attack attempt (more info ...) | attempted-user | 2019-5066 | URL | ||
| 50746 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0859 attack attempt (more info ...) | web-application-attack | 2019-5070 | URL | ||
| 50755 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (more info ...) | web-application-attack | 2019-5069 | URL | ||
| 50756 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (more info ...) | web-application-attack | 2019-5069 | URL | ||
| 50757 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (more info ...) | web-application-attack | 2019-5069 | URL | ||
| 50758 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (more info ...) | web-application-attack | 2019-5069 | URL | ||
| 50759 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (more info ...) | web-application-attack | 2019-5069 | URL | ||
| 50760 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0858 attack attempt (more info ...) | web-application-attack | 2019-5069 | URL | ||
| 50773 | SERVER-WEBAPP Oracle-BI convert servlet XML external entity injection attempt (more info ...) | web-application-attack | 2019-2767 | |||
| 50774 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0852 attack attempt (more info ...) | attempted-user | 2019-5063 | URL | ||
| 50775 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0852 attack attempt (more info ...) | attempted-user | 2019-5063 | URL | ||
| 50776 | SERVER-WEBAPP Oracle Business Intelligence remote jsp file include attempt (more info ...) | web-application-attack | 2019-2771 | URL | ||
| 50782 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (more info ...) | web-application-attack | 2019-5072 | URL | ||
| 50783 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (more info ...) | web-application-attack | 2019-5072 | URL | ||
| 50784 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (more info ...) | web-application-attack | 2019-5072 | URL | ||
| 50785 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0861 attack attempt (more info ...) | web-application-attack | 2019-5072 | URL | ||
| 50786 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0872 attack attempt (more info ...) | attempted-dos | 2019-5080 | URL | ||
| 50787 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0869 attack attempt (more info ...) | attempted-dos | 2019-5077 | URL | ||
| 50788 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0862 attack attempt (more info ...) | attempted-admin | 2019-5075 | URL | ||
| 50789 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0862 attack attempt (more info ...) | attempted-admin | 2019-5075 | URL | ||
| 50790 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0863 attack attempt (more info ...) | attempted-admin | 2019-5074 | URL | ||
| 50791 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0873 attack attempt (more info ...) | attempted-admin | 2019-5081 | URL | ||
| 50792 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0874 attack attempt (more info ...) | attempted-admin | 2019-5082 | URL | ||
| 50793 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0871 attack attempt (more info ...) | attempted-admin | 2019-5079 | URL | ||
| 50795 | PUA-OTHER Win.Trojan.CoinMiner attempted download (more info ...) | trojan-activity | URL | |||
| 50796 | PUA-OTHER Win.Trojan.CoinMiner attempted download (more info ...) | trojan-activity | URL | |||
| 50797 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0870 attack attempt (more info ...) | attempted-dos | 2019-5078 | URL | ||
| 50801 | MALWARE-OTHER Win.Trojan.Ratsnif variant download attempt (more info ...) | trojan-activity | URL | |||
| 50802 | MALWARE-OTHER Win.Trojan.Ratsnif variant download attempt (more info ...) | trojan-activity | URL | |||
| 50803 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0866 attack attempt (more info ...) | attempted-dos | URL | |||
| 50806 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0875 attack attempt (more info ...) | attempted-user | 2019-5083 | URL | ||
| 50807 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0875 attack attempt (more info ...) | attempted-user | 2019-5083 | URL | ||
| 50824 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (more info ...) | attempted-user | 2019-5084 | URL | ||
| 50825 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (more info ...) | attempted-user | 2019-5084 | URL | ||
| 50826 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (more info ...) | attempted-user | 2019-5084 | URL | ||
| 50827 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0876 attack attempt (more info ...) | attempted-user | 2019-5084 | URL | ||
| 50842 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (more info ...) | attempted-user | 2019-5086 | URL | ||
| 50843 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (more info ...) | attempted-user | 2019-5086 | URL | ||
| 50844 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (more info ...) | attempted-user | 2019-5086 | URL | ||
| 50845 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0878 attack attempt (more info ...) | attempted-user | 2019-5086 | URL | ||
| 50857 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0877 attack attempt (more info ...) | attempted-user | 2019-5085 | URL | ||
| 50858 | SERVER-WEBAPP Siemens TIA Administrator authentication bypass attempt (more info ...) | trojan-activity | 2019-10915 | URL | ||
| 50860 | SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt (more info ...) | web-application-attack | 2019-1579 | URL | ||
| 50861 | SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN remote code execution attempt (more info ...) | web-application-attack | 2019-1579 | URL | ||
| 50864 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (more info ...) | attempted-user | 2019-5088 | URL | ||
| 50865 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (more info ...) | attempted-user | 2019-5088 | URL | ||
| 50866 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (more info ...) | attempted-user | 2019-5088 | URL | ||
| 50867 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0880 attack attempt (more info ...) | attempted-user | 2019-5088 | URL | ||
| 50868 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0881 attack attempt (more info ...) | attempted-user | 2019-5089 | URL | ||
| 50869 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0881 attack attempt (more info ...) | attempted-user | 2019-5089 | URL | ||
| 50897 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0884 attack attempt (more info ...) | attempted-user | 2019-5092 | URL | ||
| 50898 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0884 attack attempt (more info ...) | attempted-user | 2019-5092 | URL | ||
| 50899 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0882 attack attempt (more info ...) | attempted-user | 2019-5090 | URL | ||
| 50900 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-admin | 2017-5806 | |||
| 50908 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0885 attack attempt (more info ...) | attempted-user | 2019-5093 | URL | ||
| 50909 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0883 attack attempt (more info ...) | attempted-dos | 2019-5091 | URL | ||
| 50981 | SERVER-WEBAPP LCDS Laquis SCADA command injection attempt (more info ...) | web-application-attack | 2018-18992 | |||
| 50982 | SERVER-WEBAPP LCDS Laquis SCADA command injection attempt (more info ...) | web-application-attack | 2018-18992 | |||
| 50983 | SERVER-WEBAPP LCDS Laquis SCADA command injection attempt (more info ...) | web-application-attack | 2018-18992 | |||
| 50984 | SERVER-WEBAPP LCDS Laquis SCADA command injection attempt (more info ...) | web-application-attack | 2018-18992 | |||
| 51021 | SERVER-WEBAPP Advantech WebAccess directory traversal attempt (more info ...) | web-application-attack | 2018-7503 | URL | ||
| 51022 | SERVER-WEBAPP Advantech WebAccess directory traversal attempt (more info ...) | web-application-attack | 2018-7503 | URL | ||
| 51023 | SERVER-WEBAPP Advantech WebAccess directory traversal attempt (more info ...) | web-application-attack | 2018-7503 | URL | ||
| 51045 | SERVER-OTHER Netatalk attn_quantum authentication bypass attempt (more info ...) | attempted-user | 2018-1160 | URL | ||
| 51063 | SERVER-OTHER Memcached SASL auth opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8706 | URL | ||
| 51064 | SERVER-OTHER Memcached SASL auth opcode request heap buffer overflow attempt (more info ...) | attempted-admin | 2016-8706 | URL | ||
| 51118 | MALWARE-OTHER Download of malicious PowerShell script (more info ...) | trojan-activity | URL | |||
| 51120 | SERVER-WEBAPP GrandNode 4.4 path traversal attempt (more info ...) | web-application-attack | 2019-12276 | |||
| 51121 | SERVER-WEBAPP GrandNode 4.4 path traversal attempt (more info ...) | web-application-attack | 2019-12276 | |||
| 51122 | SERVER-WEBAPP GrandNode 4.4 path traversal attempt (more info ...) | web-application-attack | 2019-12276 | |||
| 51241 | SERVER-WEBAPP Pulse Secure VPN command injection attempt (more info ...) | web-application-attack | 2019-11539 | |||
| 51242 | SERVER-WEBAPP Pulse Secure VPN command injection attempt (more info ...) | web-application-attack | 2019-11539 | |||
| 51243 | SERVER-WEBAPP Pulse Secure VPN command injection attempt (more info ...) | web-application-attack | 2019-11539 | |||
| 51260 | SERVER-WEBAPP Ruby on Rails render file directory traversal attempt (more info ...) | web-application-attack | 2019-5418 | URL | ||
| 51261 | SERVER-WEBAPP Ruby on Rails render file directory traversal attempt (more info ...) | web-application-attack | 2019-5418 | URL | ||
| 51288 | SERVER-WEBAPP Pulse Secure SSL VPN arbitrary file read attempt (more info ...) | web-application-attack | 2019-11510 | URL | ||
| 51289 | SERVER-WEBAPP Pulse Secure SSL VPN directory traversal attempt (more info ...) | web-application-attack | 2019-11510 | URL | ||
| 51292 | SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt (more info ...) | web-application-attack | URL | |||
| 51315 | SERVER-WEBAPP Atlassian Jira ContactAdministrators and SendBulkMail template injection remote code execution attempt (more info ...) | attempted-user | 2019-11581 | |||
| 51316 | SERVER-WEBAPP Atlassian Jira ContactAdministrators and SendBulkMail template injection remote code execution attempt (more info ...) | attempted-user | 2019-11581 | |||
| 51317 | SERVER-WEBAPP Atlassian Jira ContactAdministrators and SendBulkMail template injection remote code execution attempt (more info ...) | attempted-user | 2019-11581 | |||
| 51318 | SERVER-WEBAPP Atlassian Jira ContactAdministrators and SendBulkMail template injection remote code execution attempt (more info ...) | attempted-user | 2019-11581 | |||
| 51361 | MALWARE-OTHER Win.Ransomware.LooCipher variant download attempt (more info ...) | trojan-activity | URL | |||
| 51362 | MALWARE-OTHER Win.Ransomware.LooCipher variant download attempt (more info ...) | trojan-activity | URL | |||
| 51368 | MALWARE-BACKDOOR Win.Backdoor.Agent webshell inbound request attempt (more info ...) | trojan-activity | 2019-0604 | URL | ||
| 51370 | SERVER-WEBAPP Fortinet FortiOS SSL VPN web portal directory traversal attempt (more info ...) | web-application-attack | 2018-13379 | |||
| 51371 | SERVER-WEBAPP Fortinet FortiOS SSL VPN web portal directory traversal attempt (more info ...) | web-application-attack | 2018-13379 | |||
| 51372 | SERVER-WEBAPP Fortinet FortiOS SSL VPN web portal directory traversal attempt (more info ...) | web-application-attack | 2018-13379 | |||
| 51373 | INDICATOR-COMPROMISE Python reverse shell execution attempt (more info ...) | attempted-user | ||||
| 51374 | INDICATOR-COMPROMISE Python reverse shell execution attempt (more info ...) | attempted-user | ||||
| 51378 | SERVER-WEBAPP Roundcube webmail cross-site-scripting attempt (more info ...) | attempted-user | 2018-19206 | |||
| 51381 | BROWSER-WEBKIT Apple WebKit JSArray component out-of-bounds access (more info ...) | attempted-user | 2019-8518 | URL | ||
| 51382 | BROWSER-WEBKIT Apple WebKit JSArray component out-of-bounds access (more info ...) | attempted-user | 2019-8518 | URL | ||
| 51387 | SERVER-WEBAPP Fortinet Fortigate SSL VPN improper authorization attempt (more info ...) | attempted-user | 2018-13382 | URL | ||
| 51418 | SERVER-WEBAPP Telerik UI cryptographic keys disclosure attempt (more info ...) | web-application-attack | 2017-9248 | URL | ||
| 51447 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0891 attack attempt (more info ...) | attempted-user | 2019-5099 | URL | ||
| 51448 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0891 attack attempt (more info ...) | attempted-user | 2019-5099 | URL | ||
| 51461 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0890 attack attempt (more info ...) | attempted-user | 2019-5098 | URL | ||
| 51462 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0890 attack attempt (more info ...) | attempted-user | 2019-5098 | URL | ||
| 51465 | SERVER-WEBAPP Fortigate SSL VPN cross site scripting attempt (more info ...) | attempted-user | 2018-13380 | URL | ||
| 51466 | SERVER-WEBAPP Fortigate SSL VPN cross site scripting attempt (more info ...) | attempted-user | 2018-13380 | URL | ||
| 51467 | SERVER-WEBAPP Fortigate SSL VPN cross site scripting attempt (more info ...) | attempted-user | 2018-13380 | URL | ||
| 51468 | SERVER-WEBAPP Fortigate SSL VPN cross site scripting attempt (more info ...) | attempted-user | 2018-13380 | URL | ||
| 51469 | SERVER-WEBAPP Fortigate SSL VPN cross site scripting attempt (more info ...) | attempted-user | 2018-13380 | URL | ||
| 51470 | SERVER-WEBAPP Fortigate SSL VPN cross site scripting attempt (more info ...) | attempted-user | 2018-13380 | URL | ||
| 51484 | MALWARE-OTHER ANDR.Trojan.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 51516 | MALWARE-OTHER Html.Downloader.Agent download attempt (more info ...) | attempted-user | URL | |||
| 51517 | MALWARE-OTHER Html.Downloader.Agent download attempt (more info ...) | attempted-user | URL | |||
| 51518 | MALWARE-OTHER Html.Downloader.Agent download attempt (more info ...) | attempted-user | URL | |||
| 51519 | MALWARE-OTHER Html.Downloader.Agent download attempt (more info ...) | attempted-user | URL | |||
| 51520 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51521 | MALWARE-OTHER Win.Exploit.Hacktool malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51522 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51523 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51525 | MALWARE-OTHER Win.Exploit.Hacktool malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51526 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51527 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51528 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51529 | MALWARE-OTHER Win.Trojan.Crysis malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51530 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0892 attack attempt (more info ...) | attempted-user | 2020-6065 | URL | ||
| 51531 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0892 attack attempt (more info ...) | attempted-user | 2020-6065 | URL | ||
| 51535 | MALWARE-BACKDOOR TLS certificate securing LocalXpose reverse proxy backdoor (more info ...) | trojan-activity | URL | |||
| 51569 | SERVER-WEBAPP HPE Network Automation PermissionFilter unauthenticated information disclosure attempt (more info ...) | attempted-recon | 2017-5812 | URL | ||
| 51575 | SERVER-WEBAPP HooToo HT-TMO6 Travel router heap buffer overflow attempt (more info ...) | web-application-attack | 2017-9025 | URL | ||
| 51581 | SERVER-WEBAPP D-Link DIR-823G routers HNAP1 command injection attempt (more info ...) | web-application-attack | 2019-7298 | |||
| 51587 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0911 attack attempt (more info ...) | web-application-attack | 2019-5123 | URL | ||
| 51588 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0911 attack attempt (more info ...) | web-application-attack | 2019-5123 | URL | ||
| 51589 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0911 attack attempt (more info ...) | web-application-attack | 2019-5123 | URL | ||
| 51590 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0910 attack attempt (more info ...) | web-application-attack | 2019-5120 | URL | ||
| 51591 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0910 attack attempt (more info ...) | web-application-attack | 2019-5120 | URL | ||
| 51592 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0910 attack attempt (more info ...) | web-application-attack | 2019-5120 | URL | ||
| 51597 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0908 attack attempt (more info ...) | web-application-attack | 2019-5119 | URL | ||
| 51598 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0908 attack attempt (more info ...) | web-application-attack | 2019-5119 | URL | ||
| 51599 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0908 attack attempt (more info ...) | web-application-attack | 2019-5119 | URL | ||
| 51600 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0907 attack attempt (more info ...) | web-application-attack | 2019-5116 | URL | ||
| 51601 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0907 attack attempt (more info ...) | web-application-attack | 2019-5116 | URL | ||
| 51602 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0907 attack attempt (more info ...) | web-application-attack | 2019-5116 | URL | ||
| 51605 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0906 attack attempt (more info ...) | web-application-attack | 2019-5114 | URL | ||
| 51606 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0906 attack attempt (more info ...) | web-application-attack | 2019-5114 | URL | ||
| 51607 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0906 attack attempt (more info ...) | web-application-attack | 2019-5114 | URL | ||
| 51608 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0905 attack attempt (more info ...) | web-application-attack | 2019-5113 | URL | ||
| 51609 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0905 attack attempt (more info ...) | web-application-attack | 2019-5113 | URL | ||
| 51610 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0905 attack attempt (more info ...) | web-application-attack | 2019-5113 | URL | ||
| 51611 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0904 attack attempt (more info ...) | web-application-attack | 2019-5112 | URL | ||
| 51612 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0904 attack attempt (more info ...) | web-application-attack | 2019-5112 | URL | ||
| 51613 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0904 attack attempt (more info ...) | web-application-attack | 2019-5112 | URL | ||
| 51614 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0903 attack attempt (more info ...) | web-application-attack | 2019-5110 | URL | ||
| 51615 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0903 attack attempt (more info ...) | web-application-attack | 2019-5110 | URL | ||
| 51616 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0903 attack attempt (more info ...) | web-application-attack | 2019-5110 | URL | ||
| 51617 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0902 attack attempt (more info ...) | web-application-attack | 2019-5109 | URL | ||
| 51618 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0902 attack attempt (more info ...) | web-application-attack | 2019-5109 | URL | ||
| 51619 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0902 attack attempt (more info ...) | web-application-attack | 2019-5109 | URL | ||
| 51620 | SERVER-WEBAPP vBulletin pre-authenticated command injection attempt (more info ...) | web-application-attack | 2020-17496 | URL | ||
| 51621 | SERVER-WEBAPP vBulletin pre-authenticated command injection attempt (more info ...) | web-application-attack | 2020-17496 | URL | ||
| 51637 | EXPLOIT-KIT Rig exploit kit executable download attempt (more info ...) | trojan-activity | URL | |||
| 51638 | EXPLOIT-KIT Rig exploit kit executable download attempt (more info ...) | trojan-activity | URL | |||
| 51639 | SERVER-OTHER AVEVA InduSoft Web Studio and InTouch Edge HMI buffer overflow attempt (more info ...) | attempted-admin | 2018-17916 | |||
| 51647 | SERVER-OTHER Indusoft Web Studio and Intouch Machine Edition stack buffer overflow attempt (more info ...) | attempted-user | 2018-10620 | |||
| 51652 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0894 attack attempt (more info ...) | attempted-dos | URL | |||
| 51665 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0913 attack attempt (more info ...) | attempted-dos | 2019-5124 | URL | ||
| 51666 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0913 attack attempt (more info ...) | attempted-dos | 2019-5124 | URL | ||
| 51673 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51674 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51675 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51676 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51677 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51678 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51679 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51680 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 51684 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0914 attack attempt (more info ...) | attempted-dos | URL | |||
| 51730 | SERVER-WEBAPP OpenEMR directory traversal attempt (more info ...) | web-application-attack | 2019-3967 | |||
| 51731 | SERVER-WEBAPP OpenEMR directory traversal attempt (more info ...) | web-application-attack | 2019-3967 | |||
| 51732 | SERVER-WEBAPP OpenEMR directory traversal attempt (more info ...) | web-application-attack | 2019-3967 | |||
| 51737 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0915 attack attempt (more info ...) | attempted-user | 2019-5126 | URL | ||
| 51738 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0915 attack attempt (more info ...) | attempted-user | 2019-5126 | URL | ||
| 51802 | SERVER-WEBAPP Dell EMC Data Protection Advisor XML external entity injection attempt (more info ...) | web-application-attack | 2018-11048 | URL | ||
| 51803 | SERVER-WEBAPP Dell EMC Data Protection Advisor XML external entity injection attempt (more info ...) | web-application-attack | 2018-11048 | URL | ||
| 51834 | SERVER-WEBAPP vBulletin pre-authenticated command injection attempt (more info ...) | web-application-attack | 2020-17496 | URL | ||
| 51835 | SERVER-WEBAPP vBulletin pre-authenticated command injection attempt (more info ...) | web-application-attack | 2020-17496 | URL | ||
| 51836 | SERVER-WEBAPP vBulletin pre-authenticated command injection attempt (more info ...) | web-application-attack | 2020-17496 | URL | ||
| 51837 | SERVER-WEBAPP vBulletin pre-authenticated command injection attempt (more info ...) | web-application-attack | 2020-17496 | URL | ||
| 51838 | SERVER-OTHER Redis server RESP arbitrary code execution attempt (more info ...) | attempted-user | ||||
| 51839 | SERVER-OTHER Redis server RESP arbitrary code execution attempt (more info ...) | attempted-user | ||||
| 51841 | SERVER-WEBAPP Tableau XML external entity injection attempt (more info ...) | web-application-attack | 2019-15637 | URL | ||
| 51842 | SERVER-WEBAPP Tableau XML external entity injection attempt (more info ...) | web-application-attack | 2019-15637 | URL | ||
| 51857 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51860 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51861 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51862 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51863 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51864 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51865 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51866 | OS-MOBILE Android Stagefright MP4 buffer overflow attempt (more info ...) | attempted-admin | 2015-1538 | |||
| 51929 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0919 attack attempt (more info ...) | web-application-attack | URL | |||
| 51931 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51932 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51933 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51934 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51935 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51936 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51937 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51938 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0916 attack attempt (more info ...) | attempted-user | 2019-5125 | URL | ||
| 51949 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (more info ...) | attempted-user | 2020-13570 | URL | ||
| 51950 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0935 attack attempt (more info ...) | attempted-user | 2020-13570 | URL | ||
| 51951 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0920 attack attempt (more info ...) | attempted-user | 2019-5131 | URL | ||
| 51952 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0920 attack attempt (more info ...) | attempted-user | 2019-5131 | URL | ||
| 51953 | OS-MOBILE Android WhatsApp malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2019-11932 | URL | ||
| 51954 | OS-MOBILE Android WhatsApp malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2019-11932 | URL | ||
| 51955 | OS-MOBILE Android WhatsApp malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2019-11932 | URL | ||
| 51956 | OS-MOBILE Android WhatsApp malformed GIF double-free remote code execution attempt (more info ...) | attempted-user | 2019-11932 | URL | ||
| 51967 | MALWARE-TOOLS Win.Trojan.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 51968 | MALWARE-TOOLS Win.Trojan.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 51972 | SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (more info ...) | web-application-attack | 2015-5371 | 75515 | ||
| 51973 | SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (more info ...) | web-application-attack | 2015-5371 | 75515 | ||
| 51974 | SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (more info ...) | web-application-attack | 2015-5371 | 75515 | ||
| 51975 | SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (more info ...) | web-application-attack | 2015-5371 | 75515 | ||
| 51976 | SERVER-WEBAPP SolarWinds Storage Manager directory traversal attempt (more info ...) | web-application-attack | 2015-5371 | 75515 | ||
| 51982 | SERVER-WEBAPP AlienVault USM and OSSIM FQDN command injection attempt (more info ...) | web-application-attack | URL | |||
| 51983 | SERVER-WEBAPP AlienVault USM and OSSIM FQDN command injection attempt (more info ...) | web-application-attack | URL | |||
| 51986 | FILE-OTHER Viber for Desktop URI handler remote code execution attempt (more info ...) | attempted-user | 2019-12569 | |||
| 51987 | FILE-OTHER Viber for Desktop URI handler remote code execution attempt (more info ...) | attempted-user | 2019-12569 | |||
| 51995 | SERVER-WEBAPP Advantech WebAccess SCADA 8.3.2 command injection attempt (more info ...) | web-application-attack | 2018-15707 | |||
| 51996 | SERVER-WEBAPP Advantech WebAccess SCADA 8.3.2 command injection attempt (more info ...) | web-application-attack | 2018-15707 | |||
| 51997 | SERVER-WEBAPP Advantech WebAccess SCADA 8.3.2 command injection attempt (more info ...) | web-application-attack | 2018-15707 | |||
| 51998 | SERVER-WEBAPP Advantech WebAccess SCADA 8.3.2 command injection attempt (more info ...) | web-application-attack | 2018-15707 | |||
| 52002 | BROWSER-WEBKIT WebKit WebCore handleMenuItemSelected use after free attempt (more info ...) | attempted-user | 2018-4312 | |||
| 52003 | BROWSER-WEBKIT WebKit WebCore handleMenuItemSelected use after free attempt (more info ...) | attempted-user | 2018-4312 | |||
| 52008 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0936 attack attempt (more info ...) | denial-of-service | 2019-5147 | URL | ||
| 52009 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0936 attack attempt (more info ...) | denial-of-service | 2019-5147 | URL | ||
| 52010 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0930 attack attempt (more info ...) | web-application-attack | 2019-5141 | URL | ||
| 52011 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0930 attack attempt (more info ...) | web-application-attack | 2019-5141 | URL | ||
| 52013 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0929 attack attempt (more info ...) | web-application-attack | 2019-5140 | URL | ||
| 52014 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0929 attack attempt (more info ...) | web-application-attack | 2019-5140 | URL | ||
| 52015 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (more info ...) | web-application-attack | 2019-5142 | URL | ||
| 52016 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (more info ...) | web-application-attack | 2019-5142 | URL | ||
| 52017 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (more info ...) | web-application-attack | 2019-5142 | URL | ||
| 52018 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0931 attack attempt (more info ...) | web-application-attack | 2019-5142 | URL | ||
| 52020 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0933 attack attempt (more info ...) | attempted-user | 2019-5144 | URL | ||
| 52021 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0933 attack attempt (more info ...) | attempted-user | 2019-5144 | URL | ||
| 52023 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0923 attack attempt (more info ...) | web-application-attack | 2019-5135 | URL | ||
| 52026 | MALWARE-OTHER Xml.Phishing.Evernote outbound connection (more info ...) | misc-activity | URL | |||
| 52027 | MALWARE-OTHER Xml.Phishing.Evernote outbound connection (more info ...) | misc-activity | URL | |||
| 52037 | SERVER-OTHER ZeroMQ libzmq stack-based buffer overflow attempt (more info ...) | attempted-user | 2019-13132 | 109284 | ||
| 52046 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0934 attack attempt (more info ...) | attempted-user | 2019-5145 | URL | ||
| 52047 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0934 attack attempt (more info ...) | attempted-user | 2019-5145 | URL | ||
| 52048 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0943 attack attempt (more info ...) | attempted-user | URL | |||
| 52049 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0943 attack attempt (more info ...) | attempted-user | URL | |||
| 52050 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0937 attack attempt (more info ...) | attempted-dos | 2019-5146 | URL | ||
| 52051 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0937 attack attempt (more info ...) | attempted-dos | 2019-5146 | URL | ||
| 52053 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0921 attack attempt (more info ...) | attempted-user | 2019-5132 | URL | ||
| 52054 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0921 attack attempt (more info ...) | attempted-user | 2019-5132 | URL | ||
| 52056 | FILE-IDENTIFY Portable Executable binary file magic detected (more info ...) | misc-activity | ||||
| 52057 | FILE-IDENTIFY Portable Executable binary file magic detected (more info ...) | misc-activity | ||||
| 52058 | FILE-EXECUTABLE Norton Antivirus ASPack heap corruption attempt (more info ...) | attempted-admin | 2016-2208 | URL | ||
| 52070 | MALWARE-OTHER known malicious browser profiler script download attempt (more info ...) | attempted-user | 2019-13720 | URL | ||
| 52071 | MALWARE-OTHER known malicious browser profiler script download attempt (more info ...) | attempted-user | 2019-13720 | URL | ||
| 52074 | SERVER-WEBAPP LibreNMS addhost command injection attempt (more info ...) | web-application-attack | 2018-20434 | URL | ||
| 52075 | SERVER-WEBAPP LibreNMS addhost command injection attempt (more info ...) | web-application-attack | 2018-20434 | URL | ||
| 52076 | SERVER-WEBAPP LibreNMS addhost command injection attempt (more info ...) | web-application-attack | 2018-20434 | URL | ||
| 52077 | SERVER-WEBAPP LibreNMS addhost command injection attempt (more info ...) | web-application-attack | 2018-20434 | URL | ||
| 52081 | INDICATOR-COMPROMISE Responder poisoner service negotiation attack attempt (more info ...) | misc-attack | URL | |||
| 52082 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0945 attack attempt (more info ...) | attempted-user | 2019-5154 | URL | ||
| 52083 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0945 attack attempt (more info ...) | attempted-user | 2019-5154 | URL | ||
| 52095 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0946 attack attempt (more info ...) | attempted-user | 2020-0738 | URL | ||
| 52096 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0946 attack attempt (more info ...) | attempted-user | 2020-0738 | URL | ||
| 52097 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0947 attack attempt (more info ...) | attempted-recon | URL | |||
| 52098 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0947 attack attempt (more info ...) | attempted-recon | URL | |||
| 52099 | SERVER-WEBAPP Jenkins SCM Git Client plugin command injection attempt (more info ...) | web-application-attack | 2019-10392 | URL | ||
| 52115 | INDICATOR-COMPROMISE Xml.Downloader.PowMet fileless malware variant download attempt (more info ...) | trojan-activity | URL | |||
| 52116 | INDICATOR-COMPROMISE Win.Downloader.PowMet powershell script download attempt (more info ...) | trojan-activity | URL | |||
| 52117 | INDICATOR-COMPROMISE Xml.Downloader.PowMet fileless malware variant download attempt (more info ...) | trojan-activity | URL | |||
| 52118 | INDICATOR-COMPROMISE Win.Downloader.PowMet powershell script download attempt (more info ...) | trojan-activity | URL | |||
| 52131 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0948 attack attempt (more info ...) | attempted-admin | 2019-5157 | URL | ||
| 52134 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52135 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52136 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52137 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52138 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52139 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52140 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52141 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52142 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52143 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52144 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52145 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52146 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52147 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52237 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0953 attack attempt (more info ...) | web-application-attack | 2019-5160 | URL | ||
| 52241 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0955 attack attempt (more info ...) | attempted-user | 2019-5162 | URL | ||
| 52246 | INDICATOR-COMPROMISE AgentTesla variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 52247 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0510 attack attempt (more info ...) | attempted-recon | 2017-14461 | URL | ||
| 52268 | SERVER-WEBAPP OpenMRS insecure object deserialization attempt (more info ...) | attempted-user | 2018-19276 | |||
| 52269 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0957 attack attempt (more info ...) | attempted-dos | URL | |||
| 52270 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0957 attack attempt (more info ...) | attempted-dos | URL | |||
| 52276 | SERVER-WEBAPP Shenzhen TVT Digital Technology API OS buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 52277 | SERVER-WEBAPP Shenzhen TVT Digital Technology API OS command injection attempt (more info ...) | attempted-admin | URL | |||
| 52290 | MALWARE-OTHER Win.Backdoor.Agent malicious DLL loader download attempt (more info ...) | trojan-activity | URL | |||
| 52323 | SERVER-OTHER ABB PGIM unauthenticated credential disclosure attempt (more info ...) | attempted-admin | URL | |||
| 52330 | MALWARE-OTHER Win.Dropper.Ramnit-7057830-0 download attempt (more info ...) | trojan-activity | URL | |||
| 52331 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0959 attack attempt (more info ...) | attempted-user | URL | |||
| 52332 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0959 attack attempt (more info ...) | attempted-user | URL | |||
| 52339 | MALWARE-OTHER Win.Dropper.Qakbot-7058183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 52340 | MALWARE-OTHER Win.Dropper.Qakbot-7058183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 52345 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0960 attack attempt (more info ...) | attempted-user | 2019-5165 | URL | ||
| 52346 | PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2019-0960 attack attempt (more info ...) | attempted-user | 2019-5165 | URL | ||
| 52360 | MALWARE-OTHER Win.Ransomware.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52361 | MALWARE-OTHER Win.Ransomware.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52362 | MALWARE-OTHER Win.Ransomware.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52363 | MALWARE-OTHER Win.Ransomware.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52364 | MALWARE-OTHER Win.Ransomware.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52365 | MALWARE-OTHER Win.Ransomware.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52367 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0964 attack attempt (more info ...) | attempted-user | 2019-5183 | URL | ||
| 52368 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0964 attack attempt (more info ...) | attempted-user | 2019-5183 | URL | ||
| 52373 | MALWARE-OTHER Winnti Group VMProtected launcher variant download attempt (more info ...) | trojan-activity | URL | |||
| 52374 | MALWARE-OTHER Winnti Group VMProtected launcher variant download attempt (more info ...) | trojan-activity | URL | |||
| 52375 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52376 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52377 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52378 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52379 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52380 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52381 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52382 | MALWARE-TOOLS Win.Downloader.Get2 download attempt (more info ...) | attempted-user | URL | |||
| 52404 | MALWARE-BACKDOOR Win.Backdoor.NanoCore potential scanning attempt (more info ...) | trojan-activity | ||||
| 52405 | MALWARE-TOOLS CKnife penetration testing tool attempt (more info ...) | trojan-activity | ||||
| 52406 | SERVER-WEBAPP Atlassian Jira makeRequest server side request forgery attempt (more info ...) | web-application-attack | 2019-8451 | URL | ||
| 52408 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0962 attack attempt (more info ...) | attempted-admin | 2019-5186 | URL | ||
| 52409 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0962 attack attempt (more info ...) | attempted-admin | 2019-5175 | URL | ||
| 52412 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0963 attack attempt (more info ...) | attempted-admin | 2019-5185 | URL | ||
| 52413 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0966 attack attempt (more info ...) | attempted-admin | 2019-5186 | URL | ||
| 52414 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0965 attack attempt (more info ...) | attempted-admin | 2019-5184 | URL | ||
| 52415 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0967 attack attempt (more info ...) | attempted-user | URL | |||
| 52416 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2019-0967 attack attempt (more info ...) | attempted-user | URL | |||
| 52427 | MALWARE-OTHER Win.Ransomware.DoppelPaymer variant download attempt (more info ...) | trojan-activity | URL | |||
| 52432 | OS-WINDOWS TRUFFLEHUNTER TALOS-2019-0970 attack attempt (more info ...) | attempted-admin | URL | |||
| 52433 | OS-WINDOWS TRUFFLEHUNTER TALOS-2019-0970 attack attempt (more info ...) | attempted-admin | URL | |||
| 52434 | MALWARE-OTHER Win.Trojan.WebShellAccessDB variant download attempt (more info ...) | trojan-activity | URL | |||
| 52435 | MALWARE-OTHER Win.Trojan.WebShellAccessDB variant download attempt (more info ...) | trojan-activity | URL | |||
| 52436 | MALWARE-OTHER Win.Trojan.Powerkatz variant download attempt (more info ...) | trojan-activity | URL | |||
| 52437 | MALWARE-OTHER Win.Trojan.Powerkatz variant download attempt (more info ...) | trojan-activity | URL | |||
| 52438 | MALWARE-OTHER Win.Trojan.PowershellAgent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52439 | MALWARE-OTHER Win.Trojan.PowershellAgent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52440 | MALWARE-OTHER Win.Trojan.LazyCat variant download attempt (more info ...) | trojan-activity | URL | |||
| 52441 | MALWARE-OTHER Win.Trojan.LazyCat variant download attempt (more info ...) | trojan-activity | URL | |||
| 52442 | MALWARE-OTHER Win.Trojan.Mimikatz variant download attempt (more info ...) | trojan-activity | URL | |||
| 52443 | MALWARE-OTHER Win.Trojan.Mimikatz variant download attempt (more info ...) | trojan-activity | URL | |||
| 52446 | MALWARE-OTHER Doc.Malware.Gamaredon variant second stage download detected (more info ...) | trojan-activity | URL | |||
| 52447 | MALWARE-OTHER Doc.Malware.Gamaredon variant third stage download detected (more info ...) | trojan-activity | URL | |||
| 52448 | MALWARE-OTHER Doc.Malware.Gamaredon variant third stage download detected (more info ...) | trojan-activity | URL | |||
| 52452 | MALWARE-OTHER Win.Ransomware.Zeppelin download attempt (more info ...) | trojan-activity | URL | |||
| 52453 | MALWARE-OTHER Win.Ransomware.Zeppelin download attempt (more info ...) | trojan-activity | URL | |||
| 52478 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 52480 | SERVER-WEBAPP LibreNMS addhost command injection attempt (more info ...) | web-application-attack | 2018-20434 | URL | ||
| 52490 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (more info ...) | attempted-user | 2019-5187 | URL | ||
| 52491 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (more info ...) | attempted-user | 2019-5187 | URL | ||
| 52492 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (more info ...) | attempted-user | 2019-5187 | URL | ||
| 52493 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0972 attack attempt (more info ...) | attempted-user | 2019-5187 | URL | ||
| 52495 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0971 attack attempt (more info ...) | attempted-dos | 2019-5183 | URL | ||
| 52496 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0971 attack attempt (more info ...) | attempted-dos | 2019-5183 | URL | ||
| 52505 | PROTOCOL-OTHER Aruba Mobility Controller PAPI memory corruption attempt (more info ...) | attempted-admin | 2018-7081 | URL | ||
| 52512 | SERVER-WEBAPP Citrix ADC and Gateway arbitrary code execution attempt (more info ...) | web-application-attack | 2019-19781 | URL | ||
| 52513 | SERVER-WEBAPP Citrix ADC and Gateway arbitrary code execution attempt (more info ...) | web-application-attack | 2019-19781 | URL | ||
| 52518 | MALWARE-TOOLS Win.Trojan.ReverseTcpPowershell download attempt (more info ...) | trojan-activity | URL | |||
| 52519 | MALWARE-TOOLS Win.Trojan.ReverseTcpPowershell download attempt (more info ...) | trojan-activity | URL | |||
| 52551 | SERVER-WEBAPP Technicolor TD5130v2 TD5336 routers command injection attempt (more info ...) | web-application-attack | 2019-18396 | |||
| 52552 | SERVER-WEBAPP Technicolor TD5130v2 TD5336 routers command injection attempt (more info ...) | web-application-attack | 2019-18396 | |||
| 52553 | SERVER-WEBAPP Technicolor TD5130v2 TD5336 routers command injection attempt (more info ...) | web-application-attack | 2019-18396 | |||
| 52570 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0973 attack attempt (more info ...) | attempted-user | 2019-5188 | URL | ||
| 52571 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0973 attack attempt (more info ...) | attempted-user | 2019-5188 | URL | ||
| 52572 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52573 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | ||||
| 52574 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52575 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52576 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52577 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | ||||
| 52578 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52579 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52580 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52581 | MALWARE-OTHER Win.Trojan.ZeroCleare variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 52584 | EXPLOIT-KIT BottleEK landing page detected (more info ...) | trojan-activity | URL | |||
| 52585 | EXPLOIT-KIT BottleEK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52587 | EXPLOIT-KIT BottleEK landing page detected (more info ...) | trojan-activity | URL | |||
| 52590 | SERVER-WEBAPP Enigma NMS command injection attempt (more info ...) | web-application-attack | 2019-16072 | |||
| 52591 | SERVER-WEBAPP Enigma NMS command injection attempt (more info ...) | web-application-attack | 2019-16072 | |||
| 52592 | SERVER-WEBAPP Enigma NMS command injection attempt (more info ...) | web-application-attack | 2019-16072 | |||
| 52603 | SERVER-WEBAPP Citrix ADC and Gateway arbitrary code execution attempt (more info ...) | web-application-attack | 2019-19781 | URL | ||
| 52615 | MALWARE-OTHER Win.Downloader.Whiteshadow variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 52616 | MALWARE-OTHER Win.Downloader.Whiteshadow variant second stage download detected (more info ...) | trojan-activity | URL | |||
| 52620 | SERVER-WEBAPP Citrix ADC and Gateway arbitrary code execution attempt (more info ...) | web-application-attack | 2019-19781 | URL | ||
| 52634 | INDICATOR-COMPROMISE Website defacement via HTTP PUT request attempt (more info ...) | misc-attack | ||||
| 52635 | INDICATOR-COMPROMISE Website defacement via HTTP PUT request attempt (more info ...) | misc-attack | ||||
| 52637 | SERVER-WEBAPP eMerge E3 Access Controller command injection attempt (more info ...) | web-application-attack | 2019-7256 | URL | ||
| 52638 | SERVER-WEBAPP eMerge E3 Access Controller command injection attempt (more info ...) | web-application-attack | 2019-7256 | URL | ||
| 52639 | SERVER-WEBAPP eMerge E3 Access Controller command injection attempt (more info ...) | web-application-attack | 2019-7256 | URL | ||
| 52640 | SERVER-WEBAPP eMerge E3 Access Controller command injection attempt (more info ...) | web-application-attack | 2019-7256 | URL | ||
| 52650 | MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 52651 | MALWARE-OTHER Win.Trojan.vxCrypter malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 52652 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52653 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52654 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52655 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52656 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52657 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 52660 | EXPLOIT-KIT Spelevo Exploit Kit landing page detected (more info ...) | attempted-user | URL | |||
| 52662 | MALWARE-OTHER Citrix ADC and Gateway backdoor upload attempt (more info ...) | web-application-attack | 2019-19781 | URL | ||
| 52666 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (more info ...) | attempted-user | URL | |||
| 52667 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0981 attack attempt (more info ...) | attempted-user | URL | |||
| 52668 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (more info ...) | attempted-user | URL | |||
| 52669 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0982 attack attempt (more info ...) | attempted-user | URL | |||
| 52818 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (more info ...) | attempted-user | URL | |||
| 52819 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0979 attack attempt (more info ...) | attempted-user | URL | |||
| 52827 | SERVER-WEBAPP Tomato router web interface bruteforce scan attempt (more info ...) | web-application-attack | ||||
| 52836 | PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0976 attack attempt (more info ...) | attempted-dos | 2020-6059 | URL | ||
| 52838 | PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (more info ...) | attempted-dos | 2020-6058 | URL | ||
| 52839 | PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (more info ...) | attempted-dos | 2020-6058 | URL | ||
| 52840 | PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (more info ...) | attempted-dos | 2020-6058 | URL | ||
| 52841 | PROTOCOL-SNMP TRUFFLEHUNTER TALOS-2020-0975 attack attempt (more info ...) | attempted-dos | 2020-6058 | URL | ||
| 52842 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (more info ...) | attempted-user | 2020-6101 | URL | ||
| 52843 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0978 attack attempt (more info ...) | attempted-user | 2020-6101 | URL | ||
| 52850 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (more info ...) | attempted-user | URL | |||
| 52851 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0980 attack attempt (more info ...) | attempted-user | URL | |||
| 53000 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0983 attack attempt (more info ...) | attempted-user | URL | |||
| 53001 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0983 attack attempt (more info ...) | attempted-user | URL | |||
| 53002 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0993 attack attempt (more info ...) | attempted-user | 2020-6069 | URL | ||
| 53003 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0993 attack attempt (more info ...) | attempted-user | 2020-6069 | URL | ||
| 53004 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0988 attack attempt (more info ...) | attempted-user | 2020-6070 | URL | ||
| 53005 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0988 attack attempt (more info ...) | attempted-user | 2020-6070 | URL | ||
| 53006 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0998 attack attempt (more info ...) | attempted-user | 2020-6075 | URL | ||
| 53007 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0998 attack attempt (more info ...) | attempted-user | 2020-6075 | URL | ||
| 53008 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0989 attack attempt (more info ...) | attempted-user | 2020-6065 | URL | ||
| 53009 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-0989 attack attempt (more info ...) | attempted-user | 2020-6065 | URL | ||
| 53011 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (more info ...) | attempted-user | 2020-6067 | URL | ||
| 53012 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (more info ...) | attempted-user | 2020-6067 | URL | ||
| 53013 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (more info ...) | attempted-user | 2020-6067 | URL | ||
| 53014 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0991 attack attempt (more info ...) | attempted-user | 2020-6067 | URL | ||
| 53018 | MALWARE-OTHER Win.Dropper.Fareitvb-7564626-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53019 | MALWARE-OTHER Win.Trojan.VBGeneric-7564976-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53020 | MALWARE-OTHER Win.Dropper.Ursu-7564978-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53022 | MALWARE-OTHER Win.Malware.Pakes-7564913-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53023 | MALWARE-OTHER Win.Ransomware.Ako variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53024 | MALWARE-OTHER Win.Ransomware.Ako variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53026 | MALWARE-OTHER Win.Dropper.NetWire-7565080-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53027 | MALWARE-OTHER Win.Dropper.NetWire-7565085-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53028 | MALWARE-OTHER Win.Dropper.NetWire-7565095-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53030 | MALWARE-OTHER Win.Dropper.NetWire-7565093-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53049 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1006 attack attempt (more info ...) | denial-of-service | 2020-6086 | URL | ||
| 53061 | OS-WINDOWS Windows kernel win32k driver elevation of privilege attempt (more info ...) | attempted-admin | 2020-0721 | URL | ||
| 53062 | OS-WINDOWS Windows kernel win32k driver elevation of privilege attempt (more info ...) | attempted-admin | 2020-0721 | URL | ||
| 53064 | SERVER-WEBAPP Jenkins Stapler web framework Accept-Language Header directory traversal attempt (more info ...) | web-application-attack | 2018-1999002 | URL | ||
| 53065 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1004 attack attempt (more info ...) | attempted-user | 2020-6082 | URL | ||
| 53066 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1004 attack attempt (more info ...) | attempted-user | 2020-6082 | URL | ||
| 53067 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0999 attack attempt (more info ...) | attempted-user | 2020-6076 | URL | ||
| 53068 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0999 attack attempt (more info ...) | attempted-user | 2020-6076 | URL | ||
| 53071 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-0996 attack attempt (more info ...) | attempted-user | 2020-6073 | URL | ||
| 53074 | SERVER-WEBAPP Axis Network Camera command injection attempt (more info ...) | web-application-attack | 2018-10660 | |||
| 53075 | SERVER-WEBAPP Axis Network Camera authorization bypass attempt (more info ...) | web-application-attack | 2018-10663 | |||
| 53077 | SERVER-WEBAPP Axis Network Camera command injection attempt (more info ...) | web-application-attack | 2018-10660 | |||
| 53078 | SERVER-WEBAPP Axis Network Camera command injection attempt (more info ...) | web-application-attack | 2018-10660 | |||
| 53090 | MALWARE-TOOLS Malicious HTML application download attempt (more info ...) | trojan-activity | 2017-11882 | URL | ||
| 53093 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1012 attack attempt (more info ...) | attempted-user | URL | |||
| 53094 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1012 attack attempt (more info ...) | attempted-user | URL | |||
| 53097 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1009 attack attempt (more info ...) | attempted-user | 2020-6089 | URL | ||
| 53098 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1009 attack attempt (more info ...) | attempted-user | 2020-6089 | URL | ||
| 53099 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1000 attack attempt (more info ...) | attempted-user | 2020-6077 | URL | ||
| 53105 | SERVER-ORACLE Oracle WebLogic unsafe deserialization remote code execution attempt (more info ...) | attempted-user | 2019-2890 | URL | ||
| 53106 | MALWARE-OTHER Win.Trojan.Snake malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53109 | SERVER-OTHER RabbitMQ X-Reason HTTP header denial-of-service attempt (more info ...) | denial-of-service | 2019-11287 | URL | ||
| 53114 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1013 attack attempt (more info ...) | attempted-user | 2020-6092 | URL | ||
| 53115 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1013 attack attempt (more info ...) | attempted-user | 2020-6092 | URL | ||
| 53125 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1005 attack attempt (more info ...) | attempted-dos | 2020-6083 | URL | ||
| 53126 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1008 attack attempt (more info ...) | attempted-dos | 2020-6088 | URL | ||
| 53127 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1007 attack attempt (more info ...) | attempted-dos | 2020-6086 | URL | ||
| 53128 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1007 attack attempt (more info ...) | attempted-dos | 2020-6087 | URL | ||
| 53129 | MALWARE-OTHER Doc.Dropper.Carrotbat variant download attempt (more info ...) | trojan-activity | ||||
| 53130 | MALWARE-OTHER Doc.Downloader.Carrotbat variant download attempt (more info ...) | trojan-activity | URL | |||
| 53133 | MALWARE-OTHER Doc.Downloader.Carrotbat variant download attempt (more info ...) | trojan-activity | URL | |||
| 53134 | MALWARE-OTHER Doc.Downloader.Carrotbat variant download attempt (more info ...) | trojan-activity | URL | |||
| 53135 | MALWARE-OTHER Doc.Dropper.Carrotbat variant download attempt (more info ...) | trojan-activity | ||||
| 53136 | MALWARE-OTHER Doc.Downloader.Carrotbat variant download attempt (more info ...) | trojan-activity | URL | |||
| 53137 | MALWARE-OTHER Doc.Downloader.Carrotbat variant download attempt (more info ...) | trojan-activity | URL | |||
| 53138 | MALWARE-OTHER Doc.Downloader.Carrotbat variant download attempt (more info ...) | trojan-activity | URL | |||
| 53156 | MALWARE-OTHER Doc.Dropper.CrimsonRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53157 | MALWARE-OTHER Doc.Dropper.CrimsonRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53158 | MALWARE-OTHER Win.Trojan.CrimsonRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53159 | MALWARE-OTHER Win.Trojan.ObliqueRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53160 | MALWARE-OTHER Win.Trojan.ObliqueRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53161 | MALWARE-OTHER Win.Trojan.ObliqueRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53162 | MALWARE-OTHER Win.Trojan.ObliqueRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53163 | MALWARE-OTHER Doc.Dropper.ObliqueRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53164 | MALWARE-OTHER Doc.Dropper.ObliqueRat download attempt (more info ...) | trojan-activity | URL | |||
| 53165 | MALWARE-OTHER Win.Trojan.CrimsonRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53166 | MALWARE-OTHER Win.Trojan.CrimsonRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53167 | MALWARE-OTHER Win.Trojan.CrimsonRAT download attempt (more info ...) | trojan-activity | URL | |||
| 53177 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53178 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53179 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53180 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53181 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53182 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53183 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53184 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53185 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53186 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53187 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53188 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53189 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53190 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53191 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53192 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53193 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53194 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53195 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53196 | MALWARE-OTHER Doc.Trojan.Valyria variant download attempt (more info ...) | trojan-activity | URL | |||
| 53197 | MALWARE-OTHER Win.Keylogger.WindowsKeylogger variant download attempt (more info ...) | trojan-activity | URL | |||
| 53198 | MALWARE-OTHER Win.Keylogger.WindowsKeylogger variant download attempt (more info ...) | trojan-activity | URL | |||
| 53207 | MALWARE-OTHER Win.Trojan.AZORult malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53208 | MALWARE-OTHER Win.Trojan.AZORult malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53213 | PROTOCOL-OTHER MQTT Connect control packet detected (more info ...) | misc-activity | URL | |||
| 53214 | PROTOCOL-OTHER Cesanta Mongoose MQTT integer overflow attempt (more info ...) | attempted-dos | 2019-19307 | URL | ||
| 53215 | MALWARE-OTHER Win.Dropper.Bifrost-7594702-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53216 | MALWARE-OTHER Win.Dropper.Bifrost-7594703-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53217 | MALWARE-OTHER Win.Dropper.Bifrost-7594755-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53218 | MALWARE-OTHER Win.Dropper.Bifrost-7594716-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53219 | MALWARE-OTHER Win.Trojan.Fakevimes-7594788-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53220 | MALWARE-OTHER Win.Trojan.Darkkomet-7594783-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53221 | MALWARE-OTHER Win.Trojan.Aepwbrt-7594784-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53222 | MALWARE-OTHER Win.Trojan.Fakevimes-7594778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53223 | MALWARE-OTHER Win.Dropper.Upatre-7594799-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53224 | MALWARE-OTHER Win.Trojan.Fakevimes-7594780-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53245 | SERVER-WEBAPP OpenEMR command injection attempt (more info ...) | web-application-attack | 2019-3968 | URL | ||
| 53247 | SERVER-WEBAPP OpenEMR command injection attempt (more info ...) | web-application-attack | 2019-3968 | URL | ||
| 53248 | SERVER-WEBAPP OpenEMR command injection attempt (more info ...) | web-application-attack | 2019-3968 | URL | ||
| 53252 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (more info ...) | attempted-user | 2020-6094 | URL | ||
| 53253 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (more info ...) | attempted-user | 2020-6094 | URL | ||
| 53254 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (more info ...) | attempted-user | 2020-6094 | URL | ||
| 53255 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1017 attack attempt (more info ...) | attempted-user | 2020-6094 | URL | ||
| 53257 | OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1016 attack attempt (more info ...) | attempted-recon | URL | |||
| 53258 | OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1016 attack attempt (more info ...) | attempted-recon | URL | |||
| 53274 | MALWARE-OTHER Win.Dropper.NetWire-7597092-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53276 | MALWARE-OTHER Win.Dropper.NetWire-7597059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53278 | MALWARE-OTHER Win.Dropper.NetWire-7597060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53280 | MALWARE-OTHER Win.Dropper.NetWire-7597094-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53281 | MALWARE-OTHER Win.Dropper.NetWire-7597061-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53283 | MALWARE-OTHER Win.Trojan.Xtrat-7597808-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53284 | MALWARE-OTHER Win.Dropper.Vebzenpak-7597842-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53285 | MALWARE-OTHER Win.Dropper.NetWire-7597077-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53286 | MALWARE-OTHER Win.Dropper.NetWire-7597078-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53288 | MALWARE-OTHER Win.Dropper.NetWire-7597079-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53289 | MALWARE-OTHER Win.Dropper.NetWire-7597111-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53290 | MALWARE-OTHER Win.Trojan.Generic-7597876-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53291 | MALWARE-OTHER Win.Dropper.NetWire-7597112-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53292 | MALWARE-OTHER Win.Packed.Generic-7596389-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53293 | MALWARE-OTHER Win.Dropper.NetWire-7597080-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53294 | MALWARE-OTHER Win.Packed.Generic-7596390-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53296 | MALWARE-OTHER Win.Dropper.NetWire-7597081-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53298 | MALWARE-OTHER Win.Packed.Filerepmalware-7596392-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53299 | MALWARE-OTHER Win.Dropper.NetWire-7597114-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53300 | MALWARE-OTHER Win.Dropper.NetWire-7597049-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53302 | MALWARE-OTHER Win.Dropper.NetWire-7597115-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53303 | MALWARE-OTHER Win.Dropper.NetWire-7597083-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53304 | MALWARE-OTHER Win.Trojan.Generic-7596394-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53305 | MALWARE-OTHER Win.Dropper.NetWire-7597050-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53306 | MALWARE-OTHER Win.Dropper.NetWire-7597084-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53307 | MALWARE-OTHER Win.Dropper.NetWire-7597116-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53308 | MALWARE-OTHER Win.Dropper.NetWire-7597051-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53311 | MALWARE-OTHER Win.Dropper.NetWire-7597117-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53312 | MALWARE-OTHER Win.Dropper.NetWire-7597052-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53315 | MALWARE-OTHER Win.Dropper.NetWire-7597118-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53316 | MALWARE-OTHER Win.Dropper.NetWire-7597053-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53318 | MALWARE-OTHER Win.Dropper.NetWire-7597086-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53319 | MALWARE-OTHER Win.Dropper.NetWire-7597087-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53321 | MALWARE-OTHER Win.Dropper.NetWire-7597120-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53323 | MALWARE-OTHER Win.Dropper.NetWire-7597055-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53326 | MALWARE-OTHER Win.Dropper.NetWire-7597056-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53328 | MALWARE-OTHER Win.Dropper.NetWire-7597090-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53329 | MALWARE-OTHER Win.Dropper.NetWire-7597057-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53330 | MALWARE-OTHER Win.Trojan.Jaik-7597790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53332 | MALWARE-OTHER Win.Ransomware.Ryuk variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53333 | MALWARE-OTHER Win.Ransomware.Ryuk variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53334 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53335 | MALWARE-OTHER Win.Ransomware.Ryuk variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53336 | MALWARE-OTHER Win.Ransomware.Ryuk variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53337 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53344 | OS-MOBILE Android Binder use after free exploit attempt (more info ...) | attempted-admin | 2019-2215 | |||
| 53345 | OS-MOBILE Android Binder use after free exploit attempt (more info ...) | attempted-admin | 2019-2215 | |||
| 53356 | MALWARE-TOOLS Win.Worm.Emotet WiFi Spreader variant download attempt (more info ...) | trojan-activity | URL | |||
| 53357 | MALWARE-TOOLS Win.Worm.Emotet WiFi Spreader variant download attempt (more info ...) | trojan-activity | URL | |||
| 53358 | MALWARE-TOOLS Win.Worm.Emotet WiFi Spreader variant download attempt (more info ...) | trojan-activity | URL | |||
| 53359 | MALWARE-TOOLS Win.Worm.Emotet WiFi Spreader variant download attempt (more info ...) | trojan-activity | URL | |||
| 53361 | MALWARE-OTHER Win.Dropper.Kuluoz-7599049-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53364 | MALWARE-OTHER Pdf.Downloader.Mozart malicious PDF download attempt (more info ...) | trojan-activity | URL | |||
| 53365 | MALWARE-OTHER Js.Dropper.Mozart payload download attempt (more info ...) | trojan-activity | URL | |||
| 53366 | MALWARE-OTHER Pdf.Downloader.Mozart malicious PDF download attempt (more info ...) | trojan-activity | URL | |||
| 53376 | SERVER-OTHER Exim unauthenticated remote code execution attempt (more info ...) | attempted-user | 2019-15846 | URL | ||
| 53377 | SERVER-OTHER Exim unauthenticated remote code execution attempt (more info ...) | attempted-user | 2019-15846 | URL | ||
| 53378 | SERVER-OTHER Exim unauthenticated remote code execution attempt (more info ...) | attempted-user | 2019-15846 | URL | ||
| 53394 | MALWARE-TOOLS Rat.Trojan.Generic variant download attempt (more info ...) | trojan-activity | URL | |||
| 53395 | MALWARE-TOOLS Rat.Trojan.Generic variant download attempt (more info ...) | trojan-activity | URL | |||
| 53396 | MALWARE-TOOLS Win.Trojan.Generic variant download attempt (more info ...) | trojan-activity | URL | |||
| 53398 | MALWARE-TOOLS Win.Malware.Generic variant download attempt (more info ...) | trojan-activity | URL | |||
| 53418 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1018 attack attempt (more info ...) | attempted-dos | 2020-6095 | URL | ||
| 53430 | SERVER-WEBAPP rConfig authenticated remote code execution attempt (more info ...) | web-application-attack | 2019-19509 | URL | ||
| 53433 | SERVER-WEBAPP Zoho ManageEngine Desktop Central directory traversal attempt (more info ...) | web-application-attack | 2020-10189 | |||
| 53434 | SERVER-WEBAPP Zoho ManageEngine Desktop Central directory traversal attempt (more info ...) | web-application-attack | 2020-10189 | |||
| 53435 | SERVER-WEBAPP Zoho ManageEngine Desktop Central directory traversal attempt (more info ...) | web-application-attack | 2020-10189 | |||
| 53436 | OS-WINDOWS Windows RDP Gateway Server denial of service attempt (more info ...) | attempted-dos | 2020-0609 | URL | ||
| 53449 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53450 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53451 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53452 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53453 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53454 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53455 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53456 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53457 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53458 | SERVER-OTHER Oracle WebLogic Server IIOP remote code execution attempt (more info ...) | attempted-user | 2020-2551 | |||
| 53485 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1028 attack attempt (more info ...) | attempted-user | 2020-9607 | URL | ||
| 53486 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1028 attack attempt (more info ...) | attempted-user | 2020-9607 | URL | ||
| 53507 | SERVER-WEBAPP Zyxel NAS devices command injection attempt (more info ...) | web-application-attack | 2020-9054 | URL | ||
| 53508 | SERVER-WEBAPP Zyxel NAS devices command injection attempt (more info ...) | web-application-attack | 2020-9054 | URL | ||
| 53509 | SERVER-WEBAPP Zyxel NAS devices command injection attempt (more info ...) | web-application-attack | 2020-9054 | URL | ||
| 53510 | SERVER-WEBAPP Zyxel NAS devices command injection attempt (more info ...) | web-application-attack | 2020-9054 | URL | ||
| 53511 | MALWARE-OTHER Win.Trojan.Sodinokibi-7641431-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53512 | MALWARE-OTHER Win.Trojan.Sodinokibi-7641431-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53525 | MALWARE-OTHER Win.Dropper.Tdss-7643790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53526 | MALWARE-OTHER Win.Dropper.Tdss-7643790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53531 | OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1033 attack attempt (more info ...) | attempted-admin | URL | |||
| 53532 | OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1033 attack attempt (more info ...) | attempted-admin | URL | |||
| 53547 | SERVER-WEBAPP TP LINK TL-WR849N Access Point command injection attempt (more info ...) | web-application-attack | 2020-9374 | URL | ||
| 53548 | SERVER-WEBAPP TP LINK TL-WR849N Access Point command injection attempt (more info ...) | web-application-attack | 2020-9374 | URL | ||
| 53558 | SERVER-WEBAPP Codesys V3 WebVisu remote heap overflow attempt (more info ...) | attempted-dos | 2020-10245 | |||
| 53562 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1030 attack attempt (more info ...) | attempted-dos | 2020-6098 | URL | ||
| 53563 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1031 attack attempt (more info ...) | attempted-user | 2020-9609 | URL | ||
| 53564 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1031 attack attempt (more info ...) | attempted-user | 2020-9609 | URL | ||
| 53569 | FILE-IDENTIFY BIMx file magic detected (more info ...) | misc-activity | ||||
| 53570 | FILE-IDENTIFY BIMx file magic detected (more info ...) | misc-activity | ||||
| 53571 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53572 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53573 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53574 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53575 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53576 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53577 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53578 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2020-1032 attack attempt (more info ...) | attempted-user | 2020-6099 | URL | ||
| 53585 | MALWARE-OTHER Win.Packed.njRAT-7646465-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53586 | MALWARE-OTHER Win.Packed.njRAT-7646465-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53589 | SERVER-WEBAPP DrayTek multiple products command injection attempt (more info ...) | web-application-attack | 2020-8515 | URL | ||
| 53590 | SERVER-WEBAPP DrayTek multiple products command injection attempt (more info ...) | web-application-attack | 2020-8515 | URL | ||
| 53591 | SERVER-WEBAPP DrayTek multiple products command injection attempt (more info ...) | web-application-attack | 2020-8515 | URL | ||
| 53592 | SERVER-WEBAPP DrayTek multiple products command injection attempt (more info ...) | web-application-attack | 2020-8515 | URL | ||
| 53599 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1044 attack attempt (more info ...) | attempted-user | URL | |||
| 53600 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1044 attack attempt (more info ...) | attempted-user | URL | |||
| 53601 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7647657-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53602 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7647657-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53632 | MALWARE-OTHER Win.Trojan.Panda malicious DLL loader attempt (more info ...) | trojan-activity | URL | |||
| 53633 | MALWARE-OTHER Win.Trojan.Panda malicious loader and decryptor attempt (more info ...) | trojan-activity | URL | |||
| 53634 | MALWARE-OTHER Win.Trojan.Panda malicious DLL loader attempt (more info ...) | trojan-activity | URL | |||
| 53635 | MALWARE-OTHER Win.Trojan.Panda malicious loader and decryptor attempt (more info ...) | trojan-activity | URL | |||
| 53636 | MALWARE-OTHER Win.Trojan.Panda malicious DLL loader attempt (more info ...) | trojan-activity | URL | |||
| 53637 | MALWARE-OTHER Win.Trojan.Panda file download attempt (more info ...) | trojan-activity | URL | |||
| 53638 | MALWARE-OTHER Win.Trojan.Panda file download attempt (more info ...) | trojan-activity | URL | |||
| 53639 | MALWARE-OTHER Win.Trojan.Panda file download attempt (more info ...) | trojan-activity | URL | |||
| 53640 | MALWARE-OTHER Win.Trojan.Panda file download attempt (more info ...) | trojan-activity | URL | |||
| 53641 | MALWARE-TOOLS Win.Trojan.Panda file loader and decryptor attempt (more info ...) | trojan-activity | URL | |||
| 53642 | MALWARE-TOOLS Win.Trojan.Panda malicious DLL loader attempt (more info ...) | trojan-activity | URL | |||
| 53643 | MALWARE-TOOLS Win.Trojan.Panda file loader and decryptor attempt (more info ...) | trojan-activity | URL | |||
| 53644 | MALWARE-TOOLS Win.Trojan.Panda file loader and decryptor attempt (more info ...) | trojan-activity | URL | |||
| 53645 | MALWARE-TOOLS Win.Trojan.Panda file loader and decryptor attempt (more info ...) | trojan-activity | URL | |||
| 53646 | MALWARE-OTHER Win.Trojan.WildPressure malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53647 | MALWARE-OTHER Win.Trojan.WildPressure malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53656 | MALWARE-OTHER Cobalt Strike x86 executable download attempt (more info ...) | trojan-activity | URL | |||
| 53657 | MALWARE-OTHER Cobalt Strike x86 executable download attempt (more info ...) | trojan-activity | URL | |||
| 53658 | MALWARE-OTHER Cobalt Strike x64 executable download attempt (more info ...) | trojan-activity | URL | |||
| 53659 | MALWARE-OTHER Cobalt Strike x64 executable download attempt (more info ...) | trojan-activity | URL | |||
| 53663 | MALWARE-OTHER Win.Trojan.MedusaLocker malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53664 | MALWARE-OTHER Win.Trojan.MedusaLocker malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53665 | MALWARE-OTHER Win.Trojan.MedusaLocker malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53684 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1047 attack attempt (more info ...) | attempted-user | 2020-6107 | URL | ||
| 53685 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1047 attack attempt (more info ...) | attempted-user | 2020-6107 | URL | ||
| 53686 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1055 attack attempt (more info ...) | attempted-user | 2020-6109 | URL | ||
| 53690 | MALWARE-OTHER Win.Trojan.PoetRAT malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 53713 | MALWARE-OTHER Win.Dropper.Kuluoz-7671761-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53714 | MALWARE-OTHER Win.Dropper.Kuluoz-7671761-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53729 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1050 attack attempt (more info ...) | attempted-admin | 2020-6108 | URL | ||
| 53730 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1050 attack attempt (more info ...) | attempted-admin | 2020-6108 | URL | ||
| 53731 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1046 attack attempt (more info ...) | attempted-recon | 2020-6104 | URL | ||
| 53732 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1046 attack attempt (more info ...) | attempted-recon | 2020-6104 | URL | ||
| 53733 | SERVER-WEBAPP IBM Data Risk Manager directory traversal attempt (more info ...) | web-application-attack | 2020-4430 | |||
| 53734 | SERVER-WEBAPP IBM Data Risk Manager nmap scan command execution attempt (more info ...) | web-application-attack | ||||
| 53738 | MALWARE-OTHER Win.Trojan.Kwampirs malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53739 | MALWARE-OTHER Win.Trojan.Kwampirs malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53740 | MALWARE-OTHER Win.Trojan.Kwampirs malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53741 | MALWARE-OTHER Win.Trojan.Kwampirs malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53742 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1048 attack attempt (more info ...) | attempted-recon | 2020-6106 | URL | ||
| 53743 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1048 attack attempt (more info ...) | attempted-recon | 2020-6106 | URL | ||
| 53744 | SERVER-ORACLE Oracle WebLogic Coherence library remote code execution attempt (more info ...) | attempted-user | 2020-2883 | |||
| 53745 | MALWARE-OTHER Doc.Downloader.Aggah payload download attempt (more info ...) | trojan-activity | URL | |||
| 53746 | MALWARE-OTHER Doc.Downloader.Aggah payload download attempt (more info ...) | trojan-activity | URL | |||
| 53747 | MALWARE-OTHER Doc.Downloader.Aggah payload download attempt (more info ...) | trojan-activity | URL | |||
| 53748 | MALWARE-OTHER Doc.Downloader.Aggah payload download attempt (more info ...) | trojan-activity | URL | |||
| 53757 | MALWARE-OTHER CobaltStrike beacon.dll download attempt (more info ...) | trojan-activity | URL | |||
| 53758 | MALWARE-OTHER CobaltStrike beacon.dll download attempt (more info ...) | trojan-activity | URL | |||
| 53759 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1053 attack attempt (more info ...) | attempted-user | URL | |||
| 53760 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1053 attack attempt (more info ...) | attempted-user | URL | |||
| 53761 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1054 attack attempt (more info ...) | attempted-user | URL | |||
| 53762 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1054 attack attempt (more info ...) | attempted-user | URL | |||
| 53769 | SERVER-MAIL iOS MobileMail Maild heap overflow attempt (more info ...) | attempted-user | 2020-9819 | URL | ||
| 53778 | MALWARE-OTHER Win.Dropper.Kuluoz-7696398-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53779 | MALWARE-OTHER Win.Dropper.Kuluoz-7696398-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53782 | MALWARE-OTHER Win.Dropper.DarkKomet-7685261-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53783 | MALWARE-OTHER Win.Dropper.DarkKomet-7685261-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53784 | MALWARE-OTHER Win.Worm.Kuluoz-7700057-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53785 | MALWARE-OTHER Win.Worm.Kuluoz-7700057-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53786 | MALWARE-OTHER Win.Worm.Kuluoz-7700058-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53787 | MALWARE-OTHER Win.Worm.Kuluoz-7700058-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53788 | MALWARE-OTHER Win.Dropper.DarkKomet-7685740-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53789 | MALWARE-OTHER Win.Dropper.DarkKomet-7685740-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53790 | MALWARE-OTHER PUA.Win.File.Multiplug-7693689-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53791 | MALWARE-OTHER PUA.Win.File.Multiplug-7693689-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53793 | MALWARE-OTHER Win.Dropper.Remcos payload download attempt (more info ...) | trojan-activity | URL | |||
| 53794 | MALWARE-OTHER Win.Dropper.Remcos payload download attempt (more info ...) | trojan-activity | URL | |||
| 53795 | MALWARE-OTHER Win.Dropper.Remcos payload download attempt (more info ...) | trojan-activity | URL | |||
| 53796 | MALWARE-OTHER Win.Dropper.Remcos payload download attempt (more info ...) | trojan-activity | URL | |||
| 53797 | MALWARE-OTHER Win.Dropper.XtremeRAT-7708589-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53798 | MALWARE-OTHER Win.Dropper.XtremeRAT-7708589-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53799 | MALWARE-OTHER Win.Dropper.XtremeRAT-7709124-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53800 | MALWARE-OTHER Win.Dropper.XtremeRAT-7709124-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53825 | MALWARE-OTHER Win.Malware.Zbot-7727211-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53826 | MALWARE-OTHER Win.Malware.Zbot-7727211-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53831 | MALWARE-OTHER Win.Downloader.Kuluoz-7752297-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53832 | MALWARE-OTHER Win.Downloader.Kuluoz-7752297-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53837 | MALWARE-OTHER Win.Trojan.Maze variant download attempt (more info ...) | trojan-activity | URL | |||
| 53846 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 53854 | MALWARE-OTHER Win.Packed.Zusy-7759444-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53855 | MALWARE-OTHER Win.Packed.Zusy-7759444-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53860 | SERVER-WEBAPP Centurylink router unauthenticated administrator account disable attempt (more info ...) | web-application-attack | 2019-19639 | |||
| 53862 | SERVER-WEBAPP D-Link DIR-859 UPnP subscribe command injection attempt (more info ...) | web-application-attack | 2019-17621 | |||
| 53863 | SERVER-WEBAPP D-Link DIR-859 UPnP subscribe command injection attempt (more info ...) | web-application-attack | 2019-17621 | |||
| 53876 | MALWARE-TOOLS Win.Trojan.EnigmaSpark download attempt (more info ...) | trojan-activity | URL | |||
| 53877 | MALWARE-TOOLS Win.Trojan.EnigmaSpark download attempt (more info ...) | trojan-activity | URL | |||
| 53888 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7779557-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53889 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7779557-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53890 | MALWARE-OTHER Win.Packed.Zeroaccess-7779678-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53891 | MALWARE-OTHER Win.Packed.Zeroaccess-7779678-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53910 | MALWARE-OTHER Win.Dropper.Ursnif-7781451-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53911 | MALWARE-OTHER Win.Dropper.Ursnif-7781451-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53920 | MALWARE-OTHER Win.Malware.Genpack-7782249-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53921 | MALWARE-OTHER Win.Malware.Genpack-7782249-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53922 | MALWARE-OTHER Win.Trojan.Zusy-7779081-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53923 | MALWARE-OTHER Win.Trojan.Zusy-7779081-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53938 | MALWARE-OTHER Win.Dropper.Dorkbot-7781513-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53939 | MALWARE-OTHER Win.Dropper.Dorkbot-7781513-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53944 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1067 attack attempt (more info ...) | web-application-attack | 2020-6114 | URL | ||
| 53945 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1067 attack attempt (more info ...) | web-application-attack | 2020-6114 | URL | ||
| 53949 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1063 attack attempt (more info ...) | attempted-user | 2020-6113 | URL | ||
| 53952 | MALWARE-OTHER Win.Dropper.Agent payload download attempt (more info ...) | trojan-activity | URL | |||
| 53953 | MALWARE-OTHER Win.Dropper.Agent payload download attempt (more info ...) | trojan-activity | URL | |||
| 53954 | MALWARE-OTHER Win.Dropper.Agent payload download attempt (more info ...) | trojan-activity | URL | |||
| 53955 | MALWARE-OTHER Win.Dropper.Agent payload download attempt (more info ...) | trojan-activity | URL | |||
| 53959 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1065 attack attempt (more info ...) | attempted-admin | URL | |||
| 53960 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 53965 | MALWARE-OTHER Win.Dropper.Kuluoz-7784063-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53966 | MALWARE-OTHER Win.Dropper.Kuluoz-7784063-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53967 | SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt (more info ...) | web-application-attack | 2018-13418 | URL | ||
| 53968 | SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt (more info ...) | web-application-attack | 2018-13418 | URL | ||
| 53969 | SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt (more info ...) | web-application-attack | 2018-13418 | URL | ||
| 53970 | SERVER-WEBAPP TerraMaster NAS user and group creation command injection attempt (more info ...) | web-application-attack | 2018-13418 | URL | ||
| 53977 | MALWARE-OTHER Win.Dropper.Agent payload download attempt (more info ...) | trojan-activity | ||||
| 53978 | MALWARE-OTHER Win.Dropper.Agent payload download attempt (more info ...) | trojan-activity | ||||
| 53979 | MALWARE-OTHER Win.Dropper.Shiz-7784396-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53980 | MALWARE-OTHER Win.Dropper.Shiz-7784396-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53983 | OS-WINDOWS Windows print spooler elevation of privilege attempt (more info ...) | attempted-admin | 2020-1048 | URL | ||
| 53984 | OS-WINDOWS Windows print spooler elevation of privilege attempt (more info ...) | attempted-admin | 2020-1048 | URL | ||
| 53990 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1062 attack attempt (more info ...) | attempted-user | 2020-6112 | URL | ||
| 53991 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1062 attack attempt (more info ...) | attempted-user | 2020-6112 | URL | ||
| 53992 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1068 attack attempt (more info ...) | attempted-user | 2020-6115 | URL | ||
| 53993 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1068 attack attempt (more info ...) | attempted-user | 2020-6115 | URL | ||
| 54003 | SERVER-WEBAPP Axway SecureTransport XML external entity injection attempt (more info ...) | web-application-attack | 2019-14277 | |||
| 54007 | SERVER-ORACLE Oracle Weblogic T3 remote code execution attempt (more info ...) | attempted-user | 2020-2883 | URL | ||
| 54008 | SERVER-ORACLE Oracle Weblogic T3 remote code execution attempt (more info ...) | attempted-user | 2020-2883 | URL | ||
| 54010 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1070 attack attempt (more info ...) | attempted-user | 2020-6116 | URL | ||
| 54011 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1070 attack attempt (more info ...) | attempted-user | 2020-6116 | URL | ||
| 54013 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 54015 | MALWARE-OTHER Win.Dropper.Bifrost-7846624-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54016 | MALWARE-OTHER Win.Dropper.Bifrost-7846624-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54020 | MALWARE-OTHER Win.Trojan.Hancitor COVID-19 subject phishing email attempt (more info ...) | trojan-activity | URL | |||
| 54030 | SERVER-OTHER SaltStack wheel directory traversal attempt (more info ...) | web-application-attack | 2020-11652 | URL | ||
| 54031 | SERVER-OTHER SaltStack wheel directory traversal attempt (more info ...) | web-application-attack | 2020-11652 | URL | ||
| 54032 | SERVER-OTHER SaltStack wheel directory traversal attempt (more info ...) | web-application-attack | 2020-11652 | URL | ||
| 54033 | SERVER-OTHER SaltStack wheel directory traversal attempt (more info ...) | web-application-attack | 2020-11652 | URL | ||
| 54037 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 54038 | MALWARE-OTHER Win.Packed.Zeroaccess-7880797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54039 | MALWARE-OTHER Win.Packed.Zeroaccess-7880797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54044 | MALWARE-OTHER Win.Dropper.Evilnum malicious LNK file download attempt (more info ...) | trojan-activity | URL | |||
| 54045 | MALWARE-OTHER Win.Dropper.Evilnum malicious LNK file download attempt (more info ...) | trojan-activity | URL | |||
| 54047 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1084 attack attempt (more info ...) | attempted-user | 2020-6146 | URL | ||
| 54048 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1084 attack attempt (more info ...) | attempted-user | 2020-6146 | URL | ||
| 54049 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1087 attack attempt (more info ...) | web-application-attack | URL | |||
| 54050 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1087 attack attempt (more info ...) | web-application-attack | URL | |||
| 54056 | MALWARE-OTHER Win.Trojan.BlackNET variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54071 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54072 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54073 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54074 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54075 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54076 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54077 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54078 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54079 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54089 | MALWARE-OTHER Win.Dropper.DarkKomet-7946160-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54090 | MALWARE-OTHER Win.Dropper.DarkKomet-7946160-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54091 | MALWARE-OTHER Win.Dropper.Kuluoz-7977738-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54092 | MALWARE-OTHER Win.Dropper.Kuluoz-7977738-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54093 | MALWARE-OTHER Win.Dropper.Zeus-7944985-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54094 | MALWARE-OTHER Win.Dropper.Zeus-7944985-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54095 | MALWARE-OTHER Win.Trojan.CobaltStrike powershell beacon download attempt (more info ...) | trojan-activity | URL | |||
| 54096 | MALWARE-OTHER Win.Trojan.CobaltStrike powershell beacon download attempt (more info ...) | trojan-activity | URL | |||
| 54097 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54098 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54099 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54100 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54101 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54108 | MALWARE-OTHER Win.Trojan.Mikey-7914350-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54109 | MALWARE-OTHER Win.Trojan.Mikey-7914350-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54110 | MALWARE-OTHER Html.Trojan.CobaltStrike HTML payload download attempt (more info ...) | trojan-activity | URL | |||
| 54111 | MALWARE-OTHER Html.Trojan.CobaltStrike HTML payload download attempt (more info ...) | trojan-activity | URL | |||
| 54112 | MALWARE-OTHER Html.Trojan.CobaltStrike HTML payload download attempt (more info ...) | trojan-activity | URL | |||
| 54113 | MALWARE-OTHER Html.Trojan.CobaltStrike HTML payload download attempt (more info ...) | trojan-activity | URL | |||
| 54114 | MALWARE-OTHER Html.Trojan.CobaltStrike powershell payload download attempt (more info ...) | trojan-activity | URL | |||
| 54115 | MALWARE-OTHER Html.Trojan.CobaltStrike powershell payload download attempt (more info ...) | trojan-activity | URL | |||
| 54116 | MALWARE-OTHER Html.Trojan.CobaltStrike VBA payload download attempt (more info ...) | trojan-activity | URL | |||
| 54117 | MALWARE-OTHER Html.Trojan.CobaltStrike VBA payload download attempt (more info ...) | trojan-activity | URL | |||
| 54120 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 54121 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2019-0912 attack attempt (more info ...) | attempted-user | 2019-1430 | URL | ||
| 54123 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6132 | URL | ||
| 54124 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6132 | URL | ||
| 54125 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6132 | URL | ||
| 54126 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6133 | URL | ||
| 54127 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6133 | URL | ||
| 54128 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6133 | URL | ||
| 54129 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6134 | URL | ||
| 54130 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6134 | URL | ||
| 54131 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1077 attack attempt (more info ...) | web-application-attack | 2020-6134 | URL | ||
| 54132 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1072 attack attempt (more info ...) | web-application-attack | 2020-6122 | URL | ||
| 54133 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1072 attack attempt (more info ...) | web-application-attack | 2020-6122 | URL | ||
| 54134 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1072 attack attempt (more info ...) | web-application-attack | 2020-6122 | URL | ||
| 54135 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1073 attack attempt (more info ...) | web-application-attack | 2020-6124 | URL | ||
| 54136 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1073 attack attempt (more info ...) | web-application-attack | 2020-6124 | URL | ||
| 54137 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1073 attack attempt (more info ...) | web-application-attack | 2020-6124 | URL | ||
| 54138 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1074 attack attempt (more info ...) | web-application-attack | 2020-6125 | URL | ||
| 54139 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1075 attack attempt (more info ...) | web-application-attack | 2020-6128 | URL | ||
| 54140 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1075 attack attempt (more info ...) | web-application-attack | 2020-6128 | URL | ||
| 54141 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1075 attack attempt (more info ...) | web-application-attack | 2020-6128 | URL | ||
| 54142 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1076 attack attempt (more info ...) | web-application-attack | 2020-6131 | URL | ||
| 54143 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1076 attack attempt (more info ...) | web-application-attack | 2020-6131 | URL | ||
| 54144 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1076 attack attempt (more info ...) | web-application-attack | 2020-6131 | URL | ||
| 54145 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 54146 | MALWARE-OTHER Win.Worm.Dorkbot-7993070-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54147 | MALWARE-OTHER Win.Worm.Dorkbot-7993070-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54148 | MALWARE-OTHER Win.Trojan.Vobfus-7994999-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54149 | MALWARE-OTHER Win.Trojan.Vobfus-7994999-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54150 | MALWARE-OTHER Win.Adware.Hao123 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54151 | MALWARE-OTHER Win.Adware.Hao123 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54152 | MALWARE-OTHER Win.Adware.Hao123 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54153 | MALWARE-OTHER Win.Trojan.Turla malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54154 | MALWARE-OTHER Win.Trojan.Turla malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54156 | POLICY-OTHER LDAP bind success (more info ...) | not-suspicious | URL | |||
| 54157 | SERVER-OTHER VMWare Directory Service authentication bypass attempt (more info ...) | attempted-admin | 2020-3952 | URL | ||
| 54180 | MALWARE-OTHER Cobalt Strike system profiling attempt (more info ...) | trojan-activity | URL | |||
| 54181 | MALWARE-OTHER Cobalt Strike system profiling attempt (more info ...) | trojan-activity | URL | |||
| 54182 | MALWARE-OTHER Cobalt Strike system profiling attempt (more info ...) | trojan-activity | URL | |||
| 54184 | SERVER-OTHER lodash defaultsDeep prototype pollution attempt (more info ...) | attempted-user | 2019-10744 | |||
| 54187 | MALWARE-OTHER Win.Ransomware.RagnarLocker initial download (more info ...) | trojan-activity | URL | |||
| 54188 | MALWARE-OTHER Win.Ransomware.RagnarLocker initial download (more info ...) | trojan-activity | URL | |||
| 54195 | SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt (more info ...) | web-application-attack | 2020-12109 | URL | ||
| 54196 | SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt (more info ...) | web-application-attack | 2020-12109 | URL | ||
| 54197 | SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt (more info ...) | web-application-attack | 2020-12109 | URL | ||
| 54198 | SERVER-WEBAPP TP-LINK Cloud Cameras NCXXX Bonjour command injection attempt (more info ...) | web-application-attack | 2020-12109 | URL | ||
| 54214 | SERVER-ORACLE Oracle iPlanet Web Server unauthenticated information disclosure attempt (more info ...) | attempted-recon | 2020-9315 | URL | ||
| 54218 | MALWARE-OTHER Win.Packed.Mikey-8009335-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54219 | MALWARE-OTHER Win.Packed.Mikey-8009335-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54226 | MALWARE-OTHER Win.Dropper.Ngrbot-8010339-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54227 | MALWARE-OTHER Win.Dropper.Ngrbot-8010339-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54228 | MALWARE-OTHER Win.Worm.Vobfus-8010482-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54229 | MALWARE-OTHER Win.Worm.Vobfus-8010482-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54251 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1080 attack attempt (more info ...) | web-application-attack | 2020-6140 | URL | ||
| 54252 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1080 attack attempt (more info ...) | web-application-attack | 2020-6140 | URL | ||
| 54253 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1080 attack attempt (more info ...) | web-application-attack | 2020-6140 | URL | ||
| 54254 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1082 attack attempt (more info ...) | web-application-attack | 2020-6142 | URL | ||
| 54255 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1082 attack attempt (more info ...) | web-application-attack | 2020-6142 | URL | ||
| 54256 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1082 attack attempt (more info ...) | web-application-attack | 2020-6142 | URL | ||
| 54257 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1083 attack attempt (more info ...) | web-application-attack | 2020-6144 | URL | ||
| 54258 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1083 attack attempt (more info ...) | web-application-attack | 2020-6144 | URL | ||
| 54259 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1078 attack attempt (more info ...) | web-application-attack | 2020-6135 | URL | ||
| 54260 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1078 attack attempt (more info ...) | web-application-attack | 2020-6135 | URL | ||
| 54261 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1078 attack attempt (more info ...) | web-application-attack | 2020-6135 | URL | ||
| 54262 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1079 attack attempt (more info ...) | web-application-attack | 2020-6136 | URL | ||
| 54263 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1079 attack attempt (more info ...) | web-application-attack | 2020-6136 | URL | ||
| 54264 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1079 attack attempt (more info ...) | web-application-attack | 2020-6136 | URL | ||
| 54265 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1088 attack attempt (more info ...) | attempted-user | URL | |||
| 54266 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2020-1088 attack attempt (more info ...) | attempted-user | URL | |||
| 54267 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1081 attack attempt (more info ...) | web-application-attack | 2020-6141 | URL | ||
| 54268 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1081 attack attempt (more info ...) | web-application-attack | 2020-6141 | URL | ||
| 54269 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1081 attack attempt (more info ...) | web-application-attack | 2020-6141 | URL | ||
| 54272 | SERVER-WEBAPP Centreon Monitoring tool command injection attempt (more info ...) | web-application-attack | 2020-9463 | URL | ||
| 54273 | SERVER-WEBAPP Centreon Monitoring tool command injection attempt (more info ...) | web-application-attack | 2020-9463 | URL | ||
| 54274 | MALWARE-OTHER Win.Trojan.Vobfus-8010924-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54275 | MALWARE-OTHER Win.Trojan.Vobfus-8010924-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54276 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 54277 | MALWARE-OTHER Win.Dropper.Zeus-8011051-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54278 | MALWARE-OTHER Win.Dropper.Zeus-8011051-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54279 | INDICATOR-COMPROMISE UPnP SUBSCRIBE Callback denial-of-service attempt (more info ...) | attempted-dos | 2020-12695 | URL | ||
| 54280 | INDICATOR-COMPROMISE UPnP SUBSCRIBE Callback denial-of-service attempt (more info ...) | attempted-dos | 2020-12695 | URL | ||
| 54282 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1092 attack attempt (more info ...) | attempted-user | URL | |||
| 54283 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1092 attack attempt (more info ...) | attempted-user | URL | |||
| 54290 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1091 attack attempt (more info ...) | web-application-attack | 2020-6145 | URL | ||
| 54307 | PUA-ADWARE Js.Adware.Agent variant redirect attempt (more info ...) | trojan-activity | URL | |||
| 54308 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6147 | URL | ||
| 54309 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6147 | URL | ||
| 54310 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6148 | URL | ||
| 54311 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6148 | URL | ||
| 54312 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6149 | URL | ||
| 54313 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6149 | URL | ||
| 54314 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6150 | URL | ||
| 54315 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6150 | URL | ||
| 54374 | MALWARE-OTHER Win.Trojan.IndigoDrop variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54377 | MALWARE-OTHER Win.Trojan.Zbot-8108321-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54378 | MALWARE-OTHER Win.Trojan.Zbot-8108321-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54385 | MALWARE-OTHER Win.Trojan.Qbot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54387 | MALWARE-OTHER Win.Trojan.Qbot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54389 | PROTOCOL-TELNET netkit-telnet server memory corruption attempt (more info ...) | attempted-user | 2020-10188 | URL | ||
| 54390 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1096 attack attempt (more info ...) | attempted-user | 2020-6152 | URL | ||
| 54391 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1096 attack attempt (more info ...) | attempted-user | 2020-6152 | URL | ||
| 54392 | OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1098 attack attempt (more info ...) | attempted-admin | URL | |||
| 54393 | OS-WINDOWS TRUFFLEHUNTER TALOS-2020-1098 attack attempt (more info ...) | attempted-admin | URL | |||
| 54407 | MALWARE-OTHER Win.Dropper.Zeus-8336989-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54408 | MALWARE-OTHER Win.Dropper.Zeus-8336989-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54409 | MALWARE-OTHER Win.Dropper.Waledac-8338517-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54410 | MALWARE-OTHER Win.Dropper.Waledac-8338517-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54411 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (more info ...) | attempted-user | 2021-21833 | URL | ||
| 54412 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (more info ...) | attempted-user | 2021-21833 | URL | ||
| 54413 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (more info ...) | attempted-user | 2021-21833 | URL | ||
| 54414 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1095 attack attempt (more info ...) | attempted-user | 2021-21833 | URL | ||
| 54415 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1101 attack attempt (more info ...) | attempted-user | 2020-6155 | URL | ||
| 54416 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1101 attack attempt (more info ...) | attempted-user | 2020-6155 | URL | ||
| 54424 | MALWARE-OTHER Win.Dropper.NetWire-8359642-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54425 | MALWARE-OTHER Win.Dropper.NetWire-8359642-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54426 | MALWARE-OTHER Win.Dropper.Bifrost-8367128-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54427 | MALWARE-OTHER Win.Dropper.Bifrost-8367128-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54430 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6156 | URL | ||
| 54431 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-6156 | URL | ||
| 54432 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-13493 | URL | ||
| 54433 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1094 attack attempt (more info ...) | attempted-user | 2020-13493 | URL | ||
| 54436 | MALWARE-OTHER Win.Packed.Remcos-8401633-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54437 | MALWARE-OTHER Win.Packed.Remcos-8401633-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54438 | MALWARE-OTHER Win.Malware.Midie-8569260-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54439 | MALWARE-OTHER Win.Malware.Midie-8569260-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54462 | SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt (more info ...) | attempted-admin | 2020-5903 | URL | ||
| 54463 | MALWARE-OTHER Win.Packed.Bladabindi-8460552-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54464 | MALWARE-OTHER Win.Packed.Bladabindi-8460552-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54465 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1102 attack attempt (more info ...) | attempted-dos | URL | |||
| 54466 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1102 attack attempt (more info ...) | attempted-dos | URL | |||
| 54467 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (more info ...) | attempted-user | 2020-13496 | URL | ||
| 54468 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (more info ...) | attempted-user | 2020-13496 | URL | ||
| 54469 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (more info ...) | attempted-user | 2020-13497 | URL | ||
| 54470 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (more info ...) | attempted-user | 2020-13497 | URL | ||
| 54471 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (more info ...) | attempted-user | 2020-13498 | URL | ||
| 54472 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1105 attack attempt (more info ...) | attempted-user | 2020-13498 | URL | ||
| 54473 | MALWARE-OTHER Win.Downloader.Nemucod variant download attempt (more info ...) | attempted-user | URL | |||
| 54474 | MALWARE-OTHER Win.Dropper.Adwind variant download attempt (more info ...) | attempted-user | URL | |||
| 54475 | MALWARE-OTHER Win.Downloader.Nemucod variant download attempt (more info ...) | attempted-user | URL | |||
| 54476 | MALWARE-OTHER Win.Dropper.Adwind variant download attempt (more info ...) | attempted-user | URL | |||
| 54477 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1097 attack attempt (more info ...) | web-application-attack | 2020-6153 | URL | ||
| 54478 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1106 attack attempt (more info ...) | web-application-attack | 2020-13501 | URL | ||
| 54479 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1107 attack attempt (more info ...) | web-application-attack | 2020-13502 | URL | ||
| 54480 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1108 attack attempt (more info ...) | web-application-attack | 2020-13521 | URL | ||
| 54481 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1109 attack attempt (more info ...) | web-application-attack | 2020-13508 | URL | ||
| 54482 | MALWARE-OTHER Win.Malware.Midie-8650925-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54483 | MALWARE-OTHER Win.Malware.Midie-8650925-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54484 | SERVER-WEBAPP F5 BIG-IP Traffic Management User Interface remote code execution attempt (more info ...) | attempted-admin | 2020-5902 | URL | ||
| 54488 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (more info ...) | attempted-user | 2020-13495 | URL | ||
| 54489 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (more info ...) | attempted-user | 2020-13495 | URL | ||
| 54490 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (more info ...) | attempted-user | 2020-13495 | URL | ||
| 54491 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1104 attack attempt (more info ...) | attempted-user | 2020-13495 | URL | ||
| 54492 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1103 attack attempt (more info ...) | attempted-user | 2020-13494 | URL | ||
| 54493 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1103 attack attempt (more info ...) | attempted-user | 2020-13494 | URL | ||
| 54495 | SERVER-OTHER Unitrends UEB 9 bpserverd unauthenticated remote command execution attempt (more info ...) | attempted-admin | 2017-12477 | URL | ||
| 54501 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1118 attack attempt (more info ...) | attempted-dos | URL | |||
| 54502 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1118 attack attempt (more info ...) | attempted-dos | URL | |||
| 54519 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1120 attack attempt (more info ...) | attempted-user | 2020-13520 | URL | ||
| 54520 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1120 attack attempt (more info ...) | attempted-user | 2020-13520 | URL | ||
| 54556 | SERVER-WEBAPP BSA Radar local file inclusion attempt (more info ...) | attempted-recon | 2020-14946 | |||
| 54571 | SERVER-WEBAPP SAP NetWeaver AS LM Configuration Wizard directory traversal attempt (more info ...) | web-application-attack | 2020-6287 | URL | ||
| 54572 | SERVER-WEBAPP SAP NetWeaver AS LM Configuration Wizard directory traversal attempt (more info ...) | web-application-attack | 2020-6287 | URL | ||
| 54579 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1122 attack attempt (more info ...) | attempted-recon | 2020-13523 | URL | ||
| 54580 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1122 attack attempt (more info ...) | attempted-recon | 2020-13523 | URL | ||
| 54581 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1121 attack attempt (more info ...) | attempted-dos | 2020-13522 | URL | ||
| 54582 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1121 attack attempt (more info ...) | attempted-dos | 2020-13522 | URL | ||
| 54583 | SERVER-WEBAPP Eaton Intelligent Power Manager command injection attempt (more info ...) | web-application-attack | 2020-6651 | URL | ||
| 54586 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1124 attack attempt (more info ...) | attempted-user | URL | |||
| 54587 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1124 attack attempt (more info ...) | attempted-user | URL | |||
| 54588 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1125 attack attempt (more info ...) | attempted-user | 2020-13524 | URL | ||
| 54589 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1125 attack attempt (more info ...) | attempted-user | 2020-13524 | URL | ||
| 54602 | SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt (more info ...) | web-application-attack | 2019-9081 | URL | ||
| 54603 | SERVER-WEBAPP Laravel Framework PendingCommand arbitrary command execution attempt (more info ...) | web-application-attack | 2019-9081 | URL | ||
| 54604 | MALWARE-OTHER Win.Dropper.Dorkbot-8975168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54605 | MALWARE-OTHER Win.Dropper.Dorkbot-8975168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54606 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1126 attack attempt (more info ...) | web-application-attack | 2020-13526 | URL | ||
| 54607 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1126 attack attempt (more info ...) | web-application-attack | 2020-13526 | URL | ||
| 54608 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1126 attack attempt (more info ...) | web-application-attack | 2020-13526 | URL | ||
| 54613 | SERVER-OTHER Zoom client spoofed chat message attempt (more info ...) | misc-attack | 2018-15715 | |||
| 54616 | SERVER-OTHER Zoom client unauthorized conference termination attempt (more info ...) | misc-attack | 2018-15715 | |||
| 54631 | MALWARE-OTHER Vbs.Trojan.Dridex phishing email attempt (more info ...) | trojan-activity | URL | |||
| 54636 | SERVER-WEBAPP Zoom Client ZoomOpener remote code execution attempt (more info ...) | attempted-user | 2019-13567 | |||
| 54637 | SERVER-WEBAPP Zoom Client ZoomOpener remote code execution attempt (more info ...) | attempted-user | 2019-13567 | |||
| 54641 | MALWARE-OTHER Win.Trojan.Hackbit malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 54643 | MALWARE-OTHER Win.Trojan.Hackbit malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54645 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1128 attack attempt (more info ...) | attempted-user | URL | |||
| 54646 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1128 attack attempt (more info ...) | attempted-user | URL | |||
| 54647 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1129 attack attempt (more info ...) | attempted-dos | URL | |||
| 54648 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1129 attack attempt (more info ...) | attempted-dos | URL | |||
| 54665 | BROWSER-WEBKIT WebKit JIT compiler common subexpression elimination out of bounds access attempt (more info ...) | attempted-user | 2020-9802 | |||
| 54666 | BROWSER-WEBKIT WebKit JIT compiler common subexpression elimination out of bounds access attempt (more info ...) | attempted-user | 2020-9802 | |||
| 54669 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 54670 | SERVER-WEBAPP Rockwell FactoryTalk View SE project list disclosure attempt (more info ...) | web-application-attack | 2020-12027 | |||
| 54671 | SERVER-WEBAPP Rockwell FactoryTalk View SE project information disclosure attempt (more info ...) | web-application-attack | 2020-12027 | |||
| 54672 | SERVER-WEBAPP Rockwell FactoryTalk View SE remote code execution attempt (more info ...) | web-application-attack | 2020-12028 | |||
| 54673 | SERVER-WEBAPP Rockwell FactoryTalk View SE remote project backup download attempt (more info ...) | web-application-attack | 2020-12029 | |||
| 54674 | SERVER-WEBAPP Rockwell FactoryTalk View SE remote project copy attempt (more info ...) | web-application-attack | 2020-12028 | |||
| 54675 | SERVER-WEBAPP Rockwell FactoryTalk View SE remote project back directory traversal attempt (more info ...) | web-application-attack | 2020-12029 | |||
| 54676 | MALWARE-OTHER Win.Ransomware.Cerber-9153999-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54677 | MALWARE-OTHER Win.Ransomware.Cerber-9153999-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54680 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1131 attack attempt (more info ...) | attempted-admin | URL | |||
| 54681 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1131 attack attempt (more info ...) | attempted-admin | URL | |||
| 54682 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1130 attack attempt (more info ...) | attempted-recon | URL | |||
| 54683 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1130 attack attempt (more info ...) | attempted-recon | URL | |||
| 54693 | MALWARE-OTHER Win.Trojan.Ursnif malicious outbound connection attempt - gravity generated detection (more info ...) | trojan-activity | URL | |||
| 54701 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1133 attack attempt (more info ...) | attempted-admin | URL | |||
| 54702 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1133 attack attempt (more info ...) | attempted-admin | URL | |||
| 54709 | MALWARE-OTHER Win.Packed.Zusy-9219867-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54710 | MALWARE-OTHER Win.Packed.Zusy-9219867-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54713 | MALWARE-OTHER Win.Dropper.Zeus-9220295-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54714 | MALWARE-OTHER Win.Dropper.Zeus-9220295-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54715 | MALWARE-OTHER Win.Dropper.Zeus-9220296-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54716 | MALWARE-OTHER Win.Dropper.Zeus-9220296-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54719 | MALWARE-OTHER Win.Trojan.Generic-9222527-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54720 | MALWARE-OTHER Win.Trojan.Generic-9222527-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54723 | MALWARE-OTHER Win.Downloader.Banload-9221789-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54724 | MALWARE-OTHER Win.Downloader.Banload-9221789-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54727 | SERVER-WEBAPP ZoomOpener remote code execution attempt (more info ...) | attempted-user | 2019-13567 | |||
| 54728 | SERVER-WEBAPP ZoomOpener remote code execution attempt (more info ...) | attempted-user | 2019-13567 | |||
| 54729 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1138 attack attempt (more info ...) | attempted-user | URL | |||
| 54730 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1138 attack attempt (more info ...) | attempted-user | URL | |||
| 54731 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1134 attack attempt (more info ...) | attempted-user | URL | |||
| 54732 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1134 attack attempt (more info ...) | attempted-user | URL | |||
| 54747 | MALWARE-OTHER Win.Ransomware.Nephilim variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54749 | MALWARE-OTHER Win.Ransomware.Nephilim variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54750 | MALWARE-OTHER Win.Ransomware.Nephilim variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54755 | SERVER-ORACLE Oracle Weblogic T3 remote code execution attempt (more info ...) | attempted-user | 2020-14645 | URL | ||
| 54756 | FILE-OTHER Grub malicious grub.cfg download attempt (more info ...) | attempted-admin | 2020-10713 | |||
| 54757 | FILE-OTHER Grub malicious grub.cfg download attempt (more info ...) | attempted-admin | 2020-10713 | |||
| 54771 | MALWARE-OTHER PUA.Win.Adware.Icloader-9255803-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54772 | MALWARE-OTHER PUA.Win.Adware.Icloader-9255803-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54777 | MALWARE-OTHER Win.Dropper.Cerber-9294966-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54778 | MALWARE-OTHER Win.Dropper.Cerber-9294966-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54791 | MALWARE-OTHER Win.Trojan.Kovter variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54792 | MALWARE-OTHER Win.Trojan.Kovter variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54798 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1135 attack attempt (more info ...) | web-application-attack | 2020-13527 | URL | ||
| 54799 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1135 attack attempt (more info ...) | web-application-attack | 2020-13527 | URL | ||
| 54800 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1135 attack attempt (more info ...) | web-application-attack | 2020-13527 | URL | ||
| 54817 | OS-WINDOWS Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2020-1337 | URL | ||
| 54818 | OS-WINDOWS Windows Print Spooler elevation of privilege attempt (more info ...) | attempted-admin | 2020-1337 | URL | ||
| 54823 | MALWARE-OTHER Doc.Downloader.LokiBot variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54824 | SERVER-WEBAPP Intellian Aptus Web arbitrary command execution attempt (more info ...) | web-application-attack | 2020-7980 | URL | ||
| 54829 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1139 attack attempt (more info ...) | attempted-user | URL | |||
| 54830 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1139 attack attempt (more info ...) | attempted-user | URL | |||
| 54832 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1143 attack attempt (more info ...) | attempted-dos | 2020-13530 | URL | ||
| 54866 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1141 attack attempt (more info ...) | attempted-dos | URL | |||
| 54867 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1141 attack attempt (more info ...) | attempted-dos | URL | |||
| 54874 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9497863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54875 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9497863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54881 | MALWARE-OTHER Js.Dropper.Duri variant inbound payload drop attempt (more info ...) | trojan-activity | URL | |||
| 54882 | MALWARE-OTHER Win.Malware.Duri inbound payload download attempt (more info ...) | trojan-activity | URL | |||
| 54883 | MALWARE-OTHER Js.Dropper.Agent variant inbound payload drop attempt (more info ...) | trojan-activity | URL | |||
| 54884 | MALWARE-OTHER Win.Malware.Duri inbound payload download attempt (more info ...) | trojan-activity | URL | |||
| 54885 | INDICATOR-COMPROMISE Win.Trojan.GoldenSpy download attempt (more info ...) | trojan-activity | URL | |||
| 54886 | INDICATOR-COMPROMISE Win.Trojan.GoldenSpy download attempt (more info ...) | trojan-activity | URL | |||
| 54887 | INDICATOR-COMPROMISE Win.Trojan.GoldenSpy download attempt (more info ...) | trojan-activity | URL | |||
| 54888 | INDICATOR-COMPROMISE Win.Trojan.GoldenSpy download attempt (more info ...) | trojan-activity | URL | |||
| 54889 | INDICATOR-COMPROMISE Win.Trojan.GoldenSpy download attempt (more info ...) | trojan-activity | URL | |||
| 54890 | INDICATOR-COMPROMISE Win.Trojan.GoldenSpy download attempt (more info ...) | trojan-activity | URL | |||
| 54897 | MALWARE-OTHER Win.Backdoor.Perlbot script variant download attempt (more info ...) | trojan-activity | URL | |||
| 54898 | MALWARE-OTHER Win.Backdoor.Perlbot script variant download attempt (more info ...) | trojan-activity | URL | |||
| 54904 | MALWARE-OTHER Win.Trojan.Dridex malicious file download attempt (more info ...) | trojan-activity | URL | |||
| 54906 | MALWARE-OTHER Win.Trojan.Dridex malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54907 | MALWARE-OTHER Win.Trojan.Dridex malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54910 | MALWARE-OTHER Win.Ransomware.LockBit ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 54912 | MALWARE-OTHER Win.Ransomware.LockBit ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 54913 | MALWARE-OTHER Win.Ransomware.LockBit ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 54915 | MALWARE-OTHER Win.Ransomware.LockBit ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 54916 | MALWARE-OTHER Win.Ransomware.LockBit ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 54917 | MALWARE-OTHER Win.Ransomware.LockBit ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 54920 | MALWARE-TOOLS Win.Packer.Salfram packed executable download attempt (more info ...) | trojan-activity | URL | |||
| 54921 | MALWARE-TOOLS Win.Packer.Salfram packed executable download attempt (more info ...) | trojan-activity | URL | |||
| 54922 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1145 attack attempt (more info ...) | attempted-user | 2020-13531 | URL | ||
| 54923 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1145 attack attempt (more info ...) | attempted-user | 2020-13531 | URL | ||
| 54926 | MALWARE-OTHER Win.Downloader.Vobfus-9622213-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54927 | MALWARE-OTHER Win.Downloader.Vobfus-9622213-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54938 | MALWARE-OTHER Win.Downloader.Upatre-9624350-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54939 | MALWARE-OTHER Win.Downloader.Upatre-9624350-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54946 | MALWARE-OTHER Win.Malware.Upatre-9626237-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54947 | MALWARE-OTHER Win.Malware.Upatre-9626237-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54950 | MALWARE-OTHER Win.Malware.Ipamor-9625955-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54951 | MALWARE-OTHER Win.Malware.Ipamor-9625955-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54962 | MALWARE-OTHER Win.Malware.Upatre-9626227-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54963 | MALWARE-OTHER Win.Malware.Upatre-9626227-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54974 | MALWARE-OTHER Win.Malware.Midie-9628915-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54975 | MALWARE-OTHER Win.Malware.Midie-9628915-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54980 | MALWARE-OTHER Win.Packed.Virlock-9629641-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54981 | MALWARE-OTHER Win.Packed.Virlock-9629641-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54986 | MALWARE-OTHER Win.Malware.Upatre-9630071-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54987 | MALWARE-OTHER Win.Malware.Upatre-9630071-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54990 | MALWARE-OTHER Win.Trojan.Zeroaccess-9631318-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54991 | MALWARE-OTHER Win.Trojan.Zeroaccess-9631318-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55025 | MALWARE-OTHER Win.Keylogger.Multibanker-9635794-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55026 | MALWARE-OTHER Win.Keylogger.Multibanker-9635794-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55027 | MALWARE-OTHER Win.Malware.Upatre-9636020-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55028 | MALWARE-OTHER Win.Malware.Upatre-9636020-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55031 | MALWARE-OTHER Win.Malware.Midie-9637278-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55032 | MALWARE-OTHER Win.Malware.Midie-9637278-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55044 | MALWARE-OTHER Win.Malware.Zusy-9638751-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55045 | MALWARE-OTHER Win.Malware.Zusy-9638751-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55070 | MALWARE-OTHER Win.Tool.Zusy-9645230-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55071 | MALWARE-OTHER Win.Tool.Zusy-9645230-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55104 | MALWARE-OTHER Win.Malware.Midie-9651428-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55105 | MALWARE-OTHER Win.Malware.Midie-9651428-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55106 | MALWARE-OTHER Win.Malware.Midie-9651455-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55107 | MALWARE-OTHER Win.Malware.Midie-9651455-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55110 | MALWARE-OTHER Win.Malware.Blackmoon-9653251-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55111 | MALWARE-OTHER Win.Malware.Blackmoon-9653251-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55112 | MALWARE-OTHER Win.Worm.Slenfbot-9653263-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55113 | MALWARE-OTHER Win.Worm.Slenfbot-9653263-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55114 | MALWARE-OTHER Win.Ircbot.Ircbot-9653265-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55115 | MALWARE-OTHER Win.Ircbot.Ircbot-9653265-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55124 | MALWARE-OTHER Win.Malware.Tiny-9653715-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55125 | MALWARE-OTHER Win.Malware.Tiny-9653715-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55134 | MALWARE-OTHER Win.Downloader.Upatre-9655589-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55135 | MALWARE-OTHER Win.Downloader.Upatre-9655589-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55173 | MALWARE-OTHER Win.Trojan.Fugrafa-9733010-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55174 | MALWARE-OTHER Win.Trojan.Fugrafa-9733010-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55199 | MALWARE-OTHER Win.Trojan.Delf-9733756-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55200 | MALWARE-OTHER Win.Trojan.Delf-9733756-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55207 | SERVER-OTHER Intel AMT HTTP invalid chunk size attempt (more info ...) | web-application-attack | 2020-8758 | |||
| 55208 | SERVER-OTHER Intel AMT HTTP invalid chunk size attempt (more info ...) | web-application-attack | 2020-8758 | |||
| 55209 | SERVER-OTHER Intel AMT HTTP negative content-length attempt (more info ...) | web-application-attack | 2020-8758 | |||
| 55210 | SERVER-OTHER Intel AMT HTTP negative content-length attempt (more info ...) | web-application-attack | 2020-8758 | |||
| 55217 | MALWARE-OTHER Win.Malware.Agen-9740021-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55218 | MALWARE-OTHER Win.Malware.Agen-9740021-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55219 | MALWARE-OTHER Win.Malware.Scar-9741251-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55220 | MALWARE-OTHER Win.Malware.Scar-9741251-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55223 | MALWARE-OTHER Win.Ransomware.Darkside binary download attempt (more info ...) | trojan-activity | URL | |||
| 55224 | MALWARE-OTHER Win.Ransomware.Darkside binary download attempt (more info ...) | trojan-activity | URL | |||
| 55241 | MALWARE-OTHER Win.Trojan.Malwarex-9752454-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55242 | MALWARE-OTHER Win.Trojan.Malwarex-9752454-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55267 | MALWARE-OTHER PUA.Win.Downloader.Softcnapp-9753177-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55268 | MALWARE-OTHER PUA.Win.Downloader.Softcnapp-9753177-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55269 | MALWARE-OTHER Win.Packed.Fakesysdef-9753248-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55270 | MALWARE-OTHER Win.Packed.Fakesysdef-9753248-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55277 | MALWARE-OTHER Win.Malware.Agen-9753155-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55278 | MALWARE-OTHER Win.Malware.Agen-9753155-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55305 | MALWARE-OTHER Win.Malware.Cerbu-9753105-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55306 | MALWARE-OTHER Win.Malware.Cerbu-9753105-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55317 | MALWARE-OTHER Win.Packed.Urausy-9753546-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55318 | MALWARE-OTHER Win.Packed.Urausy-9753546-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55327 | MALWARE-OTHER Win.Malware.Generic-9753975-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55328 | MALWARE-OTHER Win.Malware.Generic-9753975-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55329 | MALWARE-OTHER Win.Packed.Generickdz-9754025-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55330 | MALWARE-OTHER Win.Packed.Generickdz-9754025-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55349 | MALWARE-OTHER Win.Ransomware.Reveton-9754374-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55350 | MALWARE-OTHER Win.Ransomware.Reveton-9754374-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55357 | MALWARE-OTHER Win.Packed.Urausy-9754886-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55358 | MALWARE-OTHER Win.Packed.Urausy-9754886-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55381 | MALWARE-OTHER Win.Packed.Reveton-9755111-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55382 | MALWARE-OTHER Win.Packed.Reveton-9755111-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55395 | MALWARE-OTHER Win.Trojan.Redosdru-9754696-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55396 | MALWARE-OTHER Win.Trojan.Redosdru-9754696-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55397 | MALWARE-OTHER PUA.Win.File.Neobar-9755067-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55398 | MALWARE-OTHER PUA.Win.File.Neobar-9755067-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55411 | MALWARE-OTHER Win.Malware.Bladabindi-9754646-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55412 | MALWARE-OTHER Win.Malware.Bladabindi-9754646-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55423 | MALWARE-OTHER Win.Dropper.DarkKomet-9755622-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55424 | MALWARE-OTHER Win.Dropper.DarkKomet-9755622-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55427 | MALWARE-OTHER Win.Dropper.DarkKomet-9755671-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55428 | MALWARE-OTHER Win.Dropper.DarkKomet-9755671-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55447 | MALWARE-OTHER Win.Trojan.Zbot-9756756-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55448 | MALWARE-OTHER Win.Trojan.Zbot-9756756-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55449 | MALWARE-OTHER Win.Downloader.Upatre-9756805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55450 | MALWARE-OTHER Win.Downloader.Upatre-9756805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55457 | MALWARE-OTHER Win.Trojan.Generickdz-9756772-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55458 | MALWARE-OTHER Win.Trojan.Generickdz-9756772-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55459 | MALWARE-OTHER Win.Trojan.Zegost-9756996-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55460 | MALWARE-OTHER Win.Trojan.Zegost-9756996-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55467 | MALWARE-OTHER Win.Malware.Magania-9757204-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55468 | MALWARE-OTHER Win.Malware.Magania-9757204-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55469 | MALWARE-OTHER Win.Malware.Nitol-9757205-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55470 | MALWARE-OTHER Win.Malware.Nitol-9757205-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55479 | MALWARE-OTHER Win.Malware.Zusy-9757531-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55480 | MALWARE-OTHER Win.Malware.Zusy-9757531-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55481 | MALWARE-OTHER Win.Packed.Hlux-9757571-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55482 | MALWARE-OTHER Win.Packed.Hlux-9757571-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55489 | MALWARE-OTHER Win.Trojan.Zeroaccess-9757775-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55490 | MALWARE-OTHER Win.Trojan.Zeroaccess-9757775-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55491 | MALWARE-OTHER Win.Packed.Reveton-9757778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55492 | MALWARE-OTHER Win.Packed.Reveton-9757778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55499 | MALWARE-OTHER Win.Ircbot.Ircbot-9757805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55500 | MALWARE-OTHER Win.Ircbot.Ircbot-9757805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55501 | MALWARE-OTHER Win.Trojan.Conjar-9757807-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55502 | MALWARE-OTHER Win.Trojan.Conjar-9757807-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55505 | MALWARE-OTHER Win.Packed.Ramnit-9757823-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55506 | MALWARE-OTHER Win.Packed.Ramnit-9757823-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55519 | MALWARE-OTHER Win.Trojan.Tinba-9758104-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55520 | MALWARE-OTHER Win.Trojan.Tinba-9758104-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55521 | MALWARE-OTHER Win.Packed.Urausy-9758034-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55522 | MALWARE-OTHER Win.Packed.Urausy-9758034-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55537 | MALWARE-OTHER Win.Packed.Trojanx-9758137-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55538 | MALWARE-OTHER Win.Packed.Trojanx-9758137-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55543 | MALWARE-OTHER Win.Trojan.Dorkbot-9758280-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55544 | MALWARE-OTHER Win.Trojan.Dorkbot-9758280-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55553 | MALWARE-OTHER Win.Ransomware.Reveton-9758363-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55554 | MALWARE-OTHER Win.Ransomware.Reveton-9758363-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55589 | MALWARE-OTHER Win.Trojan.Sinowal-9759014-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55590 | MALWARE-OTHER Win.Trojan.Sinowal-9759014-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55605 | MALWARE-OTHER Win.Worm.Gamarue-9759119-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55606 | MALWARE-OTHER Win.Worm.Gamarue-9759119-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55613 | MALWARE-OTHER Win.Packed.Reveton-9759475-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55614 | MALWARE-OTHER Win.Packed.Reveton-9759475-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55619 | MALWARE-OTHER Win.Malware.Zusy-9759529-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55620 | MALWARE-OTHER Win.Malware.Zusy-9759529-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55621 | MALWARE-OTHER Win.Worm.Zbot-9759575-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55622 | MALWARE-OTHER Win.Worm.Zbot-9759575-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55633 | MALWARE-OTHER Win.Trojan.Torr-9759942-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55634 | MALWARE-OTHER Win.Trojan.Torr-9759942-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55637 | SERVER-WEBAPP Pulse Connect Secure SSL VPN command injection attempt (more info ...) | web-application-attack | 2020-8218 | URL | ||
| 55638 | SERVER-WEBAPP Pulse Connect Secure SSL VPN command injection attempt (more info ...) | web-application-attack | 2020-8218 | URL | ||
| 55639 | SERVER-WEBAPP Pulse Connect Secure SSL VPN command injection attempt (more info ...) | web-application-attack | 2020-8218 | URL | ||
| 55640 | SERVER-WEBAPP Pulse Connect Secure SSL VPN command injection attempt (more info ...) | web-application-attack | 2020-8218 | URL | ||
| 55655 | MALWARE-OTHER Win.Packed.Zeroaccess-9760106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55656 | MALWARE-OTHER Win.Packed.Zeroaccess-9760106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55671 | MALWARE-OTHER Win.Ransomware.Urausy-9760518-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55672 | MALWARE-OTHER Win.Ransomware.Urausy-9760518-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55695 | MALWARE-OTHER Win.Trojan.Rincux-9760859-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55696 | MALWARE-OTHER Win.Trojan.Rincux-9760859-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55709 | MALWARE-OTHER Win.Trojan.Zeroaccess-9761339-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55710 | MALWARE-OTHER Win.Trojan.Zeroaccess-9761339-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55711 | MALWARE-OTHER Win.Packed.Tdss-9761341-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55712 | MALWARE-OTHER Win.Packed.Tdss-9761341-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55713 | MALWARE-OTHER Win.Dropper.Zbot-9761347-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55714 | MALWARE-OTHER Win.Dropper.Zbot-9761347-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55719 | MALWARE-OTHER Win.Malware.Nitol-9761421-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55720 | MALWARE-OTHER Win.Malware.Nitol-9761421-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55721 | MALWARE-OTHER Win.Malware.Magania-9761424-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55722 | MALWARE-OTHER Win.Malware.Magania-9761424-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55723 | MALWARE-OTHER Win.Malware.Magania-9761425-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55724 | MALWARE-OTHER Win.Malware.Magania-9761425-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55725 | MALWARE-OTHER Win.Malware.Magania-9761426-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55726 | MALWARE-OTHER Win.Malware.Magania-9761426-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55729 | MALWARE-OTHER Win.Trojan.Ircbot-9761414-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55730 | MALWARE-OTHER Win.Trojan.Ircbot-9761414-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55741 | FILE-IMAGE Foxit Reader parsing JPEG with ConvertToPDF remote code execution attempt (more info ...) | attempted-user | 2020-8844 | URL | ||
| 55742 | FILE-IMAGE Foxit Reader parsing JPEG with ConvertToPDF remote code execution attempt (more info ...) | attempted-user | 2020-8844 | URL | ||
| 55754 | MALWARE-OTHER Win.Malware.Nitol-9762149-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55755 | MALWARE-OTHER Win.Malware.Nitol-9762149-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55758 | MALWARE-OTHER Win.Malware.Magania-9762151-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55759 | MALWARE-OTHER Win.Malware.Magania-9762151-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55762 | MALWARE-OTHER Win.Malware.Magania-9762160-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55763 | MALWARE-OTHER Win.Malware.Magania-9762160-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55770 | MALWARE-OTHER Win.Keylogger.Zeroaccess-9762346-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55771 | MALWARE-OTHER Win.Keylogger.Zeroaccess-9762346-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55779 | MALWARE-OTHER Win.Malware.Magania-9762933-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55780 | MALWARE-OTHER Win.Malware.Magania-9762933-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55789 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9763527-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55790 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9763527-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55793 | MALWARE-OTHER Win.Trojan.Hupigon-9763906-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55794 | MALWARE-OTHER Win.Trojan.Hupigon-9763906-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55803 | SERVER-OTHER Redis replication arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 55811 | MALWARE-OTHER Win.Trojan.Mekotio variant second stage dropper download attempt (more info ...) | trojan-activity | URL | |||
| 55812 | MALWARE-OTHER Win.Trojan.Mekotio variant second stage dropper download attempt (more info ...) | trojan-activity | URL | |||
| 55842 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1156 attack attempt (more info ...) | attempted-user | URL | |||
| 55843 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1156 attack attempt (more info ...) | attempted-user | URL | |||
| 55844 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1155 attack attempt (more info ...) | attempted-user | 2020-12543 | URL | ||
| 55845 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1155 attack attempt (more info ...) | attempted-user | 2020-12543 | URL | ||
| 55852 | MALWARE-OTHER Win.Malware.Magania-9769241-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55853 | MALWARE-OTHER Win.Malware.Magania-9769241-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55854 | MALWARE-OTHER Win.Packed.Razy-9769405-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55855 | MALWARE-OTHER Win.Packed.Razy-9769405-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55860 | MALWARE-OTHER Win.Worm.Gamarue-9769424-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55861 | MALWARE-OTHER Win.Worm.Gamarue-9769424-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55863 | MALWARE-OTHER Win.Virus.Ursnif-9769699-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55864 | MALWARE-OTHER Win.Virus.Ursnif-9769699-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55867 | MALWARE-OTHER Win.Malware.Agzz8qk-9769774-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55868 | MALWARE-OTHER Win.Malware.Agzz8qk-9769774-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55875 | MALWARE-OTHER Win.Malware.Bdld-9770176-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55876 | MALWARE-OTHER Win.Malware.Bdld-9770176-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55889 | MALWARE-OTHER PUA.Win.Adware.Browsefox-9771664-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55890 | MALWARE-OTHER PUA.Win.Adware.Browsefox-9771664-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55893 | MALWARE-OTHER Win.Worm.Vobfus-9771891-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55894 | MALWARE-OTHER Win.Worm.Vobfus-9771891-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55917 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1159 attack attempt (more info ...) | web-application-attack | URL | |||
| 55918 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4211 | URL | ||
| 55919 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4211 | URL | ||
| 55920 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4211 | URL | ||
| 55921 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4211 | URL | ||
| 55932 | SERVER-OTHER Oracle WebLogic malicious RemoteConstructor deserialization attempt (more info ...) | attempted-user | 2020-14644 | URL | ||
| 55933 | SERVER-OTHER Oracle WebLogic malicious RemoteConstructor deserialization attempt (more info ...) | attempted-user | 2020-14644 | URL | ||
| 55936 | MALWARE-OTHER PUA.Win.Adware.Perion-9775059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55937 | MALWARE-OTHER PUA.Win.Adware.Perion-9775059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55946 | MALWARE-OTHER PUA.Win.Adware.Opencandy-9775571-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55947 | MALWARE-OTHER PUA.Win.Adware.Opencandy-9775571-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55950 | MALWARE-OTHER PUA.Win.Adware.Opencandy-9775689-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55951 | MALWARE-OTHER PUA.Win.Adware.Opencandy-9775689-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55974 | MALWARE-OTHER Win.Packed.Clipbanker-9776642-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55975 | MALWARE-OTHER Win.Packed.Clipbanker-9776642-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55981 | SERVER-WEBAPP D-Link Central WiFi Manager CWM 100 command injection attempt (more info ...) | web-application-attack | 2019-13372 | URL | ||
| 55985 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1161 attack attempt (more info ...) | attempted-user | 2020-13544 | URL | ||
| 55986 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1161 attack attempt (more info ...) | attempted-user | 2020-13544 | URL | ||
| 55987 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1162 attack attempt (more info ...) | attempted-user | 2020-13545 | URL | ||
| 55988 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1162 attack attempt (more info ...) | attempted-user | 2020-13545 | URL | ||
| 55991 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1163 attack attempt (more info ...) | attempted-user | 2020-13546 | URL | ||
| 55992 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1163 attack attempt (more info ...) | attempted-user | 2020-13546 | URL | ||
| 56012 | MALWARE-OTHER Win.Ransomware.Nymaim-9778921-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56013 | MALWARE-OTHER Win.Ransomware.Nymaim-9778921-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56018 | MALWARE-OTHER Win.Ransomware.Nymaim-9779119-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56019 | MALWARE-OTHER Win.Ransomware.Nymaim-9779119-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56020 | MALWARE-OTHER Win.Ransomware.Cidox-9779147-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56021 | MALWARE-OTHER Win.Ransomware.Cidox-9779147-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56028 | MALWARE-OTHER Win.Ransomware.Refinka-9779255-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56029 | MALWARE-OTHER Win.Ransomware.Refinka-9779255-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56036 | MALWARE-OTHER Win.Malware.Ppatre-9779748-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56037 | MALWARE-OTHER Win.Malware.Ppatre-9779748-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56048 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1168 attack attempt (more info ...) | web-application-attack | 2020-13550 | URL | ||
| 56049 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1168 attack attempt (more info ...) | web-application-attack | 2020-13550 | URL | ||
| 56050 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1168 attack attempt (more info ...) | web-application-attack | 2020-13550 | URL | ||
| 56053 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1171 attack attempt (more info ...) | attempted-user | 2020-13557 | URL | ||
| 56054 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1171 attack attempt (more info ...) | attempted-user | 2020-13557 | URL | ||
| 56059 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2020-1170 attack attempt (more info ...) | attempted-user | 2020-13556 | URL | ||
| 56060 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2020-1170 attack attempt (more info ...) | attempted-user | 2020-13556 | URL | ||
| 56063 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1166 attack attempt (more info ...) | attempted-user | 2020-13548 | URL | ||
| 56064 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1166 attack attempt (more info ...) | attempted-user | 2020-13548 | URL | ||
| 56065 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1165 attack attempt (more info ...) | attempted-user | 2020-13547 | URL | ||
| 56066 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1165 attack attempt (more info ...) | attempted-user | 2020-13547 | URL | ||
| 56071 | MALWARE-OTHER Win.Malware.Estiwir-9780541-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56072 | MALWARE-OTHER Win.Malware.Estiwir-9780541-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56092 | MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56093 | MALWARE-OTHER Win.Dropper.NetWire-9781821-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56096 | MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56097 | MALWARE-OTHER Win.Dropper.Cerber-9782626-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56114 | MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56115 | MALWARE-OTHER Win.Packed.Generic-9783183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56122 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (more info ...) | attempted-user | 2021-21831 | URL | ||
| 56123 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1175 attack attempt (more info ...) | attempted-user | 2021-21831 | URL | ||
| 56126 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (more info ...) | attempted-user | 2020-13558 | URL | ||
| 56127 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1172 attack attempt (more info ...) | attempted-user | 2020-13558 | URL | ||
| 56138 | SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (more info ...) | web-application-attack | 2020-8195 | URL | ||
| 56143 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (more info ...) | attempted-user | 2020-13563 | URL | ||
| 56144 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (more info ...) | attempted-user | 2020-13563 | URL | ||
| 56145 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (more info ...) | attempted-user | 2020-13564 | URL | ||
| 56146 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1177 attack attempt (more info ...) | attempted-user | 2020-13564 | URL | ||
| 56147 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (more info ...) | web-application-attack | 2020-13568 | URL | ||
| 56148 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (more info ...) | web-application-attack | 2020-13568 | URL | ||
| 56149 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1179 attack attempt (more info ...) | web-application-attack | 2020-13568 | URL | ||
| 56152 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (more info ...) | web-application-attack | 2020-13565 | URL | ||
| 56153 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1178 attack attempt (more info ...) | web-application-attack | 2020-13565 | URL | ||
| 56154 | SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (more info ...) | attempted-user | 2020-15505 | URL | ||
| 56155 | SERVER-WEBAPP MobileIron Core & Connector remote code execution attempt (more info ...) | attempted-user | 2020-15505 | URL | ||
| 56158 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (more info ...) | attempted-user | 2020-13561 | URL | ||
| 56159 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (more info ...) | attempted-user | 2020-13561 | URL | ||
| 56160 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (more info ...) | attempted-user | 2020-13561 | URL | ||
| 56161 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1176 attack attempt (more info ...) | attempted-user | 2020-13561 | URL | ||
| 56162 | SERVER-WEBAPP Citrix ADC and Gateway information disclosure attempt (more info ...) | web-application-attack | 2020-8196 | URL | ||
| 56163 | MALWARE-OTHER Win.Dropper.PyVil download attempt (more info ...) | trojan-activity | URL | |||
| 56164 | MALWARE-OTHER Win.Dropper.PyVil download attempt (more info ...) | trojan-activity | URL | |||
| 56165 | MALWARE-OTHER Win.Dropper.PyVil download attempt (more info ...) | trojan-activity | URL | |||
| 56166 | MALWARE-OTHER Win.Dropper.PyVil outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56167 | MALWARE-OTHER Win.Dropper.PyVil download attempt (more info ...) | trojan-activity | URL | |||
| 56178 | MALWARE-OTHER Win.Malware.Upatre-9784988-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56179 | MALWARE-OTHER Win.Malware.Upatre-9784988-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56191 | MALWARE-OTHER Win.Malware.Upatre-9785658-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56192 | MALWARE-OTHER Win.Malware.Upatre-9785658-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56200 | SERVER-WEBAPP Oracle WebLogic Server command injection attempt (more info ...) | web-application-attack | 2020-14882 | URL | ||
| 56201 | SERVER-WEBAPP Oracle WebLogic Server command injection attempt (more info ...) | web-application-attack | 2020-14882 | URL | ||
| 56202 | SERVER-WEBAPP Oracle WebLogic Server command injection attempt (more info ...) | web-application-attack | 2020-14882 | URL | ||
| 56203 | SERVER-WEBAPP Oracle WebLogic Server command injection attempt (more info ...) | web-application-attack | 2020-14882 | URL | ||
| 56208 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1184 attack attempt (more info ...) | attempted-dos | 2020-13573 | URL | ||
| 56211 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1185 attack attempt (more info ...) | attempted-dos | 2020-13574 | URL | ||
| 56248 | MALWARE-OTHER Win.Dropper.Kuluoz-9789055-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56249 | MALWARE-OTHER Win.Dropper.Kuluoz-9789055-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56275 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1185 attack attempt (more info ...) | attempted-dos | 2020-13574 | URL | ||
| 56277 | MALWARE-OTHER Win.Trojan.Crat malicious document download (more info ...) | trojan-activity | URL | |||
| 56279 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56281 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56284 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56285 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56293 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56299 | MALWARE-OTHER Win.Downloader.Upatre-9789726-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56300 | MALWARE-OTHER Win.Downloader.Upatre-9789726-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56322 | MALWARE-OTHER PUA.Win.Adware.Adf67bab-9789932-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56323 | MALWARE-OTHER PUA.Win.Adware.Adf67bab-9789932-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56326 | MALWARE-OTHER Win.Malware.Fusioncoredownldr-9790249-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56327 | MALWARE-OTHER Win.Malware.Fusioncoredownldr-9790249-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56330 | MALWARE-OTHER PUA.Win.Adware.Rukoma-9792185-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56331 | MALWARE-OTHER PUA.Win.Adware.Rukoma-9792185-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56342 | MALWARE-OTHER Win.Malware.Magania-9793635-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56343 | MALWARE-OTHER Win.Malware.Magania-9793635-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56346 | MALWARE-OTHER PUA.Win.Adware.Icloader-9793684-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56347 | MALWARE-OTHER PUA.Win.Adware.Icloader-9793684-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56348 | MALWARE-OTHER Win.Malware.Chen-9793785-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56349 | MALWARE-OTHER Win.Malware.Chen-9793785-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56350 | MALWARE-OTHER Win.Malware.Magania-9793863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56351 | MALWARE-OTHER Win.Malware.Magania-9793863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56356 | MALWARE-OTHER Win.Malware.Magania-9794293-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56357 | MALWARE-OTHER Win.Malware.Magania-9794293-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56370 | MALWARE-OTHER Win.Trojan.GlitchPOS malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 56379 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (more info ...) | attempted-user | 2020-13584 | URL | ||
| 56380 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (more info ...) | attempted-user | 2020-13584 | URL | ||
| 56381 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (more info ...) | attempted-user | 2020-13584 | URL | ||
| 56382 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1195 attack attempt (more info ...) | attempted-user | 2020-13584 | URL | ||
| 56394 | MALWARE-OTHER Win.Malware.Ursu-9794593-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56395 | MALWARE-OTHER Win.Malware.Ursu-9794593-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56396 | MALWARE-OTHER Win.Malware.Zusy-9794604-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56397 | MALWARE-OTHER Win.Malware.Zusy-9794604-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56432 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4241 | URL | ||
| 56433 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4241 | URL | ||
| 56434 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4241 | URL | ||
| 56435 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4241 | URL | ||
| 56436 | SERVER-WEBAPP Atlassian Crowd pdkinstall plugin remote code execution attempt (more info ...) | web-application-attack | 2019-11580 | URL | ||
| 56439 | POLICY-OTHER Kubernetes Dashboard authentication bypass information disclosure attempt (more info ...) | policy-violation | 2018-18264 | URL | ||
| 56451 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1196 attack attempt (more info ...) | attempted-user | 2021-21774 | URL | ||
| 56452 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1196 attack attempt (more info ...) | attempted-user | 2021-21774 | URL | ||
| 56463 | MALWARE-OTHER Win.Worm.Morto-9797503-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56464 | MALWARE-OTHER Win.Worm.Morto-9797503-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56467 | MALWARE-OTHER PUA.Win.Downloader.Amonetize-9797772-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56468 | MALWARE-OTHER PUA.Win.Downloader.Amonetize-9797772-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56473 | MALWARE-OTHER Win.Malware.Budt-9798951-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56474 | MALWARE-OTHER Win.Malware.Budt-9798951-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56475 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1205 attack attempt (more info ...) | web-application-attack | 2020-27231 | URL | ||
| 56476 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1205 attack attempt (more info ...) | web-application-attack | 2020-27231 | URL | ||
| 56477 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1205 attack attempt (more info ...) | web-application-attack | 2020-27231 | URL | ||
| 56478 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1207 attack attempt (more info ...) | web-application-attack | 2020-27241 | URL | ||
| 56479 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1207 attack attempt (more info ...) | web-application-attack | 2020-27241 | URL | ||
| 56480 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1207 attack attempt (more info ...) | web-application-attack | 2020-27241 | URL | ||
| 56481 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1206 attack attempt (more info ...) | web-application-attack | 2020-27246 | URL | ||
| 56482 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1206 attack attempt (more info ...) | web-application-attack | 2020-27246 | URL | ||
| 56483 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1206 attack attempt (more info ...) | web-application-attack | 2020-27246 | URL | ||
| 56486 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1202 attack attempt (more info ...) | web-application-attack | 2020-27226 | URL | ||
| 56487 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1202 attack attempt (more info ...) | web-application-attack | 2020-27226 | URL | ||
| 56488 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1202 attack attempt (more info ...) | web-application-attack | 2020-27226 | URL | ||
| 56489 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1203 attack attempt (more info ...) | web-application-attack | 2020-27227 | URL | ||
| 56496 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1198 attack attempt (more info ...) | web-application-attack | 2020-13587 | URL | ||
| 56500 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1200 attack attempt (more info ...) | web-application-attack | 2020-13591 | URL | ||
| 56501 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1200 attack attempt (more info ...) | web-application-attack | 2020-13591 | URL | ||
| 56502 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1200 attack attempt (more info ...) | web-application-attack | 2020-13591 | URL | ||
| 56503 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1201 attack attempt (more info ...) | web-application-attack | 2020-13592 | URL | ||
| 56504 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1199 attack attempt (more info ...) | web-application-attack | 2020-13590 | URL | ||
| 56505 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1199 attack attempt (more info ...) | web-application-attack | 2020-13590 | URL | ||
| 56506 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1199 attack attempt (more info ...) | web-application-attack | 2020-13590 | URL | ||
| 56507 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1186 attack attempt (more info ...) | attempted-dos | 2020-13575 | URL | ||
| 56508 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1186 attack attempt (more info ...) | attempted-dos | 2020-13575 | URL | ||
| 56509 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1187 attack attempt (more info ...) | attempted-user | 2020-13576 | URL | ||
| 56510 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1187 attack attempt (more info ...) | attempted-user | 2020-13576 | URL | ||
| 56520 | SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt (more info ...) | web-application-attack | 2019-7192 | |||
| 56521 | SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt (more info ...) | web-application-attack | 2019-7192 | |||
| 56522 | SERVER-WEBAPP QNAP QTS and Photo Station directory traversal attempt (more info ...) | web-application-attack | ||||
| 56531 | MALWARE-OTHER Win.Trojan.IcedId payload download attempt (more info ...) | trojan-activity | URL | |||
| 56532 | SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt (more info ...) | web-application-attack | 2020-10619 | URL | ||
| 56533 | SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt (more info ...) | web-application-attack | 2020-10619 | URL | ||
| 56534 | SERVER-WEBAPP Advantech WebAccess NMS directory traversal attempt (more info ...) | web-application-attack | 2020-10619 | URL | ||
| 56537 | MALWARE-OTHER Win.Malware.Dexter POS variant download attempt (more info ...) | trojan-activity | URL | |||
| 56538 | MALWARE-OTHER Win.Malware.Dexter POS variant download attempt (more info ...) | trojan-activity | URL | |||
| 56546 | MALWARE-OTHER Win.Trojan.Alina variant download attempt (more info ...) | trojan-activity | URL | |||
| 56547 | MALWARE-OTHER Win.Trojan.Alina variant download attempt (more info ...) | trojan-activity | URL | |||
| 56548 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1209 attack attempt (more info ...) | attempted-user | URL | |||
| 56549 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1209 attack attempt (more info ...) | attempted-user | URL | |||
| 56550 | SERVER-WEBAPP Ruckus IoT Controller Web UI authentication bypass attempt (more info ...) | web-application-attack | 2020-26879 | |||
| 56551 | SERVER-WEBAPP Ruckus IoT Controller Web UI OS username command injection attempt (more info ...) | web-application-attack | 2020-26878 | |||
| 56552 | MALWARE-OTHER TRUFFLEHUNTER SFVRT-1042 attack attempt (more info ...) | trojan-activity | ||||
| 56553 | MALWARE-OTHER TRUFFLEHUNTER SFVRT-1042 attack attempt (more info ...) | trojan-activity | ||||
| 56555 | MALWARE-OTHER Win.Trojan.RegretLocker malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 56556 | MALWARE-OTHER Win.Trojan.RegretLocker malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 56566 | MALWARE-TOOLS Win.Trojan.AnchorInstaller variant download attempt (more info ...) | trojan-activity | URL | |||
| 56570 | MALWARE-TOOLS Win.Trojan.Memscraper variant download attempt (more info ...) | trojan-activity | URL | |||
| 56578 | MALWARE-OTHER Lokibot download attempt (more info ...) | trojan-activity | URL | |||
| 56579 | SERVER-WEBAPP Belkin Wemo Insight Smart Plug libUPnPHndlr.so stack buffer overflow attempt (more info ...) | attempted-user | 2018-6692 | URL | ||
| 56586 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2019-8394 | URL | ||
| 56594 | MALWARE-BACKDOOR MultiOS.Malware.GORAT malware download attempt (more info ...) | trojan-activity | URL | |||
| 56595 | MALWARE-BACKDOOR MultiOS.Malware.GORAT malware download attempt (more info ...) | trojan-activity | URL | |||
| 56608 | MALWARE-OTHER Cobalt Strike beacon inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56609 | MALWARE-OTHER Cobalt Strike beacon outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56610 | MALWARE-OTHER Cobalt Strike beacon outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56611 | MALWARE-OTHER Cobalt Strike beacon outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56614 | MALWARE-BACKDOOR Cobalt Strike beacon connection attempt (more info ...) | trojan-activity | URL | |||
| 56624 | SERVER-WEBAPP rConfig command injection attempt (more info ...) | web-application-attack | 2020-10879 | URL | ||
| 56625 | SERVER-WEBAPP rConfig command injection attempt (more info ...) | web-application-attack | 2020-10879 | URL | ||
| 56626 | SERVER-WEBAPP rConfig command injection attempt (more info ...) | web-application-attack | 2020-10879 | URL | ||
| 56627 | SERVER-WEBAPP rConfig command injection attempt (more info ...) | web-application-attack | 2020-10879 | URL | ||
| 56636 | MALWARE-OTHER Win.Dropper.Cerber-9806289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56637 | MALWARE-OTHER Win.Dropper.Cerber-9806289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56642 | MALWARE-OTHER Win.Packed.Upantix-9807018-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56643 | MALWARE-OTHER Win.Packed.Upantix-9807018-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56644 | MALWARE-OTHER Win.Dropper.Nanocore-9807037-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56645 | MALWARE-OTHER Win.Dropper.Nanocore-9807037-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56650 | MALWARE-OTHER Win.Adware.Esprot-9807942-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56651 | MALWARE-OTHER Win.Adware.Esprot-9807942-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56652 | MALWARE-OTHER PUA.Win.Adware.Esprot-9807946-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56653 | MALWARE-OTHER PUA.Win.Adware.Esprot-9807946-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56658 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1214 attack attempt (more info ...) | attempted-user | 2020-27648 | URL | ||
| 56659 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2020-1214 attack attempt (more info ...) | attempted-user | 2020-27648 | URL | ||
| 56671 | MALWARE-OTHER Win.Packed.Zeroaccess-9809114-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56672 | MALWARE-OTHER Win.Packed.Zeroaccess-9809114-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56685 | MALWARE-OTHER Win.Malware.Magania-9809290-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56686 | MALWARE-OTHER Win.Malware.Magania-9809290-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56721 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1213 attack attempt (more info ...) | attempted-user | 2020-28590 | URL | ||
| 56722 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1213 attack attempt (more info ...) | attempted-user | 2020-28590 | URL | ||
| 56723 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1215 attack attempt (more info ...) | attempted-user | 2020-28591 | URL | ||
| 56724 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1215 attack attempt (more info ...) | attempted-user | 2020-28591 | URL | ||
| 56725 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1218 attack attempt (more info ...) | attempted-user | 2020-28594 | URL | ||
| 56726 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1218 attack attempt (more info ...) | attempted-user | 2020-28594 | URL | ||
| 56727 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1219 attack attempt (more info ...) | attempted-user | 2020-28595 | URL | ||
| 56728 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1219 attack attempt (more info ...) | attempted-user | 2020-28595 | URL | ||
| 56732 | MALWARE-OTHER Win.Packed.Zeroaccess-9811539-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56733 | MALWARE-OTHER Win.Packed.Zeroaccess-9811539-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56746 | MALWARE-OTHER Win.Malware.Ulise-9811997-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56747 | MALWARE-OTHER Win.Malware.Ulise-9811997-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56756 | MALWARE-OTHER Win.Packed.Zusy-9812442-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56757 | MALWARE-OTHER Win.Packed.Zusy-9812442-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56764 | MALWARE-OTHER Win.Malware.3400da6c-9812978-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56765 | MALWARE-OTHER Win.Malware.3400da6c-9812978-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56772 | MALWARE-OTHER Win.Malware.Qbot variant download attempt (more info ...) | trojan-activity | URL | |||
| 56773 | MALWARE-OTHER Win.Malware.Qbot variant download attempt (more info ...) | trojan-activity | URL | |||
| 56776 | MALWARE-OTHER Win.Packed.Gamarue-9811452-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56777 | MALWARE-OTHER Win.Packed.Gamarue-9811452-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56805 | MALWARE-OTHER Win.Malware.Yddld-9815757-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56806 | MALWARE-OTHER Win.Malware.Yddld-9815757-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56809 | MALWARE-OTHER Win.Malware.Yddld-9816553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56810 | MALWARE-OTHER Win.Malware.Yddld-9816553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56815 | MALWARE-OTHER Win.Packed.Trojanx-9818175-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56816 | MALWARE-OTHER Win.Packed.Trojanx-9818175-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56822 | SERVER-WEBAPP Grafana Labs Grafana denial of service attempt (more info ...) | denial-of-service | 2020-13379 | URL | ||
| 56826 | SERVER-WEBAPP SolarWinds Orion authentication bypass attempt (more info ...) | web-application-attack | 2020-10148 | URL | ||
| 56827 | SERVER-WEBAPP SolarWinds Orion authentication bypass attempt (more info ...) | web-application-attack | 2020-10148 | URL | ||
| 56828 | SERVER-WEBAPP SolarWinds Orion authentication bypass attempt (more info ...) | web-application-attack | 2020-10148 | URL | ||
| 56829 | SERVER-WEBAPP SolarWinds Orion authentication bypass attempt (more info ...) | web-application-attack | 2020-10148 | URL | ||
| 56836 | MALWARE-OTHER Win.Trojan.TroubleGrabber external tools download attempt (more info ...) | trojan-activity | URL | |||
| 56837 | MALWARE-OTHER Win.Trojan.TroubleGrabber external tools download attempt (more info ...) | trojan-activity | URL | |||
| 56847 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1222 attack attempt (more info ...) | attempted-user | 2020-28598 | URL | ||
| 56848 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1222 attack attempt (more info ...) | attempted-user | 2020-28598 | URL | ||
| 56887 | MALWARE-BACKDOOR Win.Trojan.BumbleBee webshell access detected (more info ...) | trojan-activity | URL | |||
| 56888 | MALWARE-BACKDOOR Win.Trojan.BumbleBee webshell transfer attempt (more info ...) | trojan-activity | URL | |||
| 56889 | MALWARE-BACKDOOR Win.Trojan.BumbleBee webshell access detected (more info ...) | trojan-activity | ||||
| 56890 | MALWARE-BACKDOOR Win.Trojan.BumbleBee webshell transfer attempt (more info ...) | trojan-activity | URL | |||
| 56916 | SERVER-WEBAPP SolarWinds Orion authentication bypass attempt (more info ...) | web-application-attack | 2020-10148 | URL | ||
| 56917 | SERVER-WEBAPP SolarWinds Orion authentication bypass attempt (more info ...) | web-application-attack | 2020-10148 | URL | ||
| 56924 | MALWARE-OTHER Win.Malware.Emotet-9822370-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56925 | MALWARE-OTHER Win.Malware.Emotet-9822370-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56926 | MALWARE-TOOLS Win.Trojan.Trickbot Trickboot module download attempt (more info ...) | trojan-activity | URL | |||
| 56927 | MALWARE-TOOLS Win.Trojan.Trickbot Trickboot module download attempt (more info ...) | trojan-activity | URL | |||
| 56928 | MALWARE-TOOLS Win.Trojan.Trickbot Trickboot module download attempt (more info ...) | trojan-activity | URL | |||
| 56929 | MALWARE-TOOLS Win.Trojan.Trickbot Trickboot module download attempt (more info ...) | trojan-activity | URL | |||
| 56930 | MALWARE-OTHER Win.Trojan.FANCYBEAR variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56931 | MALWARE-OTHER Win.Trojan.FANCYBEAR variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56932 | MALWARE-OTHER Win.Trojan.FANCYBEAR variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56933 | MALWARE-OTHER Win.Trojan.FANCYBEAR variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56934 | SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt (more info ...) | web-application-attack | 2020-15901 | URL | ||
| 56935 | SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt (more info ...) | web-application-attack | 2020-15901 | URL | ||
| 56936 | SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt (more info ...) | web-application-attack | 2020-15901 | URL | ||
| 56937 | SERVER-WEBAPP Nagios XI ajaxhelper command injection attempt (more info ...) | web-application-attack | 2020-15901 | URL | ||
| 56948 | MALWARE-OTHER Win.Malware.Stantinko-9822477-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56949 | MALWARE-OTHER Win.Malware.Stantinko-9822477-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56967 | MALWARE-OTHER Win.Packed.Upatre-9823253-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56968 | MALWARE-OTHER Win.Packed.Upatre-9823253-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56983 | MALWARE-OTHER Win.Malware.Emotet-9823901-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56984 | MALWARE-OTHER Win.Malware.Emotet-9823901-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56994 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1226 attack attempt (more info ...) | attempted-user | 2021-21772 | URL | ||
| 56995 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1226 attack attempt (more info ...) | attempted-user | 2021-21772 | URL | ||
| 57000 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1224 attack attempt (more info ...) | attempted-user | 2020-28600 | URL | ||
| 57001 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1224 attack attempt (more info ...) | attempted-user | 2020-28600 | URL | ||
| 57002 | SERVER-WEBAPP Belkin Wemo UPnP cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 57003 | MALWARE-OTHER Win.Ransomware.Generickdz-9825516-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57004 | MALWARE-OTHER Win.Ransomware.Generickdz-9825516-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57007 | MALWARE-OTHER Win.Dropper.Demp-9825500-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57008 | MALWARE-OTHER Win.Dropper.Demp-9825500-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57011 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57012 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57013 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57014 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57015 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57016 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57017 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57018 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1227 attack attempt (more info ...) | attempted-user | 2021-21773 | URL | ||
| 57031 | MALWARE-OTHER Win.Trojan.Zbot-9826061-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57032 | MALWARE-OTHER Win.Trojan.Zbot-9826061-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57039 | MALWARE-OTHER Win.Malware.Karagany-9826730-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57040 | MALWARE-OTHER Win.Malware.Karagany-9826730-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57045 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1229 attack attempt (more info ...) | attempted-user | 2021-21775 | URL | ||
| 57046 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1229 attack attempt (more info ...) | attempted-user | 2021-21775 | URL | ||
| 57059 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1233 attack attempt (more info ...) | attempted-user | URL | |||
| 57060 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1233 attack attempt (more info ...) | attempted-user | URL | |||
| 57061 | OS-WINDOWS GDI+ printer out of bounds write attempt (more info ...) | attempted-user | 2021-1648 | URL | ||
| 57062 | OS-WINDOWS GDI+ printer out of bounds write attempt (more info ...) | attempted-user | 2021-1648 | URL | ||
| 57111 | SERVER-OTHER OpenSLP slp_process.c heap overflow attempt (more info ...) | attempted-user | 2019-5544 | URL | ||
| 57112 | SERVER-OTHER OpenSLP slp_process.c heap overflow attempt (more info ...) | attempted-user | 2019-5544 | URL | ||
| 57115 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (more info ...) | attempted-admin | URL | |||
| 57116 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (more info ...) | attempted-admin | URL | |||
| 57117 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (more info ...) | attempted-admin | URL | |||
| 57118 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1237 attack attempt (more info ...) | attempted-admin | URL | |||
| 57119 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1231 attack attempt (more info ...) | attempted-admin | URL | |||
| 57120 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1231 attack attempt (more info ...) | attempted-admin | URL | |||
| 57121 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1230 attack attempt (more info ...) | attempted-admin | URL | |||
| 57122 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1230 attack attempt (more info ...) | attempted-admin | URL | |||
| 57124 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1244 attack attempt (more info ...) | attempted-user | 2021-21782 | URL | ||
| 57125 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1244 attack attempt (more info ...) | attempted-user | 2021-21782 | URL | ||
| 57126 | SERVER-WEBAPP Monstra CMS cross-site scripting attempt (more info ...) | attempted-user | 2018-11472 | |||
| 57127 | SERVER-WEBAPP Monstra CMS cross-site scripting attempt (more info ...) | attempted-user | 2018-11472 | |||
| 57134 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1238 attack attempt (more info ...) | attempted-user | 2021-21779 | URL | ||
| 57135 | BROWSER-WEBKIT TRUFFLEHUNTER TALOS-2021-1238 attack attempt (more info ...) | attempted-user | 2021-21779 | URL | ||
| 57139 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1247 attack attempt (more info ...) | attempted-user | URL | |||
| 57140 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1247 attack attempt (more info ...) | attempted-user | URL | |||
| 57154 | MALWARE-OTHER Win.Trojan.Masslogger download request attempt (more info ...) | trojan-activity | ||||
| 57158 | SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt (more info ...) | attempted-admin | 2021-2109 | URL | ||
| 57159 | SERVER-WEBAPP Oracle WebLogic consolejndi remote code execution attempt (more info ...) | attempted-admin | 2021-2109 | URL | ||
| 57161 | SERVER-OTHER SolarWinds Orion MSMQ remote code execution attempt (more info ...) | attempted-admin | 2021-25274 | |||
| 57166 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1249 attack attempt (more info ...) | attempted-user | URL | |||
| 57167 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1249 attack attempt (more info ...) | attempted-user | URL | |||
| 57176 | SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt (more info ...) | attempted-user | 2018-1156 | URL | ||
| 57177 | SERVER-WEBAPP MikroTik RouterOS buffer overflow attempt (more info ...) | attempted-user | 2018-1156 | URL | ||
| 57178 | SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt (more info ...) | attempted-user | 2018-11473 | |||
| 57179 | SERVER-WEBAPP Monstra CMS registration form cross site scripting attempt (more info ...) | attempted-user | 2018-11473 | |||
| 57182 | SERVER-WEBAPP VMware administrative configurator component command injection attempt (more info ...) | web-application-attack | 2020-4006 | |||
| 57183 | SERVER-WEBAPP VMware administrative configurator component command injection attempt (more info ...) | web-application-attack | 2020-4006 | |||
| 57184 | SERVER-WEBAPP VMware administrative configurator component command injection attempt (more info ...) | web-application-attack | 2020-4006 | |||
| 57185 | SERVER-WEBAPP VMware administrative configurator component command injection attempt (more info ...) | web-application-attack | 2020-4006 | |||
| 57186 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1250 attack attempt (more info ...) | attempted-admin | URL | |||
| 57187 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1250 attack attempt (more info ...) | attempted-admin | URL | |||
| 57189 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2021-1255 attack attempt (more info ...) | attempted-recon | 2021-21792 | URL | ||
| 57190 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2021-1255 attack attempt (more info ...) | attempted-recon | 2021-21792 | URL | ||
| 57197 | SERVER-OTHER Multiple products outbound HTTP request to SIP port and potential NAT slipstreaming attack attempt (more info ...) | misc-attack | URL | |||
| 57198 | SERVER-OTHER Multiple products outbound HTTP request to H.323 port and potential NAT slipstreaming attack attempt (more info ...) | misc-attack | URL | |||
| 57199 | SERVER-OTHER Multiple products outbound HTTP request to SIP port and potential NAT slipstreaming attack attempt (more info ...) | misc-attack | URL | |||
| 57200 | SERVER-OTHER Multiple products outbound HTTP request to H.323 port and potential NAT slipstreaming attack attempt (more info ...) | misc-attack | URL | |||
| 57201 | SERVER-OTHER SolarWinds Orion platform unrestricted database access attempt (more info ...) | attempted-user | 2021-25275 | URL | ||
| 57202 | SERVER-OTHER SolarWinds Orion platform unrestricted database access attempt (more info ...) | attempted-user | 2021-25275 | URL | ||
| 57217 | SERVER-WEBAPP SAP Solution Manager EEM uploadResource command execution attempt (more info ...) | attempted-admin | 2020-6207 | URL | ||
| 57218 | SERVER-WEBAPP SAP Solution Manager EEM uploadResource server side request forgery attempt (more info ...) | web-application-attack | 2020-6207 | URL | ||
| 57224 | SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 57225 | SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 57226 | SERVER-WEBAPP Trend Micro Control Manager directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 57227 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1225 attack attempt (more info ...) | attempted-user | 2020-28601 | URL | ||
| 57228 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1225 attack attempt (more info ...) | attempted-user | 2020-28601 | URL | ||
| 57229 | SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt (more info ...) | attempted-admin | 2021-21972 | URL | ||
| 57230 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1223 attack attempt (more info ...) | attempted-user | 2020-28599 | URL | ||
| 57231 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1223 attack attempt (more info ...) | attempted-user | 2020-28599 | URL | ||
| 57248 | MALWARE-OTHER Win.Ransomware.ColdChristmas variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57249 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1257 attack attempt (more info ...) | attempted-user | 2021-21793 | URL | ||
| 57250 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1257 attack attempt (more info ...) | attempted-user | 2021-21793 | URL | ||
| 57266 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1262 attack attempt (more info ...) | attempted-admin | URL | |||
| 57267 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1262 attack attempt (more info ...) | attempted-admin | URL | |||
| 57270 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (more info ...) | attempted-user | 2021-21794 | URL | ||
| 57271 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (more info ...) | attempted-user | 2021-21794 | URL | ||
| 57272 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (more info ...) | attempted-user | 2021-21794 | URL | ||
| 57273 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1261 attack attempt (more info ...) | attempted-user | 2021-21794 | URL | ||
| 57284 | MALWARE-BACKDOOR DEWMODE webshell upload attempt (more info ...) | attempted-user | URL | |||
| 57285 | MALWARE-BACKDOOR DEWMODE webshell cleanup attempt (more info ...) | attempted-user | URL | |||
| 57286 | MALWARE-BACKDOOR DEWMODE webshell cleanup attempt (more info ...) | attempted-user | URL | |||
| 57287 | MALWARE-BACKDOOR DEWMODE webshell file download attempt (more info ...) | attempted-user | URL | |||
| 57288 | MALWARE-BACKDOOR DEWMODE webshell file download attempt (more info ...) | attempted-user | URL | |||
| 57289 | MALWARE-BACKDOOR DEWMODE webshell outbound connection attempt (more info ...) | attempted-user | URL | |||
| 57290 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1270 attack attempt (more info ...) | attempted-user | 2021-21799 | URL | ||
| 57291 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1270 attack attempt (more info ...) | attempted-user | 2021-21799 | URL | ||
| 57292 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1271 attack attempt (more info ...) | attempted-user | 2021-21800 | URL | ||
| 57293 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1271 attack attempt (more info ...) | attempted-user | 2021-21800 | URL | ||
| 57294 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1265 attack attempt (more info ...) | attempted-user | 2021-21796 | URL | ||
| 57295 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1265 attack attempt (more info ...) | attempted-user | 2021-21796 | URL | ||
| 57296 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1267 attack attempt (more info ...) | attempted-user | 2021-21798 | URL | ||
| 57297 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1267 attack attempt (more info ...) | attempted-user | 2021-21798 | URL | ||
| 57298 | SERVER-WEBAPP F5 iControl REST interface command injection attempt (more info ...) | web-application-attack | 2021-22986 | URL | ||
| 57301 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1264 attack attempt (more info ...) | attempted-user | 2021-21795 | URL | ||
| 57302 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1264 attack attempt (more info ...) | attempted-user | 2021-21795 | URL | ||
| 57303 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1266 attack attempt (more info ...) | attempted-user | 2021-21797 | URL | ||
| 57304 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1266 attack attempt (more info ...) | attempted-user | 2021-21797 | URL | ||
| 57305 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1272 attack attempt (more info ...) | attempted-user | 2021-21803 | URL | ||
| 57306 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1272 attack attempt (more info ...) | attempted-user | 2021-21803 | URL | ||
| 57307 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1274 attack attempt (more info ...) | web-application-attack | 2021-21805 | URL | ||
| 57308 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1274 attack attempt (more info ...) | web-application-attack | 2021-21805 | URL | ||
| 57309 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1274 attack attempt (more info ...) | web-application-attack | 2021-21805 | URL | ||
| 57314 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57315 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57316 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57317 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57318 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57319 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57320 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57321 | MALWARE-BACKDOOR Asp.Trojan.Hafnium web shell upload attempt (more info ...) | attempted-admin | ||||
| 57323 | MALWARE-OTHER Win.Ransomware.DoejoCrypt variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57324 | SERVER-WEBAPP Netis WF2419 router command injection attempt (more info ...) | web-application-attack | 2019-19356 | URL | ||
| 57326 | SERVER-WEBAPP Netis WF2419 router command injection attempt (more info ...) | web-application-attack | 2019-19356 | URL | ||
| 57327 | SERVER-WEBAPP Netis WF2419 router command injection attempt (more info ...) | web-application-attack | 2019-19356 | URL | ||
| 57332 | SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt (more info ...) | web-application-attack | 2020-26919 | URL | ||
| 57334 | SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt (more info ...) | web-application-attack | 2020-26919 | URL | ||
| 57335 | SERVER-WEBAPP Netgear ProSAFE Plus unauthenticated command injection attempt (more info ...) | web-application-attack | 2020-26919 | URL | ||
| 57337 | SERVER-WEBAPP F5 iControl REST interface ssrf attempt (more info ...) | web-application-attack | 2021-22986 | URL | ||
| 57338 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1273 attack attempt (more info ...) | web-application-attack | 2021-21804 | URL | ||
| 57339 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1273 attack attempt (more info ...) | web-application-attack | 2021-21804 | URL | ||
| 57361 | MALWARE-BACKDOOR PAS webshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57362 | MALWARE-BACKDOOR PAS webshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57363 | MALWARE-BACKDOOR PAS webshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57364 | MALWARE-BACKDOOR PAS webshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57367 | SERVER-WEBAPP Yealink Device Management server side request forgery attempt (more info ...) | attempted-admin | 2021-27562 | URL | ||
| 57371 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (more info ...) | web-application-attack | 2021-21809 | URL | ||
| 57372 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (more info ...) | web-application-attack | 2021-21809 | URL | ||
| 57373 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (more info ...) | web-application-attack | 2021-21809 | URL | ||
| 57374 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1277 attack attempt (more info ...) | web-application-attack | 2021-21809 | URL | ||
| 57377 | SERVER-ORACLE Oracle Weblogic ExternalizableLite T3 remote code execution attempt (more info ...) | attempted-user | 2020-14756 | |||
| 57378 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1275 attack attempt (more info ...) | attempted-user | 2021-21807 | URL | ||
| 57379 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1275 attack attempt (more info ...) | attempted-user | 2021-21807 | URL | ||
| 57389 | SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt (more info ...) | web-application-attack | 2020-16245 | URL | ||
| 57390 | SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt (more info ...) | web-application-attack | 2020-16245 | URL | ||
| 57391 | SERVER-WEBAPP Advantech iView DeviceTreeTable directory traversal attempt (more info ...) | web-application-attack | 2020-16245 | URL | ||
| 57406 | SERVER-WEBAPP Palo Alto Networks management interface command injection attempt (more info ...) | web-application-attack | 2020-2038 | |||
| 57407 | SERVER-WEBAPP Palo Alto Networks management interface command injection attempt (more info ...) | web-application-attack | 2020-2038 | |||
| 57408 | SERVER-WEBAPP Palo Alto Networks management interface command injection attempt (more info ...) | web-application-attack | 2020-2038 | |||
| 57409 | SERVER-WEBAPP Palo Alto Networks management interface command injection attempt (more info ...) | web-application-attack | 2020-2038 | |||
| 57427 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1157 attack attempt (more info ...) | attempted-user | 2020-24435 | URL | ||
| 57428 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1157 attack attempt (more info ...) | attempted-user | 2020-24435 | URL | ||
| 57436 | SERVER-WEBAPP VMware View Planner logupload directory traversal attempt (more info ...) | web-application-attack | 2021-21978 | |||
| 57437 | SERVER-WEBAPP VMware View Planner logupload directory traversal attempt (more info ...) | web-application-attack | 2021-21978 | |||
| 57438 | SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt (more info ...) | web-application-attack | 2021-21978 | |||
| 57439 | SERVER-WEBAPP VMware View Planner logupload arbitrary file upload attempt (more info ...) | web-application-attack | 2021-21978 | |||
| 57442 | SERVER-WEBAPP Terramaster TOS command injection attempt (more info ...) | web-application-attack | 2020-28188 | URL | ||
| 57443 | SERVER-WEBAPP Terramaster TOS command injection attempt (more info ...) | web-application-attack | 2020-28188 | URL | ||
| 57444 | SERVER-WEBAPP Terramaster TOS command injection attempt (more info ...) | web-application-attack | 2020-28188 | URL | ||
| 57445 | SERVER-WEBAPP Terramaster TOS command injection attempt (more info ...) | web-application-attack | 2020-28188 | URL | ||
| 57449 | SERVER-WEBAPP F5 TMM crafted IPv6 URI buffer overflow attempt (more info ...) | attempted-user | 2021-22991 | URL | ||
| 57452 | SERVER-WEBAPP Pulse Connect Secure template injection attempt (more info ...) | attempted-admin | 2020-8243 | URL | ||
| 57453 | SERVER-WEBAPP Pulse Connect Secure remote code execution attempt (more info ...) | attempted-admin | 2020-8243 | URL | ||
| 57454 | POLICY-OTHER Pulse Connect Secure vulnerable URI access attempt (more info ...) | misc-activity | 2021-22893 | URL | ||
| 57455 | POLICY-OTHER Pulse Connect Secure vulnerable URI access attempt (more info ...) | misc-activity | 2021-22893 | URL | ||
| 57456 | POLICY-OTHER Pulse Connect Secure vulnerable URI access attempt (more info ...) | misc-activity | 2021-22893 | URL | ||
| 57457 | POLICY-OTHER Pulse Connect Secure vulnerable URI access attempt (more info ...) | misc-activity | 2021-22893 | URL | ||
| 57458 | POLICY-OTHER Pulse Connect Secure vulnerable URI access attempt (more info ...) | misc-activity | 2021-22893 | URL | ||
| 57459 | POLICY-OTHER Pulse Connect Secure gzip configuration upload (more info ...) | misc-activity | 2020-8260 | |||
| 57461 | MALWARE-BACKDOOR Perl.Backdoor.PULSECHECK variant cnc connection (more info ...) | trojan-activity | URL | |||
| 57462 | MALWARE-BACKDOOR Perl.Backdoor.STEADYPULSE webshell variant access (more info ...) | trojan-activity | URL | |||
| 57463 | MALWARE-BACKDOOR Perl.Backdoor.STEADYPULSE webshell variant access (more info ...) | trojan-activity | URL | |||
| 57464 | MALWARE-BACKDOOR Perl.Backdoor.HARDPULSE variant inbound cnc connection (more info ...) | trojan-activity | URL | |||
| 57465 | MALWARE-BACKDOOR Perl.Backdoor.STEADYPULSE variant inbound cnc connection (more info ...) | trojan-activity | URL | |||
| 57466 | MALWARE-BACKDOOR Perl.Backdoor.ATRIUM variant inbound cnc connection (more info ...) | trojan-activity | URL | |||
| 57467 | MALWARE-BACKDOOR Perl.Backdoor.SLIGHTPULSE variant inbound cnc connection (more info ...) | trojan-activity | URL | |||
| 57468 | MALWARE-BACKDOOR Perl.Backdoor.SLIGHTPULSE variant inbound cnc connection (more info ...) | trojan-activity | URL | |||
| 57469 | MALWARE-OTHER Win.Malware.Agent malicious script payload download attempt (more info ...) | attempted-user | URL | |||
| 57470 | MALWARE-OTHER Win.Malware.Agent malicious script payload download attempt (more info ...) | attempted-user | URL | |||
| 57471 | MALWARE-OTHER Win.Malware.LemonDuck variant payload download attempt (more info ...) | attempted-user | URL | |||
| 57472 | MALWARE-OTHER Win.Malware.LemonDuck variant payload download attempt (more info ...) | attempted-user | URL | |||
| 57473 | MALWARE-OTHER Win.Malware.LemonDuck variant payload download attempt (more info ...) | attempted-user | URL | |||
| 57475 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1284 attack attempt (more info ...) | attempted-user | 2021-21820 | URL | ||
| 57476 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1284 attack attempt (more info ...) | attempted-user | 2021-21820 | URL | ||
| 57479 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (more info ...) | attempted-user | 2021-21870 | URL | ||
| 57480 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (more info ...) | attempted-user | 2021-21870 | URL | ||
| 57481 | SERVER-WEBAPP ManageEngine OpManager directory traversal attempt (more info ...) | web-application-attack | 2021-20078 | URL | ||
| 57482 | SERVER-WEBAPP ManageEngine OpManager directory traversal attempt (more info ...) | web-application-attack | 2021-20078 | URL | ||
| 57483 | SERVER-WEBAPP ManageEngine OpManager directory traversal attempt (more info ...) | web-application-attack | 2021-20078 | URL | ||
| 57497 | INDICATOR-COMPROMISE Outbound request for known ProxyLogon cryptomining payload (more info ...) | misc-attack | URL | |||
| 57498 | INDICATOR-COMPROMISE Inbound request for known ProxyLogon cryptomining payload (more info ...) | misc-attack | URL | |||
| 57501 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1289 attack attempt (more info ...) | attempted-user | 2021-21824 | URL | ||
| 57502 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1289 attack attempt (more info ...) | attempted-user | 2021-21824 | URL | ||
| 57505 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1279 attack attempt (more info ...) | attempted-user | 2021-21811 | URL | ||
| 57506 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1279 attack attempt (more info ...) | attempted-user | 2021-21811 | URL | ||
| 57507 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1278 attack attempt (more info ...) | attempted-user | 2021-21810 | URL | ||
| 57508 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1278 attack attempt (more info ...) | attempted-user | 2021-21810 | URL | ||
| 57541 | MALWARE-BACKDOOR Perl.Backdoor.ATRIUM variant inbound cnc connection (more info ...) | trojan-activity | URL | |||
| 57546 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1295 attack attempt (more info ...) | attempted-user | 2021-21832 | URL | ||
| 57547 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1295 attack attempt (more info ...) | attempted-user | 2021-21832 | URL | ||
| 57585 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57586 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57587 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57588 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57589 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57590 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57591 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57592 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57593 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57594 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57595 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57596 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57597 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57598 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57599 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57600 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57601 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57602 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57603 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57604 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1304 attack attempt (more info ...) | attempted-user | 2021-21867 | URL | ||
| 57607 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21853 | URL | ||
| 57608 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21854 | URL | ||
| 57609 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21855 | URL | ||
| 57610 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21856 | URL | ||
| 57611 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21857 | URL | ||
| 57612 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21858 | URL | ||
| 57613 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21853 | URL | ||
| 57614 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21854 | URL | ||
| 57615 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21855 | URL | ||
| 57616 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21856 | URL | ||
| 57617 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21857 | URL | ||
| 57618 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1299 attack attempt (more info ...) | attempted-user | 2021-21858 | URL | ||
| 57619 | INDICATOR-SHELLCODE TRUFFLEHUNTER TALOS-2021-1300 attack attempt (more info ...) | attempted-user | 2021-21869 | URL | ||
| 57620 | INDICATOR-SHELLCODE TRUFFLEHUNTER TALOS-2021-1300 attack attempt (more info ...) | attempted-user | 2021-21869 | URL | ||
| 57621 | MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57622 | MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57623 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21859 | URL | ||
| 57624 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21859 | URL | ||
| 57625 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21860 | URL | ||
| 57626 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21860 | URL | ||
| 57627 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21861 | URL | ||
| 57628 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21861 | URL | ||
| 57629 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21862 | URL | ||
| 57630 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (more info ...) | attempted-user | 2021-21862 | URL | ||
| 57635 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21834 | URL | ||
| 57636 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21834 | URL | ||
| 57637 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21835 | URL | ||
| 57638 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21835 | URL | ||
| 57639 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21836 | URL | ||
| 57640 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21836 | URL | ||
| 57641 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21837 | URL | ||
| 57642 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21837 | URL | ||
| 57643 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21838 | URL | ||
| 57644 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21838 | URL | ||
| 57645 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21839 | URL | ||
| 57646 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21839 | URL | ||
| 57647 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21840 | URL | ||
| 57648 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21840 | URL | ||
| 57649 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21841 | URL | ||
| 57650 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21841 | URL | ||
| 57651 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21842 | URL | ||
| 57652 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21842 | URL | ||
| 57653 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21843 | URL | ||
| 57654 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21843 | URL | ||
| 57655 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21844 | URL | ||
| 57656 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21844 | URL | ||
| 57657 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21845 | URL | ||
| 57658 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21845 | URL | ||
| 57659 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21846 | URL | ||
| 57660 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21846 | URL | ||
| 57661 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21847 | URL | ||
| 57662 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21847 | URL | ||
| 57663 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21848 | URL | ||
| 57664 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21848 | URL | ||
| 57665 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21849 | URL | ||
| 57666 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21849 | URL | ||
| 57667 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21850 | URL | ||
| 57668 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21850 | URL | ||
| 57669 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21851 | URL | ||
| 57670 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21851 | URL | ||
| 57671 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21852 | URL | ||
| 57672 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (more info ...) | attempted-user | 2021-21852 | URL | ||
| 57675 | MALWARE-OTHER Sliver HTTP implant outbound public key request attempt (more info ...) | trojan-activity | URL | |||
| 57676 | MALWARE-OTHER Sliver HTTP implant outbound public key request attempt (more info ...) | trojan-activity | URL | |||
| 57677 | MALWARE-OTHER Sliver HTTP implant outbound session initialization attempt (more info ...) | trojan-activity | URL | |||
| 57678 | MALWARE-OTHER Sliver HTTP implant outbound message attempt (more info ...) | trojan-activity | URL | |||
| 57679 | MALWARE-OTHER Sliver HTTP implant outbound message attempt (more info ...) | trojan-activity | URL | |||
| 57680 | MALWARE-OTHER Sliver HTTP implant outbound message attempt (more info ...) | trojan-activity | URL | |||
| 57681 | MALWARE-OTHER Sliver HTTP implant outbound poll attempt (more info ...) | trojan-activity | URL | |||
| 57682 | MALWARE-OTHER Sliver HTTP implant outbound public key request attempt (more info ...) | trojan-activity | URL | |||
| 57687 | MALWARE-OTHER Win.Trojan.Nobelium malicious shortcut download attempt (more info ...) | trojan-activity | ||||
| 57688 | MALWARE-OTHER Win.Trojan.Nobelium ISO download attempt (more info ...) | trojan-activity | URL | |||
| 57689 | MALWARE-OTHER Win.Trojan.Nobelium malicious shortcut download attempt (more info ...) | trojan-activity | ||||
| 57690 | MALWARE-OTHER Win.Trojan.Nobelium ISO download attempt (more info ...) | trojan-activity | URL | |||
| 57691 | MALWARE-OTHER Win.Trojan.Nobelium CobaltStrike beacon download attempt (more info ...) | trojan-activity | URL | |||
| 57692 | MALWARE-OTHER Win.Trojan.Nobelium CobaltStrike beacon download attempt (more info ...) | trojan-activity | URL | |||
| 57693 | MALWARE-TOOLS Py.Trojan.NecroBot TODELETE ious download attempt (more info ...) | trojan-activity | URL | |||
| 57694 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57695 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57696 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57697 | MALWARE-TOOLS Html.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57698 | MALWARE-TOOLS Py.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57699 | MALWARE-TOOLS Html.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57700 | MALWARE-TOOLS Js.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57701 | MALWARE-TOOLS Js.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57702 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57703 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57704 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57705 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57709 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57710 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57711 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57712 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57713 | MALWARE-TOOLS Win.Trojan.NecroBot malicious download attempt (more info ...) | trojan-activity | URL | |||
| 57720 | SERVER-WEBAPP VMWare vSphere Client remote code execution attempt (more info ...) | attempted-user | 2021-21985 | URL | ||
| 57721 | MALWARE-BACKDOOR Win.Trojan.Moserpass outbound request attempt (more info ...) | trojan-activity | URL | |||
| 57728 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1308 attack attempt (more info ...) | attempted-user | 2021-21871 | URL | ||
| 57729 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1308 attack attempt (more info ...) | attempted-user | 2021-21871 | URL | ||
| 57732 | OS-WINDOWS Windows NTFS elevation of privilege attempt (more info ...) | attempted-user | 2021-31956 | URL | ||
| 57733 | OS-WINDOWS Windows NTFS elevation of privilege attempt (more info ...) | attempted-user | 2021-31956 | URL | ||
| 57739 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt (more info ...) | trojan-activity | URL | |||
| 57740 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt (more info ...) | trojan-activity | URL | |||
| 57741 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt (more info ...) | trojan-activity | URL | |||
| 57742 | MALWARE-OTHER Win.Trojan.C3Framework payload download attempt (more info ...) | trojan-activity | URL | |||
| 57745 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1309 attack attempt (more info ...) | attempted-recon | URL | |||
| 57746 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1309 attack attempt (more info ...) | attempted-recon | URL | |||
| 57747 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1311 attack attempt (more info ...) | attempted-dos | URL | |||
| 57748 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1311 attack attempt (more info ...) | attempted-dos | URL | |||
| 57749 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1319 attack attempt (more info ...) | attempted-user | URL | |||
| 57750 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1319 attack attempt (more info ...) | attempted-user | URL | |||
| 57751 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1318 attack attempt (more info ...) | attempted-user | URL | |||
| 57752 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1318 attack attempt (more info ...) | attempted-user | URL | |||
| 57753 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1312 attack attempt (more info ...) | web-application-attack | 2021-21872 | URL | ||
| 57754 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1312 attack attempt (more info ...) | web-application-attack | 2021-21872 | URL | ||
| 57755 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1312 attack attempt (more info ...) | web-application-attack | 2021-21872 | URL | ||
| 57757 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1327 attack attempt (more info ...) | web-application-attack | 2021-21883 | URL | ||
| 57758 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1327 attack attempt (more info ...) | web-application-attack | 2021-21883 | URL | ||
| 57759 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1327 attack attempt (more info ...) | web-application-attack | 2021-21883 | URL | ||
| 57761 | SERVER-WEBAPP TP-Link WiFi router authenticated PingIframeRpm stack buffer overflow attempt (more info ...) | attempted-user | 2017-13772 | |||
| 57762 | SERVER-WEBAPP TP-Link WiFi router authenticated WanStaticIpV6CfgRpm stack buffer overflow attempt (more info ...) | attempted-user | 2017-13772 | |||
| 57764 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1315 attack attempt (more info ...) | web-application-attack | 2021-21877 | URL | ||
| 57765 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1315 attack attempt (more info ...) | web-application-attack | 2021-21877 | URL | ||
| 57766 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1315 attack attempt (more info ...) | web-application-attack | 2021-21877 | URL | ||
| 57767 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1325 attack attempt (more info ...) | web-application-attack | 2021-21881 | URL | ||
| 57768 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1325 attack attempt (more info ...) | web-application-attack | 2021-21881 | URL | ||
| 57769 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1325 attack attempt (more info ...) | web-application-attack | 2021-21881 | URL | ||
| 57774 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1326 attack attempt (more info ...) | web-application-attack | 2021-21882 | URL | ||
| 57775 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1326 attack attempt (more info ...) | web-application-attack | 2021-21882 | URL | ||
| 57776 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1326 attack attempt (more info ...) | web-application-attack | 2021-21882 | URL | ||
| 57777 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1328 attack attempt (more info ...) | web-application-attack | 2021-21888 | URL | ||
| 57778 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1328 attack attempt (more info ...) | web-application-attack | 2021-21888 | URL | ||
| 57779 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1328 attack attempt (more info ...) | web-application-attack | 2021-21888 | URL | ||
| 57783 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1324 attack attempt (more info ...) | web-application-attack | 2021-21896 | URL | ||
| 57784 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1324 attack attempt (more info ...) | web-application-attack | 2021-21896 | URL | ||
| 57785 | SERVER-MAIL Exim spool file command injection attempt (more info ...) | attempted-admin | 2020-28021 | URL | ||
| 57786 | MALWARE-OTHER Win.Packed.SmokeLoader ransomware executable download attempt (more info ...) | trojan-activity | URL | |||
| 57787 | MALWARE-OTHER Win.Malware.Agent malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 57788 | MALWARE-OTHER Win.Trojan.Lazagne malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 57789 | MALWARE-OTHER Win.Trojan.Lazagne malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 57790 | MALWARE-OTHER Win.Malware.Agent malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 57791 | MALWARE-OTHER Win.Packed.SmokeLoader ransomware executable download attempt (more info ...) | trojan-activity | URL | |||
| 57792 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1314 attack attempt (more info ...) | web-application-attack | 2021-21875 | URL | ||
| 57793 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1314 attack attempt (more info ...) | web-application-attack | 2021-21875 | URL | ||
| 57794 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1314 attack attempt (more info ...) | web-application-attack | 2021-21875 | URL | ||
| 57795 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1314 attack attempt (more info ...) | web-application-attack | 2021-21875 | URL | ||
| 57796 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1323 attack attempt (more info ...) | web-application-attack | 2021-21879 | URL | ||
| 57798 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1320 attack attempt (more info ...) | web-application-attack | URL | |||
| 57799 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1320 attack attempt (more info ...) | web-application-attack | URL | |||
| 57800 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1331 attack attempt (more info ...) | web-application-attack | 2021-21887 | URL | ||
| 57801 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1331 attack attempt (more info ...) | web-application-attack | 2021-21887 | URL | ||
| 57802 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1317 attack attempt (more info ...) | attempted-admin | URL | |||
| 57803 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1313 attack attempt (more info ...) | web-application-attack | URL | |||
| 57804 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1334 attack attempt (more info ...) | web-application-attack | 2021-21891 | URL | ||
| 57805 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1335 attack attempt (more info ...) | web-application-attack | 2021-21892 | URL | ||
| 57806 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1333 attack attempt (more info ...) | web-application-attack | 2021-21889 | URL | ||
| 57814 | MALWARE-OTHER Win.Trojan.Deadwood download attempt (more info ...) | trojan-activity | URL | |||
| 57815 | MALWARE-OTHER Win.Trojan.Apostle download attempt (more info ...) | trojan-activity | URL | |||
| 57816 | MALWARE-OTHER ASPXSpy webshell download attempt (more info ...) | trojan-activity | URL | |||
| 57817 | MALWARE-OTHER ASPXSpy webshell upload attempt (more info ...) | trojan-activity | URL | |||
| 57818 | MALWARE-OTHER Win.Backdoor.IPSecHelper download attempt (more info ...) | trojan-activity | URL | |||
| 57819 | MALWARE-OTHER ASPXSpy webshell upload attempt (more info ...) | trojan-activity | URL | |||
| 57820 | MALWARE-OTHER ASPXSpy webshell download attempt (more info ...) | trojan-activity | URL | |||
| 57821 | MALWARE-OTHER Win.Trojan.Deadwood upload attempt (more info ...) | trojan-activity | URL | |||
| 57822 | MALWARE-OTHER Win.Trojan.Apostle upload attempt (more info ...) | trojan-activity | URL | |||
| 57829 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1316 attack attempt (more info ...) | attempted-user | URL | |||
| 57830 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1336 attack attempt (more info ...) | attempted-user | 2021-21893 | URL | ||
| 57831 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1336 attack attempt (more info ...) | attempted-user | 2021-21893 | URL | ||
| 57834 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center remote code execution attempt (more info ...) | attempted-user | 2019-5386 | |||
| 57835 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2021-25298 | URL | ||
| 57836 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2021-25298 | URL | ||
| 57841 | SERVER-WEBAPP Nagios Fusion command injection attempt (more info ...) | web-application-attack | 2020-28905 | URL | ||
| 57850 | MALWARE-OTHER Win.Backdoor.VictoryDll variant download attempt (more info ...) | trojan-activity | URL | |||
| 57851 | MALWARE-OTHER Doc.Dropper.RoyalRoadRTF variant download attempt (more info ...) | trojan-activity | URL | |||
| 57852 | MALWARE-OTHER Win.Downloader.VictoryDll variant download attempt (more info ...) | trojan-activity | URL | |||
| 57853 | MALWARE-OTHER Win.Backdoor.VictoryDll variant download attempt (more info ...) | trojan-activity | URL | |||
| 57854 | MALWARE-OTHER Doc.Dropper.RoyalRoadRTF variant download attempt (more info ...) | trojan-activity | URL | |||
| 57855 | MALWARE-OTHER Win.Downloader.VictoryDll variant download attempt (more info ...) | trojan-activity | URL | |||
| 57859 | MALWARE-OTHER Win.Trojan.BazaCall variant phishing e-mail detected (more info ...) | trojan-activity | URL | |||
| 57860 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt (more info ...) | web-application-attack | ||||
| 57861 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt (more info ...) | web-application-attack | ||||
| 57862 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt (more info ...) | web-application-attack | ||||
| 57863 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise command injection attempt (more info ...) | web-application-attack | ||||
| 57872 | SERVER-WEBAPP Facade Ignition remote code execution attempt (more info ...) | attempted-user | 2021-3129 | URL | ||
| 57873 | MALWARE-OTHER Win.Ransomware.Babuk payload download attempt (more info ...) | trojan-activity | URL | |||
| 57874 | MALWARE-OTHER Win.Ransomware.Babuk payload download attempt (more info ...) | trojan-activity | URL | |||
| 57879 | INDICATOR-COMPROMISE Revil Kaseya ransomware log clearing http upload (more info ...) | web-application-attack | URL | |||
| 57880 | OS-WINDOWS TRUFFLEHUNTER SFVRT-1044 attack attempt (more info ...) | attempted-dos | ||||
| 57881 | OS-WINDOWS TRUFFLEHUNTER SFVRT-1044 attack attempt (more info ...) | attempted-dos | ||||
| 57888 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1339 attack attempt (more info ...) | attempted-recon | URL | |||
| 57889 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1339 attack attempt (more info ...) | attempted-recon | URL | |||
| 57898 | SERVER-OTHER SolarWinds Network Performance Monitor insecure deserialization attempt (more info ...) | attempted-user | 2021-31474 | URL | ||
| 57899 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1340 attack attempt (more info ...) | attempted-recon | URL | |||
| 57900 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1340 attack attempt (more info ...) | attempted-recon | URL | |||
| 57902 | SERVER-WEBAPP HPE Systems Insight Manager remote code execution attempt (more info ...) | attempted-user | 2020-7200 | URL | ||
| 57903 | SERVER-OTHER Kaseya authentication bypass attempt (more info ...) | attempted-user | ||||
| 57904 | SERVER-OTHER Kaseya authentication bypass attempt (more info ...) | attempted-user | ||||
| 57905 | SERVER-OTHER Kaseya authentication bypass attempt (more info ...) | attempted-user | ||||
| 57912 | SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt (more info ...) | attempted-admin | 2021-35464 | URL | ||
| 57913 | SERVER-WEBAPP ForgeRock Open Access Manager remote code execution attempt (more info ...) | attempted-admin | 2021-35464 | URL | ||
| 57931 | FILE-OTHER ExifTool DjVu metadata command injection injection attempt (more info ...) | attempted-user | 2021-22205 | URL | ||
| 57932 | FILE-OTHER ExifTool DjVu metadata command injection injection attempt (more info ...) | attempted-user | 2021-22204 | URL | ||
| 57933 | FILE-OTHER ExifTool DjVu metadata command injection injection attempt (more info ...) | attempted-user | 2021-22204 | URL | ||
| 57936 | MALWARE-OTHER Win.Dropper.Raccoon malicious file download attempt (more info ...) | trojan-activity | URL | |||
| 57937 | MALWARE-OTHER Win.Dropper.Raccoon malicious file download attempt (more info ...) | trojan-activity | URL | |||
| 57963 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1347 attack attempt (more info ...) | attempted-dos | URL | |||
| 57964 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1347 attack attempt (more info ...) | attempted-dos | URL | |||
| 57967 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1350 attack attempt (more info ...) | attempted-user | 2021-21899 | URL | ||
| 57968 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1350 attack attempt (more info ...) | attempted-user | 2021-21899 | URL | ||
| 57969 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2021-1345 attack attempt (more info ...) | attempted-user | URL | |||
| 57970 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2021-1345 attack attempt (more info ...) | attempted-user | URL | |||
| 57971 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1346 attack attempt (more info ...) | attempted-user | 2021-21897 | URL | ||
| 57972 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1346 attack attempt (more info ...) | attempted-user | 2021-21897 | URL | ||
| 57976 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1349 attack attempt (more info ...) | attempted-user | 2021-21898 | URL | ||
| 57977 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1349 attack attempt (more info ...) | attempted-user | 2021-21898 | URL | ||
| 57978 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1351 attack attempt (more info ...) | attempted-user | 2021-21900 | URL | ||
| 57979 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1351 attack attempt (more info ...) | attempted-user | 2021-21900 | URL | ||
| 57990 | MALWARE-OTHER Muhstik botnet outbound HTTP scanner request (more info ...) | attempted-recon | URL | |||
| 58010 | SERVER-OTHER Advantech WebAccess pointer dereference remote code execution attempt (more info ...) | attempted-admin | 2017-12719 | |||
| 58014 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1356 attack attempt (more info ...) | attempted-admin | 2021-21909 | URL | ||
| 58017 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1357 attack attempt (more info ...) | attempted-admin | 2021-21905 | URL | ||
| 58018 | SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt (more info ...) | web-application-attack | URL | |||
| 58019 | SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt (more info ...) | web-application-attack | URL | |||
| 58020 | SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt (more info ...) | web-application-attack | URL | |||
| 58021 | SERVER-WEBAPP Fortinet FortiWeb SAML server configuration page command injection attempt (more info ...) | web-application-attack | URL | |||
| 58024 | MALWARE-OTHER Win.Ransomware.Lockbit download attempt (more info ...) | trojan-activity | URL | |||
| 58025 | MALWARE-OTHER Win.Ransomware.Lockbit upload attempt (more info ...) | trojan-activity | URL | |||
| 58034 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1363 attack attempt (more info ...) | web-application-attack | 2021-21917 | URL | ||
| 58035 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1363 attack attempt (more info ...) | web-application-attack | 2021-21917 | URL | ||
| 58036 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1366 attack attempt (more info ...) | web-application-attack | 2021-21937 | URL | ||
| 58037 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1366 attack attempt (more info ...) | web-application-attack | 2021-21937 | URL | ||
| 58038 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1365 attack attempt (more info ...) | web-application-attack | 2021-21923 | URL | ||
| 58039 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1365 attack attempt (more info ...) | web-application-attack | 2021-21923 | URL | ||
| 58040 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1364 attack attempt (more info ...) | web-application-attack | 2021-21919 | URL | ||
| 58041 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1364 attack attempt (more info ...) | web-application-attack | 2021-21919 | URL | ||
| 58046 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1362 attack attempt (more info ...) | attempted-user | 2021-21914 | URL | ||
| 58047 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1362 attack attempt (more info ...) | attempted-user | 2021-21914 | URL | ||
| 58052 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58053 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58054 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58055 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58056 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58057 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58058 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58059 | SERVER-WEBAPP Realtek Jungle SDK command injection attempt (more info ...) | web-application-attack | 2021-35395 | |||
| 58063 | SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt (more info ...) | attempted-admin | 2019-10068 | |||
| 58064 | SERVER-WEBAPP Kentico CMS unsafe deserialization remote code execution attempt (more info ...) | attempted-admin | 2019-10068 | |||
| 58065 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2021-25298 | URL | ||
| 58066 | SERVER-WEBAPP Nagios XI command injection attempt (more info ...) | web-application-attack | 2021-25298 | URL | ||
| 58073 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1368 attack attempt (more info ...) | attempted-user | 2021-21939 | URL | ||
| 58074 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1368 attack attempt (more info ...) | attempted-user | 2021-21939 | URL | ||
| 58075 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1369 attack attempt (more info ...) | attempted-user | 2021-21940 | URL | ||
| 58076 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1369 attack attempt (more info ...) | attempted-user | 2021-21940 | URL | ||
| 58077 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1369 attack attempt (more info ...) | attempted-user | 2021-21940 | URL | ||
| 58078 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1369 attack attempt (more info ...) | attempted-user | 2021-21940 | URL | ||
| 58079 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1369 attack attempt (more info ...) | attempted-user | 2021-21940 | URL | ||
| 58080 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1369 attack attempt (more info ...) | attempted-user | 2021-21940 | URL | ||
| 58083 | MALWARE-OTHER Vbs.Worm.HWorm variant script download attempt (more info ...) | trojan-activity | ||||
| 58084 | MALWARE-OTHER Vbs.Worm.HWorm variant script download attempt (more info ...) | trojan-activity | ||||
| 58085 | MALWARE-OTHER Win.Trojan.Aspire variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 58093 | SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt (more info ...) | attempted-admin | 2021-26084 | URL | ||
| 58094 | SERVER-WEBAPP Atlassian Confluence OGNL injection remote code execution attempt (more info ...) | attempted-admin | 2021-26084 | URL | ||
| 58095 | MALWARE-OTHER Asp.Webshell.Ajan download attempt (more info ...) | trojan-activity | URL | |||
| 58096 | MALWARE-OTHER Asp.Webshell.Ajan upload attempt (more info ...) | trojan-activity | URL | |||
| 58100 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1367 attack attempt (more info ...) | attempted-user | 2021-21938 | URL | ||
| 58101 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1367 attack attempt (more info ...) | attempted-user | 2021-21938 | URL | ||
| 58146 | SERVER-OTHER Realtek Wifi Simple Config UPnP SUBSCRIBE callback buffer overflow attempt (more info ...) | attempted-user | 2021-35393 | |||
| 58147 | MALWARE-OTHER ASP.Webshell.RemExp download attempt (more info ...) | trojan-activity | URL | |||
| 58148 | MALWARE-OTHER ASP.Webshell.RemExp upload attempt (more info ...) | trojan-activity | URL | |||
| 58156 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1371 attack attempt (more info ...) | attempted-user | 2021-21942 | URL | ||
| 58157 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1371 attack attempt (more info ...) | attempted-user | 2021-21942 | URL | ||
| 58158 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1371 attack attempt (more info ...) | attempted-user | 2021-21942 | URL | ||
| 58159 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1371 attack attempt (more info ...) | attempted-user | 2021-21942 | URL | ||
| 58163 | MALWARE-OTHER Asp.Webshell.Zehir upload attempt (more info ...) | trojan-activity | URL | |||
| 58164 | MALWARE-OTHER Asp.Webshell.Zehir download attempt (more info ...) | trojan-activity | URL | |||
| 58174 | MALWARE-OTHER Asp.Webshell.Cmd download attempt (more info ...) | trojan-activity | URL | |||
| 58175 | MALWARE-OTHER Asp.Webshell.Cmd download attempt (more info ...) | trojan-activity | URL | |||
| 58176 | MALWARE-OTHER Asp.Webshell.Cmd upload attempt (more info ...) | trojan-activity | URL | |||
| 58177 | MALWARE-OTHER Asp.Webshell.Cmd upload attempt (more info ...) | trojan-activity | URL | |||
| 58178 | MALWARE-OTHER Asp.Webshell.Cmd download attempt (more info ...) | trojan-activity | URL | |||
| 58179 | MALWARE-OTHER Asp.Webshell.Cmd upload attempt (more info ...) | trojan-activity | URL | |||
| 58180 | MALWARE-OTHER Jsp.Webshell.Hsxa download attempt (more info ...) | trojan-activity | URL | |||
| 58181 | MALWARE-OTHER Jsp.Webshell.Hsxa upload attempt (more info ...) | trojan-activity | URL | |||
| 58192 | OS-OTHER Apple macOS Finder remote code execution inetloc file download attempt (more info ...) | attempted-user | URL | |||
| 58193 | OS-OTHER Apple macOS Finder remote code execution inetloc file download attempt (more info ...) | attempted-user | URL | |||
| 58194 | MALWARE-OTHER Win.Trojan.Bandidos inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 58195 | MALWARE-OTHER Win.Trojan.Bandidos inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 58200 | MALWARE-OTHER Webshell.Backdoor.Agent variant upload detected (more info ...) | attempted-admin | URL | |||
| 58201 | SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt (more info ...) | attempted-user | 2021-40539 | URL | ||
| 58202 | MALWARE-OTHER Standard Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58203 | MALWARE-OTHER Banking credential phishing attempt (more info ...) | attempted-user | ||||
| 58204 | MALWARE-OTHER Absa Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58206 | MALWARE-OTHER Standard Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58207 | MALWARE-OTHER Banking credential phishing attempt (more info ...) | attempted-user | ||||
| 58208 | MALWARE-OTHER Absa Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58210 | MALWARE-OTHER Standard Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58211 | MALWARE-OTHER Standard Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58212 | MALWARE-OTHER Absa Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58213 | MALWARE-OTHER Absa Bank credential phishing attempt (more info ...) | attempted-user | ||||
| 58214 | MALWARE-OTHER Email credential phishing attempt (more info ...) | attempted-user | ||||
| 58215 | MALWARE-OTHER Email credential phishing attempt (more info ...) | attempted-user | ||||
| 58217 | SERVER-WEBAPP VMware vCenter Server remote code execution attempt (more info ...) | web-application-attack | 2021-22005 | URL | ||
| 58218 | SERVER-WEBAPP VMware vCenter Server file upload attempt (more info ...) | web-application-attack | 2021-22017 | URL | ||
| 58219 | SERVER-WEBAPP VMware vCenter Server file upload attempt (more info ...) | web-application-attack | 2021-22005 | URL | ||
| 58220 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1375 attack attempt (more info ...) | attempted-user | 2021-21946 | URL | ||
| 58221 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1375 attack attempt (more info ...) | attempted-user | 2021-21947 | URL | ||
| 58222 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1375 attack attempt (more info ...) | attempted-user | 2021-21946 | URL | ||
| 58223 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1375 attack attempt (more info ...) | attempted-user | 2021-21947 | URL | ||
| 58227 | SERVER-WEBAPP Dell EMC Virtual Appliance Manager undocumented credential use attempt (more info ...) | attempted-user | 2018-1216 | |||
| 58230 | SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt (more info ...) | web-application-attack | 2020-36198 | |||
| 58231 | SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt (more info ...) | web-application-attack | 2020-36198 | |||
| 58232 | SERVER-WEBAPP QNAP NAS Malware Remover directory traversal attempt (more info ...) | web-application-attack | 2020-36198 | |||
| 58233 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1376 attack attempt (more info ...) | attempted-user | 2021-21948 | URL | ||
| 58234 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1376 attack attempt (more info ...) | attempted-user | 2021-21948 | URL | ||
| 58235 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1377 attack attempt (more info ...) | attempted-user | 2021-21949 | URL | ||
| 58236 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1377 attack attempt (more info ...) | attempted-user | 2021-21949 | URL | ||
| 58237 | MALWARE-TOOLS Win.Ransomware.BlackMatter variant download attempt (more info ...) | trojan-activity | URL | |||
| 58245 | SERVER-WEBAPP UDP Technology IP Camera command injection attempt (more info ...) | web-application-attack | 2021-33544 | |||
| 58246 | SERVER-WEBAPP UDP Technology IP Camera command injection attempt (more info ...) | web-application-attack | 2021-33544 | |||
| 58247 | SERVER-WEBAPP UDP Technology IP Camera command injection attempt (more info ...) | web-application-attack | 2021-33544 | |||
| 58248 | SERVER-WEBAPP UDP Technology IP Camera command injection attempt (more info ...) | web-application-attack | 2021-33544 | |||
| 58250 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2021-1381 attack attempt (more info ...) | attempted-admin | 2021-21954 | URL | ||
| 58251 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2021-1379 attack attempt (more info ...) | attempted-admin | 2021-21952 | URL | ||
| 58252 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1383 attack attempt (more info ...) | attempted-admin | 2021-21956 | URL | ||
| 58253 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1383 attack attempt (more info ...) | attempted-admin | 2021-21956 | URL | ||
| 58263 | SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt (more info ...) | web-application-attack | 2019-12925 | |||
| 58264 | SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt (more info ...) | web-application-attack | 2019-12925 | |||
| 58265 | SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt (more info ...) | web-application-attack | 2019-12925 | |||
| 58266 | SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt (more info ...) | web-application-attack | 2019-12925 | |||
| 58267 | SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt (more info ...) | web-application-attack | 2019-12925 | |||
| 58268 | SERVER-WEBAPP MailEnable Enterprise Premium directory traversal attempt (more info ...) | web-application-attack | 2019-12925 | |||
| 58269 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4222 | |||
| 58270 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4222 | |||
| 58271 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4222 | |||
| 58272 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4222 | |||
| 58273 | SERVER-WEBAPP QNAP HBS 3 authorization bypass attempt (more info ...) | web-application-activity | 2021-28799 | URL | ||
| 58274 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt (more info ...) | web-application-attack | URL | |||
| 58275 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center faultDevParasSet expression language injection attempt (more info ...) | web-application-attack | URL | |||
| 58284 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center FileUploadServlet Unrestricted arbitrary JSP file upload attempt (more info ...) | attempted-admin | ||||
| 58285 | SERVER-WEBAPP Trend Micro Control Manager ProductTree_RightWindow XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58290 | SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt (more info ...) | web-application-attack | 2018-10354 | |||
| 58291 | SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt (more info ...) | web-application-attack | 2018-10354 | |||
| 58292 | SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt (more info ...) | web-application-attack | 2018-10354 | |||
| 58293 | SERVER-WEBAPP Trend Micro Encryption for Email Gateway registration command injection attempt (more info ...) | web-application-attack | 2018-10354 | |||
| 58298 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2021-1378 attack attempt (more info ...) | attempted-admin | 2021-21951 | URL | ||
| 58326 | SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt (more info ...) | web-application-attack | ||||
| 58327 | SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt (more info ...) | web-application-attack | ||||
| 58328 | SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt (more info ...) | web-application-attack | ||||
| 58329 | SERVER-WEBAPP ARRIS VAP2500 list_mac_address macaddr command injection attempt (more info ...) | web-application-attack | ||||
| 58333 | SERVER-WEBAPP Trend Micro Control Manager DeploymentPlan_Event_Handler XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58352 | SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet UpdateProblemTickets XML external entity injection attempt (more info ...) | web-application-attack | 2018-10613 | |||
| 58360 | MALWARE-OTHER Andr.Downloader.AndroSpy shell script download attempt (more info ...) | trojan-activity | ||||
| 58361 | MALWARE-OTHER Andr.Downloader.AndroSpy shell script download attempt (more info ...) | trojan-activity | ||||
| 58367 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1387 attack attempt (more info ...) | attempted-user | URL | |||
| 58368 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1387 attack attempt (more info ...) | attempted-user | URL | |||
| 58375 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt (more info ...) | web-application-attack | ||||
| 58376 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center iccSelectCommand expression language injection attempt (more info ...) | web-application-attack | ||||
| 58377 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt (more info ...) | web-application-attack | ||||
| 58378 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center eventInfo_content expression language injection attempt (more info ...) | web-application-attack | ||||
| 58386 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1390 attack attempt (more info ...) | attempted-admin | 2021-21962 | URL | ||
| 58387 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1393 attack attempt (more info ...) | attempted-recon | 2021-21966 | URL | ||
| 58388 | SERVER-WEBAPP ARRIS VAP2500 config_wds command injection attempt (more info ...) | web-application-attack | ||||
| 58399 | SERVER-WEBAPP Nagios XI directory traversal attempt (more info ...) | web-application-attack | 2021-37343 | |||
| 58400 | SERVER-WEBAPP Nagios XI directory traversal attempt (more info ...) | web-application-attack | 2021-37343 | |||
| 58401 | SERVER-WEBAPP Nagios XI directory traversal attempt (more info ...) | web-application-attack | 2021-37343 | |||
| 58403 | SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt (more info ...) | web-application-attack | 2021-37346 | |||
| 58404 | SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt (more info ...) | web-application-attack | 2021-37346 | |||
| 58405 | SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt (more info ...) | web-application-attack | 2021-37346 | |||
| 58406 | SERVER-WEBAPP Nagios XI Watchguard wizard command injection attempt (more info ...) | web-application-attack | 2021-37346 | |||
| 58414 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1395 attack attempt (more info ...) | attempted-admin | 2021-21968 | URL | ||
| 58415 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1396 attack attempt (more info ...) | attempted-admin | 2021-21969 | URL | ||
| 58416 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1396 attack attempt (more info ...) | attempted-admin | 2021-21970 | URL | ||
| 58417 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1394 attack attempt (more info ...) | attempted-admin | 2021-21967 | URL | ||
| 58418 | SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt (more info ...) | web-application-attack | 2016-5049 | |||
| 58419 | SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt (more info ...) | web-application-attack | 2016-5049 | |||
| 58420 | SERVER-WEBAPP ReadyDesk 9.1 OpenAttach2 directory traversal attempt (more info ...) | web-application-attack | 2016-5049 | |||
| 58424 | SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt (more info ...) | web-application-attack | ||||
| 58425 | SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt (more info ...) | web-application-attack | ||||
| 58426 | SERVER-WEBAPP Schneider Electric Umotion Builder Virtual Appliance Css directory traversal attempt (more info ...) | web-application-attack | ||||
| 58427 | SERVER-WEBAPP Trend Micro Control Manager widget_old_SP1 dlp_policy directory traversal attempt (more info ...) | web-application-attack | ||||
| 58449 | SERVER-WEBAPP Sophos SG UTM WebAdmin command injection attempt (more info ...) | web-application-attack | 2020-25223 | |||
| 58450 | SERVER-WEBAPP Sophos SG UTM WebAdmin command injection attempt (more info ...) | web-application-attack | 2020-25223 | |||
| 58454 | SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt (more info ...) | web-application-attack | ||||
| 58455 | SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt (more info ...) | web-application-attack | ||||
| 58456 | SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt (more info ...) | web-application-attack | ||||
| 58457 | SERVER-WEBAPP ARRIS VAP2500 assoc_table command injection attempt (more info ...) | web-application-attack | ||||
| 58458 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1397 attack attempt (more info ...) | attempted-admin | 2021-21971 | URL | ||
| 58464 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt (more info ...) | web-application-attack | ||||
| 58465 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt (more info ...) | web-application-attack | ||||
| 58466 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance File Deletion directory traversal attempt (more info ...) | web-application-attack | ||||
| 58467 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt (more info ...) | web-application-attack | ||||
| 58468 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt (more info ...) | web-application-attack | ||||
| 58469 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance directory traversal attempt (more info ...) | web-application-attack | ||||
| 58475 | SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt (more info ...) | web-application-attack | 2019-2827 | |||
| 58476 | SERVER-WEBAPP Oracle WebLogic Server DeploymentService directory traversal attempt (more info ...) | web-application-attack | 2019-2827 | |||
| 58491 | MALWARE-OTHER Tool.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58492 | MALWARE-OTHER Tool.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58493 | MALWARE-OTHER Tool.Webshell.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 58494 | MALWARE-OTHER Tool.Webshell.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 58499 | SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt (more info ...) | attempted-user | 2020-29583 | |||
| 58500 | SERVER-WEBAPP Zyxel Unified Security Gateway undocumented administrator account login attempt (more info ...) | attempted-user | 2020-29583 | |||
| 58501 | SERVER-OTHER Zyxel Unified Security Gateway undocumented administrator account login attempt (more info ...) | attempted-user | 2020-29583 | |||
| 58502 | SERVER-WEBAPP SonicWall Email Security directory traversal attempt (more info ...) | web-application-attack | 2021-20023 | |||
| 58503 | SERVER-WEBAPP SonicWall Email Security directory traversal attempt (more info ...) | web-application-attack | 2021-20023 | |||
| 58504 | SERVER-WEBAPP SonicWall Email Security directory traversal attempt (more info ...) | web-application-attack | 2021-20023 | |||
| 58505 | SERVER-WEBAPP Tenda Router command injection attempt (more info ...) | web-application-attack | 2022-32054 | |||
| 58506 | SERVER-WEBAPP Tenda Router command injection attempt (more info ...) | web-application-attack | 2022-32054 | |||
| 58507 | SERVER-WEBAPP Tenda Router command injection attempt (more info ...) | web-application-attack | 2022-32054 | |||
| 58508 | SERVER-WEBAPP Tenda Router command injection attempt (more info ...) | web-application-attack | 2022-32054 | |||
| 58517 | SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet AlarmActions XML external entity injection attempt (more info ...) | web-application-attack | 2018-10613 | |||
| 58518 | SERVER-OTHER D-Link DIR-825 R1 buffer overflow attempt (more info ...) | attempted-user | 2020-29557 | |||
| 58525 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center directory traversal attempt (more info ...) | web-application-attack | 2017-5794 | |||
| 58529 | SERVER-WEBAPP Buffalo WSR router configuration injection attempt (more info ...) | web-application-attack | 2021-20091 | URL | ||
| 58530 | SERVER-WEBAPP Buffalo WSR router configuration injection attempt (more info ...) | web-application-attack | 2021-20091 | URL | ||
| 58531 | SERVER-WEBAPP Buffalo WSR router configuration injection attempt (more info ...) | web-application-attack | 2021-20091 | URL | ||
| 58532 | SERVER-WEBAPP Buffalo WSR router configuration injection attempt (more info ...) | web-application-attack | 2021-20091 | URL | ||
| 58533 | SERVER-WEBAPP Buffalo WSR router configuration injection attempt (more info ...) | web-application-attack | 2021-20091 | URL | ||
| 58538 | SERVER-WEBAPP Arcadyan routers path traversal attempt (more info ...) | web-application-attack | 2021-20090 | URL | ||
| 58551 | SERVER-WEBAPP Micro Focus OBR command injection attempt (more info ...) | web-application-attack | 2021-22502 | |||
| 58552 | SERVER-WEBAPP Micro Focus OBR command injection attempt (more info ...) | web-application-attack | 2021-22502 | |||
| 58553 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1410 attack attempt (more info ...) | attempted-user | URL | |||
| 58554 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1410 attack attempt (more info ...) | attempted-user | URL | |||
| 58562 | SERVER-WEBAPP Oracle WebLogic Server remote code execution attempt (more info ...) | web-application-attack | 2020-14883 | |||
| 58565 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1414 attack attempt (more info ...) | attempted-user | URL | |||
| 58566 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1414 attack attempt (more info ...) | attempted-user | URL | |||
| 58567 | SERVER-WEBAPP Roundcube Webmail file disclosure attempt (more info ...) | attempted-user | 2017-16651 | |||
| 58568 | SERVER-WEBAPP Roundcube Webmail file disclosure attempt (more info ...) | attempted-user | 2017-16651 | |||
| 58569 | SERVER-WEBAPP Roundcube Webmail file disclosure attempt (more info ...) | attempted-user | 2017-16651 | |||
| 58571 | FILE-OTHER MacOS TTC bypass vulnerability exploit download attempt (more info ...) | attempted-admin | 2021-30713 | |||
| 58572 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1411 attack attempt (more info ...) | attempted-user | 2021-40398 | URL | ||
| 58573 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1411 attack attempt (more info ...) | attempted-user | 2021-40398 | URL | ||
| 58576 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 58577 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 58578 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 58579 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 58580 | MALWARE-TOOLS TeamViewer shared AES key decryption tool download attempt (more info ...) | attempted-user | 2019-18988 | URL | ||
| 58581 | MALWARE-TOOLS TeamViewer shared AES key decryption tool download attempt (more info ...) | attempted-user | 2019-18988 | URL | ||
| 58588 | SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt (more info ...) | web-application-attack | 2020-27871 | |||
| 58589 | SERVER-WEBAPP SolarWinds Network Configuration Manager remote file include attempt (more info ...) | web-application-attack | 2020-27871 | |||
| 58592 | SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt (more info ...) | web-application-attack | 2021-25282 | |||
| 58593 | SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt (more info ...) | web-application-attack | 2021-25282 | |||
| 58594 | SERVER-WEBAPP SaltStack pillar_roots directory traversal attempt (more info ...) | web-application-attack | 2021-25282 | |||
| 58605 | SERVER-WEBAPP Citrix StoreFront Server XML external entity injection attempt (more info ...) | web-application-attack | 2019-13608 | |||
| 58618 | SERVER-OTHER Amcrest Dahua NVR Camera IP2M-841 denial of service attempt (more info ...) | attempted-dos | 2020-5735 | |||
| 58621 | FILE-OTHER Apple iOS Webkit universal XSS attempt (more info ...) | attempted-user | 2021-1879 | |||
| 58622 | FILE-OTHER Apple iOS Webkit universal XSS attempt (more info ...) | attempted-user | 2021-1879 | |||
| 58632 | SERVER-OTHER SolarWinds Orion MSMQ remote code execution attempt (more info ...) | attempted-admin | 2021-25274 | |||
| 58633 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1416 attack attempt (more info ...) | attempted-user | 2021-40402 | URL | ||
| 58634 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1416 attack attempt (more info ...) | attempted-user | 2021-40402 | URL | ||
| 58646 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58647 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58648 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58649 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58673 | POLICY-OTHER Dell SonicWall Email Security administrator account creation attempt (more info ...) | policy-violation | 2021-20021 | URL | ||
| 58674 | POLICY-OTHER Dell SonicWall Email Security administrator account creation attempt (more info ...) | policy-violation | 2021-20021 | URL | ||
| 58675 | POLICY-OTHER Dell SonicWall Email Security administrator account creation attempt (more info ...) | policy-violation | 2021-20021 | URL | ||
| 58676 | SERVER-WEBAPP GE MDS PulseNET FileServlet directory traversal attempt (more info ...) | web-application-attack | 2018-10615 | |||
| 58677 | SERVER-WEBAPP GE MDS PulseNET FileServlet directory traversal attempt (more info ...) | web-application-attack | 2018-10615 | |||
| 58678 | SERVER-WEBAPP GE MDS PulseNET FileServlet directory traversal attempt (more info ...) | web-application-attack | 2018-10615 | |||
| 58679 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58680 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58681 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58682 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 58685 | FILE-OTHER HP Multi-Function Printer memory corruption attempt (more info ...) | attempted-user | 2021-39238 | URL | ||
| 58686 | FILE-OTHER HP Multi-Function Printer memory corruption attempt (more info ...) | attempted-user | 2021-39238 | URL | ||
| 58687 | SERVER-WEBAPP Movable Type CMS command injection attempt (more info ...) | web-application-attack | 2021-20837 | |||
| 58688 | SERVER-WEBAPP Movable Type CMS command injection attempt (more info ...) | web-application-attack | 2021-20837 | |||
| 58689 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1419 attack attempt (more info ...) | attempted-dos | URL | |||
| 58690 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1419 attack attempt (more info ...) | attempted-dos | URL | |||
| 58691 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1424 attack attempt (more info ...) | web-application-attack | 2021-40409 | URL | ||
| 58692 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1424 attack attempt (more info ...) | web-application-attack | 2021-40411 | URL | ||
| 58693 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1424 attack attempt (more info ...) | web-application-attack | 2021-40412 | URL | ||
| 58694 | SERVER-WEBAPP Mitsubishi Electric SmartRTU command injection attempt (more info ...) | web-application-attack | 2019-14931 | URL | ||
| 58695 | SERVER-WEBAPP Mitsubishi Electric SmartRTU command injection attempt (more info ...) | web-application-attack | 2019-14931 | URL | ||
| 58696 | SERVER-WEBAPP Zoho ManageEngine Service Desk arbitrary file upload attempt (more info ...) | web-application-attack | 2021-44077 | URL | ||
| 58697 | OS-OTHER IGEL OS Secure Terminal and Shadow Service command injection attempt (more info ...) | attempted-user | URL | |||
| 58703 | SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus RestAPI authentication bypass attempt (more info ...) | attempted-user | 2021-40539 | URL | ||
| 58704 | SERVER-WEBAPP FaceSentry Access Control Remote Command Injection command injection attempt (more info ...) | web-application-attack | 2019-5523 | URL | ||
| 58705 | SERVER-WEBAPP FaceSentry Access Control Remote Command Injection command injection attempt (more info ...) | web-application-attack | 2019-5523 | URL | ||
| 58706 | SERVER-WEBAPP FaceSentry Access Control Remote Command Injection command injection attempt (more info ...) | web-application-attack | 2019-5523 | URL | ||
| 58707 | SERVER-WEBAPP FaceSentry Access Control Remote Command Injection command injection attempt (more info ...) | web-application-attack | 2019-5523 | URL | ||
| 58708 | SERVER-WEBAPP IBM Data Risk Manager command execution attempt (more info ...) | web-application-attack | 2020-4428 | |||
| 58711 | MALWARE-OTHER Asp.Webshell.NewCon2 upload attempt (more info ...) | trojan-activity | URL | |||
| 58712 | MALWARE-OTHER Asp.Webshell.NewCon2 download attempt (more info ...) | trojan-activity | URL | |||
| 58714 | POLICY-OTHER Zoho ManageEngine Site24x7 agent installation attempt (more info ...) | policy-violation | 2021-44077 | URL | ||
| 58715 | POLICY-OTHER Zoho ManageEngine Site24x7 agent installation attempt (more info ...) | policy-violation | 2021-44077 | URL | ||
| 58716 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1427 attack attempt (more info ...) | attempted-user | 2021-40418 | URL | ||
| 58717 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1427 attack attempt (more info ...) | attempted-user | 2021-40418 | URL | ||
| 58718 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1420 attack attempt (more info ...) | web-application-attack | 2021-40404 | URL | ||
| 58721 | SERVER-WEBAPP Grafana getPluginAssets path traversal attempt (more info ...) | web-application-attack | 2021-43798 | URL | ||
| 58745 | SERVER-WEBAPP TP-Link TL-WR840N EU v5 command injection attempt (more info ...) | web-application-attack | 2021-41653 | |||
| 58746 | SERVER-WEBAPP TP-Link TL-WR840N EU v5 command injection attempt (more info ...) | web-application-attack | 2021-41653 | |||
| 58747 | SERVER-WEBAPP TP-Link TL-WR840N EU v5 command injection attempt (more info ...) | web-application-attack | 2021-41653 | |||
| 58748 | SERVER-WEBAPP TP-Link TL-WR840N EU v5 command injection attempt (more info ...) | web-application-attack | 2021-41653 | |||
| 58749 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1426 attack attempt (more info ...) | attempted-user | 2021-40417 | URL | ||
| 58750 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1426 attack attempt (more info ...) | attempted-user | 2021-40417 | URL | ||
| 58758 | MALWARE-OTHER Email.Dropper.Agent phishing email download attempt (more info ...) | trojan-activity | URL | |||
| 58759 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 58760 | MALWARE-OTHER Win.Dropper.Agent HCrypt PowerShell payload download attempt (more info ...) | trojan-activity | URL | |||
| 58761 | MALWARE-OTHER Win.Dropper.Agent HCrypt PowerShell payload download attempt (more info ...) | trojan-activity | URL | |||
| 58764 | MALWARE-OTHER Vbs.Downloader.Agent payload download attempt (more info ...) | trojan-activity | URL | |||
| 58765 | MALWARE-OTHER Vbs.Downloader.Agent payload download attempt (more info ...) | trojan-activity | URL | |||
| 58792 | MALWARE-OTHER Win.Ransomware.Blackbyte malicious executable file download attempt (more info ...) | trojan-activity | URL | |||
| 58794 | MALWARE-OTHER Win.Ransomware.Blackbyte malicious executable file download attempt (more info ...) | trojan-activity | URL | |||
| 58797 | SERVER-WEBAPP LibreNMS Collectd command injection attempt (more info ...) | web-application-attack | 2019-10669 | |||
| 58798 | SERVER-WEBAPP LibreNMS Collectd command injection attempt (more info ...) | web-application-attack | 2019-10669 | |||
| 58799 | SERVER-WEBAPP LibreNMS Collectd command injection attempt (more info ...) | web-application-attack | 2019-10669 | |||
| 58800 | SERVER-WEBAPP LibreNMS Collectd command injection attempt (more info ...) | web-application-attack | 2019-10669 | |||
| 58801 | INDICATOR-COMPROMISE JNDI LDAP searchResEntry dynamic code download attempt (more info ...) | trojan-activity | 2021-45105 | URL | ||
| 58811 | SERVER-OTHER VMWare vSphere log4shell exploit attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58812 | SERVER-OTHER VMWare vSphere log4shell exploit attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58813 | SERVER-OTHER VMWare vSphere log4shell exploit attempt (more info ...) | attempted-user | 2021-45105 | |||
| 58815 | FILE-EXECUTABLE GIGABYTE GPCIDrv and GDrv driver privilege escalation attempt (more info ...) | attempted-admin | 2018-19323 | URL | ||
| 58816 | FILE-EXECUTABLE GIGABYTE GPCIDrv and GDrv driver privilege escalation attempt (more info ...) | attempted-admin | 2018-19323 | URL | ||
| 58817 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1428 attack attempt (more info ...) | attempted-admin | 2021-40419 | URL | ||
| 58818 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1429 attack attempt (more info ...) | attempted-user | 2023-33866 | URL | ||
| 58819 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1429 attack attempt (more info ...) | attempted-user | 2023-33866 | URL | ||
| 58821 | SERVER-WEBAPP WebSVN search command injection attempt (more info ...) | web-application-attack | 2021-32305 | URL | ||
| 58822 | SERVER-WEBAPP WebSVN search command injection attempt (more info ...) | web-application-attack | 2021-32305 | URL | ||
| 58823 | SERVER-WEBAPP WebSVN search command injection attempt (more info ...) | web-application-attack | 2021-32305 | URL | ||
| 58824 | SERVER-WEBAPP WebSVN search command injection attempt (more info ...) | web-application-attack | 2021-32305 | URL | ||
| 58825 | SERVER-WEBAPP DLINK DWL-2600 Authenticated command injection attempt (more info ...) | web-application-attack | 2019-20499 | |||
| 58826 | SERVER-WEBAPP DLINK DWL-2600 Authenticated command injection attempt (more info ...) | web-application-attack | 2019-20499 | |||
| 58827 | SERVER-WEBAPP DLINK DWL-2600 Authenticated command injection attempt (more info ...) | web-application-attack | 2019-20499 | |||
| 58828 | SERVER-WEBAPP DLINK DWL-2600 Authenticated command injection attempt (more info ...) | web-application-attack | 2019-20499 | |||
| 58829 | SERVER-WEBAPP DLINK DWL-2600 Authenticated Config Upgrade command injection attempt (more info ...) | web-application-attack | 2019-20501 | |||
| 58830 | SERVER-WEBAPP DLINK DWL-2600 Authenticated Config Upgrade command injection attempt (more info ...) | web-application-attack | 2019-20501 | |||
| 58831 | SERVER-WEBAPP DLINK DWL-2600 Authenticated Config Upgrade command injection attempt (more info ...) | web-application-attack | 2019-20501 | |||
| 58832 | SERVER-WEBAPP DLINK DWL-2600 Authenticated Config Upgrade command injection attempt (more info ...) | web-application-attack | 2019-20501 | |||
| 58833 | SERVER-WEBAPP Nagios XI remote command execution attempt (more info ...) | attempted-user | 2019-15949 | URL | ||
| 58834 | SERVER-OTHER MongoDB mongo-express insecure document processing code execution attempt (more info ...) | attempted-user | 2019-10758 | URL | ||
| 58836 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1434 attack attempt (more info ...) | attempted-user | 2021-40426 | URL | ||
| 58837 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1434 attack attempt (more info ...) | attempted-user | 2021-40426 | URL | ||
| 58850 | MALWARE-OTHER Win.Ransomware.Rollcoast download attempt (more info ...) | trojan-activity | URL | |||
| 58851 | MALWARE-OTHER Win.Ransomware.Rollcoast download attempt (more info ...) | trojan-activity | URL | |||
| 58853 | SERVER-OTHER RealTek UDPServer command injection attempt (more info ...) | attempted-user | 2021-35394 | URL | ||
| 58857 | SERVER-WEBAPP Tendar Router AC11 stack buffer overflow attempt (more info ...) | attempted-user | 2021-31755 | |||
| 58858 | SERVER-WEBAPP Tendar Router AC11 stack buffer overflow attempt (more info ...) | attempted-user | 2021-31755 | |||
| 58861 | SERVER-WEBAPP ManageEngine Desktop Central LogUploader servlets directory traversal attempt (more info ...) | web-application-attack | 2021-44515 | |||
| 58862 | SERVER-WEBAPP ManageEngine Desktop Central LogUploader servlets directory traversal attempt (more info ...) | web-application-attack | 2021-44515 | |||
| 58863 | SERVER-WEBAPP ManageEngine Desktop Central authentication bypass attempt (more info ...) | web-application-attack | 2021-44515 | |||
| 58864 | SERVER-WEBAPP ManageEngine Desktop Central LogUploader servlets directory traversal attempt (more info ...) | web-application-attack | 2021-44515 | |||
| 58876 | SERVER-OTHER H2 database console RCE attempt (more info ...) | attempted-user | 2021-42392 | |||
| 58877 | SERVER-OTHER H2 database console RCE attempt (more info ...) | attempted-user | 2021-42392 | |||
| 58880 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1435 attack attempt (more info ...) | attempted-user | URL | |||
| 58881 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1435 attack attempt (more info ...) | attempted-user | URL | |||
| 58882 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1436 attack attempt (more info ...) | attempted-user | URL | |||
| 58883 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1436 attack attempt (more info ...) | attempted-user | URL | |||
| 58884 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1441 attack attempt (more info ...) | web-application-attack | 2022-22149 | URL | ||
| 58885 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1441 attack attempt (more info ...) | web-application-attack | 2022-22149 | URL | ||
| 58886 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1441 attack attempt (more info ...) | web-application-attack | 2022-22149 | URL | ||
| 58887 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1442 attack attempt (more info ...) | attempted-user | 2022-21145 | URL | ||
| 58888 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1442 attack attempt (more info ...) | attempted-user | 2022-21145 | URL | ||
| 58889 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1444 attack attempt (more info ...) | web-application-attack | 2022-21210 | URL | ||
| 58890 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1444 attack attempt (more info ...) | web-application-attack | 2022-21210 | URL | ||
| 58891 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1444 attack attempt (more info ...) | web-application-attack | 2022-21210 | URL | ||
| 58892 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1443 attack attempt (more info ...) | web-application-attack | 2022-21234 | URL | ||
| 58893 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1443 attack attempt (more info ...) | web-application-attack | 2022-21234 | URL | ||
| 58894 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1443 attack attempt (more info ...) | web-application-attack | 2022-21234 | URL | ||
| 58895 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1437 attack attempt (more info ...) | attempted-user | URL | |||
| 58896 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1437 attack attempt (more info ...) | attempted-user | URL | |||
| 58897 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1439 attack attempt (more info ...) | attempted-user | 2022-22150 | URL | ||
| 58898 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1439 attack attempt (more info ...) | attempted-user | 2022-22150 | URL | ||
| 58899 | SERVER-WEBAPP Dlink DWL-2600 authenticated config save command injection attempt (more info ...) | web-application-attack | 2019-20500 | |||
| 58900 | SERVER-WEBAPP Dlink DWL-2600 authenticated config save command injection attempt (more info ...) | web-application-attack | 2019-20500 | |||
| 58901 | SERVER-WEBAPP Dlink DWL-2600 authenticated config save command injection attempt (more info ...) | web-application-attack | 2019-20500 | |||
| 58902 | SERVER-WEBAPP Dlink DWL-2600 authenticated config save command injection attempt (more info ...) | web-application-attack | 2019-20500 | |||
| 58908 | POLICY-OTHER Multiple Products Werkzeug debug console access attempt (more info ...) | policy-violation | 2022-20649 | URL | ||
| 58910 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1438 attack attempt (more info ...) | attempted-user | URL | |||
| 58911 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1438 attack attempt (more info ...) | attempted-user | URL | |||
| 58926 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1446 attack attempt (more info ...) | attempted-recon | 2022-21236 | URL | ||
| 58928 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1445 attack attempt (more info ...) | attempted-admin | 2022-21217 | URL | ||
| 58929 | MALWARE-OTHER Pdf.Downloader.MuddyWater variant download attempt (more info ...) | trojan-activity | URL | |||
| 58930 | MALWARE-OTHER Ps1.Downloader.MuddyWater payload download attempt (more info ...) | trojan-activity | URL | |||
| 58931 | MALWARE-OTHER Ps1.Downloader.MuddyWater payload download attempt (more info ...) | trojan-activity | URL | |||
| 58932 | MALWARE-OTHER Pdf.Downloader.MuddyWater variant download attempt (more info ...) | trojan-activity | URL | |||
| 58933 | MALWARE-OTHER Xls.Dropper.MuddyWater variant download attempt (more info ...) | trojan-activity | URL | |||
| 58934 | MALWARE-OTHER Xls.Dropper.MuddyWater variant download attempt (more info ...) | trojan-activity | URL | |||
| 58935 | MALWARE-OTHER Xls.Dropper.MuddyWater variant download attempt (more info ...) | trojan-activity | URL | |||
| 58936 | MALWARE-OTHER Xls.Dropper.MuddyWater variant download attempt (more info ...) | trojan-activity | URL | |||
| 58947 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1449 attack attempt (more info ...) | attempted-user | 2022-22137 | URL | ||
| 58948 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1449 attack attempt (more info ...) | attempted-user | 2022-22137 | URL | ||
| 58951 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1451 attack attempt (more info ...) | attempted-admin | 2022-21796 | URL | ||
| 58952 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1451 attack attempt (more info ...) | attempted-admin | 2022-21796 | URL | ||
| 58953 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1450 attack attempt (more info ...) | attempted-dos | 2022-21801 | URL | ||
| 58954 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1450 attack attempt (more info ...) | attempted-dos | 2022-21801 | URL | ||
| 58960 | SERVER-WEBAPP Aviatrix Controller directory traversal attempt (more info ...) | web-application-attack | 2021-40870 | |||
| 58961 | SERVER-WEBAPP Aviatrix Controller directory traversal attempt (more info ...) | web-application-attack | 2021-40870 | |||
| 58962 | SERVER-WEBAPP Aviatrix Controller directory traversal attempt (more info ...) | web-application-attack | 2021-40870 | |||
| 58980 | SERVER-WEBAPP System Information Library for node.js command injection attempt (more info ...) | web-application-attack | 2021-21315 | |||
| 58981 | SERVER-WEBAPP System Information Library for node.js command injection attempt (more info ...) | web-application-attack | 2021-21315 | |||
| 58982 | SERVER-WEBAPP System Information Library for node.js command injection attempt (more info ...) | web-application-attack | 2021-21315 | |||
| 58983 | SERVER-WEBAPP System Information Library for node.js command injection attempt (more info ...) | web-application-attack | 2021-21315 | |||
| 58991 | MALWARE-OTHER Windows Defender disable script detected (more info ...) | trojan-activity | ||||
| 58995 | SERVER-WEBAPP Gemtek WVRTM-127ACN command injection attempt (more info ...) | web-application-attack | 2020-24365 | |||
| 58996 | SERVER-WEBAPP Gemtek WVRTM-127ACN command injection attempt (more info ...) | web-application-attack | 2020-24365 | |||
| 58997 | SERVER-WEBAPP Gemtek WVRTM-127ACN command injection attempt (more info ...) | web-application-attack | 2020-24365 | |||
| 58998 | SERVER-WEBAPP Gemtek WVRTM-127ACN command injection attempt (more info ...) | web-application-attack | 2020-24365 | |||
| 59006 | OS-WINDOWS Windows Common log file system driver elevation of privilege attempt (more info ...) | attempted-admin | 2022-22000 | URL | ||
| 59007 | OS-WINDOWS Windows Common log file system driver elevation of privilege attempt (more info ...) | attempted-admin | 2022-22000 | URL | ||
| 59010 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1464 attack attempt (more info ...) | attempted-user | 2022-21154 | URL | ||
| 59011 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1464 attack attempt (more info ...) | attempted-user | 2022-21154 | URL | ||
| 59013 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1463 attack attempt (more info ...) | attempted-admin | 2022-24029 | URL | ||
| 59020 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1456 attack attempt (more info ...) | attempted-admin | 2022-21201 | URL | ||
| 59026 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1455 attack attempt (more info ...) | attempted-admin | 2022-23918 | URL | ||
| 59027 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1455 attack attempt (more info ...) | attempted-admin | 2022-23919 | URL | ||
| 59028 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1454 attack attempt (more info ...) | attempted-admin | 2022-23399 | URL | ||
| 59029 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1454 attack attempt (more info ...) | attempted-admin | 2022-23399 | URL | ||
| 59030 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1465 attack attempt (more info ...) | attempted-user | 2022-23400 | URL | ||
| 59031 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1465 attack attempt (more info ...) | attempted-user | 2022-23400 | URL | ||
| 59046 | BROWSER-OTHER Slack command injection attempt (more info ...) | attempted-user | 2018-1000006 | |||
| 59047 | BROWSER-OTHER Slack command injection attempt (more info ...) | attempted-user | 2018-1000006 | |||
| 59058 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1458 attack attempt (more info ...) | attempted-admin | 2022-22140 | URL | ||
| 59059 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1457 attack attempt (more info ...) | attempted-admin | 2022-21178 | URL | ||
| 59072 | SERVER-WEBAPP D-Link Routers command injection attempt (more info ...) | web-application-attack | 2018-10823 | |||
| 59073 | SERVER-WEBAPP D-Link Routers command injection attempt (more info ...) | web-application-attack | 2018-10823 | |||
| 59074 | SERVER-WEBAPP D-Link Routers command injection attempt (more info ...) | web-application-attack | 2018-10823 | |||
| 59075 | SERVER-WEBAPP D-Link Routers command injection attempt (more info ...) | web-application-attack | 2018-10823 | |||
| 59076 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1466 attack attempt (more info ...) | attempted-dos | URL | |||
| 59099 | MALWARE-OTHER Win.Malware.HermeticWiper binary download attempt (more info ...) | trojan-activity | URL | |||
| 59100 | MALWARE-OTHER Win.Malware.HermeticWiper binary download attempt (more info ...) | trojan-activity | URL | |||
| 59103 | SERVER-WEBAPP October CMS authentication bypass attempt (more info ...) | attempted-user | 2021-32648 | |||
| 59109 | SERVER-WEBAPP Oracle WebLogic core server remote code execution attempt (more info ...) | attempted-user | 2021-2394 | URL | ||
| 59125 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1473 attack attempt (more info ...) | attempted-admin | 2022-26085 | URL | ||
| 59129 | SERVER-WEBAPP VMware vCenter Server file upload attempt (more info ...) | web-application-attack | 2021-22005 | URL | ||
| 59131 | MALWARE-OTHER Win.Trojan.Generic download attempt (more info ...) | trojan-activity | URL | |||
| 59132 | MALWARE-OTHER Win.Trojan.Generic upload attempt (more info ...) | trojan-activity | URL | |||
| 59146 | MALWARE-OTHER Win.Trojan.Redline variant upload attempt (more info ...) | trojan-activity | URL | |||
| 59147 | MALWARE-OTHER Win.Trojan.Redline variant download attempt (more info ...) | trojan-activity | URL | |||
| 59148 | MALWARE-OTHER Win.Trojan.Redline variant download attempt (more info ...) | trojan-activity | URL | |||
| 59154 | MALWARE-OTHER Win.Ransomware.HermeticRansom binary download attempt (more info ...) | trojan-activity | URL | |||
| 59155 | MALWARE-OTHER Win.Ransomware.HermeticRansom binary download attempt (more info ...) | trojan-activity | URL | |||
| 59156 | MALWARE-OTHER Win.Ransomware.HermeticRansom binary download attempt (more info ...) | trojan-activity | URL | |||
| 59157 | MALWARE-OTHER Win.Ransomware.HermeticRansom binary download attempt (more info ...) | trojan-activity | URL | |||
| 59163 | MALWARE-TOOLS Win.Malware.IsaacWiper variant download attempt (more info ...) | trojan-activity | URL | |||
| 59164 | MALWARE-TOOLS Win.Malware.IsaacWiper variant download attempt (more info ...) | trojan-activity | URL | |||
| 59171 | MALWARE-OTHER Xls.Downloader.SunSeed payload download attempt (more info ...) | trojan-activity | URL | |||
| 59172 | MALWARE-OTHER Xls.Downloader.SunSeed payload download attempt (more info ...) | trojan-activity | URL | |||
| 59174 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59175 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59176 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59177 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59178 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59179 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59180 | MALWARE-OTHER Win.Trojan.WhisperGate backwards DLL download attempt (more info ...) | trojan-activity | URL | |||
| 59181 | MALWARE-OTHER Win.Trojan.WhisperGate backwards DLL download attempt (more info ...) | trojan-activity | URL | |||
| 59184 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59185 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59186 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59187 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59188 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59189 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59190 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59191 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59194 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59195 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59196 | MALWARE-OTHER Win.Loader.Agent download attempt (more info ...) | trojan-activity | URL | |||
| 59197 | MALWARE-OTHER Win.Loader.Agent upload attempt (more info ...) | trojan-activity | URL | |||
| 59198 | MALWARE-OTHER Win.Downloader.Saintbot download attempt (more info ...) | trojan-activity | URL | |||
| 59199 | MALWARE-OTHER Win.Downloader.Saintbot upload attempt (more info ...) | trojan-activity | URL | |||
| 59200 | MALWARE-OTHER Win.Infostealer.Vidar download attempt (more info ...) | trojan-activity | URL | |||
| 59201 | MALWARE-OTHER Win.Infostealer.Vidar download attempt (more info ...) | trojan-activity | URL | |||
| 59204 | MALWARE-OTHER Win.Trojan.Saintbot variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59205 | MALWARE-OTHER Win.Trojan.Saintbot variant binary upload attempt (more info ...) | trojan-activity | URL | |||
| 59206 | MALWARE-OTHER Win.Trojan.Ursnif variant binary upload attempt (more info ...) | trojan-activity | URL | |||
| 59207 | MALWARE-OTHER Win.Trojan.Ursnif variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59222 | MALWARE-OTHER Win.Downloader.TransparentTribe outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59224 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1469 attack attempt (more info ...) | attempted-user | 2022-21238 | URL | ||
| 59225 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1469 attack attempt (more info ...) | attempted-user | 2022-21238 | URL | ||
| 59236 | SERVER-WEBAPP Sitecore XP insecure deserialization attempt (more info ...) | web-application-attack | 2021-42237 | URL | ||
| 59239 | MALWARE-OTHER Win.Trojan.Generic download attempt (more info ...) | trojan-activity | ||||
| 59240 | MALWARE-OTHER Win.Trojan.Generic download attempt (more info ...) | trojan-activity | ||||
| 59241 | MALWARE-OTHER Win.Trojan.Generic upload attempt (more info ...) | trojan-activity | ||||
| 59242 | MALWARE-OTHER Win.Trojan.Generic upload attempt (more info ...) | trojan-activity | ||||
| 59244 | MALWARE-OTHER Win.Trojan.Raccoon download attempt (more info ...) | trojan-activity | URL | |||
| 59245 | MALWARE-OTHER Win.Trojan.Raccoon download attempt (more info ...) | trojan-activity | URL | |||
| 59247 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1471 attack attempt (more info ...) | attempted-admin | 2022-24910 | URL | ||
| 59250 | MALWARE-TOOLS Win.Malware.HermeticWizard variant download attempt (more info ...) | trojan-activity | ||||
| 59251 | MALWARE-TOOLS Win.Malware.HermeticWizard variant download attempt (more info ...) | trojan-activity | ||||
| 59254 | MALWARE-OTHER Win.Infostealer.PhoenixStealer download attempt (more info ...) | trojan-activity | URL | |||
| 59255 | MALWARE-OTHER Win.Infostealer.PhoenixStealer download attempt (more info ...) | trojan-activity | URL | |||
| 59267 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1480 attack attempt (more info ...) | attempted-dos | 2022-26073 | URL | ||
| 59268 | MALWARE-OTHER Win.Trojan.CaddyWiper download attempt (more info ...) | trojan-activity | URL | |||
| 59269 | MALWARE-OTHER Win.Trojan.CaddyWiper download attempt (more info ...) | trojan-activity | URL | |||
| 59270 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1476 attack attempt (more info ...) | attempted-admin | 2022-26002 | URL | ||
| 59271 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1475 attack attempt (more info ...) | attempted-admin | 2022-26007 | URL | ||
| 59272 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1477 attack attempt (more info ...) | attempted-admin | 2022-27172 | URL | ||
| 59273 | SERVER-WEBAPP DOTNETNUKE DNNPersonalization Cookie Deserialization RCE (more info ...) | attempted-user | 2018-18326 | URL | ||
| 59287 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1478 attack attempt (more info ...) | misc-activity | 2022-26042 | URL | ||
| 59288 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1478 attack attempt (more info ...) | attempted-admin | 2022-26042 | URL | ||
| 59289 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1483 attack attempt (more info ...) | attempted-admin | 2022-26009 | URL | ||
| 59290 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1484 attack attempt (more info ...) | attempted-admin | 2022-26342 | URL | ||
| 59291 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1482 attack attempt (more info ...) | attempted-admin | 2022-25996 | URL | ||
| 59292 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SiteLookup.do cross site scripting attempt (more info ...) | attempted-user | 2019-12538 | |||
| 59293 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SiteLookup.do cross site scripting attempt (more info ...) | attempted-user | 2019-12538 | |||
| 59294 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1481 attack attempt (more info ...) | attempted-admin | 2022-26781 | URL | ||
| 59295 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1481 attack attempt (more info ...) | attempted-admin | 2022-26782 | URL | ||
| 59296 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1485 attack attempt (more info ...) | attempted-user | 2022-25972 | URL | ||
| 59297 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1485 attack attempt (more info ...) | attempted-user | 2022-25972 | URL | ||
| 59298 | SERVER-WEBAPP Spring Cloud Gateway Spring Expression Language injection attempt (more info ...) | web-application-attack | 2022-22947 | |||
| 59299 | SERVER-WEBAPP Spring Cloud Gateway Spring Expression Language injection attempt (more info ...) | web-application-attack | 2022-22947 | |||
| 59303 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1486 attack attempt (more info ...) | attempted-user | 2022-25942 | URL | ||
| 59304 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1486 attack attempt (more info ...) | attempted-user | 2022-25942 | URL | ||
| 59305 | SERVER-WEBAPP OCS Inventory NG command injection attempt (more info ...) | web-application-attack | 2020-14947 | |||
| 59306 | SERVER-WEBAPP OCS Inventory NG command injection attempt (more info ...) | web-application-attack | 2020-14947 | |||
| 59307 | SERVER-WEBAPP OCS Inventory NG command injection attempt (more info ...) | web-application-attack | 2020-14947 | |||
| 59308 | SERVER-WEBAPP OCS Inventory NG command injection attempt (more info ...) | web-application-attack | 2020-14947 | |||
| 59319 | SERVER-WEBAPP Advantech WISE-PaaS RMM UpgradeMgmt upload_ota directory traversal attempt (more info ...) | web-application-attack | 2019-13551 | |||
| 59320 | SERVER-WEBAPP Advantech WISE-PaaS RMM UpgradeMgmt upload_ota directory traversal attempt (more info ...) | web-application-attack | 2019-13551 | |||
| 59321 | SERVER-WEBAPP Advantech WISE-PaaS RMM UpgradeMgmt upload_ota directory traversal attempt (more info ...) | web-application-attack | 2019-13551 | |||
| 59355 | SERVER-WEBAPP Zoho ManageEngine Desktop Central directory traversal attempt (more info ...) | web-application-attack | 2018-12999 | |||
| 59356 | SERVER-WEBAPP Zoho ManageEngine Desktop Central directory traversal attempt (more info ...) | web-application-attack | 2018-12999 | |||
| 59357 | SERVER-WEBAPP Zoho ManageEngine Desktop Central directory traversal attempt (more info ...) | web-application-attack | 2018-12999 | |||
| 59368 | SERVER-WEBAPP GitLab Wiki API Attachments command injection attempt (more info ...) | web-application-attack | 2018-18649 | |||
| 59369 | SERVER-WEBAPP GitLab Wiki API Attachments command injection attempt (more info ...) | web-application-attack | 2018-18649 | |||
| 59370 | SERVER-WEBAPP GitLab Wiki API Attachments command injection attempt (more info ...) | web-application-attack | 2018-18649 | |||
| 59371 | SERVER-WEBAPP GitLab Wiki API Attachments command injection attempt (more info ...) | web-application-attack | 2018-18649 | |||
| 59372 | SERVER-WEBAPP NetGain Systems Enterprise Manager directory traversal attempt (more info ...) | web-application-attack | 2017-16599 | |||
| 59373 | SERVER-WEBAPP NetGain Systems Enterprise Manager directory traversal attempt (more info ...) | web-application-attack | 2017-16599 | |||
| 59374 | SERVER-WEBAPP NetGain Systems Enterprise Manager directory traversal attempt (more info ...) | web-application-attack | 2017-16599 | |||
| 59385 | SERVER-WEBAPP Advantech WebAccess NMS download directory traversal attempt (more info ...) | web-application-attack | 2020-10631 | |||
| 59386 | SERVER-WEBAPP Advantech WebAccess NMS download directory traversal attempt (more info ...) | web-application-attack | 2020-10631 | |||
| 59387 | SERVER-WEBAPP Advantech WebAccess NMS download directory traversal attempt (more info ...) | web-application-attack | 2020-10631 | |||
| 59388 | SERVER-WEBAPP Spring Cloud Gateway Spring Expression Language injection attempt (more info ...) | web-application-attack | 2022-22963 | URL | ||
| 59415 | SERVER-OTHER Tarantool xrow_header_decode out of bounds read attempt (more info ...) | attempted-dos | 2016-9037 | URL | ||
| 59441 | SERVER-OTHER OpenSLP slp_process.c heap overflow attempt (more info ...) | attempted-user | 2019-5544 | URL | ||
| 59442 | SERVER-OTHER OpenSLP slp_process.c heap overflow attempt (more info ...) | attempted-user | 2019-5544 | URL | ||
| 59443 | SERVER-WEBAPP Trend Micro Interscan MailNotification buffer overflow attempt (more info ...) | attempted-user | 2020-28579 | URL | ||
| 59444 | SERVER-WEBAPP Trend Micro Interscan MailNotification buffer overflow attempt (more info ...) | attempted-user | 2020-28579 | URL | ||
| 59450 | OS-OTHER TRUFFLEHUNTER TALOS-2022-1497 attack attempt (more info ...) | attempted-recon | URL | |||
| 59451 | OS-OTHER TRUFFLEHUNTER TALOS-2022-1497 attack attempt (more info ...) | attempted-recon | URL | |||
| 59452 | FILE-OTHER 7-Zip crafted RAR solid compression memory corruption attempt (more info ...) | attempted-user | 2018-10115 | |||
| 59453 | FILE-OTHER 7-Zip crafted RAR solid compression memory corruption attempt (more info ...) | attempted-user | 2018-10115 | |||
| 59454 | FILE-OTHER Perl archive tar arbitrary file overwrite attempt (more info ...) | attempted-user | 2018-12015 | |||
| 59455 | FILE-OTHER Perl archive tar arbitrary file overwrite attempt (more info ...) | attempted-user | 2018-12015 | |||
| 59456 | FILE-OTHER Perl archive tar arbitrary file overwrite attempt (more info ...) | attempted-user | 2018-12015 | |||
| 59457 | FILE-OTHER Perl archive tar arbitrary file overwrite attempt (more info ...) | attempted-user | 2018-12015 | |||
| 59465 | FILE-OTHER Fuji Electric V-Server VPR heap buffer overflow attempt (more info ...) | attempted-user | 2019-18240 | |||
| 59466 | FILE-OTHER Fuji Electric V-Server VPR heap buffer overflow attempt (more info ...) | attempted-user | 2019-18240 | |||
| 59467 | FILE-PDF Foxit Reader and PhantonPDF XFA gotoURL command injection attempt (more info ...) | attempted-user | 2017-10953 | |||
| 59468 | FILE-PDF Foxit Reader and PhantonPDF XFA gotoURL command injection attempt (more info ...) | attempted-user | 2017-10953 | |||
| 59482 | SERVER-WEBAPP Oracle Business Intelligencee BIRemotingServlet deserialization remote code execution attempt (more info ...) | attempted-user | 2020-2950 | URL | ||
| 59489 | SERVER-WEBAPP Oracle WebLogic Server FileDistributionServlet information disclosure attempt (more info ...) | attempted-user | 2019-2615 | |||
| 59490 | SERVER-WEBAPP Oracle WebLogic Server FileDistributionServlet information disclosure attempt (more info ...) | attempted-user | 2019-2615 | |||
| 59491 | SERVER-WEBAPP Oracle WebLogic Server FileDistributionServlet information disclosure attempt (more info ...) | attempted-user | 2019-2615 | |||
| 59499 | SERVER-WEBAPP Symantec Encryption Management Server command injection attempt (more info ...) | web-application-attack | 2014-7288 | 72308 | ||
| 59500 | PUA-OTHER XMRig cryptocurrency miner outbound connection (more info ...) | policy-violation | URL | |||
| 59507 | FILE-OTHER ClamAV OLE2 uniq_add out of bounds write attempt (more info ...) | attempted-dos | 2019-1788 | |||
| 59508 | FILE-OTHER ClamAV OLE2 uniq_add out of bounds write attempt (more info ...) | attempted-dos | 2019-1788 | |||
| 59509 | FILE-OTHER ClamAV OLE2 uniq_add out of bounds write attempt (more info ...) | attempted-dos | 2019-1788 | |||
| 59510 | FILE-OTHER ClamAV OLE2 uniq_add out of bounds write attempt (more info ...) | attempted-dos | 2019-1788 | |||
| 59514 | SERVER-WEBAPP CentOS Web Panel authentication bypass attempt (more info ...) | web-application-attack | 2021-45467 | URL | ||
| 59525 | OS-WINDOWS Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-24542 | URL | ||
| 59526 | OS-WINDOWS Windows Win32k elevation of privilege attempt (more info ...) | attempted-admin | 2022-24542 | URL | ||
| 59528 | PROTOCOL-OTHER cURL libcurl NtLM type 3 stack based buffer overflow attempt (more info ...) | attempted-user | 2019-3822 | |||
| 59538 | BROWSER-OTHER Electronic Arts Origin Client template injection attempt (more info ...) | attempted-user | 2019-11354 | |||
| 59539 | SERVER-WEBAPP Zoho ManageEngine DataSecurity Plus Xnode default credential authentication attempt (more info ...) | attempted-admin | 2020-11532 | URL | ||
| 59540 | SERVER-WEBAPP Zoho ManageEngine DataSecurity Plus Xnode directory traversal attempt (more info ...) | web-application-attack | 2020-11531 | URL | ||
| 59541 | SERVER-WEBAPP Harbor Project Harbor admin account creation attempt (more info ...) | attempted-admin | 2019-16097 | URL | ||
| 59599 | PROTOCOL-SCADA OPCUA authentication brute force attempt (more info ...) | attempted-admin | URL | |||
| 59601 | SERVER-OTHER Schneider Electric Codesys PLC denial of service attempt (more info ...) | attempted-dos | URL | |||
| 59602 | SERVER-OTHER Schneider Electric Codesys PLC unauthorized login attempt (more info ...) | attempted-admin | URL | |||
| 59603 | SERVER-OTHER Schneider Electric Codesys PLC unauthorized login attempt (more info ...) | attempted-admin | URL | |||
| 59604 | SERVER-WEBAPP OmronShell telnetExploit command attempt (more info ...) | attempted-admin | URL | |||
| 59605 | SERVER-WEBAPP OmronShell telnetExploit command attempt (more info ...) | attempted-admin | URL | |||
| 59637 | OS-WINDOWS TRUFFLEHUNTER TALOS-2022-1514 attack attempt (more info ...) | attempted-dos | URL | |||
| 59638 | OS-WINDOWS TRUFFLEHUNTER TALOS-2022-1514 attack attempt (more info ...) | attempted-dos | URL | |||
| 59642 | OS-WINDOWS TRUFFLEHUNTER TALOS-2022-1515 attack attempt (more info ...) | attempted-dos | URL | |||
| 59643 | OS-WINDOWS TRUFFLEHUNTER TALOS-2022-1515 attack attempt (more info ...) | attempted-dos | URL | |||
| 59644 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1516 attack attempt (more info ...) | attempted-user | URL | |||
| 59645 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1516 attack attempt (more info ...) | attempted-user | URL | |||
| 59647 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27945 | |||
| 59648 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27945 | |||
| 59649 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27945 | |||
| 59650 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27945 | |||
| 59652 | SERVER-WEBAPP WSO2 multiple products directory traversal attempt (more info ...) | web-application-attack | 2022-29464 | |||
| 59671 | SERVER-OTHER HPE Intelligence Management Center RMI remote code execution attempt (more info ...) | attempted-admin | 2017-5792 | URL | ||
| 59710 | SERVER-WEBAPP HPE Intelligent Management Center ByteMessageResource insecure deserialization attempt (more info ...) | attempted-admin | 2019-11956 | |||
| 59711 | SERVER-WEBAPP HPE Intelligent Management Center ByteMessageResource insecure deserialization attempt (more info ...) | attempted-admin | 2019-11956 | |||
| 59718 | SERVER-WEBAPP Xinuos Openserver command injection attempt (more info ...) | web-application-attack | 2020-25494 | URL | ||
| 59719 | SERVER-WEBAPP Xinuos Openserver command injection attempt (more info ...) | web-application-attack | 2020-25494 | URL | ||
| 59720 | SERVER-WEBAPP Xinuos Openserver command injection attempt (more info ...) | web-application-attack | 2020-25494 | |||
| 59721 | SERVER-WEBAPP Xinuos Openserver command injection attempt (more info ...) | web-application-attack | 2020-25494 | URL | ||
| 59735 | SERVER-WEBAPP F5 BIG-IP iControl remote code execution attempt (more info ...) | attempted-user | 2022-1388 | |||
| 59738 | OS-WINDOWS Windows Network File System remote code execution attempt (more info ...) | attempted-admin | 2022-26937 | URL | ||
| 59740 | OS-WINDOWS Windows Network File System remote code execution attempt (more info ...) | attempted-admin | 2022-26937 | URL | ||
| 59790 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59791 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59793 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59794 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59804 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59805 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59806 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59807 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59808 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59809 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59810 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59811 | SERVER-WEBAPP LG N1A1 NAS command injection attempt (more info ...) | web-application-attack | 2018-14839 | |||
| 59813 | SERVER-WEBAPP Citrix SD-WAN Appliance command injection attempt (more info ...) | web-application-attack | 2019-12991 | URL | ||
| 59814 | SERVER-WEBAPP Citrix SD-WAN Appliance command injection attempt (more info ...) | web-application-attack | 2019-12991 | URL | ||
| 59815 | SERVER-WEBAPP Citrix SD-WAN Appliance command injection attempt (more info ...) | web-application-attack | 2019-12991 | URL | ||
| 59816 | SERVER-WEBAPP Citrix SD-WAN Appliance command injection attempt (more info ...) | web-application-attack | 2019-12991 | URL | ||
| 59817 | SERVER-WEBAPP Netgear R8500 multiple parameters command injection attempt (more info ...) | web-application-attack | 2022-27946 | |||
| 59818 | SERVER-WEBAPP Netgear R8500 multiple parameters command injection attempt (more info ...) | web-application-attack | 2022-27946 | |||
| 59819 | SERVER-WEBAPP Netgear R8500 multiple parameters command injection attempt (more info ...) | web-application-attack | 2022-27946 | |||
| 59820 | SERVER-WEBAPP Netgear R8500 multiple parameters command injection attempt (more info ...) | web-application-attack | 2022-27946 | |||
| 59823 | SERVER-WEBAPP VMware Workspace ONE Access server side template injection attempt (more info ...) | attempted-admin | 2022-22954 | URL | ||
| 59824 | SERVER-WEBAPP VMware Workspace ONE Access server side template injection attempt (more info ...) | attempted-admin | 2022-22954 | URL | ||
| 59832 | SERVER-OTHER WatchGuard Firebox and XTM remote code execution attempt (more info ...) | attempted-user | 2022-26318 | |||
| 59865 | SERVER-ORACLE Oracle WebLogic Coherence library remote code execution attempt (more info ...) | attempted-user | 2020-2555 | |||
| 59866 | SERVER-OTHER Debian Redis Lua sandbox escape attempt (more info ...) | attempted-user | 2022-0543 | |||
| 59867 | SERVER-OTHER Debian Redis Lua sandbox escape attempt (more info ...) | attempted-user | 2022-0543 | |||
| 59877 | FILE-OTHER PEAR Archive Tar code deserialization attempt (more info ...) | attempted-user | 2020-28949 | URL | ||
| 59878 | FILE-OTHER PEAR Archive Tar code deserialization attempt (more info ...) | attempted-user | 2020-28949 | URL | ||
| 59881 | SERVER-OTHER Citrix FileShare remote file inclusion attempt (more info ...) | attempted-user | 2021-22941 | URL | ||
| 59886 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1522 attack attempt (more info ...) | web-application-attack | 2022-29888 | URL | ||
| 59895 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1524 attack attempt (more info ...) | attempted-admin | 2022-29496 | URL | ||
| 59916 | SERVER-WEBAPP Netgear ProSAFE switch debug command execution attempt (more info ...) | attempted-user | 2020-26919 | URL | ||
| 59921 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27947 | |||
| 59922 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27947 | |||
| 59923 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27947 | |||
| 59924 | SERVER-WEBAPP Netgear R8500 command injection attempt (more info ...) | web-application-attack | 2022-27947 | |||
| 59925 | SERVER-WEBAPP Multiple products OGNL expression injection attempt (more info ...) | attempted-admin | ||||
| 59926 | INDICATOR-COMPROMISE Python remote shell spawn attempt (more info ...) | misc-attack | ||||
| 59927 | MALWARE-BACKDOOR Jsp.Webshell.TinyUploader upload attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59928 | MALWARE-BACKDOOR Jsp.Webshell.Chopper webshell download attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59929 | MALWARE-BACKDOOR Jsp.Webshell.Behinder download attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59930 | MALWARE-BACKDOOR Jsp.Webshell.Noop download attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59931 | MALWARE-BACKDOOR Jsp.Webshell.Chopper upload attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59932 | MALWARE-BACKDOOR Jsp.Webshell.Behinder upload attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59933 | MALWARE-BACKDOOR Jsp.Webshell.Noop upload attempt (more info ...) | trojan-activity | 2022-26134 | URL | ||
| 59934 | SERVER-WEBAPP Atlassian Confluence OGNL expression injection attempt (more info ...) | attempted-user | 2022-26134 | |||
| 59939 | SERVER-WEBAPP Zyxel Firewall command injection attempt (more info ...) | web-application-attack | 2022-30525 | |||
| 59940 | SERVER-WEBAPP DotCMS directory traversal attempt (more info ...) | web-application-attack | 2022-26352 | |||
| 59941 | SERVER-WEBAPP Atlassian Confluence OGNL expression injection attempt (more info ...) | attempted-user | 2022-26134 | |||
| 59942 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1525 attack attempt (more info ...) | attempted-user | URL | |||
| 59943 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1525 attack attempt (more info ...) | attempted-user | URL | |||
| 59947 | SERVER-WEBAPP Atlassian Confluence OGNL expression injection attempt (more info ...) | attempted-user | 2022-26134 | |||
| 59948 | SERVER-WEBAPP Atlassian Confluence OGNL expression injection attempt (more info ...) | attempted-user | 2022-26134 | |||
| 59951 | SERVER-WEBAPP D-Link router command injection attempt (more info ...) | web-application-attack | 2021-45382 | |||
| 59952 | SERVER-WEBAPP D-Link router command injection attempt (more info ...) | web-application-attack | 2021-45382 | |||
| 59953 | SERVER-WEBAPP D-Link router command injection attempt (more info ...) | web-application-attack | 2021-45382 | |||
| 59954 | SERVER-WEBAPP D-Link router command injection attempt (more info ...) | web-application-attack | 2021-45382 | |||
| 59959 | SERVER-WEBAPP D-Link command injection attempt (more info ...) | web-application-attack | 2019-16920 | |||
| 59960 | SERVER-WEBAPP D-Link command injection attempt (more info ...) | web-application-attack | 2019-16920 | |||
| 59961 | SERVER-WEBAPP D-Link command injection attempt (more info ...) | web-application-attack | 2019-16920 | |||
| 59962 | SERVER-WEBAPP D-Link command injection attempt (more info ...) | web-application-attack | 2019-16920 | |||
| 59963 | SERVER-WEBAPP FatPipe WARP and VPN arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2021-27860 | |||
| 59964 | SERVER-WEBAPP SonicWall SMA and SRA Appliances directory traversal attempt (more info ...) | web-application-attack | 2019-7483 | |||
| 59965 | SERVER-WEBAPP SonicWall SMA and SRA Appliances directory traversal attempt (more info ...) | web-application-attack | 2019-7483 | |||
| 59966 | SERVER-WEBAPP SonicWall SMA and SRA Appliances directory traversal attempt (more info ...) | web-application-attack | 2019-7483 | |||
| 59973 | SERVER-WEBAPP SonicWall SMA 100 remote unauthenticated buffer overflow attempt (more info ...) | attempted-user | 2021-20038 | URL | ||
| 59982 | MALWARE-OTHER Win.Trojan.Mimikatz binary download (more info ...) | trojan-activity | ||||
| 59983 | MALWARE-OTHER Win.Trojan.Mimikatz binary download (more info ...) | trojan-activity | ||||
| 59984 | MALWARE-OTHER Win.Ransomware.AvosLocker ransomware binary download (more info ...) | trojan-activity | ||||
| 59985 | MALWARE-OTHER Win.Ransomware.AvosLocker ransomware binary download (more info ...) | trojan-activity | ||||
| 59988 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1539 attack attempt (more info ...) | attempted-user | 2022-30690 | URL | ||
| 59989 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1539 attack attempt (more info ...) | attempted-user | 2022-30690 | URL | ||
| 59990 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1531 attack attempt (more info ...) | web-application-attack | 2022-27498 | URL | ||
| 59991 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1531 attack attempt (more info ...) | web-application-attack | 2022-27498 | URL | ||
| 59992 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1531 attack attempt (more info ...) | web-application-attack | 2022-27498 | URL | ||
| 59993 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1540 attack attempt (more info ...) | attempted-user | 2022-28712 | URL | ||
| 59994 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1540 attack attempt (more info ...) | attempted-user | 2022-28712 | URL | ||
| 59995 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1546 attack attempt (more info ...) | web-application-attack | 2022-32572 | URL | ||
| 59996 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1546 attack attempt (more info ...) | web-application-attack | 2022-32572 | URL | ||
| 59997 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1546 attack attempt (more info ...) | web-application-attack | 2022-32572 | URL | ||
| 59998 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1546 attack attempt (more info ...) | web-application-attack | 2022-32572 | URL | ||
| 59999 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1541 attack attempt (more info ...) | attempted-user | 2022-32763 | URL | ||
| 60000 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1541 attack attempt (more info ...) | attempted-user | 2022-32763 | URL | ||
| 60001 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1532 attack attempt (more info ...) | attempted-user | 2022-28703 | URL | ||
| 60002 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1532 attack attempt (more info ...) | attempted-user | 2022-28703 | URL | ||
| 60003 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1538 attack attempt (more info ...) | attempted-user | 2022-32770 | URL | ||
| 60004 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1538 attack attempt (more info ...) | attempted-user | 2022-32771 | URL | ||
| 60005 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1538 attack attempt (more info ...) | attempted-user | 2022-32772 | URL | ||
| 60006 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1537 attack attempt (more info ...) | attempted-user | 2022-26842 | URL | ||
| 60007 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33325 | URL | ||
| 60008 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33325 | URL | ||
| 60009 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33325 | URL | ||
| 60010 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33325 | URL | ||
| 60011 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33326 | URL | ||
| 60012 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33326 | URL | ||
| 60013 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33326 | URL | ||
| 60014 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33326 | URL | ||
| 60015 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33328 | URL | ||
| 60016 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33328 | URL | ||
| 60017 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33328 | URL | ||
| 60018 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33328 | URL | ||
| 60019 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33329 | URL | ||
| 60020 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33329 | URL | ||
| 60021 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33329 | URL | ||
| 60022 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1573 attack attempt (more info ...) | web-application-attack | 2022-33329 | URL | ||
| 60023 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33312 | URL | ||
| 60024 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33312 | URL | ||
| 60025 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33312 | URL | ||
| 60026 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33312 | URL | ||
| 60027 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33313 | URL | ||
| 60028 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33313 | URL | ||
| 60029 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33313 | URL | ||
| 60030 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33313 | URL | ||
| 60031 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33314 | URL | ||
| 60032 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33314 | URL | ||
| 60033 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33314 | URL | ||
| 60034 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1572 attack attempt (more info ...) | web-application-attack | 2022-33314 | URL | ||
| 60043 | SERVER-WEBAPP Comtrend VR-3033 routers command injection attempt (more info ...) | web-application-attack | 2020-10173 | URL | ||
| 60044 | SERVER-WEBAPP Comtrend VR-3033 routers command injection attempt (more info ...) | web-application-attack | 2020-10173 | URL | ||
| 60045 | SERVER-WEBAPP Comtrend VR-3033 routers command injection attempt (more info ...) | web-application-attack | 2020-10173 | URL | ||
| 60046 | SERVER-WEBAPP Comtrend VR-3033 routers command injection attempt (more info ...) | web-application-attack | 2020-10173 | URL | ||
| 60054 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1528 attack attempt (more info ...) | web-application-attack | 2022-32573 | URL | ||
| 60055 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1528 attack attempt (more info ...) | web-application-attack | 2022-32573 | URL | ||
| 60056 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1528 attack attempt (more info ...) | web-application-attack | 2022-32573 | URL | ||
| 60062 | SERVER-WEBAPP Sonic Wall SRA and SMA command injection attempt (more info ...) | web-application-attack | 2019-7486 | |||
| 60063 | SERVER-WEBAPP Sonic Wall SRA and SMA command injection attempt (more info ...) | web-application-attack | 2019-7486 | |||
| 60064 | SERVER-WEBAPP Sonic Wall SRA and SMA command injection attempt (more info ...) | web-application-attack | 2019-7486 | |||
| 60065 | SERVER-WEBAPP Sonic Wall SRA and SMA command injection attempt (more info ...) | web-application-attack | 2019-7486 | |||
| 60071 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1547 attack attempt (more info ...) | web-application-attack | 2022-30547 | URL | ||
| 60072 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1547 attack attempt (more info ...) | web-application-attack | 2022-30547 | URL | ||
| 60079 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1534 attack attempt (more info ...) | attempted-user | 2022-29468 | URL | ||
| 60080 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1534 attack attempt (more info ...) | attempted-user | 2022-29468 | URL | ||
| 60092 | SERVER-WEBAPP Kaseya VSA arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2021-30118 | |||
| 60096 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1566 attack attempt (more info ...) | web-application-attack | 2022-29472 | URL | ||
| 60097 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1566 attack attempt (more info ...) | web-application-attack | 2022-29472 | URL | ||
| 60098 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1566 attack attempt (more info ...) | web-application-attack | 2022-29472 | URL | ||
| 60099 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1566 attack attempt (more info ...) | web-application-attack | 2022-29472 | URL | ||
| 60100 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1562 attack attempt (more info ...) | web-application-attack | 2022-30603 | URL | ||
| 60101 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1562 attack attempt (more info ...) | web-application-attack | 2022-30603 | URL | ||
| 60102 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1562 attack attempt (more info ...) | web-application-attack | 2022-30603 | URL | ||
| 60103 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1562 attack attempt (more info ...) | web-application-attack | 2022-30603 | URL | ||
| 60105 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1563 attack attempt (more info ...) | web-application-attack | 2022-32586 | URL | ||
| 60106 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1563 attack attempt (more info ...) | web-application-attack | 2022-32586 | URL | ||
| 60107 | SERVER-WEBAPP QNAP QTS command injection attempt (more info ...) | web-application-attack | 2020-2509 | URL | ||
| 60108 | SERVER-WEBAPP QNAP QTS command injection attempt (more info ...) | web-application-attack | 2020-2509 | URL | ||
| 60109 | SERVER-WEBAPP QNAP QTS command injection attempt (more info ...) | web-application-attack | 2020-2509 | URL | ||
| 60110 | SERVER-WEBAPP QNAP QTS command injection attempt (more info ...) | web-application-attack | 2020-2509 | URL | ||
| 60111 | SERVER-WEBAPP SAP NetWeaver arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2021-38163 | |||
| 60112 | SERVER-WEBAPP SAP NetWeaver directory traversal attempt (more info ...) | web-application-attack | 2021-38163 | |||
| 60113 | SERVER-WEBAPP SAP NetWeaver directory traversal attempt (more info ...) | web-application-attack | 2021-38163 | |||
| 60114 | SERVER-WEBAPP SAP NetWeaver directory traversal attempt (more info ...) | web-application-attack | 2021-38163 | |||
| 60121 | SERVER-WEBAPP MiVoice Connect command injection attempt (more info ...) | attempted-user | 2022-29499 | URL | ||
| 60122 | SERVER-WEBAPP MiVoice Connect command injection attempt (more info ...) | attempted-user | 2022-29499 | URL | ||
| 60123 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1556 attack attempt (more info ...) | attempted-admin | 2022-32773 | URL | ||
| 60124 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1558 attack attempt (more info ...) | attempted-admin | 2022-33189 | URL | ||
| 60125 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1557 attack attempt (more info ...) | attempted-admin | 2022-30541 | URL | ||
| 60126 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1561 attack attempt (more info ...) | attempted-admin | 2022-29520 | URL | ||
| 60127 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1560 attack attempt (more info ...) | attempted-admin | 2022-32454 | URL | ||
| 60128 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1555 attack attempt (more info ...) | attempted-dos | 2022-32760 | URL | ||
| 60129 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1568 attack attempt (more info ...) | web-application-attack | 2022-33207 | URL | ||
| 60130 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1568 attack attempt (more info ...) | web-application-attack | 2022-33207 | URL | ||
| 60131 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1568 attack attempt (more info ...) | web-application-attack | 2022-33207 | URL | ||
| 60132 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1568 attack attempt (more info ...) | web-application-attack | 2022-33207 | URL | ||
| 60133 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | attempted-admin | 2022-33192 | URL | ||
| 60134 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | attempted-admin | 2022-33194 | URL | ||
| 60135 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | attempted-admin | 2022-33195 | URL | ||
| 60136 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | web-application-attack | 2022-33195 | URL | ||
| 60137 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | web-application-attack | 2022-33195 | URL | ||
| 60138 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | web-application-attack | 2022-33195 | URL | ||
| 60139 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | web-application-attack | 2022-33195 | URL | ||
| 60140 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | web-application-attack | 2022-33195 | URL | ||
| 60141 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1559 attack attempt (more info ...) | web-application-attack | 2022-33195 | URL | ||
| 60142 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1529 attack attempt (more info ...) | web-application-attack | 2022-29517 | URL | ||
| 60143 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1529 attack attempt (more info ...) | web-application-attack | 2022-29517 | URL | ||
| 60144 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1529 attack attempt (more info ...) | web-application-attack | 2022-29517 | URL | ||
| 60145 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33147 | URL | ||
| 60146 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33147 | URL | ||
| 60147 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33147 | URL | ||
| 60148 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33148 | URL | ||
| 60149 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33148 | URL | ||
| 60150 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33148 | URL | ||
| 60151 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33149 | URL | ||
| 60152 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33149 | URL | ||
| 60153 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1551 attack attempt (more info ...) | web-application-attack | 2022-33149 | URL | ||
| 60156 | SERVER-WEBAPP Tenda Router formPing command injection attempt (more info ...) | web-application-attack | 2022-30023 | |||
| 60157 | SERVER-WEBAPP Tenda Router formPing command injection attempt (more info ...) | web-application-attack | 2022-30023 | |||
| 60158 | SERVER-WEBAPP Tenda Router formPing command injection attempt (more info ...) | web-application-attack | 2022-30023 | |||
| 60159 | SERVER-WEBAPP Tenda Router formPing command injection attempt (more info ...) | web-application-attack | 2022-30023 | |||
| 60160 | SERVER-WEBAPP Joomla Core directory traversal attempt (more info ...) | web-application-attack | 2019-10945 | |||
| 60161 | SERVER-WEBAPP Joomla Core directory traversal attempt (more info ...) | web-application-attack | 2019-10945 | |||
| 60162 | SERVER-WEBAPP Joomla Core directory traversal attempt (more info ...) | web-application-attack | 2019-10945 | |||
| 60163 | SERVER-WEBAPP DLINK HNAP command injection attempt (more info ...) | web-application-attack | URL | |||
| 60164 | SERVER-WEBAPP DLINK HNAP command injection attempt (more info ...) | web-application-attack | 2023-24762 | URL | ||
| 60167 | SERVER-WEBAPP QNAP NAS command injection attempt (more info ...) | web-application-attack | 2018-19949 | |||
| 60168 | SERVER-WEBAPP QNAP NAS command injection attempt (more info ...) | web-application-attack | 2018-19949 | |||
| 60169 | SERVER-WEBAPP QNAP NAS command injection attempt (more info ...) | web-application-attack | 2018-19949 | |||
| 60170 | SERVER-WEBAPP QNAP NAS command injection attempt (more info ...) | web-application-attack | 2018-19949 | |||
| 60176 | SERVER-WEBAPP Zoho ManageEngine ADAudit Plus XML external entity injection attempt (more info ...) | web-application-attack | 2022-28219 | |||
| 60184 | SERVER-WEBAPP Oracle ADF RemoteApplicationResourceLoader potential unsafe deserialization attempt (more info ...) | web-application-attack | 2022-21445 | |||
| 60197 | SERVER-WEBAPP D-Link SetNTPserverSeting command injection attempt (more info ...) | web-application-attack | 2022-28573 | |||
| 60200 | SERVER-OTHER IBM TM1 Planning Analytics unauthenticated remote code execution attempt (more info ...) | attempted-admin | 2019-4716 | URL | ||
| 60204 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1549 attack attempt (more info ...) | attempted-recon | 2022-32761 | URL | ||
| 60205 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1549 attack attempt (more info ...) | attempted-recon | 2022-32761 | URL | ||
| 60208 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1550 attack attempt (more info ...) | attempted-recon | 2022-28710 | URL | ||
| 60209 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1571 attack attempt (more info ...) | attempted-dos | 2022-33897 | URL | ||
| 60210 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1571 attack attempt (more info ...) | attempted-dos | 2022-33897 | URL | ||
| 60211 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1571 attack attempt (more info ...) | attempted-dos | 2022-33897 | URL | ||
| 60217 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1554 attack attempt (more info ...) | web-application-attack | 2022-29477 | URL | ||
| 60218 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1564 attack attempt (more info ...) | web-application-attack | 2022-32775 | URL | ||
| 60219 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1530 attack attempt (more info ...) | attempted-recon | 2022-29511 | URL | ||
| 60224 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1565 attack attempt (more info ...) | attempted-dos | 2022-32574 | URL | ||
| 60225 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1544 attack attempt (more info ...) | attempted-user | 2022-32588 | URL | ||
| 60226 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1544 attack attempt (more info ...) | attempted-user | 2022-32588 | URL | ||
| 60230 | SERVER-WEBAPP NETGEAR router remote code execution attempt (more info ...) | attempted-user | 2017-6862 | URL | ||
| 60231 | SERVER-WEBAPP Festo CECC-X-M1 cecc-x-acknerr-request command injection attempt (more info ...) | web-application-attack | 2022-30310 | |||
| 60232 | SERVER-WEBAPP Festo CECC-X-M1 cecc-x-acknerr-request command injection attempt (more info ...) | web-application-attack | 2022-30310 | |||
| 60233 | SERVER-WEBAPP Festo CECC-X-M1 cecc-x-refresh-request command injection attempt (more info ...) | web-application-attack | 2022-30311 | |||
| 60234 | SERVER-WEBAPP Festo CECC-X-M1 cecc-x-refresh-request command injection attempt (more info ...) | web-application-attack | 2022-30311 | |||
| 60235 | SERVER-WEBAPP Festo CECC-X-M1 cecc-x-web-viewer-request command injection attempt (more info ...) | web-application-attack | 2022-30309 | |||
| 60236 | SERVER-WEBAPP Festo CECC-X-M1 cecc-x-web-viewer-request command injection attempt (more info ...) | web-application-attack | 2022-30309 | |||
| 60237 | OS-WINDOWS Dell dbutil driver escalation of privilege attempt (more info ...) | attempted-admin | 2021-21551 | |||
| 60238 | OS-WINDOWS Dell dbutil driver escalation of privilege attempt (more info ...) | attempted-admin | 2021-21551 | |||
| 60239 | MALWARE-OTHER Win.Ransomware.Magniber download attempt (more info ...) | trojan-activity | URL | |||
| 60240 | SERVER-WEBAPP Spring Cloud Config directory traversal attempt (more info ...) | web-application-attack | 2020-5410 | |||
| 60247 | MALWARE-OTHER MultiOS.Backdoor.GoMet agent download attempt (more info ...) | trojan-activity | URL | |||
| 60248 | MALWARE-OTHER MultiOS.Backdoor.GoMet agent download attempt (more info ...) | trojan-activity | URL | |||
| 60249 | MALWARE-OTHER MultiOS.Backdoor.GoMet agent download attempt (more info ...) | trojan-activity | URL | |||
| 60250 | MALWARE-OTHER MultiOS.Backdoor.GoMet agent download attempt (more info ...) | trojan-activity | URL | |||
| 60253 | MALWARE-OTHER MultiOS.Backdoor.GoMet agent download attempt (more info ...) | trojan-activity | URL | |||
| 60257 | SERVER-WEBAPP Oracle Business Intelligence Enterprise Edition getPreviewImage directory traversal attempt (more info ...) | web-application-attack | 2020-14864 | |||
| 60258 | SERVER-WEBAPP Oracle Business Intelligence Enterprise Edition getPreviewImage directory traversal attempt (more info ...) | web-application-attack | 2020-14864 | |||
| 60259 | SERVER-WEBAPP Oracle Business Intelligence Enterprise Edition getPreviewImage directory traversal attempt (more info ...) | web-application-attack | 2020-14864 | |||
| 60260 | OS-OTHER Apple CoreGraphics library out of bounds write attempt (more info ...) | attempted-user | 2021-30860 | URL | ||
| 60261 | OS-OTHER Apple CoreGraphics library out of bounds write attempt (more info ...) | attempted-user | 2021-30860 | URL | ||
| 60262 | SERVER-WEBAPP WatchGuard Firebox and XTM appliances privilege escalation attempt (more info ...) | attempted-admin | 2022-23176 | |||
| 60263 | SERVER-WEBAPP WatchGuard Firebox and XTM appliances privilege escalation attempt (more info ...) | attempted-admin | 2022-23176 | |||
| 60265 | MALWARE-OTHER Win.Backdoor.TreeTrunk download attempt (more info ...) | trojan-activity | URL | |||
| 60267 | MALWARE-OTHER Win.Backdoor.TreeTrunk download attempt (more info ...) | attempted-user | URL | |||
| 60280 | SERVER-WEBAPP Atlassian Confluence hardcoded credentials use attempt (more info ...) | web-application-attack | 2022-26138 | URL | ||
| 60281 | SERVER-WEBAPP Atlassian Confluence hardcoded credentials use attempt (more info ...) | web-application-attack | 2022-26138 | URL | ||
| 60287 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1582 attack attempt (more info ...) | attempted-admin | 2022-35244 | URL | ||
| 60288 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1584 attack attempt (more info ...) | attempted-admin | 2022-33938 | URL | ||
| 60303 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | attempted-admin | 2022-35874 | URL | ||
| 60304 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | attempted-admin | 2022-35875 | URL | ||
| 60305 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | attempted-admin | 2022-33877 | URL | ||
| 60306 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | web-application-attack | 2022-35877 | URL | ||
| 60307 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | web-application-attack | 2022-35877 | URL | ||
| 60308 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | web-application-attack | 2022-35877 | URL | ||
| 60309 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1581 attack attempt (more info ...) | web-application-attack | 2022-35877 | URL | ||
| 60310 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1585 attack attempt (more info ...) | web-application-attack | 2022-35887 | URL | ||
| 60311 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1585 attack attempt (more info ...) | web-application-attack | 2022-35887 | URL | ||
| 60326 | OS-OTHER Apple multiple products memory corruption attempt (more info ...) | attempted-admin | 2021-30900 | URL | ||
| 60327 | OS-OTHER Apple multiple products memory corruption attempt (more info ...) | attempted-admin | 2021-30900 | URL | ||
| 60328 | SERVER-WEBAPP Atlassian Jira Seraph authentication bypass attempt (more info ...) | attempted-user | 2022-0540 | URL | ||
| 60329 | SERVER-WEBAPP Atlassian Jira Seraph authentication bypass attempt (more info ...) | attempted-user | 2022-0540 | URL | ||
| 60332 | SERVER-WEBAPP UPnP SOAP request detected (more info ...) | protocol-command-decode | URL | |||
| 60333 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1583 attack attempt (more info ...) | attempted-admin | 2022-35880 | URL | ||
| 60334 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1583 attack attempt (more info ...) | attempted-admin | 2022-35881 | URL | ||
| 60335 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1583 attack attempt (more info ...) | attempted-admin | 2022-35881 | URL | ||
| 60336 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1583 attack attempt (more info ...) | attempted-admin | 2022-35879 | URL | ||
| 60364 | SERVER-WEBAPP AudioCode 400HD command injection attempt (more info ...) | web-application-attack | 2018-10093 | |||
| 60365 | SERVER-WEBAPP AudioCode 400HD command injection attempt (more info ...) | web-application-attack | 2018-10093 | URL | ||
| 60379 | OS-WINDOWS Windows Win32k escalation of privileges attempt (more info ...) | attempted-admin | 2022-34699 | URL | ||
| 60380 | OS-WINDOWS Windows Win32k escalation of privileges attempt (more info ...) | attempted-admin | 2022-34699 | URL | ||
| 60385 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1577 attack attempt (more info ...) | web-application-attack | 2022-33150 | URL | ||
| 60388 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1578 attack attempt (more info ...) | web-application-attack | 2022-34850 | URL | ||
| 60389 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1578 attack attempt (more info ...) | web-application-attack | 2022-34850 | URL | ||
| 60390 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1578 attack attempt (more info ...) | web-application-attack | 2022-34850 | URL | ||
| 60391 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1578 attack attempt (more info ...) | web-application-attack | 2022-34850 | URL | ||
| 60394 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1586 attack attempt (more info ...) | attempted-admin | 2022-35401 | URL | ||
| 60397 | MALWARE-OTHER Robin Banks credential phishing attempt (more info ...) | trojan-activity | URL | |||
| 60398 | MALWARE-OTHER Robin Banks credential phishing attempt (more info ...) | trojan-activity | URL | |||
| 60403 | SERVER-WEBAPP VMware Workspace ONE Access and vRealize Automation authentication bypass attempt (more info ...) | attempted-user | 2022-31656 | URL | ||
| 60404 | OS-MOBILE Apple iOS cfprefsd daemon privilege escalation attempt (more info ...) | attempted-admin | 2019-7286 | URL | ||
| 60405 | OS-MOBILE Apple iOS cfprefsd daemon privilege escalation attempt (more info ...) | attempted-admin | 2019-7286 | URL | ||
| 60406 | OS-MOBILE Android Binder out of bounds write attempt (more info ...) | attempted-admin | 2020-0041 | URL | ||
| 60407 | OS-MOBILE Android Binder out of bounds write attempt (more info ...) | attempted-admin | 2020-0041 | URL | ||
| 60408 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1588 attack attempt (more info ...) | attempted-dos | URL | |||
| 60409 | SERVER-WEBAPP Zimbra Collaboration memcached command injection attempt (more info ...) | attempted-user | 2022-27924 | |||
| 60410 | SERVER-WEBAPP Zimbra Collaboration memcached command injection attempt (more info ...) | attempted-user | 2022-27924 | |||
| 60411 | BROWSER-WEBKIT Apple WebKit property names type confusion attempt (more info ...) | attempted-user | 2021-1789 | |||
| 60412 | BROWSER-WEBKIT Apple WebKit property names type confusion attempt (more info ...) | attempted-user | 2021-1789 | |||
| 60415 | SERVER-OTHER VMware Workspace ONE Access privilege escalation attempt (more info ...) | attempted-admin | 2022-31659 | URL | ||
| 60418 | SERVER-WEBAPP HID Mercury Access Controller command injection attempt (more info ...) | web-application-attack | 2022-31479 | URL | ||
| 60419 | SERVER-WEBAPP HID Mercury Access Controller command injection attempt (more info ...) | web-application-attack | 2022-31479 | URL | ||
| 60420 | SERVER-WEBAPP HID Mercury Access Controller command injection attempt (more info ...) | web-application-attack | 2022-31479 | URL | ||
| 60421 | SERVER-WEBAPP HID Mercury Access Controller command injection attempt (more info ...) | web-application-attack | 2022-31479 | URL | ||
| 60434 | SERVER-WEBAPP Zimbra directory traversal remote code execution attempt (more info ...) | web-application-attack | 2022-37042 | URL | ||
| 60441 | MALWARE-OTHER Win.Trojan.Redline variant download attempt (more info ...) | trojan-activity | URL | |||
| 60442 | MALWARE-OTHER Win.Trojan.Redline variant download attempt (more info ...) | trojan-activity | URL | |||
| 60443 | MALWARE-OTHER Win.Trojan.Matanbuchus variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 60444 | MALWARE-OTHER Win.Trojan.Matanbuchus variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 60446 | PROTOCOL-VOIP Realtek eCos SDK SIP parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2022-27255 | URL | ||
| 60447 | PROTOCOL-VOIP Realtek eCos SDK SIP parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2022-27255 | URL | ||
| 60448 | PROTOCOL-VOIP Realtek eCos SDK SIP parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2022-27255 | URL | ||
| 60449 | PROTOCOL-VOIP Realtek eCos SDK SIP parsing stack buffer overflow attempt (more info ...) | attempted-admin | 2022-27255 | URL | ||
| 60455 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1576 attack attempt (more info ...) | attempted-admin | 2022-32765 | URL | ||
| 60456 | FILE-OTHER UnRAR directory traversal attempt (more info ...) | attempted-user | 2022-30333 | URL | ||
| 60457 | FILE-OTHER UnRAR directory traversal attempt (more info ...) | attempted-user | 2022-30333 | URL | ||
| 60458 | SERVER-OTHER WatchGuard Firebox and XTM remote code execution attempt (more info ...) | attempted-user | 2022-26318 | |||
| 60473 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1592 attack attempt (more info ...) | attempted-dos | 2022-38393 | URL | ||
| 60474 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1596 attack attempt (more info ...) | web-application-attack | 2022-37337 | URL | ||
| 60475 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1596 attack attempt (more info ...) | web-application-attack | 2022-37337 | URL | ||
| 60476 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1596 attack attempt (more info ...) | web-application-attack | 2022-37337 | URL | ||
| 60477 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1596 attack attempt (more info ...) | web-application-attack | 2022-37337 | URL | ||
| 60487 | SERVER-WEBAPP Sophos Firewall User Portal and Webadmin authentication bypass attempt (more info ...) | attempted-admin | 2022-1040 | |||
| 60488 | MALWARE-OTHER PacketWhisper decloakify.py download attempt (more info ...) | trojan-activity | ||||
| 60489 | MALWARE-OTHER PacketWhisper decloakify.py download attempt (more info ...) | trojan-activity | ||||
| 60490 | MALWARE-OTHER PacketWhisper cloakify.py download attempt (more info ...) | trojan-activity | ||||
| 60491 | MALWARE-OTHER PacketWhisper cloakify.py download attempt (more info ...) | trojan-activity | ||||
| 60492 | MALWARE-OTHER PacketWhisper download attempt (more info ...) | trojan-activity | ||||
| 60493 | MALWARE-OTHER PacketWhisper download attempt (more info ...) | trojan-activity | ||||
| 60499 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1597 attack attempt (more info ...) | attempted-admin | 2022-36429 | URL | ||
| 60509 | SERVER-WEBAPP Grafana authentication bypass attempt (more info ...) | web-application-attack | 2021-39226 | URL | ||
| 60510 | SERVER-WEBAPP Grafana authentication bypass attempt (more info ...) | web-application-attack | 2021-39226 | URL | ||
| 60511 | SERVER-WEBAPP Grafana authentication bypass attempt (more info ...) | web-application-attack | 2021-39226 | URL | ||
| 60512 | MALWARE-OTHER Win.Trojan.Matanbuchus variant Cobalt Strike inbound connection (more info ...) | trojan-activity | URL | |||
| 60513 | MALWARE-OTHER Win.Trojan.Matanbuchus variant Cobalt Strike inbound connection (more info ...) | trojan-activity | URL | |||
| 60540 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1593 attack attempt (more info ...) | attempted-user | 2022-36788 | URL | ||
| 60541 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1593 attack attempt (more info ...) | attempted-user | 2022-36788 | URL | ||
| 60542 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1593 attack attempt (more info ...) | attempted-user | 2022-36788 | URL | ||
| 60543 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1593 attack attempt (more info ...) | attempted-user | 2022-36788 | URL | ||
| 60544 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1594 attack attempt (more info ...) | attempted-user | 2022-38072 | URL | ||
| 60545 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1594 attack attempt (more info ...) | attempted-user | 2022-38072 | URL | ||
| 60548 | SERVER-WEBAPP Sophos Firewall User Portal and Webadmin authentication bypass attempt (more info ...) | attempted-admin | 2022-1040 | |||
| 60551 | OS-WINDOWS DirectX Graphics kernel use after free attempt (more info ...) | attempted-admin | 2022-37954 | URL | ||
| 60552 | OS-WINDOWS DirectX Graphics kernel use after free attempt (more info ...) | attempted-admin | 2022-37954 | URL | ||
| 60553 | OS-WINDOWS ALPC Port Object elevation of privilege attempt (more info ...) | attempted-admin | 2022-34725 | URL | ||
| 60554 | OS-WINDOWS ALPC Port Object elevation of privilege attempt (more info ...) | attempted-admin | 2022-34725 | URL | ||
| 60555 | OS-WINDOWS Windows Common Log File System driver escalation of privileges attempt (more info ...) | attempted-admin | 2022-35803 | URL | ||
| 60556 | OS-WINDOWS Windows Common Log File System driver escalation of privileges attempt (more info ...) | attempted-admin | 2022-35803 | URL | ||
| 60557 | OS-WINDOWS Windows Common Log File System driver escalation of privileges attempt (more info ...) | attempted-admin | 2022-35803 | URL | ||
| 60558 | OS-WINDOWS Windows Common Log File System driver escalation of privileges attempt (more info ...) | attempted-admin | 2022-35803 | URL | ||
| 60559 | SERVER-WEBAPP Atlassian Confluence information disclosure attempt (more info ...) | web-application-attack | 2021-26085 | URL | ||
| 60560 | SERVER-WEBAPP Atlassian Confluence information disclosure attempt (more info ...) | web-application-attack | 2021-26085 | URL | ||
| 60561 | SERVER-WEBAPP D-Link DIR-820L command injection attempt (more info ...) | web-application-attack | 2022-26258 | |||
| 60562 | SERVER-WEBAPP D-Link DIR-820L command injection attempt (more info ...) | web-application-attack | 2022-26258 | |||
| 60563 | SERVER-WEBAPP D-Link DIR-820L command injection attempt (more info ...) | web-application-attack | 2022-26258 | |||
| 60564 | SERVER-WEBAPP D-Link DIR-820L command injection attempt (more info ...) | web-application-attack | 2022-26258 | |||
| 60565 | SERVER-WEBAPP D-Link getcfg value command injection attempt (more info ...) | web-application-attack | 2022-28958 | |||
| 60566 | SERVER-WEBAPP D-Link getcfg value command injection attempt (more info ...) | web-application-attack | 2022-28958 | |||
| 60567 | SERVER-WEBAPP D-Link getcfg value command injection attempt (more info ...) | web-application-attack | 2022-28958 | |||
| 60568 | SERVER-WEBAPP D-Link getcfg value command injection attempt (more info ...) | web-application-attack | 2022-28958 | |||
| 60570 | MALWARE-TOOLS Win.Trojan.Amadey malware tools download attempt (more info ...) | trojan-activity | URL | |||
| 60571 | MALWARE-TOOLS Win.Trojan.Amadey malware tools download attempt (more info ...) | trojan-activity | URL | |||
| 60572 | MALWARE-TOOLS Win.Trojan.Amadey malware tools download attempt (more info ...) | trojan-activity | URL | |||
| 60580 | SERVER-WEBAPP KeySight N6854A and N6841A RF Sensor directory traversal attempt (more info ...) | attempted-user | 2022-1661 | |||
| 60581 | SERVER-WEBAPP GitLab project import command injection attempt (more info ...) | web-application-attack | 2022-2185 | URL | ||
| 60582 | MALWARE-OTHER Perl.Webshell.GammaShell upload attempt (more info ...) | trojan-activity | URL | |||
| 60583 | MALWARE-OTHER Perl.Webshell.GammaShell download attempt (more info ...) | trojan-activity | URL | |||
| 60588 | MALWARE-OTHER Perl.Webshell.GoShell upload attempt (more info ...) | trojan-activity | URL | |||
| 60592 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1602 attack attempt (more info ...) | attempted-user | 2022-37332 | URL | ||
| 60593 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1602 attack attempt (more info ...) | attempted-user | 2022-37332 | URL | ||
| 60594 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1600 attack attempt (more info ...) | attempted-user | 2022-32774 | URL | ||
| 60595 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1600 attack attempt (more info ...) | attempted-user | 2022-32774 | URL | ||
| 60598 | SERVER-WEBAPP pfSense pfBlockerNG plugin command injection attempt (more info ...) | attempted-user | 2022-40624 | |||
| 60600 | MALWARE-TOOLS Win.Trojan.Mansabo Cobalt Strike download attempt (more info ...) | trojan-activity | URL | |||
| 60604 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1601 attack attempt (more info ...) | attempted-user | 2022-38097 | URL | ||
| 60605 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1601 attack attempt (more info ...) | attempted-user | 2022-38097 | URL | ||
| 60606 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1604 attack attempt (more info ...) | attempted-user | URL | |||
| 60607 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1604 attack attempt (more info ...) | attempted-user | URL | |||
| 60608 | SERVER-WEBAPP Atlassian Bitbucket Server and Data Center remote code execution attempt (more info ...) | attempted-user | 2022-36804 | URL | ||
| 60609 | SERVER-WEBAPP D-Link DCS-930L devices OS command injection attempt (more info ...) | attempted-admin | 2016-11021 | |||
| 60610 | SERVER-WEBAPP D-Link DCS-930L devices OS command injection attempt (more info ...) | attempted-admin | ||||
| 60611 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1603 attack attempt (more info ...) | attempted-user | URL | |||
| 60612 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1603 attack attempt (more info ...) | attempted-user | URL | |||
| 60613 | OS-WINDOWS Windows DACL privilege escalation attempt (more info ...) | attempted-user | 2019-1130 | URL | ||
| 60614 | OS-WINDOWS Windows DACL privilege escalation attempt (more info ...) | attempted-user | 2019-1130 | URL | ||
| 60619 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1614 attack attempt (more info ...) | attempted-user | 2022-40129 | URL | ||
| 60620 | FILE-PDF TRUFFLEHUNTER TALOS-2022-1614 attack attempt (more info ...) | attempted-user | 2022-40129 | URL | ||
| 60621 | SERVER-OTHER WatchGuard Firebox and XTM remote code execution attempt (more info ...) | attempted-user | 2022-26318 | |||
| 60622 | MALWARE-TOOLS Win.Trojan.LockBit variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 60623 | MALWARE-TOOLS Win.Trojan.LockBit variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 60633 | SERVER-WEBAPP Cayin Signage Media Player command injection attempt (more info ...) | web-application-attack | URL | |||
| 60634 | SERVER-WEBAPP Cayin Signage Media Player command injection attempt (more info ...) | web-application-attack | URL | |||
| 60635 | SERVER-WEBAPP Cayin Signage Media Player command injection attempt (more info ...) | web-application-attack | URL | |||
| 60636 | SERVER-WEBAPP Cayin Signage Media Player command injection attempt (more info ...) | web-application-attack | URL | |||
| 60640 | MALWARE-OTHER MultiOS.Backdoor.Agent implant attempt (more info ...) | trojan-activity | URL | |||
| 60649 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1608 attack attempt (more info ...) | attempted-admin | 2022-38459 | URL | ||
| 60650 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1608 attack attempt (more info ...) | attempted-admin | 2022-38459 | URL | ||
| 60651 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1605 attack attempt (more info ...) | attempted-admin | 2022-36279 | URL | ||
| 60652 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1605 attack attempt (more info ...) | attempted-admin | 2022-36279 | URL | ||
| 60653 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1606 attack attempt (more info ...) | web-application-attack | 2022-40701 | URL | ||
| 60654 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1606 attack attempt (more info ...) | web-application-attack | 2022-40701 | URL | ||
| 60655 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1606 attack attempt (more info ...) | web-application-attack | 2022-40701 | URL | ||
| 60656 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1609 attack attempt (more info ...) | web-application-attack | 2022-38088 | URL | ||
| 60657 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1609 attack attempt (more info ...) | web-application-attack | 2022-38088 | URL | ||
| 60658 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1609 attack attempt (more info ...) | web-application-attack | 2022-38088 | URL | ||
| 60659 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1607 attack attempt (more info ...) | web-application-attack | 2022-40969 | URL | ||
| 60660 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1607 attack attempt (more info ...) | web-application-attack | 2022-40969 | URL | ||
| 60661 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1607 attack attempt (more info ...) | web-application-attack | 2022-40969 | URL | ||
| 60662 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1607 attack attempt (more info ...) | web-application-attack | 2022-40969 | URL | ||
| 60663 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1610 attack attempt (more info ...) | attempted-admin | 2022-38715 | URL | ||
| 60664 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1610 attack attempt (more info ...) | attempted-admin | 2022-38715 | URL | ||
| 60667 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1611 attack attempt (more info ...) | web-application-attack | 2022-39045 | URL | ||
| 60679 | SERVER-WEBAPP Advantech iView NetworkServlet command injection attempt (more info ...) | web-application-attack | 2022-2143 | |||
| 60680 | SERVER-WEBAPP Advantech iView NetworkServlet command injection attempt (more info ...) | web-application-attack | 2022-2143 | |||
| 60708 | OS-WINDOWS Windows Win32k.sys bSimpleFill elevation of privilege attempt (more info ...) | attempted-admin | 2022-38051 | URL | ||
| 60709 | OS-WINDOWS Windows Win32k.sys bSimpleFill elevation of privilege attempt (more info ...) | attempted-admin | 2022-38051 | URL | ||
| 60713 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60714 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60715 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60716 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60717 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60718 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60719 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60720 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1632 attack attempt (more info ...) | attempted-dos | 2022-41684 | URL | ||
| 60721 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1641 attack attempt (more info ...) | web-application-attack | 2022-42484 | URL | ||
| 60722 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1641 attack attempt (more info ...) | web-application-attack | 2022-42484 | URL | ||
| 60723 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1641 attack attempt (more info ...) | web-application-attack | 2022-42484 | URL | ||
| 60724 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1641 attack attempt (more info ...) | web-application-attack | 2022-42484 | URL | ||
| 60725 | SERVER-OTHER Fortinet FortiOS and FortiProxy authentication bypass attempt (more info ...) | attempted-admin | 2022-40684 | |||
| 60726 | SERVER-OTHER Fortinet FortiOS and FortiProxy authentication bypass attempt (more info ...) | attempted-admin | 2022-40684 | |||
| 60727 | POLICY-OTHER OWASP Amass default User-Agent recon traffic detected (more info ...) | attempted-recon | URL | |||
| 60729 | SERVER-WEBAPP vm2 remote code execution attempt (more info ...) | attempted-user | 2022-36067 | |||
| 60730 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1633 attack attempt (more info ...) | attempted-user | 2022-41639 | URL | ||
| 60731 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1633 attack attempt (more info ...) | attempted-user | 2022-41639 | URL | ||
| 60733 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1630 attack attempt (more info ...) | attempted-user | 2022-38143 | URL | ||
| 60734 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1630 attack attempt (more info ...) | attempted-user | 2022-38143 | URL | ||
| 60735 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1628 attack attempt (more info ...) | attempted-user | 2022-41981 | URL | ||
| 60736 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1628 attack attempt (more info ...) | attempted-user | 2022-41981 | URL | ||
| 60746 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1619 attack attempt (more info ...) | attempted-user | 2022-41313 | URL | ||
| 60747 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1619 attack attempt (more info ...) | attempted-user | 2022-41313 | URL | ||
| 60757 | FILE-OTHER GNU gzip zgrep arbitrary file write attempt (more info ...) | attempted-user | 2022-1271 | |||
| 60758 | FILE-OTHER GNU gzip zgrep arbitrary file write attempt (more info ...) | attempted-user | 2022-1271 | |||
| 60760 | MALWARE-OTHER Win.Trojan.Astaroth download attempt (more info ...) | trojan-activity | URL | |||
| 60761 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1642 attack attempt (more info ...) | web-application-attack | 2022-38451 | URL | ||
| 60762 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1642 attack attempt (more info ...) | web-application-attack | 2022-38451 | URL | ||
| 60763 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1642 attack attempt (more info ...) | web-application-attack | 2022-38451 | URL | ||
| 60764 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1686 attack attempt (more info ...) | web-application-attack | 2022-47195 | URL | ||
| 60765 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1686 attack attempt (more info ...) | web-application-attack | 2022-47197 | URL | ||
| 60766 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1629 attack attempt (more info ...) | attempted-recon | 2022-36354 | URL | ||
| 60767 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1629 attack attempt (more info ...) | attempted-recon | 2022-36354 | URL | ||
| 60768 | SERVER-WEBAPP Sophos Firewall User Portal and Webadmin authentication bypass attempt (more info ...) | attempted-admin | 2022-1040 | |||
| 60769 | SERVER-WEBAPP Sophos Firewall User Portal and Webadmin authentication bypass attempt (more info ...) | attempted-admin | 2022-1040 | |||
| 60770 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1624 attack attempt (more info ...) | web-application-attack | 2022-41654 | URL | ||
| 60771 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1640 attack attempt (more info ...) | attempted-admin | 2022-42490 | URL | ||
| 60772 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1640 attack attempt (more info ...) | attempted-admin | 2022-42491 | URL | ||
| 60773 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1640 attack attempt (more info ...) | attempted-admin | 2022-42492 | URL | ||
| 60774 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1640 attack attempt (more info ...) | attempted-admin | 2022-42493 | URL | ||
| 60775 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1638 attack attempt (more info ...) | attempted-admin | 2022-40222 | URL | ||
| 60776 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1637 attack attempt (more info ...) | attempted-admin | 2022-41154 | URL | ||
| 60777 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1639 attack attempt (more info ...) | attempted-admin | 2022-41991 | URL | ||
| 60778 | FILE-OTHER GIGABYTE Kernel Driver elevation of privilege attempt (more info ...) | attempted-admin | 2018-19322 | |||
| 60779 | FILE-OTHER GIGABYTE Kernel Driver elevation of privilege attempt (more info ...) | attempted-admin | 2018-19322 | |||
| 60780 | SERVER-WEBAPP Zimbra Collaboration Suite remote code execution attempt (more info ...) | attempted-user | 2022-41352 | |||
| 60781 | SERVER-WEBAPP Zimbra Collaboration Suite remote code execution attempt (more info ...) | attempted-user | 2022-41352 | |||
| 60790 | SERVER-OTHER OpenSSL x509 crafted email address buffer overflow attempt (more info ...) | attempted-user | 2022-3786 | URL | ||
| 60793 | SERVER-WEBAPP VMware Cloud Foundation NSX Manager XStream remote code execution attempt (more info ...) | attempted-admin | 2022-31678 | URL | ||
| 60796 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1643 attack attempt (more info ...) | attempted-user | 2022-41988 | URL | ||
| 60797 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1643 attack attempt (more info ...) | attempted-user | 2022-41988 | URL | ||
| 60798 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1643 attack attempt (more info ...) | attempted-user | 2022-41988 | URL | ||
| 60799 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1643 attack attempt (more info ...) | attempted-user | 2022-41988 | URL | ||
| 60805 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1644 attack attempt (more info ...) | attempted-user | 2022-41992 | URL | ||
| 60806 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1644 attack attempt (more info ...) | attempted-user | 2022-41992 | URL | ||
| 60807 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1648 attack attempt (more info ...) | attempted-dos | 2022-43589 | URL | ||
| 60808 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1648 attack attempt (more info ...) | attempted-dos | 2022-43589 | URL | ||
| 60809 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1649 attack attempt (more info ...) | attempted-dos | 2022-43590 | URL | ||
| 60810 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1649 attack attempt (more info ...) | attempted-dos | 2022-43590 | URL | ||
| 60811 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1647 attack attempt (more info ...) | attempted-dos | 2022-43588 | URL | ||
| 60812 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1647 attack attempt (more info ...) | attempted-dos | 2022-43588 | URL | ||
| 60813 | FILE-OTHER GIGABYTE GPCIDrv and GDrv driver privilege escalation attempt (more info ...) | attempted-admin | 2018-19320 | URL | ||
| 60814 | FILE-OTHER GIGABYTE GPCIDrv and GDrv driver privilege escalation attempt (more info ...) | attempted-admin | 2018-19320 | URL | ||
| 60818 | OS-WINDOWS Windows Win32 Kernel subsystem elevation of privilege attempt (more info ...) | attempted-admin | 2022-41113 | URL | ||
| 60819 | OS-WINDOWS Windows Win32 Kernel subsystem elevation of privilege attempt (more info ...) | attempted-admin | 2022-41113 | URL | ||
| 60826 | OS-WINDOWS GIGABYTE GPCI and GIO driver privilege escalation attempt (more info ...) | attempted-admin | 2018-19321 | URL | ||
| 60827 | OS-WINDOWS GIGABYTE GPCI and GIO driver privilege escalation attempt (more info ...) | attempted-admin | 2018-19321 | URL | ||
| 60829 | MALWARE-OTHER Win.Backdoor.Hoaxshell payload template download attempt (more info ...) | trojan-activity | URL | |||
| 60830 | MALWARE-OTHER Win.Backdoor.Hoaxshell payload template download attempt (more info ...) | trojan-activity | URL | |||
| 60837 | OS-WINDOWS MSI afterburner privilege escalation attempt (more info ...) | attempted-admin | 2019-16098 | URL | ||
| 60838 | OS-WINDOWS MSI afterburner privilege escalation attempt (more info ...) | attempted-admin | 2019-16098 | URL | ||
| 60851 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1634 attack attempt (more info ...) | attempted-user | 2022-41838 | URL | ||
| 60852 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1634 attack attempt (more info ...) | attempted-user | 2022-41838 | URL | ||
| 60885 | SERVER-WEBAPP Nostromo httpd directory traversal attempt (more info ...) | web-application-attack | 2019-16278 | URL | ||
| 60893 | MALWARE-OTHER Shikata Ga Nai polymorphic encoder encoded shellcode download attempt (more info ...) | trojan-activity | URL | |||
| 60894 | MALWARE-OTHER Shikata Ga Nai polymorphic encoder encoded shellcode download attempt (more info ...) | trojan-activity | URL | |||
| 60904 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1635 attack attempt (more info ...) | attempted-dos | 2022-41999 | URL | ||
| 60905 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1635 attack attempt (more info ...) | attempted-dos | 2022-41999 | URL | ||
| 60919 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60920 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60921 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60922 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60923 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60924 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60925 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60926 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1636 attack attempt (more info ...) | attempted-user | 2022-41837 | URL | ||
| 60927 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1621 attack attempt (more info ...) | attempted-recon | 2022-40691 | URL | ||
| 60928 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1626 attack attempt (more info ...) | attempted-user | 2022-41794 | URL | ||
| 60929 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1626 attack attempt (more info ...) | attempted-user | 2022-41794 | URL | ||
| 60930 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1627 attack attempt (more info ...) | attempted-recon | 2022-41977 | URL | ||
| 60931 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1627 attack attempt (more info ...) | attempted-recon | 2022-41977 | URL | ||
| 60932 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1627 attack attempt (more info ...) | attempted-recon | 2022-41977 | URL | ||
| 60933 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1627 attack attempt (more info ...) | attempted-recon | 2022-41977 | URL | ||
| 60942 | SERVER-WEBAPP VMware vSphere Client vROPs plugin remote code execution attempt (more info ...) | attempted-admin | 2021-21972 | URL | ||
| 60946 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1645 attack attempt (more info ...) | attempted-dos | 2022-43441 | URL | ||
| 60948 | MALWARE-TOOLS Win.Trojan.Teleport download attempt (more info ...) | trojan-activity | URL | |||
| 60949 | MALWARE-TOOLS Win.Trojan.Teleport download attempt (more info ...) | trojan-activity | URL | |||
| 60954 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60955 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60956 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60957 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60958 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60959 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60960 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60961 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 60964 | MALWARE-TOOLS Win.Dropper.KopiLuwak download attempt (more info ...) | trojan-activity | URL | |||
| 60965 | MALWARE-TOOLS Win.Dropper.KopiLuwak download attempt (more info ...) | trojan-activity | URL | |||
| 60966 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1679 attack attempt (more info ...) | attempted-dos | URL | |||
| 60967 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1679 attack attempt (more info ...) | attempted-dos | URL | |||
| 60968 | MALWARE-OTHER Win.Ransomware.Endurance variant download attempt (more info ...) | trojan-activity | URL | |||
| 60969 | MALWARE-OTHER Win.Ransomware.Endurance variant download attempt (more info ...) | trojan-activity | URL | |||
| 60970 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1678 attack attempt (more info ...) | attempted-admin | URL | |||
| 60971 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1678 attack attempt (more info ...) | attempted-admin | URL | |||
| 60983 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2022-1662 attack attempt (more info ...) | attempted-admin | 2022-43605 | URL | ||
| 60984 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2022-1661 attack attempt (more info ...) | attempted-admin | 2022-43604 | URL | ||
| 60985 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2022-1663 attack attempt (more info ...) | attempted-dos | 2022-43606 | URL | ||
| 60988 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 60989 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 60992 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 60993 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 60994 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | ||||
| 60995 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | ||||
| 60996 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | ||||
| 60997 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | ||||
| 60998 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 60999 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61000 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61001 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61002 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61003 | MALWARE-OTHER Win.Malware.Gazer loader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61044 | MALWARE-OTHER Win.Downloader.BatLoader malicious PowerShell script download attempt (more info ...) | trojan-activity | URL | |||
| 61045 | MALWARE-OTHER Win.Downloader.BatLoader malicious PowerShell script download attempt (more info ...) | trojan-activity | URL | |||
| 61066 | SERVER-WEBAPP TIBCO JasperReports reportresource directory traversal attempt (more info ...) | web-application-attack | 2018-18809 | URL | ||
| 61067 | SERVER-WEBAPP TIBCO JasperReports reportresource directory traversal attempt (more info ...) | web-application-attack | 2018-18809 | URL | ||
| 61068 | SERVER-WEBAPP TIBCO JasperReports reportresource directory traversal attempt (more info ...) | web-application-attack | 2018-18809 | URL | ||
| 61069 | SERVER-WEBAPP TIBCO JasperReports flow.html directory traversal attempt (more info ...) | web-application-attack | 2018-5430 | URL | ||
| 61070 | SERVER-WEBAPP TIBCO JasperReports flow.html directory traversal attempt (more info ...) | web-application-attack | 2018-5430 | URL | ||
| 61071 | SERVER-WEBAPP TIBCO JasperReports flow.html directory traversal attempt (more info ...) | web-application-attack | 2018-5430 | URL | ||
| 61072 | MALWARE-OTHER JSP.Webshell.JSPShell upload attempt (more info ...) | trojan-activity | URL | |||
| 61073 | MALWARE-OTHER JSP.Webshell.JSPShell download attempt (more info ...) | trojan-activity | URL | |||
| 61075 | MALWARE-OTHER Win.Ransomware.Agenda variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61076 | MALWARE-OTHER Win.Ransomware.Agenda variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61081 | SERVER-WEBAPP mojoPortal Forums txtTitle cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 61082 | SERVER-WEBAPP mojoPortal Forums txtTitle cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 61085 | MALWARE-OTHER HTML.Exploit.C99 suspicious file upload (more info ...) | trojan-activity | URL | |||
| 61093 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2022-1674 attack attempt (more info ...) | attempted-user | 2022-43663 | URL | ||
| 61095 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61096 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61097 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61098 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61103 | SERVER-WEBAPP ZenTao Pro command injection attempt (more info ...) | web-application-attack | 2020-7361 | URL | ||
| 61104 | SERVER-WEBAPP ZenTao Pro command injection attempt (more info ...) | web-application-attack | 2020-7361 | URL | ||
| 61105 | SERVER-WEBAPP ZenTao Pro command injection attempt (more info ...) | web-application-attack | 2020-7361 | URL | ||
| 61107 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61108 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61109 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61110 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61111 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61113 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61114 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61115 | SERVER-WEBAPP Fscan scanner arbitrary JSP file upload attempt (more info ...) | attempted-admin | URL | |||
| 61116 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61119 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61121 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61122 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61123 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61124 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61125 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61126 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61127 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61129 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61133 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61134 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61135 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61136 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61137 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61138 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61139 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61141 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61143 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61145 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61146 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61147 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61148 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61150 | SERVER-WEBAPP Fscan scanner directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 61152 | SERVER-WEBAPP Fscan scanner command injection attempt (more info ...) | web-application-attack | URL | |||
| 61156 | MALWARE-OTHER JSP.Webshell.JSP2Shell download attempt (more info ...) | trojan-activity | URL | |||
| 61157 | MALWARE-OTHER JSP.Webshell.JSP2Shell upload attempt (more info ...) | trojan-activity | URL | |||
| 61167 | SERVER-WEBAPP Lexmark MC3224adwe server side request forgery attempt (more info ...) | web-application-attack | URL | |||
| 61168 | SERVER-WEBAPP Lexmark MC3224adwe Web UI ImportFaxLogo command injection attempt (more info ...) | web-application-attack | URL | |||
| 61171 | SERVER-WEBAPP Zoho ManageEngine multiple products remote code execution attempt (more info ...) | attempted-user | 2022-47966 | URL | ||
| 61172 | SERVER-WEBAPP Zoho ManageEngine multiple products remote code execution attempt (more info ...) | attempted-user | 2022-47966 | URL | ||
| 61173 | MALWARE-OTHER Win.Malware.LightNeuron mail transfer agent download (more info ...) | trojan-activity | URL | |||
| 61174 | MALWARE-OTHER Win.Malware.LightNeuron mail transfer agent download (more info ...) | trojan-activity | URL | |||
| 61175 | MALWARE-OTHER Win.Malware.LightNeuron mail transfer agent download (more info ...) | trojan-activity | URL | |||
| 61176 | MALWARE-OTHER Win.Malware.LightNeuron mail transfer agent download (more info ...) | trojan-activity | URL | |||
| 61180 | SERVER-WEBAPP SugarCRM EmailTemplates authentication bypass attempt (more info ...) | web-application-attack | 2023-22952 | URL | ||
| 61181 | SERVER-WEBAPP SugarCRM EmailTemplates authentication bypass attempt (more info ...) | web-application-attack | 2023-22952 | URL | ||
| 61183 | MALWARE-OTHER Windows.Malware.Dacls malware file download attempt (more info ...) | trojan-activity | URL | |||
| 61184 | MALWARE-OTHER Windows.Malware.Dacls malware file download attempt (more info ...) | trojan-activity | URL | |||
| 61185 | MALWARE-OTHER Windows.Malware.Dacls malware file download attempt (more info ...) | trojan-activity | URL | |||
| 61186 | MALWARE-OTHER Windows.Malware.Dacls malware file download attempt (more info ...) | trojan-activity | URL | |||
| 61194 | SERVER-WEBAPP Centos Web Panel 7 unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-44877 | |||
| 61195 | SERVER-WEBAPP Centos Web Panel 7 unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-44877 | |||
| 61196 | MALWARE-TOOLS Win.Tool.WinPwn toolkit download attempt (more info ...) | trojan-activity | ||||
| 61197 | MALWARE-TOOLS Powershell AMSI bypass toolkit download attempt (more info ...) | trojan-activity | ||||
| 61198 | MALWARE-TOOLS Powershell AMSI bypass toolkit download attempt (more info ...) | trojan-activity | ||||
| 61200 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1697 attack attempt (more info ...) | web-application-attack | 2023-23902 | URL | ||
| 61201 | OS-OTHER TRUFFLEHUNTER TALOS-2022-1689 attack attempt (more info ...) | attempted-admin | URL | |||
| 61202 | MALWARE-OTHER PowerSploit toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61203 | MALWARE-OTHER PowerSCCM toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61204 | MALWARE-TOOLS PowerSploit script download attempt (more info ...) | trojan-activity | URL | |||
| 61205 | MALWARE-TOOLS PowerSploit script download attempt (more info ...) | trojan-activity | URL | |||
| 61209 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1695 attack attempt (more info ...) | web-application-attack | 2023-23547 | URL | ||
| 61210 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1695 attack attempt (more info ...) | web-application-attack | 2023-23547 | URL | ||
| 61211 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1695 attack attempt (more info ...) | web-application-attack | 2023-23547 | URL | ||
| 61213 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | ||||
| 61214 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | ||||
| 61215 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61216 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61217 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61218 | MALWARE-OTHER Win.Malware.Gazer variant download attempt (more info ...) | trojan-activity | URL | |||
| 61219 | MALWARE-OTHER WinPWN Powershell toolkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61220 | MALWARE-OTHER WinPWN Powershell toolkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61221 | MALWARE-OTHER WinPWN Powershell toolkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61222 | MALWARE-OTHER WinPWN Powershell toolkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61225 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Mimikatz download attempt (more info ...) | trojan-activity | URL | |||
| 61226 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Mimikatz download attempt (more info ...) | trojan-activity | URL | |||
| 61227 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Mimikatz download attempt (more info ...) | trojan-activity | URL | |||
| 61228 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Mimikatz download attempt (more info ...) | trojan-activity | URL | |||
| 61229 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Inveigh download attempt (more info ...) | trojan-activity | URL | |||
| 61230 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Inveigh download attempt (more info ...) | trojan-activity | URL | |||
| 61231 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PE injector download attempt (more info ...) | shellcode-detect | URL | |||
| 61232 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PE injector download attempt (more info ...) | shellcode-detect | URL | |||
| 61233 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | ||||
| 61234 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | ||||
| 61235 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61236 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61237 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61238 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61239 | MALWARE-TOOLS Win.Tool.TruffleSnout download attempt (more info ...) | trojan-activity | ||||
| 61240 | MALWARE-TOOLS Win.Tool.TruffleSnout download attempt (more info ...) | trojan-activity | ||||
| 61244 | SERVER-OTHER VMware vRealize Log Insight directory traversal attempt (more info ...) | attempted-admin | 2022-31706 | URL | ||
| 61245 | SERVER-OTHER VMware vRealize Log Insight directory traversal attempt (more info ...) | attempted-admin | 2022-31706 | URL | ||
| 61246 | SERVER-OTHER VMware vRealize Log Insight broken access control attempt (more info ...) | attempted-admin | 2022-31704 | URL | ||
| 61247 | SERVER-OTHER VMware vRealize Log Insight configuration information leak attempt (more info ...) | attempted-recon | 2022-31711 | URL | ||
| 61248 | SERVER-OTHER VMware vRealize Log Insight directory traversal attempt (more info ...) | attempted-admin | 2022-31706 | URL | ||
| 61249 | SERVER-OTHER VMware vRealize Log Insight directory traversal attempt (more info ...) | attempted-admin | 2022-31706 | URL | ||
| 61254 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1712 attack attempt (more info ...) | web-application-attack | 2023-22299 | URL | ||
| 61255 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1704 attack attempt (more info ...) | web-application-attack | 2023-24497 | URL | ||
| 61256 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1704 attack attempt (more info ...) | web-application-attack | 2023-24497 | URL | ||
| 61257 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1710 attack attempt (more info ...) | attempted-user | 2023-24582 | URL | ||
| 61258 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1710 attack attempt (more info ...) | attempted-user | 2023-24583 | URL | ||
| 61260 | SERVER-OTHER VMware ESXi SLVPd remote code execution attempt (more info ...) | attempted-admin | 2021-21974 | URL | ||
| 61261 | MALWARE-OTHER Win.Ransomware.MortalKombat variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61262 | MALWARE-OTHER Win.Ransomware.MortalKombat variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61266 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1703 attack attempt (more info ...) | web-application-attack | 2023-22371 | URL | ||
| 61267 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1703 attack attempt (more info ...) | web-application-attack | 2023-22371 | URL | ||
| 61268 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1715 attack attempt (more info ...) | web-application-attack | 2023-24018 | URL | ||
| 61269 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1714 attack attempt (more info ...) | web-application-attack | 2023-22653 | URL | ||
| 61270 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1706 attack attempt (more info ...) | web-application-attack | 2023-24520 | URL | ||
| 61271 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1707 attack attempt (more info ...) | attempted-recon | 2023-24473 | URL | ||
| 61272 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1707 attack attempt (more info ...) | attempted-recon | 2023-24473 | URL | ||
| 61273 | MALWARE-OTHER Win.Trojan.Turla Crutch backdoor download (more info ...) | trojan-activity | URL | |||
| 61274 | MALWARE-OTHER Win.Trojan.Turla Crutch backdoor download (more info ...) | trojan-activity | URL | |||
| 61275 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61276 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61277 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | 2017-0148 | URL | ||
| 61278 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | 2017-0148 | URL | ||
| 61279 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | 2016-0099 | URL | ||
| 61280 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | 2016-0099 | URL | ||
| 61281 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | 2016-7255 | URL | ||
| 61282 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | 2016-7255 | URL | ||
| 61283 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Zerologon download attempt (more info ...) | trojan-activity | 2020-1472 | URL | ||
| 61284 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Zerologon download attempt (more info ...) | trojan-activity | 2020-1472 | URL | ||
| 61285 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61286 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61287 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PrintNightmare download attempt (more info ...) | trojan-activity | 2021-1675 | URL | ||
| 61288 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit PrintNightmare download attempt (more info ...) | trojan-activity | 2021-1675 | URL | ||
| 61289 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit JuicyPotato download attempt (more info ...) | trojan-activity | URL | |||
| 61290 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit JuicyPotato download attempt (more info ...) | trojan-activity | URL | |||
| 61291 | SERVER-OTHER FortiOS SSLVPNd Content-Length memory corruption attempt (more info ...) | attempted-admin | 2022-42475 | URL | ||
| 61293 | MALWARE-TOOLS Win.Tool.WinPWN UAC bypass module download attempt (more info ...) | trojan-activity | URL | |||
| 61294 | MALWARE-TOOLS Win.Tool.WinPWN UAC bypass module download attempt (more info ...) | trojan-activity | URL | |||
| 61295 | MALWARE-TOOLS Win.Tool.WinPWN UAC bypass module download attempt (more info ...) | trojan-activity | URL | |||
| 61296 | MALWARE-TOOLS Win.Tool.WinPWN UAC bypass module download attempt (more info ...) | trojan-activity | URL | |||
| 61297 | MALWARE-TOOLS Win.Tool.WinPWN Disk Cleanup UAC bypass module download attempt (more info ...) | trojan-activity | URL | |||
| 61298 | MALWARE-TOOLS Win.Tool.WinPWN Disk Cleanup UAC bypass module download attempt (more info ...) | trojan-activity | URL | |||
| 61299 | MALWARE-TOOLS Win.Tool.WinPWN amsi module download attempt (more info ...) | trojan-activity | URL | |||
| 61300 | MALWARE-TOOLS Win.Tool.WinPWN amsi module download attempt (more info ...) | trojan-activity | URL | |||
| 61301 | MALWARE-TOOLS Win.Tool.WinPWN adpass module download attempt (more info ...) | trojan-activity | URL | |||
| 61302 | MALWARE-TOOLS Win.Tool.WinPWN adpass module download attempt (more info ...) | trojan-activity | URL | |||
| 61316 | FILE-OTHER Visual Studio Code malicious ipynb download attempt (more info ...) | attempted-user | 2022-41034 | URL | ||
| 61317 | FILE-OTHER Visual Studio Code malicious ipynb download attempt (more info ...) | attempted-user | 2022-41034 | URL | ||
| 61318 | MALWARE-TOOLS Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61319 | MALWARE-TOOLS Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61322 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit TeamViewerDecrypt download attempt (more info ...) | trojan-activity | URL | |||
| 61323 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit TeamViewerDecrypt download attempt (more info ...) | trojan-activity | URL | |||
| 61324 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit SpoolerScan download attempt (more info ...) | trojan-activity | URL | |||
| 61325 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit SpoolerScan download attempt (more info ...) | trojan-activity | URL | |||
| 61328 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-Vulmap download attempt (more info ...) | trojan-activity | URL | |||
| 61329 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-Vulmap download attempt (more info ...) | trojan-activity | URL | |||
| 61330 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SMBNegotiate download attempt (more info ...) | trojan-activity | URL | |||
| 61331 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SMBNegotiate download attempt (more info ...) | trojan-activity | URL | |||
| 61332 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SharpPrinter download attempt (more info ...) | trojan-activity | URL | |||
| 61333 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SharpPrinter download attempt (more info ...) | trojan-activity | URL | |||
| 61334 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SharpLdapRelayScan download attempt (more info ...) | trojan-activity | URL | |||
| 61335 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-SharpLdapRelayScan download attempt (more info ...) | trojan-activity | URL | |||
| 61336 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-PowerDump download attempt (more info ...) | trojan-activity | URL | |||
| 61337 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-PowerDump download attempt (more info ...) | trojan-activity | URL | |||
| 61338 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-LdapSignCheck download attempt (more info ...) | trojan-activity | URL | |||
| 61339 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-LdapSignCheck download attempt (more info ...) | trojan-activity | URL | |||
| 61340 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-HandleKatz download attempt (more info ...) | trojan-activity | URL | |||
| 61341 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-HandleKatz download attempt (more info ...) | trojan-activity | URL | |||
| 61342 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-EventLogParser download attempt (more info ...) | trojan-activity | URL | |||
| 61343 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Invoke-EventLogParser download attempt (more info ...) | trojan-activity | URL | |||
| 61344 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Get-DotNetServices download attempt (more info ...) | trojan-activity | URL | |||
| 61345 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Get-DotNetServices download attempt (more info ...) | trojan-activity | URL | |||
| 61348 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Find-Fruit download attempt (more info ...) | trojan-activity | URL | |||
| 61349 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit Find-Fruit download attempt (more info ...) | trojan-activity | URL | |||
| 61350 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit BlueKeep scanner download attempt (more info ...) | trojan-activity | 2019-0708 | URL | ||
| 61351 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit BlueKeep scanner download attempt (more info ...) | trojan-activity | 2019-0708 | URL | ||
| 61352 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit ADRecon download attempt (more info ...) | trojan-activity | URL | |||
| 61353 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit ADRecon download attempt (more info ...) | trojan-activity | URL | |||
| 61354 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61355 | INDICATOR-COMPROMISE Win.Tool.WinPWN toolkit download attempt (more info ...) | trojan-activity | URL | |||
| 61356 | SERVER-WEBAPP Oracle E-Business Suite unauthenticated RCE attempt (more info ...) | attempted-user | 2022-21587 | |||
| 61358 | SERVER-OTHER F5 iControl SOAP format string attempt (more info ...) | attempted-admin | 2023-22374 | URL | ||
| 61365 | MALWARE-OTHER Doc.Dropper.Agent payload download attempt (more info ...) | trojan-activity | ||||
| 61366 | MALWARE-OTHER Doc.Dropper.Agent payload download attempt (more info ...) | trojan-activity | ||||
| 61368 | FILE-OTHER ClamAV HFS+ partition scanning buffer overflow attempt (more info ...) | attempted-user | 2023-20032 | URL | ||
| 61369 | FILE-OTHER ClamAV HFS+ partition scanning buffer overflow attempt (more info ...) | attempted-user | 2023-20032 | URL | ||
| 61370 | SERVER-WEBAPP TerraMaster TOS unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-24990 | URL | ||
| 61371 | SERVER-WEBAPP TerraMaster TOS unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-24990 | URL | ||
| 61372 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61373 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61374 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61375 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61384 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1708 attack attempt (more info ...) | attempted-user | 2023-22845 | URL | ||
| 61385 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1708 attack attempt (more info ...) | attempted-user | 2023-22845 | URL | ||
| 61386 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1719 attack attempt (more info ...) | attempted-user | URL | |||
| 61387 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1719 attack attempt (more info ...) | attempted-user | URL | |||
| 61392 | SERVER-OTHER Fortinet Fortinac keyUpload.jsp remote code execution attempt (more info ...) | attempted-admin | 2022-39952 | |||
| 61395 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1716 attack attempt (more info ...) | web-application-attack | 2023-25124 | URL | ||
| 61396 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1716 attack attempt (more info ...) | web-application-attack | 2023-25124 | URL | ||
| 61397 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1716 attack attempt (more info ...) | web-application-attack | 2023-25124 | URL | ||
| 61398 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1720 attack attempt (more info ...) | attempted-user | URL | |||
| 61399 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1720 attack attempt (more info ...) | attempted-user | URL | |||
| 61400 | MALWARE-OTHER Iso.Trojan.BruteRatel binary download attempt (more info ...) | trojan-activity | URL | |||
| 61401 | MALWARE-OTHER Iso.Trojan.BruteRatel binary download attempt (more info ...) | trojan-activity | URL | |||
| 61402 | MALWARE-OTHER Win.Trojan.BruteRatel binary download attempt (more info ...) | trojan-activity | URL | |||
| 61403 | MALWARE-OTHER Win.Trojan.BruteRatel binary download attempt (more info ...) | trojan-activity | URL | |||
| 61404 | MALWARE-OTHER Win.Trojan.BruteRatel binary download attempt (more info ...) | trojan-activity | URL | |||
| 61405 | MALWARE-OTHER Win.Trojan.BruteRatel binary download attempt (more info ...) | trojan-activity | URL | |||
| 61406 | SERVER-WEBAPP Cacti remote_agent command injection attempt (more info ...) | web-application-attack | 2022-46169 | URL | ||
| 61407 | SERVER-WEBAPP Cacti remote_agent command injection attempt (more info ...) | web-application-attack | 2022-46169 | URL | ||
| 61408 | SERVER-WEBAPP Cacti remote_agent command injection attempt (more info ...) | web-application-attack | 2022-46169 | URL | ||
| 61409 | SERVER-WEBAPP Cacti remote_agent command injection attempt (more info ...) | web-application-attack | 2022-46169 | URL | ||
| 61410 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1721 attack attempt (more info ...) | attempted-user | URL | |||
| 61411 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1721 attack attempt (more info ...) | attempted-user | URL | |||
| 61414 | SERVER-WEBAPP Zivif PR115-204-P-RS web camera command injection attempt (more info ...) | web-application-attack | 2017-17105 | URL | ||
| 61415 | SERVER-WEBAPP Zivif PR115-204-P-RS web camera command injection attempt (more info ...) | web-application-attack | 2017-17105 | URL | ||
| 61416 | SERVER-WEBAPP Zivif PR115-204-P-RS web camera command injection attempt (more info ...) | web-application-attack | 2017-17105 | URL | ||
| 61417 | SERVER-WEBAPP Zivif PR115-204-P-RS web camera command injection attempt (more info ...) | web-application-attack | 2017-17105 | URL | ||
| 61418 | SERVER-WEBAPP Grandstream GXV31XX unauthenticated command injection attempt (more info ...) | web-application-attack | 2019-10655 | URL | ||
| 61419 | SERVER-WEBAPP Grandstream GXV31XX unauthenticated command injection attempt (more info ...) | web-application-attack | 2019-10655 | URL | ||
| 61420 | SERVER-WEBAPP Grandstream GXV31XX unauthenticated command injection attempt (more info ...) | web-application-attack | 2019-10655 | URL | ||
| 61421 | SERVER-WEBAPP Grandstream GXV31XX unauthenticated command injection attempt (more info ...) | web-application-attack | 2019-10655 | URL | ||
| 61422 | SERVER-WEBAPP Roxy-WI unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-31137 | URL | ||
| 61423 | SERVER-WEBAPP Roxy-WI unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-31137 | URL | ||
| 61424 | SERVER-WEBAPP Roxy-WI unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-31137 | URL | ||
| 61425 | SERVER-WEBAPP Roxy-WI unauthenticated command injection attempt (more info ...) | web-application-attack | 2022-31137 | URL | ||
| 61432 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2023-1727 attack attempt (more info ...) | attempted-admin | URL | |||
| 61433 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2023-1727 attack attempt (more info ...) | attempted-admin | URL | |||
| 61434 | SERVER-WEBAPP IBM Aspera Faspex YAML deserialization command injection attempt (more info ...) | attempted-user | 2022-47986 | URL | ||
| 61444 | SERVER-WEBAPP ZK Framework AuUploader authentication bypass attempt (more info ...) | web-application-attack | 2022-36537 | URL | ||
| 61451 | SERVER-WEBAPP Zoho ManageEngine multiple products remote code execution attempt (more info ...) | attempted-user | 2022-47966 | URL | ||
| 61452 | SERVER-WEBAPP Zoho ManageEngine multiple products remote code execution attempt (more info ...) | attempted-user | 2022-47966 | URL | ||
| 61453 | SERVER-WEBAPP Zoho ManageEngine multiple products remote code execution attempt (more info ...) | attempted-user | 2022-47966 | URL | ||
| 61455 | SERVER-WEBAPP Joomla unauthorized configuration access attempt (more info ...) | attempted-user | 2023-23752 | |||
| 61456 | SERVER-WEBAPP Joomla unauthorized configuration access attempt (more info ...) | attempted-recon | 2023-23752 | |||
| 61462 | MALWARE-OTHER HTA VBScript powershell payload download attempt (more info ...) | trojan-activity | URL | |||
| 61463 | MALWARE-OTHER HTA VBScript powershell payload download attempt (more info ...) | trojan-activity | URL | |||
| 61474 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1731 attack attempt (more info ...) | attempted-admin | 2023-25076 | URL | ||
| 61477 | SERVER-WEBAPP Inspur ClusterEngine 4.0 command injection attempt (more info ...) | web-application-attack | 2020-21224 | URL | ||
| 61480 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1731 attack attempt (more info ...) | attempted-admin | 2023-25076 | URL | ||
| 61481 | MALWARE-OTHER Win.Backdoor.MQsTTang variant download attempt (more info ...) | trojan-activity | URL | |||
| 61482 | MALWARE-OTHER Win.Backdoor.MQsTTang variant download attempt (more info ...) | trojan-activity | URL | |||
| 61483 | SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus default credentials login attempt (more info ...) | attempted-admin | 2022-28810 | URL | ||
| 61484 | SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus default credentials login attempt (more info ...) | attempted-admin | 2022-28810 | URL | ||
| 61485 | SERVER-WEBAPP FLIR AX8 Camera command injection attempt (more info ...) | attempted-user | 2022-37061 | |||
| 61486 | SERVER-WEBAPP FLIR AX8 Camera command injection attempt (more info ...) | attempted-user | 2022-37061 | |||
| 61490 | MALWARE-OTHER Win.Ransomware.Mallox variant binary SMB transfer attempt (more info ...) | trojan-activity | URL | |||
| 61491 | MALWARE-OTHER Win.Ransomware.Mallox variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61492 | MALWARE-OTHER Win.Ransomware.Mallox variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61495 | MALWARE-OTHER Ps1.Malware.Powercat shell download attempt (more info ...) | trojan-activity | ||||
| 61496 | MALWARE-OTHER Ps1.Malware.Powercat shell download attempt (more info ...) | trojan-activity | ||||
| 61497 | MALWARE-OTHER Ps1.Malware.Powercat shell download attempt (more info ...) | trojan-activity | ||||
| 61499 | SERVER-WEBAPP Plex Media Server arbitrary file upload attempt (more info ...) | attempted-admin | 2020-5741 | URL | ||
| 61500 | SERVER-WEBAPP Plex Media Server arbitrary file upload attempt (more info ...) | attempted-admin | 2020-5741 | URL | ||
| 61501 | SERVER-WEBAPP Oracle WebLogic Server unauthenticated RMI code execution attempt (more info ...) | attempted-user | 2023-21839 | URL | ||
| 61502 | SERVER-WEBAPP Oracle WebLogic Server unauthenticated RMI code execution attempt (more info ...) | attempted-user | 2023-21839 | URL | ||
| 61515 | SERVER-WEBAPP pgAdmin validate_binary_path command injection attempt (more info ...) | attempted-user | 2022-4223 | |||
| 61516 | SERVER-OTHER SolarWinds Network Performance Monitor insecure deserialization attempt (more info ...) | attempted-user | 2022-38108 | |||
| 61517 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61518 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61519 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61520 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61521 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61522 | MALWARE-OTHER OneNote.Dropper.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61525 | SERVER-OTHER FortiOS SSLVPNd Content-Length memory corruption attempt (more info ...) | attempted-admin | 2022-42475 | URL | ||
| 61526 | OS-WINDOWS SPNEGO unchecked header length remote code execution attempt (more info ...) | attempted-admin | 2022-37958 | URL | ||
| 61531 | SERVER-WEBAPP Sophos Firewall remote code execution attempt (more info ...) | attempted-admin | 2022-3236 | URL | ||
| 61532 | MALWARE-OTHER Win.Trojan.Typhon variant download attempt (more info ...) | trojan-activity | URL | |||
| 61533 | MALWARE-OTHER Win.Trojan.Typhon variant download attempt (more info ...) | trojan-activity | URL | |||
| 61535 | SERVER-WEBAPP Avaya Aura Device Services cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 61536 | SERVER-WEBAPP Avaya Aura Device Services cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 61539 | MALWARE-OTHER Win.Trojan.Rhadamanthys variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 61550 | MALWARE-BACKDOOR Win.Backdoor.Chollima shellcode runner download attempt (more info ...) | trojan-activity | URL | |||
| 61551 | MALWARE-BACKDOOR Win.Backdoor.Chollima shellcode runner download attempt (more info ...) | trojan-activity | URL | |||
| 61552 | MALWARE-BACKDOOR Win.Backdoor.Chollima obfuscated .ico download attempt (more info ...) | trojan-activity | URL | |||
| 61553 | MALWARE-BACKDOOR Win.Backdoor.Chollima obfuscated .ico download attempt (more info ...) | trojan-activity | URL | |||
| 61558 | MALWARE-OTHER Win.Trojan.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61559 | MALWARE-OTHER Win.Trojan.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 61562 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 61563 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 61568 | MALWARE-OTHER Win.Trojan.XLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61569 | MALWARE-OTHER Win.Trojan.XLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 61570 | MALWARE-OTHER Win.Trojan.AgentTesla variant download attempt (more info ...) | trojan-activity | URL | |||
| 61571 | MALWARE-OTHER Win.Trojan.AgentTesla variant download attempt (more info ...) | trojan-activity | URL | |||
| 61573 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1736 attack attempt (more info ...) | attempted-dos | 2023-22325 | URL | ||
| 61579 | SERVER-WEBAPP CONTEC CONPROSYS HMI System command injection attempt (more info ...) | attempted-user | 2022-44456 | |||
| 61580 | SERVER-WEBAPP CONTEC CONPROSYS HMI System command injection attempt (more info ...) | attempted-user | 2022-44456 | |||
| 61581 | SERVER-WEBAPP CONTEC CONPROSYS HMI System command injection attempt (more info ...) | attempted-user | 2022-44456 | |||
| 61582 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt (more info ...) | trojan-activity | URL | |||
| 61583 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt (more info ...) | trojan-activity | URL | |||
| 61584 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt (more info ...) | trojan-activity | URL | |||
| 61585 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt (more info ...) | trojan-activity | URL | |||
| 61586 | MALWARE-OTHER Win.Ransomware.Royal variant download attempt (more info ...) | trojan-activity | URL | |||
| 61587 | MALWARE-OTHER Win.Ransomware.Royal variant download attempt (more info ...) | trojan-activity | URL | |||
| 61589 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt (more info ...) | trojan-activity | URL | |||
| 61590 | MALWARE-OTHER Win.Ransomware.Royal variant helper script download attempt (more info ...) | trojan-activity | URL | |||
| 61600 | SERVER-WEBAPP Zimbra Collaboration cross site scripting attempt (more info ...) | attempted-user | 2022-27926 | URL | ||
| 61601 | SERVER-WEBAPP Zimbra Collaboration cross site scripting attempt (more info ...) | attempted-user | 2022-27926 | URL | ||
| 61602 | SERVER-WEBAPP Zimbra Collaboration cross site scripting attempt (more info ...) | attempted-user | 2021-35207 | URL | ||
| 61603 | SERVER-WEBAPP Zimbra Collaboration cross site scripting attempt (more info ...) | attempted-user | 2021-35207 | URL | ||
| 61604 | FILE-OTHER Node.js vm2 prepareStackTrace sandbox escape attempt (more info ...) | attempted-user | 2023-29017 | |||
| 61605 | FILE-OTHER Node.js vm2 prepareStackTrace sandbox escape attempt (more info ...) | attempted-user | 2023-29017 | |||
| 61624 | SERVER-WEBAPP Azure Service Fabric Explorer Super FabriXss cross site scripting attempt (more info ...) | attempted-user | 2023-23383 | URL | ||
| 61625 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1739 attack attempt (more info ...) | attempted-user | 2023-28744 | URL | ||
| 61626 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1739 attack attempt (more info ...) | attempted-user | 2023-28744 | URL | ||
| 61633 | OS-OTHER Apple macOS and iOS IOSurfaceAccelerator out-of-bounds write attempt (more info ...) | attempted-admin | 2023-28206 | |||
| 61634 | OS-OTHER Apple macOS and iOS IOSurfaceAccelerator out-of-bounds write attempt (more info ...) | attempted-admin | 2023-28206 | |||
| 61635 | OS-OTHER Apple macOS and iOS IOSurfaceAccelerator out-of-bounds write attempt (more info ...) | attempted-admin | 2023-28206 | |||
| 61636 | OS-OTHER Apple macOS and iOS IOSurfaceAccelerator out-of-bounds write attempt (more info ...) | attempted-admin | 2023-28206 | |||
| 61637 | OS-OTHER Apple macOS and iOS IOSurfaceAccelerator out-of-bounds write attempt (more info ...) | attempted-admin | 2023-28206 | |||
| 61638 | OS-OTHER Apple macOS and iOS IOSurfaceAccelerator out-of-bounds write attempt (more info ...) | attempted-admin | 2023-28206 | |||
| 61652 | MALWARE-BACKDOOR Win.Backdoor.Chollima file download attempt (more info ...) | trojan-activity | ||||
| 61653 | MALWARE-BACKDOOR Win.Backdoor.Chollima file download attempt (more info ...) | trojan-activity | ||||
| 61654 | OS-MOBILE Android Andr.Trojan.Pinduoduo APK file download attempt (more info ...) | trojan-activity | 2023-20963 | URL | ||
| 61655 | OS-MOBILE Android Andr.Trojan.Pinduoduo APK file download attempt (more info ...) | trojan-activity | 2023-20963 | URL | ||
| 61656 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61657 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61658 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61659 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61660 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61661 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61662 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61663 | MALWARE-OTHER Osx.Exploit.Keysteal download attempt (more info ...) | trojan-activity | 2019-8526 | URL | ||
| 61668 | MALWARE-OTHER Win.Trojan.IcedID variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61669 | MALWARE-OTHER Win.Trojan.IcedID variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61670 | MALWARE-OTHER One.Dropper.Qakbot variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61671 | MALWARE-OTHER One.Dropper.Qakbot variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61672 | MALWARE-OTHER One.Dropper.IcedID variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61673 | MALWARE-OTHER One.Dropper.IcedID variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61674 | MALWARE-OTHER One.Dropper.Remcos variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61675 | MALWARE-OTHER One.Dropper.Remcos variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 61677 | SERVER-WEBAPP PaperCut MF/NG PrintScript sandbox setting modification attempt (more info ...) | web-application-attack | 2023-27350 | URL | ||
| 61678 | SERVER-WEBAPP PaperCut MF/NG PrintScript remote code execution attempt (more info ...) | web-application-attack | 2023-27350 | URL | ||
| 61692 | POLICY-OTHER MinIO REST API information disclosure attempt (more info ...) | policy-violation | 2023-28432 | URL | ||
| 61693 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1742 attack attempt (more info ...) | attempted-user | 2023-28393 | URL | ||
| 61694 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1742 attack attempt (more info ...) | attempted-user | 2023-28393 | URL | ||
| 61695 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1742 attack attempt (more info ...) | attempted-user | 2023-28393 | URL | ||
| 61696 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1742 attack attempt (more info ...) | attempted-user | 2023-28393 | URL | ||
| 61697 | SERVER-WEBAPP Zoho ManageEngine ADSelfService Plus command injection attempt (more info ...) | web-application-attack | 2022-28810 | URL | ||
| 61698 | SERVER-WEBAPP Zoho ManageEngine Network Configuration Manager Ping command injection attempt (more info ...) | web-application-attack | 2021-43319 | URL | ||
| 61699 | SERVER-WEBAPP Zoho ManageEngine Network Configuration Manager Ping command injection attempt (more info ...) | web-application-attack | 2021-43319 | URL | ||
| 61700 | SERVER-WEBAPP Zoho ManageEngine Network Configuration Manager Ping command injection attempt (more info ...) | web-application-attack | 2021-43319 | URL | ||
| 61701 | SERVER-WEBAPP Zoho ManageEngine Network Configuration Manager Ping command injection attempt (more info ...) | web-application-attack | 2021-43319 | URL | ||
| 61708 | MALWARE-OTHER Win.Trojan.Greatness outbound communication attempt (more info ...) | trojan-activity | ||||
| 61709 | SERVER-WEBAPP TP-Link Archer Router command injection attempt (more info ...) | web-application-attack | 2023-1389 | URL | ||
| 61710 | SERVER-WEBAPP TP-Link Archer Router command injection attempt (more info ...) | web-application-attack | 2023-1389 | URL | ||
| 61711 | SERVER-WEBAPP TP-Link Archer Router command injection attempt (more info ...) | web-application-attack | 2023-1389 | URL | ||
| 61712 | SERVER-WEBAPP TP-Link Archer Router command injection attempt (more info ...) | web-application-attack | 2023-1389 | URL | ||
| 61730 | FILE-IMAGE ImageMagick tEXt profile arbitrary file read attempt (more info ...) | attempted-admin | 2022-44268 | URL | ||
| 61731 | FILE-IMAGE ImageMagick tEXt profile arbitrary file read attempt (more info ...) | attempted-admin | 2022-44268 | URL | ||
| 61732 | MALWARE-OTHER Ps1.Downloader.Agent download attempt (more info ...) | trojan-activity | URL | |||
| 61733 | MALWARE-OTHER Ps1.Downloader.Agent download attempt (more info ...) | trojan-activity | URL | |||
| 61737 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61738 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61739 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61740 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61741 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61742 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61743 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61744 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61745 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61746 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61747 | MALWARE-OTHER Andr.Trojan.AridViper webshell download attempt (more info ...) | trojan-activity | URL | |||
| 61748 | MALWARE-OTHER Andr.Trojan.AridViper webshell download attempt (more info ...) | trojan-activity | URL | |||
| 61749 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61750 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61751 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61752 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61753 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61754 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61755 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61756 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61757 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61758 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61759 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61760 | MALWARE-OTHER Andr.Trojan.AridViper binary download attempt (more info ...) | trojan-activity | URL | |||
| 61763 | MALWARE-OTHER Win.Ransomware.Babuk variant transfer attempt (more info ...) | trojan-activity | URL | |||
| 61764 | MALWARE-OTHER Win.Ransomware.Babuk variant transfer attempt (more info ...) | trojan-activity | URL | |||
| 61766 | SERVER-WEBAPP PaperCut MF/NG remote code execution attempt (more info ...) | web-application-attack | 2023-27350 | URL | ||
| 61783 | SERVER-WEBAPP Keysight N6854A and N6841A insecure deserialization attempt (more info ...) | attempted-admin | 2022-1660 | |||
| 61784 | SERVER-WEBAPP D-Link HNAP1 buffer overflow attempt (more info ...) | attempted-user | 2022-41140 | URL | ||
| 61794 | SERVER-WEBAPP Sophos Virtual Web Appliance unauthenticated command injection attempt (more info ...) | attempted-admin | 2023-1671 | URL | ||
| 61795 | SERVER-WEBAPP Sophos Virtual Web Appliance unauthenticated command injection attempt (more info ...) | attempted-admin | 2023-1671 | URL | ||
| 61799 | SERVER-WEBAPP NETGEAR Nighthawk RAX30 router SOAP authentication bypass attempt (more info ...) | web-application-attack | 2023-27369 | URL | ||
| 61800 | POLICY-OTHER NETGEAR Nighthawk RAX30 router SOAP API information disclosure attempt (more info ...) | web-application-attack | 2023-27357 | URL | ||
| 61801 | SERVER-WEBAPP Netgate pfSense restore_rrddata filename command injection attempt (more info ...) | web-application-attack | 2023-27253 | URL | ||
| 61806 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61807 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61808 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61809 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61810 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61811 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61812 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61813 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61814 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61815 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61816 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61817 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61818 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61819 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61820 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61821 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61822 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61823 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61824 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61825 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61826 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61827 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61828 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61829 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61830 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61831 | MALWARE-OTHER Revoked.CRT.HookSignTool maliciously signed driver download (more info ...) | trojan-activity | URL | |||
| 61832 | SERVER-WEBAPP Bitrix CMS HTML Editor Module arbitrary code injection attempt (more info ...) | web-application-attack | 2022-27228 | URL | ||
| 61833 | SERVER-WEBAPP Bitrix CMS Vote Module arbitrary code injection attempt (more info ...) | web-application-attack | 2022-27228 | URL | ||
| 61837 | SERVER-WEBAPP Ruckus Wireless Admin command injection attempt (more info ...) | web-application-attack | 2023-25717 | URL | ||
| 61838 | SERVER-WEBAPP Ruckus Wireless Admin command injection attempt (more info ...) | web-application-attack | 2023-25717 | URL | ||
| 61840 | MALWARE-OTHER Win.Trojan.Horabot phishing attempt (more info ...) | trojan-activity | ||||
| 61843 | MALWARE-OTHER Html.Downloader.Horabot trojan phishing attempt (more info ...) | trojan-activity | ||||
| 61844 | MALWARE-OTHER Html.Downloader.Horabot trojan phishing attempt (more info ...) | trojan-activity | ||||
| 61857 | MALWARE-OTHER Ps1.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61858 | MALWARE-OTHER Ps1.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61859 | MALWARE-OTHER Win.Trojan.Cerbu file download (more info ...) | trojan-activity | ||||
| 61860 | MALWARE-OTHER Win.Trojan.Cerbu file download (more info ...) | trojan-activity | ||||
| 61861 | INDICATOR-OBFUSCATION .zip top-level domain unicode forward slash obfuscation attempt (more info ...) | misc-activity | URL | |||
| 61862 | INDICATOR-OBFUSCATION .zip top-level domain unicode forward slash obfuscation attempt (more info ...) | misc-activity | URL | |||
| 61863 | INDICATOR-OBFUSCATION .zip top-level domain unicode forward slash obfuscation attempt (more info ...) | misc-activity | URL | |||
| 61864 | INDICATOR-OBFUSCATION .zip top-level domain unicode forward slash obfuscation attempt (more info ...) | misc-activity | URL | |||
| 61865 | SERVER-WEBAPP Zyxel unauthenticated IKEv2 command injection attempt (more info ...) | attempted-admin | 2023-28771 | URL | ||
| 61866 | SERVER-WEBAPP TP-Link MiniDLNA remote code execution attempt (more info ...) | attempted-admin | 2023-28760 | URL | ||
| 61867 | SERVER-WEBAPP TP-Link MiniDLNA remote code execution attempt (more info ...) | attempted-admin | 2023-28760 | URL | ||
| 61870 | INDICATOR-SHELLCODE Windows Donut x64 loader download attempt (more info ...) | shellcode-detect | URL | |||
| 61871 | INDICATOR-SHELLCODE Windows Donut x64 loader download attempt (more info ...) | shellcode-detect | URL | |||
| 61872 | INDICATOR-SHELLCODE Windows Donut x86 loader download attempt (more info ...) | shellcode-detect | URL | |||
| 61873 | INDICATOR-SHELLCODE Windows Donut x86 loader download attempt (more info ...) | shellcode-detect | URL | |||
| 61874 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1747 attack attempt (more info ...) | attempted-user | URL | |||
| 61875 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1747 attack attempt (more info ...) | attempted-user | URL | |||
| 61876 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell connection attempt (more info ...) | trojan-activity | 2023-34362 | URL | ||
| 61877 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell connection attempt (more info ...) | trojan-activity | 2023-34362 | URL | ||
| 61878 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell upload attempt (more info ...) | trojan-activity | 2023-34362 | URL | ||
| 61879 | MALWARE-BACKDOOR Asp.Backdoor.MoveITShell download attempt (more info ...) | trojan-activity | 2023-34362 | URL | ||
| 61881 | INDICATOR-COMPROMISE Veeam Backup Server credential stealer script download attempt (more info ...) | misc-activity | URL | |||
| 61882 | INDICATOR-COMPROMISE Veeam Backup Server credential stealer script download attempt (more info ...) | misc-activity | URL | |||
| 61883 | MALWARE-TOOLS Win.Proxy.EarthWorm download attempt (more info ...) | trojan-activity | URL | |||
| 61884 | MALWARE-TOOLS Win.Proxy.EarthWorm download attempt (more info ...) | trojan-activity | URL | |||
| 61887 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1749 attack attempt (more info ...) | attempted-user | 2023-32614 | URL | ||
| 61888 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1749 attack attempt (more info ...) | attempted-user | 2023-32614 | URL | ||
| 61889 | MALWARE-TOOLS Win.Loader.Meterpreter download attempt (more info ...) | trojan-activity | URL | |||
| 61890 | MALWARE-TOOLS Win.Loader.Meterpreter download attempt (more info ...) | trojan-activity | URL | |||
| 61897 | SERVER-WEBAPP Centreon Web Application command injection attempt (more info ...) | web-application-attack | 2019-15298 | |||
| 61898 | SERVER-WEBAPP Centreon Web Application command injection attempt (more info ...) | web-application-attack | 2019-15298 | |||
| 61899 | SERVER-WEBAPP Centreon Web Application command injection attempt (more info ...) | web-application-attack | 2019-15298 | |||
| 61900 | SERVER-WEBAPP Centreon Web Application command injection attempt (more info ...) | web-application-attack | 2019-15298 | |||
| 61917 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 61918 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 61919 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 61920 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 61921 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61922 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61923 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61924 | SERVER-WEBAPP Fortra GoAnywhere MFT remote code execution attempt (more info ...) | attempted-admin | 2023-0669 | |||
| 61925 | PROTOCOL-SCADA TRUFFLEHUNTER SFVRT-1050 attack attempt (more info ...) | attempted-admin | ||||
| 61926 | PROTOCOL-SCADA TRUFFLEHUNTER SFVRT-1050 attack attempt (more info ...) | attempted-admin | ||||
| 61927 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP read socket object exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 61928 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP read socket object exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 61929 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 61930 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 61931 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 61932 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 61934 | MALWARE-OTHER Win.Exploit.CVE_2023_28310 download attempt (more info ...) | trojan-activity | 2023-28310 | URL | ||
| 61935 | MALWARE-OTHER Win.Exploit.CVE_2023_28310 download attempt (more info ...) | trojan-activity | 2023-28310 | URL | ||
| 61936 | SERVER-WEBAPP MOVEit Transfer moveitisapi.dll server side request forgery attempt (more info ...) | web-application-attack | 2023-34362 | URL | ||
| 61940 | SERVER-WEBAPP FortiOS SSL VPN heap overflow attempt (more info ...) | attempted-admin | 2023-27997 | URL | ||
| 61941 | SERVER-WEBAPP FortiOS SSL VPN heap overflow attempt (more info ...) | attempted-admin | 2023-27997 | URL | ||
| 61942 | SERVER-WEBAPP GitLab CE/EE 16.0.0 directory traversal attempt (more info ...) | web-application-attack | 2023-2825 | URL | ||
| 61943 | SERVER-WEBAPP VMware vRealize Network Insight createSupportBundle command injection attempt (more info ...) | web-application-attack | 2023-20887 | URL | ||
| 61944 | SERVER-WEBAPP VMware vRealize Network Insight restricted endpoint bypass attempt (more info ...) | web-application-attack | URL | |||
| 61947 | MALWARE-OTHER Win.Trojan.Barys file download attempt (more info ...) | trojan-activity | ||||
| 61948 | MALWARE-OTHER Win.Trojan.Barys file download attempt (more info ...) | trojan-activity | ||||
| 61949 | MALWARE-OTHER Win.Trojan.Barys file download attempt (more info ...) | trojan-activity | ||||
| 61950 | MALWARE-OTHER Win.Trojan.Barys file download attempt (more info ...) | trojan-activity | ||||
| 61951 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1752 attack attempt (more info ...) | attempted-admin | 2023-32645 | URL | ||
| 61952 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1756 attack attempt (more info ...) | attempted-user | 2023-27379 | URL | ||
| 61953 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1756 attack attempt (more info ...) | attempted-user | 2023-27379 | URL | ||
| 61954 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1754 attack attempt (more info ...) | attempted-user | 2023-27516 | URL | ||
| 61955 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1767 attack attempt (more info ...) | attempted-admin | 2023-32632 | URL | ||
| 61956 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1767 attack attempt (more info ...) | attempted-admin | 2023-32632 | URL | ||
| 61959 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1764 attack attempt (more info ...) | attempted-user | 2023-34346 | URL | ||
| 61961 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1778 attack attempt (more info ...) | web-application-attack | 2023-34356 | URL | ||
| 61962 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1778 attack attempt (more info ...) | web-application-attack | 2023-34356 | URL | ||
| 61963 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1778 attack attempt (more info ...) | web-application-attack | 2023-34356 | URL | ||
| 61964 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1778 attack attempt (more info ...) | web-application-attack | 2023-34356 | URL | ||
| 61969 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61970 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61971 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61972 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61973 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61974 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61975 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61976 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1761 attack attempt (more info ...) | attempted-admin | 2023-35056 | URL | ||
| 61977 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1760 attack attempt (more info ...) | attempted-user | 2023-35002 | URL | ||
| 61978 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1760 attack attempt (more info ...) | attempted-user | 2023-35002 | URL | ||
| 61979 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1779 attack attempt (more info ...) | web-application-attack | 2023-27381 | URL | ||
| 61980 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1779 attack attempt (more info ...) | web-application-attack | 2023-27381 | URL | ||
| 61981 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1779 attack attempt (more info ...) | web-application-attack | 2023-27381 | URL | ||
| 61982 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1779 attack attempt (more info ...) | web-application-attack | 2023-27381 | URL | ||
| 61983 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1782 attack attempt (more info ...) | web-application-attack | 2023-35194 | URL | ||
| 61984 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1782 attack attempt (more info ...) | web-application-attack | 2023-35194 | URL | ||
| 61985 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1782 attack attempt (more info ...) | web-application-attack | 2023-35194 | URL | ||
| 61986 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1782 attack attempt (more info ...) | web-application-attack | 2023-35194 | URL | ||
| 61987 | INDICATOR-COMPROMISE Win.Tool.EDRSandBlast EDR bypass download attempt (more info ...) | misc-activity | URL | |||
| 61988 | INDICATOR-COMPROMISE Win.Tool.EDRSandBlast EDR bypass download attempt (more info ...) | misc-activity | URL | |||
| 61989 | OS-WINDOWS MSI Afterburner driver privilege escalation attempt (more info ...) | attempted-admin | 2019-16098 | URL | ||
| 61990 | OS-WINDOWS MSI Afterburner driver privilege escalation attempt (more info ...) | attempted-admin | 2019-16098 | URL | ||
| 61995 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1781 attack attempt (more info ...) | attempted-user | 2023-34354 | URL | ||
| 61996 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1781 attack attempt (more info ...) | attempted-user | 2023-34354 | URL | ||
| 61997 | SERVER-WEBAPP Zyxel ZyWALL authentication bypass attempt (more info ...) | web-application-attack | 2022-0342 | |||
| 61998 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 61999 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 62000 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 62001 | SERVER-WEBAPP Barracuda Email Security Gateway malicious .tar upload attempt (more info ...) | web-application-attack | 2023-2868 | URL | ||
| 62002 | FILE-IDENTIFY TAR file download request (more info ...) | misc-activity | ||||
| 62005 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1750 attack attempt (more info ...) | attempted-user | 2023-32284 | URL | ||
| 62006 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1750 attack attempt (more info ...) | attempted-user | 2023-32284 | URL | ||
| 62007 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1750 attack attempt (more info ...) | attempted-user | 2023-32284 | URL | ||
| 62008 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1750 attack attempt (more info ...) | attempted-user | 2023-32284 | URL | ||
| 62009 | SERVER-WEBAPP LB-Link Multiple BLRouters command injection attempt (more info ...) | web-application-attack | 2023-26801 | |||
| 62014 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62015 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62016 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62017 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62018 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62019 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62020 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62021 | MALWARE-OTHER Win.Trojan.SmokeLoader variant download attempt (more info ...) | trojan-activity | URL | |||
| 62028 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP read socket object exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 62029 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP read socket object exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 62030 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 62031 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 62032 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 62033 | PROTOCOL-SCADA Rockwell Automation ControlLogix CIP exploit attempt (more info ...) | attempted-admin | 2023-3596 | |||
| 62036 | SERVER-WEBAPP LB-Link Multiple BL Routers command injection attempt (more info ...) | web-application-attack | 2023-26801 | |||
| 62037 | SERVER-WEBAPP Multiple products command injection attempt (more info ...) | web-application-attack | 2023-27076 | |||
| 62043 | SERVER-WEBAPP Zyxel NAS web interface command injection attempt (more info ...) | web-application-attack | 2023-27992 | URL | ||
| 62044 | SERVER-WEBAPP Zyxel NAS web interface command injection attempt (more info ...) | web-application-attack | 2023-27992 | URL | ||
| 62045 | SERVER-WEBAPP Zyxel NAS web interface command injection attempt (more info ...) | web-application-attack | 2023-27992 | URL | ||
| 62046 | SERVER-WEBAPP Zyxel NAS web interface command injection attempt (more info ...) | web-application-attack | 2023-27992 | URL | ||
| 62049 | SERVER-WEBAPP DCN DCBI-Netlog-LAB command injection attempt (more info ...) | web-application-attack | 2023-26802 | URL | ||
| 62050 | SERVER-WEBAPP DCN DCBI-Netlog-LAB command injection attempt (more info ...) | web-application-attack | 2023-26802 | URL | ||
| 62051 | SERVER-WEBAPP DCN DCBI-Netlog-LAB command injection attempt (more info ...) | web-application-attack | 2023-26802 | URL | ||
| 62052 | SERVER-WEBAPP DCN DCBI-Netlog-LAB command injection attempt (more info ...) | web-application-attack | 2023-26802 | URL | ||
| 62058 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1795 attack attempt (more info ...) | attempted-user | 2023-32664 | URL | ||
| 62059 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1795 attack attempt (more info ...) | attempted-user | 2023-32664 | URL | ||
| 62062 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1794 attack attempt (more info ...) | attempted-user | URL | |||
| 62063 | FILE-PDF TRUFFLEHUNTER TALOS-2023-1794 attack attempt (more info ...) | attempted-user | URL | |||
| 62064 | MALWARE-OTHER Win.Ransomware.Trigona variant download attempt (more info ...) | trojan-activity | URL | |||
| 62065 | MALWARE-OTHER Win.Ransomware.Trigona variant download attempt (more info ...) | trojan-activity | URL | |||
| 62066 | MALWARE-OTHER Win.Ransomware.Trigona variant download attempt (more info ...) | trojan-activity | URL | |||
| 62067 | MALWARE-OTHER Win.Ransomware.Trigona variant download attempt (more info ...) | trojan-activity | URL | |||
| 62068 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62069 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62070 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62071 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62072 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62073 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62074 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62075 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62076 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62077 | MALWARE-OTHER Win.Trojan.RomCom variant download attempt (more info ...) | trojan-activity | URL | |||
| 62078 | MALWARE-OTHER Win.Ransomware.IndustrialSpy variant download attempt (more info ...) | trojan-activity | URL | |||
| 62079 | MALWARE-OTHER Win.Ransomware.IndustrialSpy variant download attempt (more info ...) | trojan-activity | URL | |||
| 62080 | MALWARE-OTHER Win.Ransomware.IndustrialSpy variant download attempt (more info ...) | trojan-activity | URL | |||
| 62081 | MALWARE-OTHER Win.Ransomware.IndustrialSpy variant download attempt (more info ...) | trojan-activity | URL | |||
| 62082 | MALWARE-OTHER Win.Ransomware.Underground variant download attempt (more info ...) | trojan-activity | URL | |||
| 62083 | MALWARE-OTHER Win.Ransomware.Underground variant download attempt (more info ...) | trojan-activity | URL | |||
| 62087 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1797 attack attempt (more info ...) | attempted-user | 2023-36864 | URL | ||
| 62088 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1797 attack attempt (more info ...) | attempted-user | 2023-36864 | URL | ||
| 62089 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1793 attack attempt (more info ...) | attempted-user | 2023-36747 | URL | ||
| 62090 | FILE-OTHER TRUFFLEHUNTER TALOS-2023-1793 attack attempt (more info ...) | attempted-user | 2023-36747 | URL | ||
| 62093 | SERVER-WEBAPP Zimbra Collaboration Suite cross site scripting attempt (more info ...) | attempted-user | 2023-34192 | URL | ||
| 62094 | SERVER-WEBAPP Zimbra Collaboration Suite cross site scripting attempt (more info ...) | attempted-user | 2023-34192 | URL | ||
| 62095 | SERVER-WEBAPP SolarView Compact command injection vulnerability (more info ...) | attempted-user | 2022-29303 | |||
| 62098 | SERVER-WEBAPP SolarView Compact command injection attempt (more info ...) | attempted-user | 2022-29303 | |||
| 62099 | SERVER-WEBAPP SolarView Compact command injection attempt (more info ...) | attempted-user | 2022-29303 | |||
| 62100 | SERVER-WEBAPP SolarView Compact command injection attempt (more info ...) | attempted-user | 2022-29303 | |||
| 62101 | SERVER-WEBAPP SolarView Compact command injection attempt (more info ...) | attempted-user | 2022-29303 | |||
| 62107 | SERVER-OTHER Rockwell Automation Thinmanger Thinserver directory traversal attempt (more info ...) | attempted-user | 2023-27856 | URL | ||
| 62108 | SERVER-WEBAPP Roundcube Webmail cross site scripting attempt (more info ...) | web-application-attack | 2020-35730 | URL | ||
| 62109 | SERVER-WEBAPP Citrix ADC Gateway remote code execution attempt (more info ...) | web-application-attack | 2023-3519 | URL | ||
| 62110 | SERVER-WEBAPP Citrix ADC Gateway remote code execution attempt (more info ...) | web-application-attack | 2023-3519 | URL | ||
| 62123 | SERVER-WEBAPP Atlassian Bitbucket command injection attempt (more info ...) | web-application-attack | 2022-43781 | |||
| 62124 | SERVER-WEBAPP Atlassian Bitbucket command injection attempt (more info ...) | web-application-attack | 2022-43781 | |||
| 62125 | SERVER-WEBAPP Atlassian Bitbucket command injection attempt (more info ...) | web-application-attack | 2022-43781 | |||
| 62127 | SERVER-WEBAPP Dolibarr ERP & CRM command injection attempt (more info ...) | web-application-attack | 2022-40871 | URL | ||
| 62128 | SERVER-WEBAPP Dolibarr ERP & CRM command injection attempt (more info ...) | web-application-attack | 2022-40871 | URL | ||
| 62129 | SERVER-WEBAPP Dolibarr ERP & CRM command injection attempt (more info ...) | web-application-attack | 2022-40871 | URL | ||
| 62130 | SERVER-WEBAPP Dolibarr ERP & CRM command injection attempt (more info ...) | web-application-attack | 2022-40871 | URL | ||
| 90011 | conficker.a shellcode (more info ...) | |||||
| 90022 | conficker.b shellcode (more info ...) |
| ID | Message | Classtype | CVE | BugtraqID | NessusID | Custom |
|---|---|---|---|---|---|---|
| 105 | MALWARE-BACKDOOR - Dagger_1.4.0 (more info ...) | misc-activity | ||||
| 108 | MALWARE-BACKDOOR QAZ Worm Client Login access (more info ...) | misc-activity | ||||
| 110 | MALWARE-BACKDOOR netbus getinfo (more info ...) | trojan-activity | ||||
| 115 | MALWARE-BACKDOOR NetBus Pro 2.0 connection established (more info ...) | trojan-activity | ||||
| 117 | MALWARE-BACKDOOR Infector.1.x (more info ...) | misc-activity | 11157 | |||
| 118 | MALWARE-BACKDOOR SatansBackdoor.2.0.Beta (more info ...) | trojan-activity | URL | |||
| 119 | MALWARE-BACKDOOR Doly 2.0 access (more info ...) | misc-activity | ||||
| 121 | MALWARE-BACKDOOR Infector 1.6 Client to Server Connection Request (more info ...) | misc-activity | 11157 | |||
| 141 | MALWARE-BACKDOOR HackAttack 1.20 Connect (more info ...) | misc-activity | ||||
| 146 | MALWARE-BACKDOOR NetSphere access (more info ...) | trojan-activity | ||||
| 152 | MALWARE-BACKDOOR BackConstruction 2.1 Connection (more info ...) | misc-activity | ||||
| 161 | MALWARE-BACKDOOR Matrix 2.0 Client connect (more info ...) | misc-activity | ||||
| 162 | MALWARE-BACKDOOR Matrix 2.0 Server access (more info ...) | misc-activity | ||||
| 163 | MALWARE-BACKDOOR WinCrash 1.0 Server Active (more info ...) | misc-activity | ||||
| 185 | MALWARE-BACKDOOR CDK (more info ...) | misc-activity | ||||
| 195 | MALWARE-BACKDOOR DeepThroat 3.1 Server Response (more info ...) | trojan-activity | 10053 | |||
| 208 | MALWARE-BACKDOOR PhaseZero Server Active on Network (more info ...) | trojan-activity | URL | |||
| 209 | MALWARE-BACKDOOR w00w00 attempt (more info ...) | attempted-admin | ||||
| 210 | MALWARE-BACKDOOR attempt (more info ...) | attempted-admin | ||||
| 211 | MALWARE-BACKDOOR MISC r00t attempt (more info ...) | attempted-admin | ||||
| 212 | MALWARE-BACKDOOR MISC rewt attempt (more info ...) | attempted-admin | ||||
| 217 | MALWARE-BACKDOOR MISC sm4ck attempt (more info ...) | attempted-admin | ||||
| 219 | MALWARE-BACKDOOR HidePak backdoor attempt (more info ...) | misc-activity | ||||
| 220 | MALWARE-BACKDOOR HideSource backdoor attempt (more info ...) | misc-activity | ||||
| 223 | MALWARE-OTHER Trin00 Daemon to Master PONG message detected (more info ...) | attempted-dos | 2000-0138 | |||
| 230 | MALWARE-OTHER shaft client login to handler (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 231 | MALWARE-OTHER Trin00 Daemon to Master message detected (more info ...) | attempted-dos | 2000-0138 | |||
| 232 | MALWARE-OTHER Trin00 Daemon to Master *HELLO* message detected (more info ...) | attempted-dos | 2000-0138 | URL | ||
| 239 | MALWARE-OTHER shaft handler to agent (more info ...) | attempted-dos | 2000-0138 | |||
| 240 | MALWARE-OTHER shaft agent to handler (more info ...) | attempted-dos | 2000-0138 | |||
| 243 | MALWARE-OTHER mstream agent to handler (more info ...) | attempted-dos | 2000-0138 | |||
| 244 | MALWARE-OTHER mstream handler to agent (more info ...) | attempted-dos | 2000-0138 | |||
| 245 | MALWARE-OTHER mstream handler ping to agent (more info ...) | attempted-dos | 2000-0138 | |||
| 246 | MALWARE-OTHER mstream agent pong to handler (more info ...) | attempted-dos | 2000-0138 | |||
| 247 | MALWARE-OTHER mstream client to handler (more info ...) | attempted-dos | 2000-0138 | |||
| 248 | MALWARE-OTHER mstream handler to client (more info ...) | attempted-dos | 2000-0138 | |||
| 250 | MALWARE-OTHER mstream handler to client (more info ...) | attempted-dos | 2000-0138 | |||
| 258 | SERVER-OTHER Bind Buffer Overflow via NXT records (more info ...) | attempted-admin | 1999-0833 | 788 | ||
| 259 | SERVER-OTHER Bind Buffer Overflow via NXT records named overflow ADM (more info ...) | attempted-admin | 1999-0833 | 788 | ||
| 260 | SERVER-OTHER Bind Buffer Overflow via NXT records named overflow ADMROCKS (more info ...) | attempted-admin | 1999-0833 | 788 | URL | |
| 261 | SERVER-OTHER Bind named overflow attempt (more info ...) | attempted-admin | URL | |||
| 266 | OS-OTHER x86 FreeBSD overflow attempt (more info ...) | attempted-admin | ||||
| 276 | SERVER-OTHER RealNetworks Audio Server denial of service attempt (more info ...) | attempted-dos | 1999-0271 | 10183 | ||
| 277 | SERVER-OTHER RealNetworks Server template.html (more info ...) | attempted-dos | 2000-0474 | 1288 | 10461 | |
| 278 | SERVER-OTHER RealNetworks Server template.html (more info ...) | attempted-dos | 2000-0474 | 1288 | ||
| 283 | BROWSER-OTHER Netscape 4.7 client overflow (more info ...) | attempted-user | 2000-1187 | 822 | ||
| 286 | PROTOCOL-POP EXPLOIT x86 BSD overflow (more info ...) | attempted-admin | 1999-0006 | 133 | 10196 | |
| 287 | PROTOCOL-POP EXPLOIT x86 BSD overflow (more info ...) | attempted-admin | ||||
| 290 | PROTOCOL-POP EXPLOIT qpopper overflow (more info ...) | attempted-admin | 1999-0822 | 830 | 10184 | |
| 301 | SERVER-OTHER LPRng overflow (more info ...) | attempted-admin | 2000-0917 | 1712 | ||
| 303 | SERVER-OTHER Bind Buffer Overflow named tsig overflow attempt (more info ...) | attempted-admin | 2001-0010 | 2302 | 10605 | |
| 305 | SERVER-OTHER delegate proxy overflow (more info ...) | attempted-admin | 2000-0165 | 808 | ||
| 306 | SERVER-OTHER VQServer admin (more info ...) | attempted-admin | 2000-0766 | 1610 | 10354 | URL |
| 307 | SERVER-OTHER CHAT IRC topic overflow (more info ...) | attempted-user | 1999-0672 | 573 | ||
| 309 | SERVER-MAIL sniffit overflow (more info ...) | attempted-admin | 2000-0343 | 1158 | ||
| 310 | SERVER-MAIL x86 windows MailMax overflow (more info ...) | attempted-admin | 1999-0404 | 2312 | ||
| 311 | BROWSER-OTHER Netscape 4.7 unsucessful overflow (more info ...) | unsuccessful-user | 2000-1187 | 822 | ||
| 314 | SERVER-OTHER Bind Buffer Overflow named tsig overflow attempt (more info ...) | attempted-admin | 2001-0010 | 2302 | ||
| 320 | PROTOCOL-FINGER cmd_rootsh backdoor attempt (more info ...) | attempted-admin | 10070 | URL | ||
| 321 | PROTOCOL-FINGER account enumeration attempt (more info ...) | attempted-recon | 10788 | |||
| 322 | PROTOCOL-FINGER search query (more info ...) | attempted-recon | 1999-0259 | |||
| 323 | PROTOCOL-FINGER root query (more info ...) | attempted-recon | ||||
| 324 | PROTOCOL-FINGER null request (more info ...) | attempted-recon | 1999-0612 | |||
| 326 | PROTOCOL-FINGER remote command execution attempt (more info ...) | attempted-user | 1999-0150 | 974 | ||
| 327 | PROTOCOL-FINGER remote command pipe execution attempt (more info ...) | attempted-user | 1999-0152 | 2220 | ||
| 328 | PROTOCOL-FINGER bomb attempt (more info ...) | attempted-dos | 1999-0106 | |||
| 330 | PROTOCOL-FINGER redirection attempt (more info ...) | attempted-recon | 1999-0105 | 10073 | ||
| 331 | PROTOCOL-FINGER cybercop query (more info ...) | attempted-recon | 1999-0612 | |||
| 332 | PROTOCOL-FINGER 0 query (more info ...) | attempted-recon | 1999-0197 | 10069 | ||
| 333 | PROTOCOL-FINGER . query (more info ...) | attempted-recon | 1999-0198 | 10072 | ||
| 492 | PROTOCOL-TELNET login failed (more info ...) | bad-unknown | ||||
| 493 | APP-DETECT psyBNC access (more info ...) | bad-unknown | ||||
| 495 | INDICATOR-COMPROMISE command error (more info ...) | bad-unknown | ||||
| 498 | INDICATOR-COMPROMISE id check returned root (more info ...) | bad-unknown | ||||
| 507 | PUA-OTHER PCAnywhere Attempted Administrator Login (more info ...) | attempted-admin | ||||
| 508 | SERVER-OTHER gopher proxy (more info ...) | bad-unknown | ||||
| 510 | POLICY-OTHER HP JetDirect LCD modification attempt (more info ...) | misc-activity | 2245 | |||
| 512 | PUA-OTHER PCAnywhere Failed Login (more info ...) | unsuccessful-user | ||||
| 514 | SERVER-OTHER ramen worm (more info ...) | bad-unknown | ||||
| 516 | PROTOCOL-SNMP NT UserList (more info ...) | attempted-recon | 10546 | |||
| 530 | OS-WINDOWS NT NULL session (more info ...) | attempted-recon | 2000-0347 | 1163 | ||
| 555 | POLICY-OTHER WinGate telnet server response (more info ...) | misc-activity | 1999-0657 | |||
| 556 | PUA-P2P Outbound GNUTella client request (more info ...) | policy-violation | ||||
| 557 | PUA-P2P GNUTella client request (more info ...) | policy-violation | ||||
| 568 | POLICY-OTHER HP JetDirect LCD modification attempt (more info ...) | misc-activity | 2245 | |||
| 607 | PROTOCOL-SERVICES rsh bin (more info ...) | attempted-user | ||||
| 608 | PROTOCOL-SERVICES rsh echo + + (more info ...) | attempted-user | ||||
| 609 | PROTOCOL-SERVICES rsh froot (more info ...) | attempted-admin | ||||
| 611 | PROTOCOL-SERVICES rlogin login failure (more info ...) | unsuccessful-user | ||||
| 613 | INDICATOR-SCAN myscan (more info ...) | attempted-recon | URL | |||
| 614 | MALWARE-BACKDOOR hack-a-tack attempt (more info ...) | attempted-recon | ||||
| 616 | INDICATOR-SCAN ident version request (more info ...) | attempted-recon | URL | |||
| 619 | INDICATOR-SCAN cybercop os probe (more info ...) | attempted-recon | URL | |||
| 622 | INDICATOR-SCAN ipEye SYN scan (more info ...) | attempted-recon | URL | |||
| 626 | INDICATOR-SCAN cybercop os PA12 attempt (more info ...) | attempted-recon | URL | |||
| 627 | INDICATOR-SCAN cybercop os SFU12 probe (more info ...) | attempted-recon | URL | |||
| 630 | INDICATOR-SCAN synscan portscan (more info ...) | attempted-recon | URL | |||
| 631 | SERVER-MAIL ehlo cybercop attempt (more info ...) | protocol-command-decode | ||||
| 632 | SERVER-MAIL expn cybercop attempt (more info ...) | protocol-command-decode | ||||
| 638 | INDICATOR-SHELLCODE SGI NOOP (more info ...) | shellcode-detect | ||||
| 639 | INDICATOR-SHELLCODE SGI NOOP (more info ...) | shellcode-detect | ||||
| 642 | INDICATOR-SHELLCODE HP-UX NOOP (more info ...) | shellcode-detect | ||||
| 643 | INDICATOR-SHELLCODE HP-UX NOOP (more info ...) | shellcode-detect | ||||
| 644 | INDICATOR-SHELLCODE sparc NOOP (more info ...) | shellcode-detect | ||||
| 645 | INDICATOR-SHELLCODE sparc NOOP (more info ...) | shellcode-detect | ||||
| 646 | INDICATOR-SHELLCODE sparc NOOP (more info ...) | shellcode-detect | ||||
| 647 | INDICATOR-SHELLCODE Oracle sparc setuid 0 (more info ...) | system-call-detect | ||||
| 660 | SERVER-MAIL expn root (more info ...) | attempted-recon | 10249 | |||
| 661 | SERVER-MAIL Majordomo ifs (more info ...) | attempted-admin | 1999-0207 | 2310 | ||
| 672 | SERVER-MAIL vrfy decode (more info ...) | attempted-recon | 1999-0096 | |||
| 691 | INDICATOR-SHELLCODE shellcode attempt (more info ...) | shellcode-detect | ||||
| 692 | INDICATOR-SHELLCODE shellcode attempt (more info ...) | shellcode-detect | ||||
| 693 | INDICATOR-SHELLCODE shellcode attempt (more info ...) | shellcode-detect | ||||
| 694 | INDICATOR-SHELLCODE shellcode attempt (more info ...) | attempted-user | ||||
| 709 | PROTOCOL-TELNET 4Dgifts SGI account attempt (more info ...) | suspicious-login | 1999-0501 | 11243 | ||
| 710 | PROTOCOL-TELNET EZsetup account attempt (more info ...) | suspicious-login | 1999-0501 | 11244 | ||
| 711 | PROTOCOL-TELNET SGI telnetd format bug (more info ...) | attempted-admin | 2000-0733 | 1572 | ||
| 712 | PROTOCOL-TELNET ld_library_path (more info ...) | attempted-admin | 1999-0073 | 459 | ||
| 713 | PROTOCOL-TELNET livingston DOS (more info ...) | attempted-dos | 1999-0218 | 2225 | ||
| 714 | PROTOCOL-TELNET resolv_host_conf (more info ...) | attempted-admin | 2001-0170 | 2181 | ||
| 715 | PROTOCOL-TELNET Attempted SU from wrong group (more info ...) | attempted-admin | ||||
| 717 | PROTOCOL-TELNET not on console (more info ...) | bad-unknown | ||||
| 718 | PROTOCOL-TELNET login incorrect (more info ...) | bad-unknown | ||||
| 719 | PROTOCOL-TELNET root login (more info ...) | suspicious-login | ||||
| 804 | SERVER-WEBAPP SWSoft ASPSeek Overflow attempt (more info ...) | web-application-attack | 2001-0476 | 2492 | ||
| 805 | SERVER-WEBAPP Progress webspeed access (more info ...) | attempted-user | 2000-0127 | 969 | 10304 | |
| 806 | SERVER-WEBAPP yabb directory traversal attempt (more info ...) | attempted-recon | 2000-0853 | 1668 | 10512 | |
| 807 | SERVER-WEBAPP /wwwboard/passwd.txt access (more info ...) | attempted-recon | 1999-0954 | 649 | 10321 | |
| 808 | SERVER-WEBAPP webdriver access (more info ...) | attempted-recon | 2166 | 10592 | ||
| 811 | SERVER-WEBAPP websitepro path access (more info ...) | attempted-recon | 2000-0066 | 932 | 10303 | |
| 812 | SERVER-WEBAPP webplus version access (more info ...) | attempted-recon | 2000-0282 | 1102 | ||
| 813 | SERVER-WEBAPP webplus directory traversal (more info ...) | web-application-attack | 2000-0282 | 1102 | 10367 | |
| 820 | SERVER-WEBAPP anaconda directory traversal attempt (more info ...) | web-application-attack | 2001-0308 | 2388 | 10536 | |
| 821 | SERVER-WEBAPP imagemap.exe overflow attempt (more info ...) | web-application-attack | 1999-0951 | 739 | 10122 | |
| 825 | SERVER-WEBAPP glimpse access (more info ...) | attempted-recon | 1999-0147 | 2026 | 10095 | |
| 826 | SERVER-WEBAPP htmlscript access (more info ...) | attempted-recon | 1999-0264 | 2001 | 10106 | |
| 827 | SERVER-WEBAPP info2www access (more info ...) | attempted-recon | 1999-0266 | 1995 | 10127 | |
| 828 | SERVER-WEBAPP maillist.pl access (more info ...) | attempted-recon | ||||
| 833 | SERVER-WEBAPP rguest.exe access (more info ...) | attempted-recon | 1999-0287 | 2024 | ||
| 834 | SERVER-WEBAPP rwwwshell.pl access (more info ...) | attempted-recon | URL | |||
| 836 | SERVER-WEBAPP textcounter.pl access (more info ...) | attempted-recon | 1999-1479 | 2265 | 11451 | |
| 837 | SERVER-WEBAPP uploader.exe access (more info ...) | attempted-recon | 2000-0769 | 1611 | 10291 | |
| 838 | SERVER-WEBAPP webgais access (more info ...) | attempted-recon | 1999-0176 | 2058 | 10300 | |
| 839 | SERVER-WEBAPP finger access (more info ...) | attempted-recon | 1999-0612 | 10071 | ||
| 842 | SERVER-WEBAPP aglimpse access (more info ...) | attempted-recon | 1999-0147 | 2026 | 10095 | |
| 843 | SERVER-WEBAPP anform2 access (more info ...) | attempted-recon | 1999-0066 | 719 | ||
| 844 | SERVER-WEBAPP args.bat access (more info ...) | attempted-recon | 1999-1180 | 11465 | ||
| 847 | SERVER-WEBAPP campas access (more info ...) | attempted-recon | 1999-0146 | 1975 | 10035 | |
| 848 | SERVER-WEBAPP view-source directory traversal (more info ...) | web-application-attack | 1999-0174 | 8883 | ||
| 849 | SERVER-WEBAPP view-source access (more info ...) | attempted-recon | 1999-0174 | 8883 | ||
| 850 | SERVER-WEBAPP wais.pl access (more info ...) | attempted-recon | ||||
| 851 | SERVER-WEBAPP files.pl access (more info ...) | attempted-recon | 1999-1081 | |||
| 852 | SERVER-WEBAPP wguest.exe access (more info ...) | attempted-recon | 1999-0467 | 2024 | ||
| 857 | SERVER-WEBAPP faxsurvey access (more info ...) | web-application-activity | 1999-0262 | 2056 | 10067 | |
| 858 | SERVER-WEBAPP filemail access (more info ...) | attempted-recon | 1999-1154 | |||
| 859 | SERVER-WEBAPP man.sh access (more info ...) | attempted-recon | 1999-1179 | 2276 | ||
| 860 | SERVER-WEBAPP snork.bat access (more info ...) | attempted-recon | 1999-0233 | 2023 | ||
| 866 | SERVER-WEBAPP post-query access (more info ...) | attempted-recon | 2001-0291 | 6752 | ||
| 867 | SERVER-WEBAPP visadmin.exe access (more info ...) | attempted-recon | 1999-0970 | 1808 | 10295 | |
| 869 | SERVER-WEBAPP dumpenv.pl access (more info ...) | attempted-recon | 1999-1178 | 10060 | ||
| 870 | SERVER-WEBAPP snorkerz.cmd access (more info ...) | attempted-recon | ||||
| 875 | SERVER-WEBAPP win-c-sample.exe access (more info ...) | attempted-recon | 1999-0178 | 2078 | 10008 | |
| 878 | SERVER-WEBAPP w3tvars.pm access (more info ...) | attempted-recon | ||||
| 879 | SERVER-WEBAPP admin.pl access (more info ...) | attempted-recon | 2002-1748 | 3839 | URL | |
| 880 | SERVER-WEBAPP LWGate access (more info ...) | attempted-recon | URL | |||
| 881 | SERVER-WEBAPP archie access (more info ...) | attempted-recon | ||||
| 883 | SERVER-WEBAPP flexform access (more info ...) | attempted-recon | URL | |||
| 888 | SERVER-WEBAPP wwwadmin.pl access (more info ...) | attempted-recon | ||||
| 892 | SERVER-WEBAPP AnyForm2 access (more info ...) | attempted-recon | 1999-0066 | 719 | 10277 | |
| 894 | SERVER-WEBAPP bb-hist.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | 10025 | |
| 896 | SERVER-WEBAPP way-board access (more info ...) | web-application-activity | 2001-0214 | 2370 | 10610 | |
| 899 | SERVER-WEBAPP Amaya templates sendtemp.pl directory traversal attempt (more info ...) | web-application-attack | 2001-0272 | 2504 | 10614 | |
| 902 | SERVER-WEBAPP tstisapi.dll access (more info ...) | attempted-recon | 2001-0302 | 2381 | ||
| 976 | SERVER-WEBAPP .bat? access (more info ...) | web-application-activity | 2019-0232 | 4335 | URL | |
| 989 | MALWARE-CNC sensepost.exe command shell (more info ...) | web-application-activity | 11003 | |||
| 1001 | SERVER-WEBAPP carbo.dll access (more info ...) | attempted-recon | 1999-1069 | 2126 | ||
| 1047 | SERVER-WEBAPP Netscape Enterprise DOS (more info ...) | web-application-attack | 2001-0251 | 2294 | ||
| 1048 | SERVER-WEBAPP Netscape Enterprise directory listing attempt (more info ...) | web-application-attack | 2001-0250 | 2285 | 10691 | |
| 1050 | SERVER-WEBAPP iPlanet GETPROPERTIES attempt (more info ...) | web-application-attack | 2001-0746 | 2732 | ||
| 1062 | SERVER-WEBAPP nc.exe attempt (more info ...) | web-application-activity | ||||
| 1064 | SERVER-WEBAPP wsh attempt (more info ...) | web-application-activity | ||||
| 1065 | SERVER-WEBAPP rcmd attempt (more info ...) | web-application-activity | ||||
| 1066 | SERVER-WEBAPP telnet attempt (more info ...) | web-application-activity | ||||
| 1067 | SERVER-WEBAPP net attempt (more info ...) | web-application-activity | ||||
| 1073 | SERVER-WEBAPP webhits.exe access (more info ...) | web-application-activity | 2000-0097 | 950 | ||
| 1080 | SERVER-WEBAPP unify eWave ServletExec upload (more info ...) | web-application-attack | 2000-1025 | 1876 | 10570 | |
| 1081 | SERVER-WEBAPP Netscape Servers suite DOS (more info ...) | web-application-attack | 2000-1025 | 1868 | ||
| 1082 | SERVER-WEBAPP amazon 1-click cookie theft (more info ...) | web-application-attack | 2000-0439 | 1194 | ||
| 1083 | SERVER-WEBAPP unify eWave ServletExec DOS (more info ...) | web-application-activity | 2000-1025 | 1868 | ||
| 1084 | SERVER-WEBAPP Allaire JRUN DOS attempt (more info ...) | web-application-attack | 2000-1049 | 2337 | ||
| 1085 | SERVER-WEBAPP strings overflow (more info ...) | web-application-attack | 802 | |||
| 1086 | SERVER-WEBAPP strings overflow (more info ...) | web-application-attack | 2000-0967 | 1786 | ||
| 1088 | SERVER-WEBAPP eXtropia webstore directory traversal (more info ...) | web-application-attack | 2000-1005 | 1774 | 10532 | |
| 1089 | SERVER-WEBAPP shopping cart directory traversal (more info ...) | web-application-attack | 2000-0921 | 1777 | ||
| 1090 | SERVER-WEBAPP Allaire Pro Web Shell attempt (more info ...) | web-application-attack | URL | |||
| 1091 | SERVER-WEBAPP ICQ Webfront HTTP DOS (more info ...) | web-application-attack | 2000-1078 | 1463 | ||
| 1092 | SERVER-WEBAPP Armada Style Master Index directory traversal (more info ...) | web-application-attack | 2000-0924 | 1772 | 10562 | URL |
| 1095 | SERVER-WEBAPP Talentsoft Web+ Source Code view access (more info ...) | web-application-attack | 1722 | URL | ||
| 1096 | SERVER-WEBAPP Talentsoft Web+ internal IP Address access (more info ...) | web-application-activity | 1720 | URL | ||
| 1097 | SERVER-WEBAPP Talentsoft Web+ exploit attempt (more info ...) | web-application-attack | 1725 | |||
| 1099 | SERVER-WEBAPP cybercop scan (more info ...) | web-application-activity | ||||
| 1100 | INDICATOR-SCAN L3retriever HTTP Probe (more info ...) | web-application-activity | URL | |||
| 1101 | INDICATOR-SCAN Webtrends HTTP probe (more info ...) | web-application-activity | URL | |||
| 1102 | SERVER-WEBAPP nessus 1.X 404 probe (more info ...) | web-application-attack | ||||
| 1103 | SERVER-WEBAPP Netscape admin passwd (more info ...) | web-application-attack | 1579 | 10468 | ||
| 1105 | SERVER-WEBAPP BigBrother access (more info ...) | attempted-recon | 2000-0638 | 1455 | 10460 | |
| 1106 | SERVER-WEBAPP Poll-it access (more info ...) | web-application-activity | 2000-0590 | 1431 | 10459 | |
| 1109 | SERVER-WEBAPP ROXEN directory list attempt (more info ...) | attempted-recon | 2000-0671 | 1510 | 10479 | |
| 1116 | SERVER-WEBAPP Lotus DelDoc attempt (more info ...) | attempted-recon | ||||
| 1118 | SERVER-WEBAPP ls 20-l (more info ...) | attempted-recon | ||||
| 1119 | SERVER-WEBAPP mlog.phtml access (more info ...) | attempted-recon | 1999-0346 | 713 | ||
| 1120 | SERVER-WEBAPP mylog.phtml access (more info ...) | attempted-recon | 1999-0346 | 713 | ||
| 1123 | SERVER-WEBAPP ?PageServices access (more info ...) | attempted-recon | 1999-0269 | 7621 | ||
| 1124 | SERVER-WEBAPP Ecommerce check.txt access (more info ...) | attempted-recon | ||||
| 1125 | SERVER-WEBAPP webcart access (more info ...) | attempted-recon | 1999-0610 | 10298 | ||
| 1126 | SERVER-WEBAPP AuthChangeUrl access (more info ...) | attempted-recon | 1999-0407 | 2110 | ||
| 1127 | SERVER-WEBAPP convert.bas access (more info ...) | attempted-recon | 1999-0175 | 2025 | ||
| 1128 | SERVER-WEBAPP cpshost.dll access (more info ...) | attempted-recon | 1999-0360 | 4002 | ||
| 1133 | INDICATOR-SCAN cybercop os probe (more info ...) | attempted-recon | URL | |||
| 1134 | SERVER-WEBAPP Phorum admin access (more info ...) | attempted-recon | 2000-1228 | 2271 | ||
| 1136 | SERVER-WEBAPP cd.. (more info ...) | attempted-recon | ||||
| 1137 | SERVER-WEBAPP Phorum authentication access (more info ...) | attempted-recon | 2000-1230 | 2274 | ||
| 1139 | SERVER-WEBAPP whisker HEAD/./ (more info ...) | attempted-recon | URL | |||
| 1140 | SERVER-WEBAPP guestbook.pl access (more info ...) | attempted-recon | 1999-1053 | 776 | 10099 | |
| 1146 | SERVER-WEBAPP Ecommerce import.txt access (more info ...) | attempted-recon | ||||
| 1147 | SERVER-WEBAPP cat_ access (more info ...) | attempted-recon | 1999-0039 | 374 | ||
| 1148 | SERVER-WEBAPP Ecommerce import.txt access (more info ...) | attempted-recon | ||||
| 1155 | SERVER-WEBAPP Ecommerce checks.txt access (more info ...) | attempted-recon | 2281 | |||
| 1157 | SERVER-WEBAPP Netscape PublishingXpert access (more info ...) | web-application-activity | 2000-1196 | 10364 | ||
| 1158 | SERVER-WEBAPP windmail.exe access (more info ...) | attempted-recon | 2000-0242 | 1073 | 10365 | |
| 1159 | SERVER-WEBAPP webplus access (more info ...) | attempted-recon | 2000-1005 | 1725 | ||
| 1162 | SERVER-WEBAPP cart 32 AdminPwd access (more info ...) | attempted-recon | 2000-0429 | 1153 | ||
| 1164 | SERVER-WEBAPP shopping cart access (more info ...) | attempted-recon | 2000-1188 | 2049 | ||
| 1167 | SERVER-WEBAPP rpm_query access (more info ...) | attempted-recon | 2000-0192 | 1036 | 10340 | |
| 1168 | SERVER-WEBAPP mall log order access (more info ...) | attempted-recon | 1999-0606 | 2266 | ||
| 1173 | SERVER-WEBAPP architext_query.pl access (more info ...) | attempted-recon | 1999-0279 | 2248 | 10064 | URL |
| 1175 | SERVER-WEBAPP wwwboard.pl access (more info ...) | attempted-recon | 1999-0954 | 649 | ||
| 1178 | SERVER-WEBAPP Phorum read access (more info ...) | attempted-recon | ||||
| 1179 | SERVER-WEBAPP Phorum violation access (more info ...) | attempted-recon | 2000-1234 | 2272 | ||
| 1180 | SERVER-WEBAPP get32.exe access (more info ...) | attempted-recon | 1999-0885 | 770 | 10011 | |
| 1181 | SERVER-WEBAPP Annex Terminal DOS attempt (more info ...) | attempted-dos | 1999-1070 | 10017 | ||
| 1185 | SERVER-WEBAPP bizdbsearch attempt (more info ...) | web-application-attack | 2000-0287 | 1104 | 10383 | |
| 1187 | SERVER-WEBAPP SalesLogix Eviewer web command attempt (more info ...) | web-application-attack | 2000-0289 | 1089 | 10361 | |
| 1193 | SERVER-WEBAPP oracle web arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0169 | 1053 | 10348 | |
| 1196 | SERVER-WEBAPP SGI InfoSearch fname attempt (more info ...) | web-application-attack | 2000-0207 | 1031 | 10128 | |
| 1197 | SERVER-WEBAPP Phorum code access (more info ...) | attempted-recon | ||||
| 1199 | SERVER-WEBAPP Compaq Insight directory traversal (more info ...) | web-application-attack | 1999-0771 | 282 | ||
| 1202 | SERVER-WEBAPP search.vts access (more info ...) | attempted-recon | 162 | |||
| 1207 | SERVER-WEBAPP htgrep access (more info ...) | web-application-activity | 2000-0832 | 10495 | ||
| 1212 | SERVER-WEBAPP Admin_files access (more info ...) | attempted-recon | ||||
| 1215 | SERVER-WEBAPP ministats admin access (more info ...) | web-application-activity | ||||
| 1216 | SERVER-WEBAPP filemail access (more info ...) | attempted-recon | 1999-1155 | URL | ||
| 1217 | SERVER-WEBAPP plusmail access (more info ...) | attempted-recon | 2000-0074 | 2653 | 10181 | |
| 1220 | SERVER-WEBAPP ultraboard access (more info ...) | attempted-recon | 2000-0426 | 1175 | 11748 | |
| 1224 | SERVER-WEBAPP ROADS search.pl attempt (more info ...) | attempted-recon | 2001-0215 | 2371 | 10627 | |
| 1231 | SERVER-WEBAPP VirusWall catinfo access (more info ...) | attempted-recon | 2001-0432 | 2808 | 10650 | |
| 1239 | OS-WINDOWS RFParalyze Attempt (more info ...) | attempted-recon | 2000-0347 | 1163 | 10392 | |
| 1240 | SERVER-OTHER MDBMS overflow (more info ...) | attempted-admin | 2000-0446 | 1252 | 10422 | |
| 1241 | SERVER-WEBAPP SWEditServlet directory traversal attempt (more info ...) | attempted-user | 2001-0555 | 2868 | ||
| 1252 | PROTOCOL-TELNET bsd telnet exploit response (more info ...) | attempted-admin | 2001-0554 | 3064 | 10709 | |
| 1253 | PROTOCOL-TELNET bsd exploit client finishing (more info ...) | successful-admin | 2001-0554 | 3064 | 10709 | |
| 1257 | SERVER-OTHER Winnuke attack (more info ...) | attempted-dos | 1999-0153 | 2010 | ||
| 1259 | SERVER-WEBAPP SWEditServlet access (more info ...) | attempted-recon | 2868 | |||
| 1284 | SERVER-OTHER readme.eml download attempt (more info ...) | attempted-user | URL | |||
| 1290 | FILE-OTHER readme.eml autoload attempt (more info ...) | attempted-user | URL | |||
| 1291 | SERVER-WEBAPP sml3com access (more info ...) | web-application-activity | 2001-0740 | 2721 | ||
| 1295 | INDICATOR-COMPROMISE nimda RICHED20.DLL (more info ...) | bad-unknown | URL | |||
| 1302 | SERVER-WEBAPP console.exe access (more info ...) | attempted-recon | 2001-1252 | 3375 | ||
| 1303 | SERVER-WEBAPP cs.exe access (more info ...) | attempted-recon | 2001-1252 | 3375 | ||
| 1323 | SERVER-OTHER rwhoisd format string attempt (more info ...) | misc-attack | 2001-0838 | 3474 | 10790 | |
| 1375 | SERVER-WEBAPP sadmind worm access (more info ...) | attempted-recon | URL | |||
| 1376 | SERVER-WEBAPP jrun directory browse attempt (more info ...) | web-application-attack | 2001-1510 | 3592 | ||
| 1382 | SERVER-OTHER CHAT IRC Ettercap parse overflow attempt (more info ...) | misc-attack | URL | |||
| 1397 | SERVER-WEBAPP wayboard attempt (more info ...) | web-application-attack | 2001-0214 | 2370 | 10610 | |
| 1398 | SERVER-OTHER CDE dtspcd exploit attempt (more info ...) | misc-attack | 2001-0803 | 3517 | 10833 | URL |
| 1423 | SERVER-WEBAPP content-disposition memchr overflow (more info ...) | web-application-attack | 2002-0081 | 4183 | 10867 | |
| 1426 | PROTOCOL-SNMP PROTOS test-suite-req-app attempt (more info ...) | misc-attack | URL | |||
| 1432 | PUA-P2P GNUTella client request (more info ...) | policy-violation | ||||
| 1433 | SERVER-WEBAPP .history access (more info ...) | web-application-attack | ||||
| 1434 | SERVER-WEBAPP .bash_history access (more info ...) | web-application-attack | 1999-0408 | 337 | URL | |
| 1450 | SERVER-MAIL Vintra Mailserver expn *@ (more info ...) | misc-attack | 1999-1200 | |||
| 1451 | SERVER-WEBAPP NPH-maillist access (more info ...) | attempted-recon | 2001-0400 | 2563 | 10164 | |
| 1452 | SERVER-WEBAPP args.cmd access (more info ...) | attempted-recon | 1999-1180 | 11465 | ||
| 1454 | SERVER-WEBAPP wwwwais access (more info ...) | attempted-recon | 2001-0223 | 10597 | ||
| 1455 | SERVER-WEBAPP calendar.pl access (more info ...) | attempted-recon | 2000-0432 | 1215 | ||
| 1456 | SERVER-WEBAPP calender_admin.pl access (more info ...) | attempted-recon | 2000-0432 | 10506 | ||
| 1457 | SERVER-WEBAPP user_update_admin.pl access (more info ...) | attempted-recon | 2000-0627 | 1486 | ||
| 1458 | SERVER-WEBAPP user_update_passwd.pl access (more info ...) | attempted-recon | 2000-0627 | 1486 | ||
| 1459 | SERVER-WEBAPP bb-histlog.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | 10025 | |
| 1460 | SERVER-WEBAPP bb-histsvc.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | ||
| 1461 | SERVER-WEBAPP bb-rep.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | ||
| 1462 | SERVER-WEBAPP bb-replog.sh access (more info ...) | attempted-recon | 1999-1462 | 142 | ||
| 1464 | INDICATOR-COMPROMISE oracle one hour install (more info ...) | bad-unknown | 10737 | |||
| 1470 | SERVER-WEBAPP listrec.pl access (more info ...) | attempted-recon | 2001-0997 | 3328 | 10769 | |
| 1474 | SERVER-WEBAPP cal_make.pl access (more info ...) | web-application-activity | 2001-0463 | 2663 | 10664 | |
| 1475 | SERVER-WEBAPP mailit.pl access (more info ...) | attempted-recon | 10417 | |||
| 1478 | SERVER-WEBAPP Simple Web Counter URI Parameter Buffer Overflow attempt (more info ...) | attempted-user | 6581 | 10493 | ||
| 1482 | SERVER-WEBAPP view_source access (more info ...) | attempted-recon | 1999-0174 | 2251 | 10294 | |
| 1483 | SERVER-WEBAPP ustorekeeper.pl access (more info ...) | web-application-activity | 2001-0466 | 10645 | ||
| 1492 | SERVER-WEBAPP RBS ISP /newuser directory traversal attempt (more info ...) | web-application-attack | 2000-1036 | 1704 | 10521 | |
| 1493 | SERVER-WEBAPP RBS ISP /newuser access (more info ...) | web-application-activity | 2000-1036 | 1704 | 10521 | |
| 1500 | SERVER-WEBAPP ExAir access (more info ...) | web-application-activity | 1999-0449 | 193 | 10004 | |
| 1503 | SERVER-WEBAPP admentor admin.asp access (more info ...) | web-application-activity | 2002-0308 | 4152 | 10880 | URL |
| 1504 | POLICY-OTHER AFS access (more info ...) | misc-activity | 10441 | |||
| 1507 | SERVER-WEBAPP alibaba.pl arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0885 | 770 | 10013 | |
| 1508 | SERVER-WEBAPP alibaba.pl access (more info ...) | web-application-activity | 1999-0885 | 770 | 10013 | |
| 1509 | SERVER-WEBAPP AltaVista Intranet Search directory traversal attempt (more info ...) | web-application-attack | 2000-0039 | 896 | 10015 | |
| 1510 | SERVER-WEBAPP test.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1511 | SERVER-WEBAPP test.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1512 | SERVER-WEBAPP input.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1513 | SERVER-WEBAPP input.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1514 | SERVER-WEBAPP input2.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1515 | SERVER-WEBAPP input2.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1516 | SERVER-WEBAPP envout.bat arbitrary command execution attempt (more info ...) | web-application-attack | 1999-0947 | 762 | 10016 | |
| 1517 | SERVER-WEBAPP envout.bat access (more info ...) | web-application-activity | 1999-0947 | 762 | 10016 | |
| 1522 | SERVER-WEBAPP ans.pl attempt (more info ...) | web-application-attack | 2002-0307 | 4149 | 10875 | |
| 1523 | SERVER-WEBAPP ans.pl access (more info ...) | web-application-activity | 2002-0307 | 4149 | 10875 | |
| 1524 | SERVER-WEBAPP Axis Storpoint CD attempt (more info ...) | web-application-attack | 2000-0191 | 1025 | 10023 | |
| 1525 | SERVER-WEBAPP Axis Storpoint CD access (more info ...) | web-application-activity | 2000-0191 | 1025 | 10023 | |
| 1528 | SERVER-WEBAPP BBoard access (more info ...) | web-application-activity | 2000-0629 | 1459 | 10507 | |
| 1531 | SERVER-WEBAPP bb-hist.sh attempt (more info ...) | web-application-attack | 1999-1462 | 142 | 10025 | |
| 1532 | SERVER-WEBAPP bb-hostscv.sh attempt (more info ...) | web-application-attack | 2000-0638 | 1455 | 10460 | |
| 1533 | SERVER-WEBAPP bb-hostscv.sh access (more info ...) | web-application-activity | 2000-0638 | 1455 | 10460 | |
| 1535 | SERVER-WEBAPP bizdbsearch access (more info ...) | web-application-activity | 2000-0287 | 1104 | 10383 | |
| 1536 | SERVER-WEBAPP calendar_admin.pl arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0432 | 1215 | 10506 | |
| 1537 | SERVER-WEBAPP calendar_admin.pl access (more info ...) | web-application-activity | 2000-0432 | 1215 | 10506 | |
| 1538 | PROTOCOL-NNTP AUTHINFO USER overflow attempt (more info ...) | attempted-admin | 2000-0341 | 1156 | 10388 | |
| 1541 | PROTOCOL-FINGER version query (more info ...) | attempted-recon | ||||
| 1549 | SERVER-MAIL HELO overflow attempt (more info ...) | attempted-admin | 2000-0042 | 895 | 11674 | |
| 1550 | SERVER-MAIL ETRN overflow attempt (more info ...) | attempted-admin | 2000-0490 | 7515 | 10438 | |
| 1555 | SERVER-WEBAPP DCShop access (more info ...) | web-application-activity | 2001-0821 | 2889 | ||
| 1556 | SERVER-WEBAPP DCShop orders.txt access (more info ...) | web-application-activity | 2001-0821 | 2889 | ||
| 1557 | SERVER-WEBAPP DCShop auth_user_file.txt access (more info ...) | web-application-activity | 2001-0821 | 2889 | ||
| 1559 | SERVER-WEBAPP /doc/packages access (more info ...) | web-application-activity | 2000-1016 | 1707 | 11032 | |
| 1560 | SERVER-WEBAPP /doc/ access (more info ...) | web-application-activity | 1999-0678 | 318 | ||
| 1563 | SERVER-WEBAPP login.htm attempt (more info ...) | web-application-activity | 1999-1533 | 665 | ||
| 1565 | SERVER-WEBAPP eshop.pl arbitrary command execution attempt (more info ...) | web-application-attack | 2001-1014 | 3340 | ||
| 1566 | SERVER-WEBAPP eshop.pl access (more info ...) | web-application-activity | 2001-1014 | 3340 | ||
| 1588 | SERVER-WEBAPP SalesLogix Eviewer access (more info ...) | web-application-activity | 2000-0289 | 1089 | ||
| 1589 | SERVER-WEBAPP musicat empower attempt (more info ...) | web-application-attack | 2001-0224 | 2374 | 10609 | |
| 1600 | SERVER-WEBAPP htsearch arbitrary configuration file attempt (more info ...) | web-application-attack | 2001-0834 | 3410 | ||
| 1601 | SERVER-WEBAPP htsearch arbitrary file read attempt (more info ...) | web-application-attack | 2000-0208 | 1026 | 10105 | |
| 1602 | SERVER-WEBAPP htsearch access (more info ...) | web-application-activity | 2000-0208 | 1026 | 10105 | |
| 1605 | SERVER-OTHER iParty DOS attempt (more info ...) | misc-attack | 1999-1566 | 6844 | 10111 | |
| 1606 | SERVER-WEBAPP icat access (more info ...) | web-application-activity | 1999-1069 | |||
| 1608 | SERVER-WEBAPP htmlscript attempt (more info ...) | web-application-attack | 1999-0264 | 2001 | 10106 | |
| 1611 | SERVER-WEBAPP eXtropia webstore access (more info ...) | web-application-activity | 2000-1005 | 1774 | 10532 | |
| 1613 | SERVER-WEBAPP handler attempt (more info ...) | web-application-attack | 1999-0148 | 380 | 10100 | |
| 1615 | SERVER-WEBAPP htgrep attempt (more info ...) | web-application-attack | 2000-0832 | 10495 | ||
| 1635 | PROTOCOL-POP APOP overflow attempt (more info ...) | attempted-admin | 2000-0841 | 1652 | 10559 | |
| 1636 | SERVER-OTHER Xtramail Username overflow attempt (more info ...) | attempted-admin | 1999-1511 | 791 | 10323 | |
| 1637 | SERVER-WEBAPP yabb access (more info ...) | attempted-recon | 2000-0853 | 1668 | 10512 | |
| 1641 | SERVER-OTHER DB2 dos attempt (more info ...) | denial-of-service | 2001-1143 | 3010 | 10871 | |
| 1642 | SERVER-WEBAPP document.d2w access (more info ...) | web-application-activity | 2000-1110 | 2017 | ||
| 1643 | SERVER-WEBAPP db2www access (more info ...) | web-application-activity | 2000-0677 | |||
| 1650 | SERVER-WEBAPP tst.bat access (more info ...) | web-application-activity | 1999-0885 | 770 | 10014 | |
| 1651 | SERVER-WEBAPP environ.pl access (more info ...) | web-application-activity | ||||
| 1652 | SERVER-WEBAPP campas attempt (more info ...) | web-application-attack | 1999-0146 | 1975 | 10035 | |
| 1654 | SERVER-WEBAPP cart32.exe access (more info ...) | web-application-activity | 1153 | 10389 | ||
| 1663 | SERVER-WEBAPP *%20.pl access (more info ...) | web-application-attack | 11007 | URL | ||
| 1664 | SERVER-WEBAPP mkplog.exe access (more info ...) | web-application-activity | ||||
| 1671 | SERVER-WEBAPP /home/www access (more info ...) | web-application-activity | 11032 | |||
| 1673 | SERVER-ORACLE EXECUTE_SYSTEM attempt (more info ...) | system-call-detect | ||||
| 1674 | SERVER-ORACLE connect_data remote version detection attempt (more info ...) | protocol-command-decode | ||||
| 1675 | SERVER-ORACLE misparsed login response (more info ...) | suspicious-login | ||||
| 1676 | SERVER-ORACLE select union attempt (more info ...) | protocol-command-decode | ||||
| 1677 | SERVER-ORACLE select like '%' attempt (more info ...) | protocol-command-decode | ||||
| 1678 | SERVER-ORACLE select like '%' attempt backslash escaped (more info ...) | protocol-command-decode | ||||
| 1679 | SERVER-ORACLE describe attempt (more info ...) | protocol-command-decode | ||||
| 1680 | SERVER-ORACLE all_constraints access (more info ...) | protocol-command-decode | ||||
| 1681 | SERVER-ORACLE all_views access (more info ...) | protocol-command-decode | ||||
| 1682 | SERVER-ORACLE all_source access (more info ...) | protocol-command-decode | ||||
| 1683 | SERVER-ORACLE all_tables access (more info ...) | protocol-command-decode | ||||
| 1684 | SERVER-ORACLE all_tab_columns access (more info ...) | protocol-command-decode | ||||
| 1685 | SERVER-ORACLE all_tab_privs access (more info ...) | protocol-command-decode | ||||
| 1686 | SERVER-ORACLE dba_tablespace access (more info ...) | protocol-command-decode | ||||
| 1688 | SERVER-ORACLE user_tablespace access (more info ...) | protocol-command-decode | ||||
| 1689 | SERVER-ORACLE sys.all_users access (more info ...) | protocol-command-decode | ||||
| 1691 | SERVER-ORACLE ALTER USER attempt (more info ...) | protocol-command-decode | ||||
| 1692 | SERVER-ORACLE drop table attempt (more info ...) | protocol-command-decode | ||||
| 1693 | SERVER-ORACLE create table attempt (more info ...) | protocol-command-decode | ||||
| 1694 | SERVER-ORACLE alter table attempt (more info ...) | protocol-command-decode | ||||
| 1695 | SERVER-ORACLE truncate table attempt (more info ...) | protocol-command-decode | ||||
| 1696 | SERVER-ORACLE create database attempt (more info ...) | protocol-command-decode | ||||
| 1697 | SERVER-ORACLE alter database attempt (more info ...) | protocol-command-decode | ||||
| 1700 | SERVER-WEBAPP imagemap.exe access (more info ...) | web-application-activity | 1999-0951 | 739 | 10122 | |
| 1701 | SERVER-WEBAPP calendar-admin.pl access (more info ...) | web-application-activity | 2000-0432 | 1215 | 10506 | |
| 1702 | SERVER-WEBAPP Amaya templates sendtemp.pl access (more info ...) | web-application-activity | 2001-0272 | 2504 | ||
| 1704 | SERVER-WEBAPP cal_make.pl directory traversal attempt (more info ...) | web-application-attack | 2001-0463 | 2663 | 10664 | |
| 1705 | SERVER-WEBAPP echo.bat arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0213 | 1002 | 10246 | |
| 1706 | SERVER-WEBAPP echo.bat access (more info ...) | web-application-activity | 2000-0213 | 1002 | 10246 | |
| 1707 | SERVER-WEBAPP hello.bat arbitrary command execution attempt (more info ...) | web-application-attack | 2000-0213 | 1002 | 10246 | |
| 1708 | SERVER-WEBAPP hello.bat access (more info ...) | web-application-activity | 2000-0213 | 1002 | 10246 | |
| 1714 | SERVER-WEBAPP newdesk access (more info ...) | web-application-activity | ||||
| 1722 | SERVER-WEBAPP MachineInfo access (more info ...) | web-application-activity | 1999-1067 | |||
| 1727 | SERVER-WEBAPP SGI InfoSearch fname access (more info ...) | web-application-activity | 2000-0207 | 1031 | ||
| 1730 | SERVER-WEBAPP ustorekeeper.pl directory traversal attempt (more info ...) | web-application-attack | 2001-0466 | 2536 | 10645 | |
| 1731 | SERVER-WEBAPP a1stats access (more info ...) | web-application-activity | 2001-0561 | 2705 | 10669 | |
| 1736 | SERVER-WEBAPP squirrel mail spell-check arbitrary command attempt (more info ...) | web-application-attack | 3952 | |||
| 1737 | SERVER-WEBAPP squirrel mail theme arbitrary command attempt (more info ...) | web-application-attack | 2002-0516 | 4385 | ||
| 1738 | SERVER-WEBAPP global.inc access (more info ...) | web-application-attack | 2002-0614 | 4612 | ||
| 1744 | SERVER-WEBAPP SecureSite authentication bypass attempt (more info ...) | web-application-attack | 4621 | |||
| 1751 | SERVER-OTHER cachefsd buffer overflow attempt (more info ...) | misc-attack | 2002-0084 | 4631 | 10951 | |
| 1757 | SERVER-WEBAPP b2 arbitrary command execution attempt (more info ...) | web-application-attack | 2002-1466 | 4673 | 11667 | |
| 1766 | SERVER-WEBAPP search.dll directory listing attempt (more info ...) | web-application-attack | 2000-0835 | 1684 | 10514 | |
| 1767 | SERVER-WEBAPP search.dll access (more info ...) | web-application-activity | 2000-0835 | 1684 | 10514 | |
| 1769 | SERVER-WEBAPP .DS_Store access (more info ...) | web-application-activity | URL | |||
| 1770 | SERVER-WEBAPP .FBCIndex access (more info ...) | web-application-activity | URL | |||
| 1771 | POLICY-OTHER IPSec PGPNet connection attempt (more info ...) | protocol-command-decode | ||||
| 1792 | PROTOCOL-NNTP return code buffer overflow attempt (more info ...) | protocol-command-decode | 2002-0909 | 4900 | ||
| 1819 | SERVER-OTHER Alcatel PABX 4400 connection attempt (more info ...) | misc-activity | 11019 | |||
| 1820 | SERVER-WEBAPP IBM Net.Commerce orderdspc.d2w access (more info ...) | web-application-activity | 2001-0319 | 2350 | 11020 | |
| 1821 | SERVER-OTHER LPD dvips remote command execution attempt (more info ...) | system-call-detect | 2001-1002 | 3241 | 11023 | |
| 1828 | SERVER-WEBAPP iPlanet Search directory traversal attempt (more info ...) | web-application-attack | 2002-1042 | 5191 | 11043 | |
| 1831 | SERVER-WEBAPP jigsaw dos attempt (more info ...) | web-application-attack | 2002-1052 | 5258 | 11047 | |
| 1832 | POLICY-SOCIAL ICQ forced user addition (more info ...) | policy-violation | 2001-1305 | 3226 | ||
| 1835 | SERVER-WEBAPP Macromedia SiteSpring cross site scripting attempt (more info ...) | web-application-attack | 2002-1027 | 5249 | ||
| 1839 | SERVER-WEBAPP mailman cross site scripting attempt (more info ...) | web-application-attack | 2002-0855 | 5298 | 14984 | |
| 1843 | MALWARE-BACKDOOR trinity connection attempt (more info ...) | attempted-admin | 2000-0138 | 10501 | ||
| 1847 | SERVER-WEBAPP webalizer access (more info ...) | web-application-activity | 2001-0835 | 3473 | 10816 | |
| 1848 | SERVER-WEBAPP webcart-lite access (more info ...) | web-application-activity | 1999-0610 | 10298 | ||
| 1849 | SERVER-WEBAPP webfind.exe access (more info ...) | web-application-activity | 2000-0622 | 1487 | 10475 | |
| 1851 | SERVER-WEBAPP active.log access (more info ...) | web-application-activity | 2000-0642 | 1497 | 10470 | |
| 1853 | MALWARE-BACKDOOR win-trin00 connection attempt (more info ...) | attempted-admin | 2000-0138 | 10307 | ||
| 1857 | SERVER-WEBAPP robot.txt access (more info ...) | web-application-activity | 10302 | |||
| 1866 | PROTOCOL-POP USER overflow attempt (more info ...) | attempted-admin | 2006-4364 | 789 | 10311 | URL |
| 1868 | SERVER-WEBAPP Interactive Story story.pl arbitrary file read attempt (more info ...) | default-login-attempt | 2001-0804 | 3028 | 10817 | |
| 1869 | SERVER-WEBAPP Interactive Story story.pl access (more info ...) | default-login-attempt | 2001-0804 | 3028 | 10817 | |
| 1877 | SERVER-WEBAPP printenv access (more info ...) | web-application-activity | 2000-0868 | 1658 | 10503 | |
| 1881 | SERVER-WEBAPP bad HTTP 1.1 request - potential worm attack (more info ...) | web-application-activity | URL | |||
| 1882 | INDICATOR-COMPROMISE id check returned userid (more info ...) | bad-unknown | ||||
| 1887 | SERVER-OTHER OpenSSL Worm traffic (more info ...) | web-application-attack | URL | |||
| 1889 | MALWARE-CNC slapper worm admin traffic (more info ...) | trojan-activity | URL | |||
| 1893 | PROTOCOL-SNMP missing community string attempt (more info ...) | misc-attack | 1999-0517 | 2112 | ||
| 1894 | INDICATOR-SHELLCODE kadmind buffer overflow attempt (more info ...) | shellcode-detect | 2002-1235 | 6024 | 15015 | URL |
| 1895 | INDICATOR-SHELLCODE kadmind buffer overflow attempt (more info ...) | shellcode-detect | 2002-1235 | 6024 | URL | |
| 1896 | INDICATOR-SHELLCODE kadmind buffer overflow attempt (more info ...) | shellcode-detect | 2002-1235 | 6024 | URL | |
| 1897 | INDICATOR-SHELLCODE kadmind buffer overflow attempt (more info ...) | shellcode-detect | 2002-1235 | 6024 | URL | |
| 1898 | INDICATOR-SHELLCODE kadmind buffer overflow attempt (more info ...) | shellcode-detect | 2002-1235 | 6024 | URL | |
| 1899 | INDICATOR-SHELLCODE kadmind buffer overflow attempt (more info ...) | shellcode-detect | 2002-1235 | 6024 | URL | |
| 1900 | SERVER-OTHER successful kadmind buffer overflow attempt (more info ...) | successful-admin | 2002-1235 | 6024 | URL | |
| 1901 | SERVER-OTHER successful kadmind buffer overflow attempt (more info ...) | successful-admin | 2002-1235 | 6024 | URL | |
| 1936 | PROTOCOL-POP AUTH overflow attempt (more info ...) | attempted-admin | 1999-0822 | 830 | 10184 | |
| 1937 | PROTOCOL-POP LIST overflow attempt (more info ...) | attempted-admin | 2000-0096 | 948 | 10197 | |
| 1938 | PROTOCOL-POP XTND overflow attempt (more info ...) | attempted-admin | ||||
| 1943 | SERVER-WEBAPP /Carello/add.exe access (more info ...) | web-application-activity | 2000-0396 | 1245 | 11776 | |
| 1944 | SERVER-WEBAPP /ecscripts/ecware.exe access (more info ...) | web-application-activity | 6066 | |||
| 1969 | SERVER-WEBAPP ion-p access (more info ...) | web-application-activity | 2002-1559 | 6091 | 11729 | |
| 1977 | SERVER-WEBAPP xp_regwrite attempt (more info ...) | web-application-activity | ||||
| 1978 | SERVER-WEBAPP xp_regdeletekey attempt (more info ...) | web-application-activity | ||||
| 1979 | SERVER-WEBAPP perl post attempt (more info ...) | web-application-attack | 2002-1436 | 5520 | 11158 | |
| 1981 | MALWARE-BACKDOOR DeepThroat 3.1 Connection attempt on port 3150 (more info ...) | trojan-activity | 10053 | |||
| 1982 | MALWARE-BACKDOOR DeepThroat 3.1 Server Response on port 3150 (more info ...) | trojan-activity | 10053 | |||
| 1983 | MALWARE-BACKDOOR DeepThroat 3.1 Connection attempt on port 4120 (more info ...) | trojan-activity | 10053 | |||
| 1984 | MALWARE-BACKDOOR DeepThroat 3.1 Server Response on port 4120 (more info ...) | trojan-activity | 10053 | |||
| 1985 | MALWARE-BACKDOOR Doly variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 1987 | SERVER-OTHER xfs overflow attempt (more info ...) | misc-activity | 2002-1317 | 6241 | 11188 | |
| 2039 | SERVER-OTHER bootp hostname format string attempt (more info ...) | misc-attack | 2002-0702 | 4701 | 11312 | |
| 2044 | POLICY-OTHER PPTP Start Control Request attempt (more info ...) | attempted-admin | ||||
| 2047 | SERVER-OTHER rsyncd module list access (more info ...) | misc-activity | ||||
| 2056 | SERVER-WEBAPP TRACE attempt (more info ...) | web-application-attack | 2010-0360 | 9561 | 11213 | |
| 2057 | SERVER-WEBAPP helpout.exe access (more info ...) | web-application-activity | 2002-1169 | 6002 | 11162 | |
| 2058 | SERVER-WEBAPP MsmMask.exe attempt (more info ...) | web-application-attack | 11163 | |||
| 2059 | SERVER-WEBAPP MsmMask.exe access (more info ...) | web-application-activity | 11163 | |||
| 2060 | SERVER-WEBAPP DB4Web access (more info ...) | web-application-activity | 11180 | |||
| 2062 | SERVER-WEBAPP iPlanet .perf access (more info ...) | web-application-activity | 11220 | |||
| 2065 | SERVER-WEBAPP Lotus Notes .csp script source download attempt (more info ...) | web-application-attack | ||||
| 2066 | SERVER-WEBAPP Lotus Notes .pl script source download attempt (more info ...) | web-application-attack | 2003-1408 | 6841 | ||
| 2068 | SERVER-WEBAPP BitKeeper arbitrary command attempt (more info ...) | web-application-attack | 6588 | |||
| 2069 | SERVER-WEBAPP chip.ini access (more info ...) | web-application-activity | 2001-0771 | 2775 | ||
| 2070 | SERVER-WEBAPP post32.exe arbitrary command attempt (more info ...) | web-application-attack | 1485 | |||
| 2071 | SERVER-WEBAPP post32.exe access (more info ...) | web-application-activity | 1485 | |||
| 2072 | SERVER-WEBAPP lyris.pl access (more info ...) | web-application-activity | 2000-0758 | 1584 | ||
| 2073 | SERVER-WEBAPP globals.pl access (more info ...) | web-application-activity | 2001-0330 | 2671 | ||
| 2087 | SERVER-MAIL From comment overflow attempt (more info ...) | attempted-admin | 2002-1337 | 6991 | URL | |
| 2100 | MALWARE-BACKDOOR SubSeven 2.1 Gold server connection response (more info ...) | trojan-activity | 10409 | |||
| 2104 | INDICATOR-COMPROMISE rexec username too long response (more info ...) | unsuccessful-user | 2003-1097 | 7459 | ||
| 2108 | PROTOCOL-POP CAPA overflow attempt (more info ...) | attempted-admin | ||||
| 2109 | PROTOCOL-POP TOP overflow attempt (more info ...) | attempted-admin | ||||
| 2110 | PROTOCOL-POP STAT overflow attempt (more info ...) | attempted-admin | ||||
| 2111 | PROTOCOL-POP DELE overflow attempt (more info ...) | attempted-admin | ||||
| 2112 | PROTOCOL-POP RSET overflow attempt (more info ...) | attempted-admin | ||||
| 2113 | PROTOCOL-SERVICES rexec username overflow attempt (more info ...) | attempted-admin | ||||
| 2115 | SERVER-WEBAPP album.pl access (more info ...) | web-application-activity | 2003-1456 | 7444 | 11581 | |
| 2121 | PROTOCOL-POP DELE negative argument attempt (more info ...) | misc-attack | 2002-1539 | 7445 | 11570 | |
| 2122 | PROTOCOL-POP UIDL negative argument attempt (more info ...) | misc-attack | 2002-1539 | 6053 | 11570 | |
| 2124 | MALWARE-BACKDOOR Remote PC Access connection (more info ...) | trojan-activity | 11673 | |||
| 2135 | SERVER-WEBAPP philboard.mdb access (more info ...) | web-application-activity | 11682 | |||
| 2136 | SERVER-WEBAPP philboard_admin.asp authentication bypass attempt (more info ...) | web-application-attack | 7739 | 11675 | ||
| 2137 | SERVER-WEBAPP philboard_admin.asp access (more info ...) | web-application-activity | 7739 | 11675 | ||
| 2138 | SERVER-WEBAPP logicworks.ini access (more info ...) | web-application-activity | 2003-1383 | 6996 | 11639 | |
| 2139 | SERVER-WEBAPP /*.shtml access (more info ...) | web-application-activity | 2000-0683 | 1517 | 11604 | |
| 2155 | SERVER-WEBAPP ttforum remote file include attempt (more info ...) | web-application-attack | 2003-1459 | 7543 | 11615 | |
| 2156 | SERVER-WEBAPP mod_gzip_status access (more info ...) | web-application-activity | 11685 | |||
| 2158 | SERVER-OTHER BGP invalid length (more info ...) | bad-unknown | 2002-1350 | 6213 | 15043 | URL |
| 2159 | SERVER-OTHER BGP invalid type 0 (more info ...) | bad-unknown | 2002-1350 | 6213 | 15043 | |
| 2180 | PUA-P2P BitTorrent announce request (more info ...) | policy-violation | ||||
| 2181 | PUA-P2P BitTorrent transfer (more info ...) | policy-violation | ||||
| 2226 | SERVER-WEBAPP pmachine remote file include attempt (more info ...) | web-application-attack | 7919 | 11739 | ||
| 2231 | SERVER-WEBAPP register.dll access (more info ...) | web-application-activity | 2001-0958 | 3327 | 11747 | |
| 2232 | SERVER-WEBAPP ContentFilter.dll access (more info ...) | web-application-activity | 2001-0958 | 3327 | 11747 | |
| 2233 | SERVER-WEBAPP SFNofitication.dll access (more info ...) | web-application-activity | 2001-0958 | 3327 | 11747 | |
| 2234 | SERVER-WEBAPP TOP10.dll access (more info ...) | web-application-activity | 2001-0958 | 3327 | 11747 | |
| 2235 | SERVER-WEBAPP SpamExcp.dll access (more info ...) | web-application-activity | 2001-0958 | 3327 | 11747 | |
| 2236 | SERVER-WEBAPP spamrule.dll access (more info ...) | web-application-activity | 2001-0958 | 3327 | 11747 | |
| 2238 | SERVER-WEBAPP WebLogic ConsoleHelp view source attempt (more info ...) | web-application-attack | 2000-0682 | 1518 | 11724 | |
| 2239 | SERVER-WEBAPP redirect.exe access (more info ...) | web-application-activity | 2000-0401 | 1256 | 11723 | |
| 2240 | SERVER-WEBAPP changepw.exe access (more info ...) | web-application-activity | 2000-0401 | 1256 | 11723 | |
| 2241 | SERVER-WEBAPP cwmail.exe access (more info ...) | web-application-activity | 2002-0273 | 4093 | 11727 | |
| 2244 | SERVER-WEBAPP VsSetCookie.exe access (more info ...) | web-application-activity | 2002-0236 | 3784 | 11731 | |
| 2245 | SERVER-WEBAPP Webnews.exe access (more info ...) | web-application-activity | 2002-0290 | 4124 | 11732 | |
| 2246 | SERVER-WEBAPP webadmin.dll access (more info ...) | web-application-activity | 2003-0471 | 8024 | 11771 | |
| 2250 | PROTOCOL-POP USER format string attempt (more info ...) | attempted-admin | 2003-0391 | 7667 | 11742 | |
| 2259 | SERVER-MAIL EXPN overflow attempt (more info ...) | attempted-admin | 2003-0161 | 7230 | ||
| 2260 | SERVER-MAIL VRFY overflow attempt (more info ...) | attempted-admin | 2003-0161 | 7230 | ||
| 2271 | MALWARE-BACKDOOR FsSniffer connection attempt (more info ...) | trojan-activity | 11854 | |||
| 2274 | PROTOCOL-POP login brute force attempt (more info ...) | suspicious-login | URL | |||
| 2275 | SERVER-MAIL AUTH LOGON brute force attempt (more info ...) | suspicious-login | URL | |||
| 2276 | SERVER-WEBAPP oracle portal demo access (more info ...) | web-application-activity | 11918 | |||
| 2284 | SERVER-WEBAPP rolis guestbook remote file include attempt (more info ...) | web-application-attack | 9057 | |||
| 2285 | SERVER-WEBAPP rolis guestbook access (more info ...) | web-application-activity | 9057 | |||
| 2306 | SERVER-WEBAPP gallery remote file include attempt (more info ...) | web-application-attack | 2003-1227 | 8814 | 11876 | |
| 2307 | SERVER-WEBAPP PayPal Storefront remote file include attempt (more info ...) | web-application-attack | 8791 | 11873 | ||
| 2319 | SERVER-OTHER ebola PASS overflow attempt (more info ...) | attempted-admin | 9156 | |||
| 2320 | SERVER-OTHER ebola USER overflow attempt (more info ...) | attempted-admin | 9156 | |||
| 2327 | SERVER-WEBAPP bsml.pl access (more info ...) | web-application-activity | 9311 | 11973 | ||
| 2331 | SERVER-WEBAPP MatrikzGB privilege escalation attempt (more info ...) | web-application-activity | 8430 | |||
| 2341 | SERVER-WEBAPP DCP-Portal remote file include editor script attempt (more info ...) | web-application-attack | 6525 | |||
| 2342 | SERVER-WEBAPP DCP-Portal remote file include lib script attempt (more info ...) | web-application-attack | 6525 | |||
| 2369 | SERVER-WEBAPP ISAPISkeleton.dll access (more info ...) | web-application-activity | 2004-2128 | 9516 | ||
| 2370 | SERVER-WEBAPP BugPort config.conf file access (more info ...) | attempted-recon | 2004-2353 | 9542 | ||
| 2371 | SERVER-WEBAPP Sample_showcode.html access (more info ...) | web-application-activity | 2004-2170 | 9555 | ||
| 2375 | MALWARE-CNC DoomJuice/mydoom.a backdoor upload/execute (more info ...) | trojan-activity | URL | |||
| 2376 | SERVER-OTHER ISAKMP first payload certificate request length overflow attempt (more info ...) | attempted-admin | 2004-0040 | 9582 | ||
| 2377 | SERVER-OTHER ISAKMP second payload certificate request length overflow attempt (more info ...) | attempted-admin | 2004-0040 | 9582 | ||
| 2378 | SERVER-OTHER ISAKMP third payload certificate request length overflow attempt (more info ...) | attempted-admin | 2004-0040 | 9582 | ||
| 2379 | SERVER-OTHER ISAKMP forth payload certificate request length overflow attempt (more info ...) | attempted-admin | 2004-0040 | 9582 | ||
| 2380 | SERVER-OTHER ISAKMP fifth payload certificate request length overflow attempt (more info ...) | attempted-admin | 2004-0040 | 9582 | ||
| 2393 | SERVER-WEBAPP /_admin access (more info ...) | web-application-activity | 2007-1156 | 9537 | 12032 | |
| 2394 | SERVER-WEBAPP Compaq web-based management agent denial of service attempt (more info ...) | web-application-attack | 8014 | |||
| 2395 | SERVER-WEBAPP InteractiveQuery.jsp access (more info ...) | web-application-activity | 2003-0624 | 8938 | ||
| 2400 | SERVER-WEBAPP edittag.pl access (more info ...) | web-application-activity | 2003-1351 | 6675 | ||
| 2406 | PROTOCOL-TELNET APC SmartSlot default admin account attempt (more info ...) | suspicious-login | 2004-0311 | 9681 | 12066 | URL |
| 2407 | SERVER-WEBAPP util.pl access (more info ...) | web-application-activity | 2004-2379 | 9748 | ||
| 2409 | PROTOCOL-POP APOP USER overflow attempt (more info ...) | attempted-admin | 2004-2375 | 9794 | ||
| 2411 | SERVER-WEBAPP RealNetworks RealSystem Server DESCRIBE buffer overflow attempt (more info ...) | web-application-attack | 2003-0725 | 8476 | 11642 | URL |
| 2412 | INDICATOR-COMPROMISE successful cross site scripting forced download attempt (more info ...) | successful-user | ||||
| 2413 | SERVER-OTHER ISAKMP delete hash with empty hash attempt (more info ...) | misc-attack | 2004-0164 | 9417 | ||
| 2414 | SERVER-OTHER ISAKMP initial contact notification without SPI attempt (more info ...) | misc-attack | 2004-0164 | 9417 | ||
| 2415 | SERVER-OTHER ISAKMP second payload initial contact notification without SPI attempt (more info ...) | misc-attack | 2004-0164 | 9417 | ||
| 2424 | PROTOCOL-NNTP sendsys overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2425 | PROTOCOL-NNTP senduuname overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2426 | PROTOCOL-NNTP version overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2427 | PROTOCOL-NNTP checkgroups overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2428 | PROTOCOL-NNTP ihave overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2429 | PROTOCOL-NNTP sendme overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2430 | PROTOCOL-NNTP newgroup overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2431 | PROTOCOL-NNTP rmgroup overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 2432 | PROTOCOL-NNTP article post without path attempt (more info ...) | attempted-admin | ||||
| 2441 | SERVER-WEBAPP NetObserve authentication bypass attempt (more info ...) | web-application-attack | 9319 | |||
| 2442 | SERVER-WEBAPP generic server user-agent buffer overflow attempt (more info ...) | web-application-attack | 2008-0550 | 9735 | ||
| 2447 | SERVER-WEBAPP ServletManager access (more info ...) | web-application-activity | 2001-1195 | 3697 | 12122 | |
| 2448 | SERVER-WEBAPP setinfo.hts access (more info ...) | web-application-activity | 2004-1857 | 9973 | 12120 | |
| 2464 | SERVER-OTHER Ethereal EIGRP prefix length overflow attempt (more info ...) | attempted-admin | 2004-0367 | 9952 | ||
| 2484 | SERVER-WEBAPP source.jsp access (more info ...) | web-application-activity | 12119 | |||
| 2486 | SERVER-OTHER ISAKMP invalid identification payload attempt (more info ...) | attempted-dos | 2004-0184 | 10004 | ||
| 2487 | SERVER-MAIL WinZip MIME content-type buffer overflow (more info ...) | attempted-user | 2004-0333 | 9758 | 12621 | |
| 2488 | SERVER-MAIL WinZip MIME content-disposition buffer overflow (more info ...) | attempted-user | 2004-0333 | 9758 | 12621 | |
| 2489 | SERVER-OTHER esignal STREAMQUOTE buffer overflow attempt (more info ...) | attempted-admin | 2004-1868 | 9978 | ||
| 2490 | SERVER-OTHER esignal SNAPQUOTE buffer overflow attempt (more info ...) | attempted-admin | 2004-1868 | 9978 | ||
| 2523 | SERVER-OTHER BGP spoofed connection reset attempt (more info ...) | attempted-dos | 2004-0230 | 10183 | URL | |
| 2545 | SERVER-OTHER AFP FPLoginExt username buffer overflow attempt (more info ...) | attempted-admin | 2004-0430 | 10271 | URL | |
| 2547 | SERVER-OTHER HP Web JetAdmin remote file upload attempt (more info ...) | web-application-activity | 2004-1856 | 9971 | ||
| 2549 | SERVER-OTHER HP Web JetAdmin file write attempt (more info ...) | web-application-activity | 9973 | |||
| 2561 | SERVER-OTHER rsync backup-dir directory traversal attempt (more info ...) | string-detect | 2004-0426 | 10247 | 12230 | |
| 2567 | SERVER-WEBAPP Emumail init.emu access (more info ...) | web-application-activity | 2004-2385 | 9861 | 12095 | |
| 2569 | SERVER-WEBAPP cPanel resetpass access (more info ...) | web-application-activity | 2004-1769 | 9848 | ||
| 2576 | SERVER-ORACLE dbms_repcat.generate_replication_support buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2577 | FILE-OTHER local resource redirection attempt (more info ...) | attempted-user | 2004-0549 | URL | ||
| 2581 | SERVER-WEBAPP SAP Crystal Reports crystalimagehandler.aspx access (more info ...) | web-application-activity | 2004-0204 | URL | ||
| 2582 | OS-WINDOWS SAP Crystal Reports crystalImageHandler.asp directory traversal attempt (more info ...) | web-application-attack | 2004-0204 | 10260 | 12271 | URL |
| 2584 | SERVER-OTHER eMule buffer overflow attempt (more info ...) | attempted-user | 2004-1892 | 10039 | 12233 | |
| 2585 | SERVER-WEBAPP nessus 2.x 404 probe (more info ...) | attempted-recon | 10386 | |||
| 2587 | PUA-P2P eDonkey server response (more info ...) | policy-violation | URL | |||
| 2588 | SERVER-WEBAPP TUTOS path disclosure attempt (more info ...) | web-application-activity | 10129 | URL | ||
| 2599 | SERVER-ORACLE dbms_repcat.add_grouped_column buffer overflow attempt (more info ...) | attempted-user | ||||
| 2601 | SERVER-ORACLE dbms_repcat.drop_master_repgroup buffer overflow attempt (more info ...) | attempted-user | ||||
| 2603 | SERVER-ORACLE dbms_repcat.create_mview_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2605 | SERVER-ORACLE dbms_repcat.compare_old_values buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2606 | SERVER-ORACLE dbms_repcat.comment_on_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2608 | SERVER-ORACLE sysdbms_repcat_rgt.check_ddl_text buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2609 | SERVER-ORACLE dbms_repcat.cancel_statistics buffer overflow attempt (more info ...) | attempted-user | ||||
| 2611 | SERVER-ORACLE LINK metadata buffer overflow attempt (more info ...) | attempted-user | 2005-0297 | 7453 | 11563 | URL |
| 2612 | SERVER-ORACLE sys.dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2614 | SERVER-ORACLE time_zone buffer overflow attempt (more info ...) | attempted-user | 2003-1208 | 9587 | 12047 | URL |
| 2615 | SERVER-ORACLE sys.dbms_repcat_auth.grant_surrogate_repcat buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2617 | SERVER-ORACLE sys.dbms_repcat.alter_mview_propagation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2619 | SERVER-ORACLE dbms_repcat.alter_master_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2621 | SERVER-ORACLE dbms_repcat_sna_utl.register_flavor_change buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2624 | SERVER-ORACLE dbms_repcat_admin.unregister_user_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2626 | SERVER-ORACLE dbms_repcat.send_old_values buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2627 | SERVER-ORACLE dbms_repcat.repcat_import_check buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2629 | SERVER-ORACLE dbms_repcat_admin.register_user_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2633 | SERVER-ORACLE sys.dbms_rectifier_diff.rectify buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2637 | SERVER-ORACLE dbms_repcat.drop_master_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2639 | SERVER-ORACLE dbms_repcat.drop_mview_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2641 | SERVER-ORACLE dbms_repcat_instantiate.drop_site_instantiation buffer overflow attempt (more info ...) | attempted-user | ||||
| 2643 | SERVER-ORACLE sys.dbms_repcat_fla.ensure_not_published buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2644 | SERVER-ORACLE from_tz buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2645 | SERVER-ORACLE dbms_repcat_instantiate.instantiate_offline buffer overflow attempt (more info ...) | attempted-user | ||||
| 2649 | SERVER-ORACLE Oracle 9i TNS Listener SERVICE_NAME Remote Buffer Overflow attempt (more info ...) | attempted-user | 2002-0965 | |||
| 2650 | SERVER-ORACLE user name buffer overflow attempt (more info ...) | attempted-user | 2003-0095 | 6849 | URL | |
| 2651 | SERVER-ORACLE NUMTODSINTERVAL/NUMTOYMINTERVAL buffer overflow attempt (more info ...) | attempted-user | 2003-1208 | 9587 | URL | |
| 2652 | SERVER-ORACLE dbms_offline_og.begin_load buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2655 | SERVER-OTHER HP Web JetAdmin ExecuteFile admin access (more info ...) | attempted-admin | 10224 | |||
| 2656 | SERVER-WEBAPP SSLv2 Client_Hello Challenge Length overflow attempt (more info ...) | attempted-admin | 2004-0826 | 11015 | ||
| 2663 | SERVER-WEBAPP Ipswitch WhatsUpGold instancename overflow attempt (more info ...) | web-application-attack | 2004-0798 | 11043 | ||
| 2666 | PROTOCOL-POP PASS format string attempt (more info ...) | attempted-admin | 2004-0777 | 10976 | ||
| 2668 | SERVER-WEBAPP processit access (more info ...) | web-application-activity | 10649 | |||
| 2669 | SERVER-WEBAPP ibillpm.pl access (more info ...) | web-application-activity | 2001-0839 | 3476 | 11083 | |
| 2670 | SERVER-WEBAPP pgpmail.pl access (more info ...) | web-application-activity | 2001-0937 | 3605 | 11070 | |
| 2672 | SERVER-WEBAPP sresult.exe access (more info ...) | web-application-activity | 2004-2528 | 10837 | 14186 | |
| 2674 | SERVER-ORACLE dbms_repcat.add_delete_resolution buffer overflow attempt (more info ...) | attempted-user | ||||
| 2675 | SERVER-ORACLE dbms_repcat_rgt.instantiate_offline buffer overflow attempt (more info ...) | attempted-user | ||||
| 2677 | SERVER-ORACLE dbms_repcat_rgt.instantiate_online buffer overflow attempt (more info ...) | attempted-user | ||||
| 2678 | SERVER-ORACLE ctx_output.start_log buffer overflow attempt (more info ...) | attempted-user | ||||
| 2679 | SERVER-ORACLE sys.dbms_system.ksdwrt buffer overflow attempt (more info ...) | attempted-user | ||||
| 2680 | SERVER-ORACLE ctxsys.driddlr.subindexpopulate buffer overflow attempt (more info ...) | attempted-user | ||||
| 2681 | SERVER-ORACLE mdsys.sdo_admin.sdo_code_size buffer overflow attempt (more info ...) | attempted-user | ||||
| 2682 | SERVER-ORACLE mdsys.md2.validate_geom buffer overflow attempt (more info ...) | attempted-user | ||||
| 2683 | SERVER-ORACLE mdsys.md2.sdo_code_size buffer overflow attempt (more info ...) | attempted-user | ||||
| 2684 | SERVER-ORACLE sys.ltutil.pushdeferredtxns buffer overflow attempt (more info ...) | attempted-user | ||||
| 2685 | SERVER-ORACLE sys.dbms_repcat_rq.add_column buffer overflow attempt (more info ...) | attempted-user | ||||
| 2686 | SERVER-ORACLE sys.dbms_rectifier_diff.differences buffer overflow attempt (more info ...) | attempted-user | 2004-1371 | 10871 | URL | |
| 2687 | SERVER-ORACLE sys.dbms_internal_repcat.validate buffer overflow attempt (more info ...) | attempted-user | ||||
| 2688 | SERVER-ORACLE sys.dbms_internal_repcat.enable_receiver_trace buffer overflow attempt (more info ...) | attempted-user | ||||
| 2689 | SERVER-ORACLE sys.dbms_internal_repcat.disable_receiver_trace buffer overflow attempt (more info ...) | attempted-user | ||||
| 2690 | SERVER-ORACLE sys.dbms_defer_repcat.enable_propagation_to_dblink buffer overflow attempt (more info ...) | attempted-user | ||||
| 2691 | SERVER-ORACLE sys.dbms_defer_internal_sys.parallel_push_recovery buffer overflow attempt (more info ...) | attempted-user | ||||
| 2692 | SERVER-ORACLE sys.dbms_aqadm_sys.verify_queue_types buffer overflow attempt (more info ...) | attempted-user | ||||
| 2693 | SERVER-ORACLE sys.dbms_aqadm.verify_queue_types_no_queue buffer overflow attempt (more info ...) | attempted-user | ||||
| 2694 | SERVER-ORACLE sys.dbms_aqadm.verify_queue_types_get_nrp buffer overflow attempt (more info ...) | attempted-user | ||||
| 2695 | SERVER-ORACLE sys.dbms_aq_import_internal.aq_table_defn_update buffer overflow attempt (more info ...) | attempted-user | ||||
| 2696 | SERVER-ORACLE sys.dbms_repcat_utl.is_master buffer overflow attempt (more info ...) | attempted-user | ||||
| 2697 | SERVER-ORACLE alter file buffer overflow attempt (more info ...) | attempted-user | ||||
| 2698 | SERVER-ORACLE create file buffer overflow attempt (more info ...) | attempted-user | ||||
| 2699 | SERVER-ORACLE TO_CHAR buffer overflow attempt (more info ...) | attempted-user | 2004-1364 | 10871 | ||
| 2708 | SERVER-ORACLE dbms_offline_og.begin_flavor_change buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2709 | SERVER-ORACLE dbms_offline_og.begin_instantiation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2711 | SERVER-ORACLE dbms_offline_og.end_flavor_change buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2712 | SERVER-ORACLE dbms_offline_og.end_instantiation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2713 | SERVER-ORACLE dbms_offline_og.end_load buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2714 | SERVER-ORACLE dbms_offline_og.resume_subset_of_masters buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2715 | SERVER-ORACLE dbms_offline_snapshot.begin_load buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2716 | SERVER-ORACLE dbms_offline_snapshot.end_load buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2717 | SERVER-ORACLE dbms_rectifier_diff.differences buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2718 | SERVER-ORACLE dbms_rectifier_diff.rectify buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2719 | SERVER-ORACLE dbms_repcat.abort_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2720 | SERVER-ORACLE dbms_repcat.add_column_group_to_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2721 | SERVER-ORACLE dbms_repcat.add_columns_to_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2722 | SERVER-ORACLE dbms_repcat.add_object_to_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2723 | SERVER-ORACLE dbms_repcat.add_priority_char buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2724 | SERVER-ORACLE dbms_repcat.add_priority_date buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2725 | SERVER-ORACLE dbms_repcat.add_priority_nchar buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2726 | SERVER-ORACLE dbms_repcat.add_priority_number buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2727 | SERVER-ORACLE dbms_repcat.add_priority_nvarchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2728 | SERVER-ORACLE dbms_repcat.add_priority_raw buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2729 | SERVER-ORACLE dbms_repcat.add_priority_varchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2730 | SERVER-ORACLE dbms_repcat.add_site_priority_site buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2731 | SERVER-ORACLE dbms_repcat.add_unique_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2732 | SERVER-ORACLE dbms_repcat.add_update_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2733 | SERVER-ORACLE dbms_repcat.alter_master_propagation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2734 | SERVER-ORACLE dbms_repcat.alter_mview_propagation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2735 | SERVER-ORACLE dbms_repcat.alter_priority_char buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2736 | SERVER-ORACLE dbms_repcat.alter_priority_date buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2737 | SERVER-ORACLE dbms_repcat.alter_priority_nchar buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2738 | SERVER-ORACLE dbms_repcat.alter_priority_number buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2739 | SERVER-ORACLE dbms_repcat.alter_priority_nvarchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2740 | SERVER-ORACLE dbms_repcat.alter_priority_raw buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2741 | SERVER-ORACLE dbms_repcat.alter_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2742 | SERVER-ORACLE dbms_repcat.alter_priority_varchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2743 | SERVER-ORACLE dbms_repcat.alter_site_priority_site buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2744 | SERVER-ORACLE dbms_repcat.alter_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2745 | SERVER-ORACLE dbms_repcat.alter_snapshot_propagation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2746 | SERVER-ORACLE dbms_repcat_auth.revoke_surrogate_repcat buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2747 | SERVER-ORACLE dbms_repcat.begin_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2748 | SERVER-ORACLE dbms_repcat.comment_on_column_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2749 | SERVER-ORACLE dbms_repcat.comment_on_delete_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2750 | SERVER-ORACLE dbms_repcat.comment_on_mview_repsites buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2751 | SERVER-ORACLE dbms_repcat.comment_on_priority_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2752 | SERVER-ORACLE dbms_repcat.comment_on_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2753 | SERVER-ORACLE dbms_repcat.comment_on_repsites buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2754 | SERVER-ORACLE dbms_repcat.comment_on_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2755 | SERVER-ORACLE dbms_repcat.comment_on_unique_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2756 | SERVER-ORACLE dbms_repcat.comment_on_update_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2757 | SERVER-ORACLE dbms_repcat.create_master_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2758 | SERVER-ORACLE dbms_repcat.create_master_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2759 | SERVER-ORACLE dbms_repcat.create_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2760 | SERVER-ORACLE dbms_repcat.define_column_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2761 | SERVER-ORACLE dbms_repcat.define_priority_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2762 | SERVER-ORACLE dbms_repcat.define_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2763 | SERVER-ORACLE dbms_repcat.do_deferred_repcat_admin buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2764 | SERVER-ORACLE dbms_repcat.drop_column_group_from_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2765 | SERVER-ORACLE dbms_repcat.drop_column_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2766 | SERVER-ORACLE dbms_repcat.drop_columns_from_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2767 | SERVER-ORACLE dbms_repcat.drop_delete_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2768 | SERVER-ORACLE dbms_repcat.drop_grouped_column buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2769 | SERVER-ORACLE dbms_repcat.drop_mview_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2770 | SERVER-ORACLE dbms_repcat.drop_object_from_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2771 | SERVER-ORACLE dbms_repcat.drop_priority_char buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2772 | SERVER-ORACLE dbms_repcat.drop_priority_date buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2773 | SERVER-ORACLE dbms_repcat.drop_priority_nchar buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2774 | SERVER-ORACLE dbms_repcat.drop_priority_number buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2775 | SERVER-ORACLE dbms_repcat.drop_priority_nvarchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2776 | SERVER-ORACLE dbms_repcat.drop_priority_raw buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2777 | SERVER-ORACLE dbms_repcat.drop_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2778 | SERVER-ORACLE dbms_repcat.drop_priority_varchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2779 | SERVER-ORACLE dbms_repcat.drop_site_priority_site buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2780 | SERVER-ORACLE dbms_repcat.drop_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2781 | SERVER-ORACLE dbms_repcat.drop_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2782 | SERVER-ORACLE dbms_repcat.drop_snapshot_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2783 | SERVER-ORACLE dbms_repcat.drop_unique_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2784 | SERVER-ORACLE dbms_repcat.drop_update_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2785 | SERVER-ORACLE dbms_repcat.execute_ddl buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2786 | SERVER-ORACLE dbms_repcat.generate_replication_package buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2787 | SERVER-ORACLE dbms_repcat_instantiate.instantiate_online buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2788 | SERVER-ORACLE dbms_repcat.make_column_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2789 | SERVER-ORACLE dbms_repcat.obsolete_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2790 | SERVER-ORACLE dbms_repcat.publish_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2791 | SERVER-ORACLE dbms_repcat.purge_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2792 | SERVER-ORACLE dbms_repcat.purge_master_log buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2793 | SERVER-ORACLE dbms_repcat.purge_statistics buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2794 | SERVER-ORACLE dbms_repcat.refresh_mview_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2795 | SERVER-ORACLE dbms_repcat.refresh_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2796 | SERVER-ORACLE dbms_repcat.register_mview_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2797 | SERVER-ORACLE dbms_repcat.register_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2798 | SERVER-ORACLE dbms_repcat.register_statistics buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2799 | SERVER-ORACLE dbms_repcat.relocate_masterdef buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2800 | SERVER-ORACLE dbms_repcat.rename_shadow_column_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2801 | SERVER-ORACLE dbms_repcat.resume_master_activity buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2802 | SERVER-ORACLE dbms_repcat_rgt.check_ddl_text buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2803 | SERVER-ORACLE dbms_repcat_rgt.drop_site_instantiation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2804 | SERVER-ORACLE dbms_repcat.send_and_compare_old_values buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2805 | SERVER-ORACLE dbms_repcat.set_columns buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2806 | SERVER-ORACLE dbms_repcat.set_local_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2807 | SERVER-ORACLE dbms_repcat.specify_new_masters buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2808 | SERVER-ORACLE dbms_repcat.suspend_master_activity buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2809 | SERVER-ORACLE dbms_repcat.unregister_mview_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2810 | SERVER-ORACLE dbms_repcat.unregister_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2811 | SERVER-ORACLE dbms_repcat.validate_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2812 | SERVER-ORACLE dbms_repcat.validate_for_local_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2813 | SERVER-ORACLE sys.dbms_repcat_fla.abort_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2814 | SERVER-ORACLE sys.dbms_repcat_fla.add_object_to_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2815 | SERVER-ORACLE sys.dbms_repcat_fla.begin_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2816 | SERVER-ORACLE sys.dbms_repcat_fla.drop_object_from_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2817 | SERVER-ORACLE sys.dbms_repcat_fla_mas.add_column_group_to_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2818 | SERVER-ORACLE sys.dbms_repcat_fla_mas.add_columns_to_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2819 | SERVER-ORACLE sys.dbms_repcat_fla_mas.drop_column_group_from_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2820 | SERVER-ORACLE sys.dbms_repcat_fla_mas.drop_columns_from_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2821 | SERVER-ORACLE sys.dbms_repcat_fla_mas.obsolete_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2822 | SERVER-ORACLE sys.dbms_repcat_fla_mas.publish_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2823 | SERVER-ORACLE sys.dbms_repcat_fla_mas.purge_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2824 | SERVER-ORACLE sys.dbms_repcat_fla.set_local_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2825 | SERVER-ORACLE sys.dbms_repcat_fla.validate_flavor_definition buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2826 | SERVER-ORACLE sys.dbms_repcat_fla.validate_for_local_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2827 | SERVER-ORACLE sys.dbms_repcat_mas.alter_master_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2828 | SERVER-ORACLE sys.dbms_repcat_mas.comment_on_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2829 | SERVER-ORACLE sys.dbms_repcat_mas.comment_on_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2830 | SERVER-ORACLE sys.dbms_repcat_mas.create_master_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2831 | SERVER-ORACLE sys.dbms_repcat_mas.create_master_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2832 | SERVER-ORACLE sys.dbms_repcat_mas.do_deferred_repcat_admin buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2833 | SERVER-ORACLE sys.dbms_repcat_mas.drop_master_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2834 | SERVER-ORACLE sys.dbms_repcat_mas.generate_replication_package buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2835 | SERVER-ORACLE sys.dbms_repcat_mas.purge_master_log buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2836 | SERVER-ORACLE sys.dbms_repcat_mas.relocate_masterdef buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2837 | SERVER-ORACLE sys.dbms_repcat_mas.rename_shadow_column_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2838 | SERVER-ORACLE sys.dbms_repcat_mas.resume_master_activity buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2839 | SERVER-ORACLE sys.dbms_repcat_mas.suspend_master_activity buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2840 | SERVER-ORACLE sys.dbms_repcat_sna_utl.alter_snapshot_propagation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2841 | SERVER-ORACLE sys.dbms_repcat_sna_utl.create_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2842 | SERVER-ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2843 | SERVER-ORACLE sys.dbms_repcat_sna_utl.drop_snapshot_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2844 | SERVER-ORACLE sys.dbms_repcat_sna_utl.refresh_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2845 | SERVER-ORACLE sys.dbms_repcat_sna_utl.register_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2846 | SERVER-ORACLE sys.dbms_repcat_sna_utl.repcat_import_check buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2847 | SERVER-ORACLE sys.dbms_repcat_sna_utl.unregister_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2848 | SERVER-ORACLE sys.dbms_repcat_utl4.drop_master_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2849 | SERVER-ORACLE sys.dbms_repcat_utl.drop_an_object buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2850 | SERVER-ORACLE dbms_repcat.create_mview_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2851 | SERVER-ORACLE dbms_repcat.create_snapshot_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2852 | SERVER-ORACLE dbms_repcat.generate_mview_support buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2853 | SERVER-ORACLE dbms_repcat.generate_replication_trigger buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2854 | SERVER-ORACLE dbms_repcat.generate_snapshot_support buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2855 | SERVER-ORACLE dbms_repcat.remove_master_databases buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2856 | SERVER-ORACLE dbms_repcat.switch_mview_master buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2857 | SERVER-ORACLE dbms_repcat.switch_snapshot_master buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2858 | SERVER-ORACLE sys.dbms_repcat_conf.add_delete_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2859 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_char buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2860 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_date buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2861 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_nchar buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2862 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_number buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2863 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_nvarchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2864 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_raw buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2865 | SERVER-ORACLE sys.dbms_repcat_conf.add_priority_varchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2866 | SERVER-ORACLE sys.dbms_repcat_conf.add_site_priority_site buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2867 | SERVER-ORACLE sys.dbms_repcat_conf.add_unique_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2868 | SERVER-ORACLE sys.dbms_repcat_conf.add_update_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2869 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_char buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2870 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_date buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2871 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_nchar buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2872 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_number buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2873 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_nvarchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2874 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_raw buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2875 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2876 | SERVER-ORACLE sys.dbms_repcat_conf.alter_priority_varchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2877 | SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority_site buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2878 | SERVER-ORACLE sys.dbms_repcat_conf.alter_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2879 | SERVER-ORACLE sys.dbms_repcat_conf.cancel_statistics buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2880 | SERVER-ORACLE sys.dbms_repcat_conf.comment_on_delete_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2881 | SERVER-ORACLE sys.dbms_repcat_conf.comment_on_priority_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2882 | SERVER-ORACLE sys.dbms_repcat_conf.comment_on_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2883 | SERVER-ORACLE sys.dbms_repcat_conf.comment_on_unique_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2884 | SERVER-ORACLE sys.dbms_repcat_conf.comment_on_update_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2885 | SERVER-ORACLE sys.dbms_repcat_conf.define_priority_group buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2886 | SERVER-ORACLE sys.dbms_repcat_conf.define_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2887 | SERVER-ORACLE sys.dbms_repcat_conf.drop_delete_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2888 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_char buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2889 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_date buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2890 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_nchar buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2891 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_number buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2892 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_nvarchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2893 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_raw buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2894 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2895 | SERVER-ORACLE sys.dbms_repcat_conf.drop_priority_varchar2 buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2896 | SERVER-ORACLE sys.dbms_repcat_conf.drop_site_priority_site buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2897 | SERVER-ORACLE sys.dbms_repcat_conf.drop_site_priority buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2898 | SERVER-ORACLE sys.dbms_repcat_conf.drop_unique_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2899 | SERVER-ORACLE sys.dbms_repcat_conf.drop_update_resolution buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2900 | SERVER-ORACLE sys.dbms_repcat_conf.purge_statistics buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2901 | SERVER-ORACLE sys.dbms_repcat_conf.register_statistics buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2902 | SERVER-ORACLE sys.dbms_repcat_sna.alter_snapshot_propagation buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2903 | SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2904 | SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2905 | SERVER-ORACLE sys.dbms_repcat_sna.create_snapshot_repschema buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2906 | SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2907 | SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repobject buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2908 | SERVER-ORACLE sys.dbms_repcat_sna.drop_snapshot_repschema buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2909 | SERVER-ORACLE sys.dbms_repcat_sna.generate_snapshot_support buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2910 | SERVER-ORACLE sys.dbms_repcat_sna.refresh_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2911 | SERVER-ORACLE sys.dbms_repcat_sna.refresh_snapshot_repschema buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2912 | SERVER-ORACLE sys.dbms_repcat_sna.register_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2913 | SERVER-ORACLE sys.dbms_repcat_sna.repcat_import_check buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2914 | SERVER-ORACLE sys.dbms_repcat_sna.set_local_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2915 | SERVER-ORACLE sys.dbms_repcat_sna.switch_snapshot_master buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2916 | SERVER-ORACLE sys.dbms_repcat_sna.unregister_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2917 | SERVER-ORACLE sys.dbms_repcat_sna_utl.switch_snapshot_master buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2918 | SERVER-ORACLE sys.dbms_repcat_sna.validate_for_local_flavor buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 2919 | SERVER-ORACLE sys.dbms_repcat_untrusted.register_snapshot_repgroup buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 3006 | SERVER-OTHER Volition Freespace 2 buffer overflow attempt (more info ...) | misc-attack | 9785 | |||
| 3009 | MALWARE-BACKDOOR NetBus Pro 2.0 connection request (more info ...) | misc-activity | ||||
| 3010 | MALWARE-CNC RUX the Tick get windows directory (more info ...) | misc-activity | ||||
| 3011 | MALWARE-CNC RUX the Tick get system directory (more info ...) | misc-activity | ||||
| 3012 | MALWARE-CNC RUX the Tick upload/execute arbitrary file (more info ...) | misc-activity | ||||
| 3013 | MALWARE-CNC Asylum 0.1 connection request (more info ...) | misc-activity | ||||
| 3014 | MALWARE-CNC Asylum 0.1 connection (more info ...) | misc-activity | ||||
| 3015 | MALWARE-CNC Insane Network 4.0 connection (more info ...) | misc-activity | ||||
| 3016 | MALWARE-CNC Insane Network 4.0 connection port 63536 (more info ...) | misc-activity | ||||
| 3061 | APP-DETECT distccd remote command execution attempt (more info ...) | policy-violation | URL | |||
| 3063 | MALWARE-BACKDOOR Vampire 1.2 connection request (more info ...) | misc-activity | ||||
| 3064 | MALWARE-BACKDOOR Vampire 1.2 connection confirmation (more info ...) | misc-activity | ||||
| 3080 | SERVER-OTHER Unreal Tournament secure overflow attempt (more info ...) | misc-attack | 2004-0608 | 10570 | ||
| 3081 | MALWARE-BACKDOOR Y3KRAT 1.5 Connect (more info ...) | misc-activity | ||||
| 3082 | MALWARE-BACKDOOR Y3KRAT 1.5 Connect Client Response (more info ...) | misc-activity | ||||
| 3083 | MALWARE-BACKDOOR Y3KRAT 1.5 Connection confirmation (more info ...) | misc-activity | ||||
| 3086 | SERVER-WEBAPP 3Com 3CRADSL72 ADSL 11g Wireless Router app_sta.stm access attempt (more info ...) | web-application-activity | 2004-1596 | 11408 | ||
| 3089 | SERVER-OTHER squid WCCP I_SEE_YOU message overflow attempt (more info ...) | attempted-user | 2005-0095 | 12275 | ||
| 3131 | SERVER-WEBAPP mailman directory traversal attempt (more info ...) | web-application-attack | 2005-0202 | |||
| 3147 | PROTOCOL-TELNET login buffer overflow attempt (more info ...) | attempted-admin | 2001-0797 | 3681 | 10827 | |
| 3151 | PROTOCOL-FINGER / execution attempt (more info ...) | attempted-recon | 2000-0915 | |||
| 3155 | MALWARE-BACKDOOR BackOrifice 2000 Inbound Traffic (more info ...) | trojan-activity | ||||
| 3234 | OS-WINDOWS Messenger message little endian overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | ||
| 3235 | OS-WINDOWS Messenger message overflow attempt (more info ...) | attempted-admin | 2003-0717 | 8826 | ||
| 3274 | PROTOCOL-TELNET login buffer non-evasive overflow attempt (more info ...) | attempted-admin | 2001-0797 | 3681 | 10827 | |
| 3455 | SERVER-OTHER Bontago Game Server Nickname buffer overflow (more info ...) | attempted-user | 2005-0501 | 12603 | URL | |
| 3459 | PUA-P2P Manolito Search Query (more info ...) | policy-violation | URL | |||
| 3464 | SERVER-WEBAPP awstats.pl command execution attempt (more info ...) | web-application-attack | 12572 | 16456 | ||
| 3465 | SERVER-WEBAPP RiSearch show.pl proxy attempt (more info ...) | web-application-activity | 2004-2061 | 10812 | ||
| 3469 | SERVER-WEBAPP Ipswitch WhatsUp Gold dos attempt (more info ...) | attempted-dos | 2004-0799 | 11110 | URL | |
| 3512 | SERVER-ORACLE utl_file.fcopy directory traversal attempt (more info ...) | attempted-user | 12749 | |||
| 3513 | SERVER-ORACLE utl_file.fopen_nchar directory traversal attempt (more info ...) | attempted-user | 12749 | |||
| 3514 | SERVER-ORACLE utl_file.fopen directory traversal attempt (more info ...) | attempted-user | 12749 | |||
| 3515 | SERVER-ORACLE utl_file.fremove directory traversal attempt (more info ...) | attempted-user | 12749 | |||
| 3516 | SERVER-ORACLE utl_file.frename directory traversal attempt (more info ...) | attempted-user | 12749 | |||
| 3520 | SERVER-OTHER Computer Associates license GCR NETWORK overflow attempt (more info ...) | attempted-user | 2005-0581 | 12705 | ||
| 3521 | SERVER-OTHER Computer Associates license GCR CHECKSUMS overflow attempt (more info ...) | attempted-user | 2005-0581 | 12705 | ||
| 3522 | SERVER-OTHER Computer Associates license GETCONFIG server overflow attempt (more info ...) | attempted-user | 2005-0581 | 12705 | ||
| 3524 | SERVER-OTHER Computer Associates license invalid GCR CHECKSUMS attempt (more info ...) | attempted-dos | 2005-0581 | 12705 | ||
| 3525 | SERVER-OTHER Computer Associates license invalid GCR NETWORK attempt (more info ...) | attempted-dos | 2005-0581 | 12705 | ||
| 3529 | SERVER-OTHER Computer Associates license GETCONFIG client overflow attempt (more info ...) | attempted-user | 2005-0581 | 12705 | ||
| 3533 | PROTOCOL-TELNET client LINEMODE SLC overflow attempt (more info ...) | attempted-user | 2005-0469 | 12918 | ||
| 3537 | PROTOCOL-TELNET client ENV OPT escape overflow attempt (more info ...) | attempted-user | 2005-0469 | 12918 | ||
| 3546 | SERVER-WEBAPP TrackerCam User-Agent buffer overflow attempt (more info ...) | web-application-attack | 2005-0481 | 12592 | ||
| 3548 | SERVER-WEBAPP TrackerCam negative Content-Length attempt (more info ...) | web-application-attack | 2005-0481 | 12592 | ||
| 3551 | FILE-IDENTIFY HTA file download request (more info ...) | misc-activity | URL | |||
| 3627 | SERVER-MAIL X-LINK2STATE CHUNK command attempt (more info ...) | protocol-command-decode | 2005-0560 | 13118 | 18024 | URL |
| 3629 | SERVER-WEBAPP sambar /search/results.stm access (more info ...) | web-application-activity | 2004-2086 | 9607 | 18650 | |
| 3635 | MALWARE-BACKDOOR Amanda 2.0 connection established (more info ...) | trojan-activity | ||||
| 3636 | MALWARE-BACKDOOR Crazzy Net 5.0 connection established (more info ...) | trojan-activity | ||||
| 3637 | SERVER-OTHER Computer Associates license PUTOLF directory traversal attempt (more info ...) | attempted-user | 2005-0581 | 12705 | ||
| 3653 | SERVER-MAIL SAML overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3654 | SERVER-MAIL SOML overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3655 | SERVER-MAIL SEND overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3656 | SERVER-MAIL MDaemon 6.5.1 and prior versions MAIL overflow attempt (more info ...) | attempted-user | 2004-1546 | 11238 | ||
| 3657 | SERVER-ORACLE ctxsys.driload attempt (more info ...) | attempted-user | 2004-0637 | 11099 | 16209 | |
| 3664 | SERVER-OTHER PPTP echo request buffer overflow attempt (more info ...) | attempted-admin | 2003-0213 | 7316 | 11540 | URL |
| 3674 | SERVER-WEBAPP db4web_c directory traversal attempt (more info ...) | web-application-attack | 2002-1483 | 5723 | 11182 | |
| 3675 | SERVER-OTHER IBM DB2 DTS empty format string dos attempt (more info ...) | attempted-dos | 2005-4869 | 11400 | URL | |
| 3676 | SERVER-WEBAPP newsscript.pl admin attempt (more info ...) | web-application-attack | 2005-0735 | 12761 | 17309 | |
| 3680 | PUA-P2P AOL Instant Messenger file send attempt (more info ...) | policy-violation | ||||
| 3681 | PUA-P2P AOL Instant Messenger file receive attempt (more info ...) | policy-violation | ||||
| 3682 | SERVER-MAIL spoofed MIME-Type auto-execution attempt (more info ...) | attempted-admin | 2001-0154 | 2524 | URL | |
| 3693 | SERVER-WEBAPP IBM WebSphere j_security_check overflow attempt (more info ...) | attempted-admin | 2005-1872 | 13853 | ||
| 3813 | SERVER-WEBAPP awstats.pl configdir command injection attempt (more info ...) | web-application-attack | 2005-0116 | |||
| 3816 | SERVER-WEBAPP BadBlue ext.dll buffer overflow attempt (more info ...) | attempted-admin | 2005-0595 | 12673 | ||
| 3819 | FILE-IDENTIFY CHM file download request (more info ...) | misc-activity | URL | |||
| 4060 | APP-DETECT remote desktop protocol attempted administrator connection request (more info ...) | misc-activity | 2005-1218 | 14259 | URL | |
| 4140 | SERVER-OTHER tcpdump tcp LDP print zero length message denial of service attempt (more info ...) | attempted-dos | 2005-1279 | 13389 | URL | |
| 4142 | SERVER-ORACLE Oracle reports servlet command execution attempt (more info ...) | attempted-user | 2005-2371 | 14316 | URL | |
| 4143 | SERVER-OTHER lpd receive printer job cascade adaptor protocol request (more info ...) | protocol-command-decode | ||||
| 4638 | SERVER-OTHER RSVP Protocol zero length object DoS attempt (more info ...) | attempted-dos | URL | |||
| 4639 | SERVER-OTHER Ethereal Distcc ARGV buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 4640 | SERVER-OTHER Ethereal Distcc SERR buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 4641 | SERVER-OTHER Ethereal Distcc SOUT buffer overflow attempt (more info ...) | attempted-dos | URL | |||
| 4676 | SERVER-ORACLE Enterprise Manager Application Server Control web parameter overflow attempt (more info ...) | attempted-admin | 15146 | URL | ||
| 4677 | SERVER-ORACLE Enterprise Manager Application Server Control GET parameter overflow attempt (more info ...) | attempted-admin | 15146 | URL | ||
| 4985 | SERVER-WEBAPP Twiki rdiff rev command injection attempt (more info ...) | attempted-admin | 2005-2877 | 14834 | ||
| 4986 | SERVER-WEBAPP Twiki view rev command injection attempt (more info ...) | attempted-admin | 2005-2877 | 14834 | ||
| 4987 | SERVER-WEBAPP Twiki viewfile rev command injection attempt (more info ...) | attempted-admin | 2005-2877 | 14834 | ||
| 4988 | SERVER-WEBAPP Barracuda IMG.PL directory traversal attempt (more info ...) | attempted-admin | 2005-2847 | 14712 | ||
| 5317 | SERVER-OTHER pcAnywhere buffer overflow attempt (more info ...) | attempted-dos | 2005-3934 | 15646 | ||
| 5709 | SERVER-WEBAPP file upload directory traversal (more info ...) | misc-attack | URL | |||
| 5739 | SERVER-MAIL headers too long server response (more info ...) | bad-unknown | 2006-0058 | 17192 | ||
| 5742 | MALWARE-OTHER Keylogger activitylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5743 | PUA-ADWARE Hijacker actualnames outbound connection - plugin list (more info ...) | misc-activity | URL | |||
| 5745 | PUA-ADWARE Hijacker adultlinks outbound connection - redirect (more info ...) | misc-activity | URL | |||
| 5746 | PUA-ADWARE Hijacker adultlinks outbound connection - load url (more info ...) | misc-activity | URL | |||
| 5747 | PUA-ADWARE Hijacker adultlinks outbound connection - log hits (more info ...) | misc-activity | URL | |||
| 5748 | PUA-ADWARE Hijacker adultlinks outbound connection - ads (more info ...) | misc-activity | URL | |||
| 5750 | PUA-TOOLBARS Adware dogpile runtime detection (more info ...) | misc-activity | URL | |||
| 5751 | PUA-ADWARE Adware exactsearch runtime detection - switch search engine 1 (more info ...) | misc-activity | URL | |||
| 5752 | PUA-ADWARE Adware exactsearch runtime detection - switch search engine 2 (more info ...) | misc-activity | URL | |||
| 5753 | PUA-ADWARE Adware exactsearch runtime detection - topsearches (more info ...) | misc-activity | URL | |||
| 5754 | PUA-ADWARE Hijacker ezcybersearch outbound connection - ie auto search hijack (more info ...) | misc-activity | URL | |||
| 5755 | PUA-ADWARE Hijacker ezcybersearch outbound connection - check update (more info ...) | misc-activity | URL | |||
| 5756 | PUA-ADWARE Hijacker ezcybersearch outbound connection - add coolsites to ie favorites (more info ...) | misc-activity | URL | |||
| 5757 | PUA-TOOLBARS Hijacker ezcybersearch runtime detection - check toolbar setting (more info ...) | misc-activity | URL | |||
| 5758 | PUA-ADWARE Hijacker ezcybersearch outbound connection - download fastclick pop-under code (more info ...) | misc-activity | URL | |||
| 5759 | MALWARE-OTHER Keylogger fearlesskeyspy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5760 | MALWARE-CNC User-Agent known malicious user agent - OSSProxy (more info ...) | misc-activity | URL | |||
| 5761 | PUA-ADWARE Trickler bearshare outbound connection - ads popup (more info ...) | misc-activity | URL | |||
| 5762 | PUA-ADWARE Trickler bearshare outbound connection - p2p information request (more info ...) | misc-activity | URL | |||
| 5763 | PUA-ADWARE Trickler bearshare outbound connection - chat request (more info ...) | misc-activity | URL | |||
| 5765 | PUA-TOOLBARS Hijacker begin2search runtime detection - ico query (more info ...) | misc-activity | URL | |||
| 5766 | PUA-ADWARE Hijacker begin2search outbound connection - install spyware trafficsector (more info ...) | misc-activity | URL | |||
| 5767 | PUA-ADWARE Hijacker begin2search outbound connection - download unauthorized code (more info ...) | misc-activity | URL | |||
| 5768 | PUA-ADWARE Hijacker begin2search outbound connection - pass information (more info ...) | misc-activity | URL | |||
| 5769 | PUA-ADWARE Hijacker begin2search outbound connection - play bingo ads (more info ...) | misc-activity | URL | |||
| 5770 | MALWARE-CNC User-Agent known malicious user agent - Casino (more info ...) | successful-recon-limited | URL | |||
| 5771 | PUA-ADWARE Screen-Scraper farsighter outbound connection - initial connection (more info ...) | successful-recon-limited | URL | |||
| 5772 | PUA-ADWARE Screen-Scraper farsighter outbound connection - initial connection (more info ...) | successful-recon-limited | URL | |||
| 5773 | PUA-ADWARE Adware forbes runtime detection (more info ...) | misc-activity | URL | |||
| 5774 | MALWARE-CNC User-Agent known malicious user agent - FSW (more info ...) | misc-activity | URL | |||
| 5775 | PUA-ADWARE Hijacker freescratch outbound connection - scratch card (more info ...) | misc-activity | URL | |||
| 5776 | PUA-ADWARE Trickler grokster outbound connection (more info ...) | misc-activity | URL | |||
| 5777 | MALWARE-OTHER Keylogger gurl watcher runtime detection (more info ...) | successful-recon-limited | URL | |||
| 5778 | MALWARE-OTHER Keylogger runtime detection - hwpe windows activity logs (more info ...) | successful-recon-limited | URL | |||
| 5779 | MALWARE-OTHER Keylogger runtime detection - hwpe shell file logs (more info ...) | successful-recon-limited | URL | |||
| 5781 | MALWARE-OTHER Keylogger runtime detection - hwae windows activity logs (more info ...) | successful-recon-limited | URL | |||
| 5783 | MALWARE-OTHER Keylogger runtime detection - hwae keystrokes log (more info ...) | successful-recon-limited | URL | |||
| 5784 | MALWARE-OTHER Keylogger runtime detection - hwae urls browsed log (more info ...) | successful-recon-limited | URL | |||
| 5785 | PUA-ADWARE Adware hithopper runtime detection - get xml setting (more info ...) | misc-activity | URL | |||
| 5786 | PUA-ADWARE Adware hithopper runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 5787 | PUA-ADWARE Adware hithopper runtime detection - search (more info ...) | misc-activity | URL | |||
| 5788 | PUA-TOOLBARS Adware hithopper runtime detection - click toolbar buttons (more info ...) | misc-activity | URL | |||
| 5789 | MALWARE-CNC User-Agent known malicious user agent - ActMon (more info ...) | successful-recon-limited | URL | |||
| 5791 | PUA-ADWARE Dialer pluginaccess outbound connection - get pin (more info ...) | misc-activity | URL | |||
| 5792 | PUA-ADWARE Dialer pluginaccess outbound connection - active proxy (more info ...) | misc-activity | URL | |||
| 5793 | PUA-ADWARE Dialer pluginaccess outbound connection - redirect (more info ...) | misc-activity | URL | |||
| 5794 | PUA-ADWARE Hijacker coolwebsearch.aboutblank variant outbound connection (more info ...) | misc-activity | URL | |||
| 5795 | PUA-ADWARE Adware ist powerscan runtime detection (more info ...) | misc-activity | URL | |||
| 5796 | PUA-ADWARE Adware keenvalue runtime detection (more info ...) | misc-activity | URL | |||
| 5800 | MALWARE-CNC User-Agent known malicious user agent - MyWay (more info ...) | successful-recon-limited | URL | |||
| 5801 | PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 1 (more info ...) | successful-recon-limited | URL | |||
| 5802 | PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar runtime detection - track activity 2 (more info ...) | successful-recon-limited | URL | |||
| 5803 | PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar runtime detection - collect information (more info ...) | successful-recon-limited | URL | |||
| 5805 | MALWARE-OTHER Trackware myway speedbar runtime detection - switch engines (more info ...) | successful-recon-limited | URL | |||
| 5807 | PUA-ADWARE Hijacker shopathomeselect outbound connection (more info ...) | misc-activity | URL | |||
| 5808 | MALWARE-CNC User-Agent known malicious user agent - SAH Agent (more info ...) | misc-activity | ||||
| 5809 | PUA-ADWARE Hijacker shop at home select merchant redirect in progress (more info ...) | misc-activity | ||||
| 5810 | PUA-ADWARE Hijacker shop at home select installation in progress (more info ...) | misc-activity | ||||
| 5811 | PUA-ADWARE shop at home select installation in progress - clsid detected (more info ...) | misc-activity | URL | |||
| 5812 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - email notification (more info ...) | misc-activity | URL | |||
| 5815 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - destory redirection (more info ...) | misc-activity | ||||
| 5816 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - destory redirection (more info ...) | misc-activity | URL | |||
| 5817 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - check status (more info ...) | misc-activity | ||||
| 5818 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - check status (more info ...) | misc-activity | ||||
| 5819 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - check status (more info ...) | misc-activity | URL | |||
| 5820 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - destory log (more info ...) | misc-activity | ||||
| 5821 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - destory log (more info ...) | misc-activity | URL | |||
| 5822 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - view netstat (more info ...) | misc-activity | ||||
| 5823 | MALWARE-TOOLS Hacker-Tool stealthredirector runtime detection - view netstat (more info ...) | misc-activity | URL | |||
| 5824 | MALWARE-CNC User-Agent known malicious user agent - Strip-Player (more info ...) | misc-activity | URL | |||
| 5825 | PUA-ADWARE Adware broadcasturban tuner runtime detection - start tuner (more info ...) | misc-activity | URL | |||
| 5826 | PUA-ADWARE Adware broadcasturban tuner runtime detection - pass user info to server (more info ...) | misc-activity | URL | |||
| 5827 | PUA-ADWARE Adware broadcasturban tuner runtime detection - get gateway (more info ...) | misc-activity | URL | |||
| 5828 | PUA-ADWARE Adware broadcasturban tuner runtime detection - connect to station (more info ...) | misc-activity | URL | |||
| 5829 | PUA-ADWARE Trickler clipgenie outbound connection (more info ...) | misc-activity | URL | |||
| 5835 | PUA-ADWARE Adware gamespy_arcade runtime detection (more info ...) | misc-activity | URL | |||
| 5836 | PUA-ADWARE Trickler nictech.bm2 outbound connection (more info ...) | misc-activity | URL | |||
| 5838 | MALWARE-CNC User-Agent known malicious user agent - EI (more info ...) | successful-recon-limited | URL | |||
| 5839 | MALWARE-OTHER Trackware ucmore runtime detection - click sponsor/ad link (more info ...) | successful-recon-limited | URL | |||
| 5840 | PUA-ADWARE Hijacker sep outbound connection (more info ...) | misc-activity | URL | |||
| 5841 | PUA-ADWARE Trickler minibug outbound connection - retrieve weather information (more info ...) | misc-activity | URL | |||
| 5842 | PUA-ADWARE Trickler minibug outbound connection - ads (more info ...) | misc-activity | URL | |||
| 5843 | PUA-ADWARE Hijacker surfsidekick outbound connection - hijack ie auto search (more info ...) | misc-activity | URL | |||
| 5844 | PUA-ADWARE Hijacker surfsidekick outbound connection - post request (more info ...) | misc-activity | URL | |||
| 5845 | PUA-ADWARE Hijacker surfsidekick outbound connection - update request (more info ...) | misc-activity | URL | |||
| 5846 | PUA-ADWARE Trickler VX2/DLmax/BestOffers/Aurora outbound connection (more info ...) | misc-activity | URL | |||
| 5847 | PUA-ADWARE Adware warez_p2p runtime detection - p2p client home (more info ...) | misc-activity | URL | |||
| 5849 | PUA-ADWARE Adware warez_p2p runtime detection - update request (more info ...) | misc-activity | URL | |||
| 5850 | PUA-ADWARE Adware warez_p2p runtime detection - check update (more info ...) | misc-activity | URL | |||
| 5851 | PUA-ADWARE Adware warez_p2p runtime detection - .txt .dat and .lst requests (more info ...) | misc-activity | URL | |||
| 5852 | PUA-ADWARE Adware warez_p2p runtime detection - cache.dat request (more info ...) | misc-activity | URL | |||
| 5853 | PUA-ADWARE Adware warez_p2p runtime detection - download ads (more info ...) | misc-activity | URL | |||
| 5854 | PUA-ADWARE Adware warez_p2p runtime detection - pass user information (more info ...) | misc-activity | URL | |||
| 5855 | PUA-ADWARE Hijacker funbuddyicons outbound connection - request config (more info ...) | misc-activity | URL | |||
| 5857 | MALWARE-CNC User-Agent known malicious user agent - MyWebSearchSearchAssistance (more info ...) | misc-activity | URL | |||
| 5858 | PUA-TOOLBARS Adware praizetoolbar runtime detection (more info ...) | misc-activity | URL | |||
| 5859 | PUA-ADWARE Hijacker daosearch outbound connection - information request (more info ...) | misc-activity | URL | |||
| 5860 | PUA-ADWARE Hijacker daosearch outbound connection - search hijack (more info ...) | misc-activity | URL | |||
| 5861 | PUA-TOOLBARS Hijacker isearch runtime detection - toolbar information request (more info ...) | misc-activity | URL | |||
| 5862 | PUA-ADWARE Hijacker isearch outbound connection - search hijack 1 (more info ...) | misc-activity | URL | |||
| 5863 | PUA-ADWARE Hijacker isearch outbound connection - search hijack 2 (more info ...) | misc-activity | URL | |||
| 5864 | PUA-TOOLBARS Hijacker isearch runtime detection - search in toolbar (more info ...) | misc-activity | URL | |||
| 5865 | PUA-ADWARE Adware zapspot runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 5866 | PUA-TOOLBARS Hijacker couponbar runtime detection - download new coupon offers and links (more info ...) | misc-activity | URL | |||
| 5867 | PUA-TOOLBARS Hijacker couponbar runtime detection - get updates to toolbar buttons (more info ...) | misc-activity | URL | |||
| 5868 | PUA-ADWARE Hijacker couponbar outbound connection - view coupon offers (more info ...) | misc-activity | URL | |||
| 5871 | PUA-ADWARE Trickler VX2/ABetterInternet transponder thinstaller outbound connection - post information (more info ...) | misc-activity | URL | |||
| 5872 | PUA-ADWARE Snoopware hyperlinker outbound connection (more info ...) | successful-recon-limited | URL | |||
| 5873 | PUA-ADWARE Snoopware pc acme pro outbound connection (more info ...) | successful-recon-limited | URL | |||
| 5874 | PUA-ADWARE Snoopware pc acme pro outbound connection (more info ...) | successful-recon-limited | URL | |||
| 5875 | MALWARE-TOOLS Hacker-Tool eraser runtime detection - detonate (more info ...) | misc-activity | URL | |||
| 5876 | MALWARE-TOOLS Hacker-Tool eraser runtime detection - disinfect (more info ...) | misc-activity | URL | |||
| 5882 | MALWARE-OTHER Keylogger spyagent runtime detect - alert notification (more info ...) | successful-recon-limited | URL | |||
| 5883 | PUA-ADWARE Other-Technologies saria 1.0 outbound connection - send user information (more info ...) | misc-activity | URL | |||
| 5884 | PUA-TOOLBARS Hijacker copernic meta toolbar runtime detection - check toolbar & category info (more info ...) | misc-activity | URL | |||
| 5885 | PUA-TOOLBARS Hijacker copernic meta toolbar runtime detection - ie autosearch & search assistant hijack (more info ...) | misc-activity | URL | |||
| 5886 | PUA-TOOLBARS Hijacker copernic meta toolbar runtime detection - pass info to server (more info ...) | misc-activity | URL | |||
| 5887 | PUA-ADWARE Hijacker shopnav outbound connection - ie search assistant hijack (more info ...) | misc-activity | URL | |||
| 5888 | PUA-ADWARE Hijacker shopnav outbound connection - ie auto search hijack (more info ...) | misc-activity | URL | |||
| 5889 | PUA-ADWARE Hijacker shopnav outbound connection - collect information (more info ...) | misc-activity | URL | |||
| 5890 | PUA-ADWARE Hijacker shopnav outbound connection - self-update request 1 (more info ...) | misc-activity | URL | |||
| 5891 | PUA-ADWARE Hijacker shopnav outbound connection - self-update request 2 (more info ...) | misc-activity | URL | |||
| 5894 | MALWARE-TOOLS Hacker-Tool timbuktu pro runtime detection - smb (more info ...) | misc-activity | URL | |||
| 5895 | MALWARE-TOOLS Hacker-Tool timbuktu pro runtime detection - tcp port 407 (more info ...) | misc-activity | ||||
| 5897 | MALWARE-TOOLS Hacker-Tool timbuktu pro runtime detection - udp port 407 (more info ...) | misc-activity | URL | |||
| 5900 | MALWARE-CNC User-Agent known malicious user agent - Async HTTP Agent (more info ...) | successful-recon-limited | URL | |||
| 5901 | MALWARE-CNC User-Agent known malicious user agent - AdTools (more info ...) | successful-recon-limited | URL | |||
| 5902 | PUA-ADWARE Adware download accelerator plus runtime detection - startup (more info ...) | misc-activity | URL | |||
| 5903 | PUA-ADWARE Adware download accelerator plus runtime detection - get ads (more info ...) | misc-activity | URL | |||
| 5904 | PUA-ADWARE Adware download accelerator plus runtime detection - download files (more info ...) | misc-activity | URL | |||
| 5905 | PUA-ADWARE Adware download accelerator plus runtime detection - games center request (more info ...) | misc-activity | URL | |||
| 5906 | PUA-ADWARE Adware download accelerator plus runtime detection - update (more info ...) | misc-activity | URL | |||
| 5907 | MALWARE-OTHER Trackware e2give runtime detection - check update (more info ...) | successful-recon-limited | URL | |||
| 5908 | MALWARE-OTHER Trackware e2give runtime detection - redirect affiliate site request 1 (more info ...) | successful-recon-limited | URL | |||
| 5909 | MALWARE-OTHER Trackware e2give runtime detection - redirect affiliate site request 2 (more info ...) | successful-recon-limited | URL | |||
| 5911 | PUA-ADWARE Adware smartpops runtime detection (more info ...) | misc-activity | URL | |||
| 5913 | MALWARE-CNC User-Agent known malicious user agent - My Agent (more info ...) | misc-activity | URL | |||
| 5914 | PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - configuration download (more info ...) | misc-activity | URL | |||
| 5915 | PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - autosearch hijack (more info ...) | misc-activity | URL | |||
| 5916 | PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - sidebar search (more info ...) | misc-activity | URL | |||
| 5917 | PUA-TOOLBARS Hijacker locatorstoolbar runtime detection - toolbar search (more info ...) | misc-activity | URL | |||
| 5918 | PUA-ADWARE Hijacker painter outbound connection - ping 'alive' signal (more info ...) | misc-activity | URL | |||
| 5919 | PUA-ADWARE Hijacker painter outbound connection - redirect to klikvipsearch (more info ...) | misc-activity | URL | |||
| 5920 | PUA-ADWARE Hijacker painter outbound connection - redirect yahoo search through online-casino-searcher (more info ...) | misc-activity | URL | |||
| 5921 | PUA-TOOLBARS Trackware fftoolbar toolbar runtime detection - send user url request (more info ...) | successful-recon-limited | URL | |||
| 5922 | PUA-TOOLBARS Trackware fftoolbar toolbar runtime detection - display advertisement news (more info ...) | successful-recon-limited | URL | |||
| 5923 | PUA-ADWARE Adware active shopper runtime detection - side search request (more info ...) | misc-activity | URL | |||
| 5924 | PUA-ADWARE Adware active shopper runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 5925 | PUA-ADWARE Adware active shopper runtime detection - check (more info ...) | misc-activity | URL | |||
| 5926 | PUA-ADWARE Adware active shopper runtime detection - collect information (more info ...) | misc-activity | URL | |||
| 5927 | PUA-ADWARE Adware cashbar runtime detection - .smx requests (more info ...) | misc-activity | URL | |||
| 5928 | PUA-ADWARE Adware cashbar runtime detection - ads request (more info ...) | misc-activity | URL | |||
| 5929 | PUA-ADWARE Adware cashbar runtime detection - pop-up ad 1 (more info ...) | misc-activity | URL | |||
| 5930 | PUA-ADWARE Adware cashbar runtime detection - pop-up ad 2 (more info ...) | misc-activity | URL | |||
| 5932 | PUA-ADWARE Adware cashbar runtime detection - stats track (more info ...) | misc-activity | URL | |||
| 5933 | PUA-ADWARE Hijacker dropspam outbound connection - search request 1 (more info ...) | misc-activity | URL | |||
| 5934 | PUA-ADWARE Hijacker dropspam outbound connection - search request 2 (more info ...) | misc-activity | URL | |||
| 5935 | PUA-ADWARE Hijacker dropspam outbound connection - search request 3 (more info ...) | misc-activity | URL | |||
| 5936 | PUA-ADWARE Hijacker dropspam outbound connection - side search (more info ...) | misc-activity | URL | |||
| 5937 | PUA-ADWARE Hijacker dropspam outbound connection - pass information to its controlling server (more info ...) | misc-activity | URL | |||
| 5938 | PUA-ADWARE Hijacker dropspam outbound connection - third party information collection (more info ...) | misc-activity | URL | |||
| 5939 | PUA-TOOLBARS Trackware supreme toolbar runtime detection - get cfg (more info ...) | successful-recon-limited | URL | |||
| 5940 | PUA-TOOLBARS Trackware supreme toolbar runtime detection - search request (more info ...) | successful-recon-limited | URL | |||
| 5941 | PUA-TOOLBARS Trackware supreme toolbar runtime detection - track (more info ...) | successful-recon-limited | URL | |||
| 5942 | PUA-TOOLBARS Trackware supreme toolbar runtime detection - pass information to its controlling server (more info ...) | successful-recon-limited | URL | |||
| 5943 | PUA-TOOLBARS Trackware supreme toolbar runtime detection - third party information collection (more info ...) | successful-recon-limited | URL | |||
| 5944 | PUA-ADWARE Adware free access bar runtime detection 1 (more info ...) | misc-activity | URL | |||
| 5946 | PUA-ADWARE Adware weirdontheweb runtime detection - monitor user web activity (more info ...) | misc-activity | URL | |||
| 5947 | PUA-ADWARE Adware weirdontheweb runtime detection - log url (more info ...) | misc-activity | URL | |||
| 5948 | PUA-ADWARE Adware weirdontheweb runtime detection - update notifier (more info ...) | misc-activity | URL | |||
| 5949 | PUA-TOOLBARS Trackware iggsey toolbar detection - simpleticker.htm request (more info ...) | successful-recon-limited | URL | |||
| 5951 | PUA-TOOLBARS Trackware iggsey toolbar detection - search request (more info ...) | successful-recon-limited | URL | |||
| 5952 | PUA-ADWARE Hijacker 123mania outbound connection - autosearch hijacking (more info ...) | misc-activity | URL | |||
| 5953 | PUA-ADWARE Hijacker 123mania outbound connection - sidesearch hijacking (more info ...) | misc-activity | URL | |||
| 5954 | MALWARE-CNC User-Agent known malicious user agent - Browser Pal (more info ...) | successful-recon-limited | URL | |||
| 5955 | MALWARE-CNC User-Agent known malicious user agent - Popup Stopper (more info ...) | successful-recon-limited | URL | |||
| 5956 | MALWARE-TOOLS Hacker-Tool ghostvoice 1.02 icq notification of server installation (more info ...) | misc-activity | URL | |||
| 5957 | MALWARE-TOOLS Hacker-Tool ghostvoice 1.02 runtime detection (more info ...) | misc-activity | ||||
| 5960 | PUA-ADWARE Hijacker raxsearch detection - pop-up raxsearch window (more info ...) | misc-activity | URL | |||
| 5961 | PUA-ADWARE Hijacker searchfast detection - news ticker (more info ...) | misc-activity | URL | |||
| 5963 | PUA-ADWARE Hijacker searchfast detection - search request (more info ...) | misc-activity | URL | |||
| 5964 | PUA-TOOLBARS Hijacker searchfast detection - track user activity & get 'relates links' of the toolbar (more info ...) | misc-activity | URL | |||
| 5965 | PUA-TOOLBARS Hijacker searchfast detection - get toolbar cfg (more info ...) | misc-activity | URL | |||
| 5966 | PUA-ADWARE trackware searchinweb detection - search request (more info ...) | successful-recon-limited | URL | |||
| 5967 | PUA-ADWARE trackware searchinweb detection - click result links (more info ...) | successful-recon-limited | URL | |||
| 5968 | PUA-ADWARE trackware searchinweb detection - redirect (more info ...) | successful-recon-limited | URL | |||
| 5969 | PUA-ADWARE trackware searchinweb detection - collect information (more info ...) | successful-recon-limited | URL | |||
| 5970 | MALWARE-CNC User-Agent known malicious user agent - Feat2 Updater (more info ...) | misc-activity | URL | |||
| 5972 | PUA-ADWARE hijacker smart finder detection - ie autosearch hijack 1 (more info ...) | misc-activity | URL | |||
| 5973 | PUA-ADWARE hijacker smart finder detection - search engines hijack (more info ...) | misc-activity | URL | |||
| 5974 | PUA-ADWARE hijacker smart finder detection - pop-up ads (more info ...) | misc-activity | URL | |||
| 5975 | PUA-ADWARE hijacker topfive searchassistant detection - search request (more info ...) | misc-activity | URL | |||
| 5976 | PUA-ADWARE hijacker topfive searchassistant detection - side search (more info ...) | misc-activity | URL | |||
| 5978 | MALWARE-CNC User-Agent known malicious user agent - TM_SEARCH3 (more info ...) | misc-activity | URL | |||
| 5979 | PUA-TOOLBARS Trackware anwb toolbar runtime detection - track user ip address (more info ...) | successful-recon-limited | URL | |||
| 5980 | PUA-TOOLBARS Trackware anwb toolbar runtime detection - display advertisement (more info ...) | successful-recon-limited | URL | |||
| 5981 | PUA-TOOLBARS Hijacker seeqtoolbar runtime detection - autosearch hijack or search in toolbar (more info ...) | misc-activity | URL | |||
| 5982 | PUA-TOOLBARS Hijacker seeqtoolbar runtime detection - email login page (more info ...) | misc-activity | URL | |||
| 5983 | PUA-ADWARE Adware powerstrip runtime detection (more info ...) | misc-activity | URL | |||
| 5984 | PUA-TOOLBARS Trackware push toolbar installtime detection - user information collect (more info ...) | successful-recon-limited | URL | |||
| 5985 | PUA-TOOLBARS Trackware push toolbar runtime detection - toolbar information request (more info ...) | successful-recon-limited | URL | |||
| 5986 | MALWARE-CNC User-Agent known malicious user agent - TeomaBar (more info ...) | misc-activity | URL | |||
| 5987 | PUA-TOOLBARS Hijacker wishbone runtime detection (more info ...) | misc-activity | URL | |||
| 5988 | MALWARE-CNC User-Agent known malicious user agent - ZC-Bridge (more info ...) | successful-recon-limited | ||||
| 5989 | PUA-ADWARE Adware broadcastpc runtime detection - get config (more info ...) | misc-activity | URL | |||
| 5990 | PUA-ADWARE Adware broadcastpc runtime detection - get up-to-date movie/tv/ad information (more info ...) | misc-activity | URL | |||
| 5993 | PUA-ADWARE Hijacker getmirar outbound connection - track activity (more info ...) | misc-activity | URL | |||
| 5994 | PUA-ADWARE Hijacker getmirar outbound connection - click related button (more info ...) | misc-activity | URL | |||
| 5995 | PUA-ADWARE Adware offeragent runtime detection - information checking (more info ...) | misc-activity | URL | |||
| 5996 | PUA-ADWARE Adware offeragent runtime detection - ads request (more info ...) | misc-activity | URL | |||
| 5997 | SERVER-WEBAPP WinProxy host header port buffer overflow attempt (more info ...) | attempted-admin | 2005-4085 | 16147 | URL | |
| 6012 | MALWARE-BACKDOOR coolcat runtime connection detection - tcp 1 (more info ...) | trojan-activity | URL | |||
| 6013 | MALWARE-BACKDOOR coolcat runtime connection detection - tcp 2 (more info ...) | trojan-activity | URL | |||
| 6014 | MALWARE-BACKDOOR coolcat runtime connection detection - tcp 3 (more info ...) | trojan-activity | URL | |||
| 6015 | MALWARE-BACKDOOR dsk lite 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6016 | MALWARE-BACKDOOR dsk lite 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6018 | MALWARE-CNC dsk lite 1.0 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6021 | MALWARE-BACKDOOR silent spy 2.10 command response port 4225 (more info ...) | trojan-activity | URL | |||
| 6022 | MALWARE-BACKDOOR silent spy 2.10 command response port 4226 (more info ...) | trojan-activity | URL | |||
| 6023 | MALWARE-CNC silent spy 2.10 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6024 | MALWARE-BACKDOOR nuclear rat v6_21 runtime detection (more info ...) | trojan-activity | URL | |||
| 6025 | MALWARE-BACKDOOR tequila bandita 1.2 runtime detection - reverse connection (more info ...) | trojan-activity | URL | |||
| 6026 | MALWARE-BACKDOOR dimbus 1.0 runtime detection - get pc info (more info ...) | trojan-activity | URL | |||
| 6028 | MALWARE-BACKDOOR cyberpaky runtime detection (more info ...) | trojan-activity | URL | |||
| 6029 | MALWARE-CNC fkwp 2.0 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6035 | MALWARE-BACKDOOR minicommand runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6037 | MALWARE-BACKDOOR netbus 1.7 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 6039 | MALWARE-CNC fade 1.0 variant outbound connection notification (more info ...) | trojan-activity | URL | |||
| 6040 | MALWARE-BACKDOOR fade 1.0 runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 6041 | MALWARE-BACKDOOR fade 1.0 runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 6044 | MALWARE-BACKDOOR fear 0.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6045 | MALWARE-BACKDOOR fear 0.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6046 | MALWARE-BACKDOOR fear 0.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6047 | MALWARE-BACKDOOR fun factory runtime detection - connect (more info ...) | trojan-activity | URL | |||
| 6048 | MALWARE-BACKDOOR fun factory runtime detection - connect (more info ...) | trojan-activity | URL | |||
| 6049 | MALWARE-BACKDOOR fun factory runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 6050 | MALWARE-BACKDOOR fun factory runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 6051 | MALWARE-BACKDOOR fun factory runtime detection - set volume (more info ...) | trojan-activity | URL | |||
| 6052 | MALWARE-BACKDOOR fun factory runtime detection - set volume (more info ...) | trojan-activity | URL | |||
| 6053 | MALWARE-BACKDOOR fun factory runtime detection - do script remotely (more info ...) | trojan-activity | URL | |||
| 6054 | MALWARE-BACKDOOR fun factory runtime detection - do script remotely (more info ...) | trojan-activity | URL | |||
| 6055 | MALWARE-BACKDOOR bifrose 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6056 | MALWARE-BACKDOOR bifrose 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6057 | MALWARE-BACKDOOR bifrose 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6058 | MALWARE-CNC neurotickat1.3 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6060 | MALWARE-BACKDOOR neurotickat1.3 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6061 | MALWARE-BACKDOOR neurotickat1.3 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6062 | MALWARE-BACKDOOR neurotickat1.3 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6063 | MALWARE-BACKDOOR schwindler 1.82 runtime detection (more info ...) | trojan-activity | URL | |||
| 6064 | MALWARE-BACKDOOR schwindler 1.82 runtime detection (more info ...) | trojan-activity | URL | |||
| 6066 | MALWARE-BACKDOOR optixlite 1.0 runtime detection - connection success server-to-client (more info ...) | trojan-activity | URL | |||
| 6069 | MALWARE-CNC optixlite 1.0 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6070 | MALWARE-BACKDOOR freak 1.0 runtime detection - irc notification (more info ...) | trojan-activity | URL | |||
| 6071 | MALWARE-CNC freak 1.0 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6073 | MALWARE-BACKDOOR freak 1.0 runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6074 | MALWARE-BACKDOOR xhx 1.6 runtime detection - initial connection client-to-server (more info ...) | trojan-activity | URL | |||
| 6075 | MALWARE-BACKDOOR xhx 1.6 runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6076 | MALWARE-BACKDOOR amiboide uploader runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 6077 | MALWARE-BACKDOOR autospy runtime detection - get information (more info ...) | trojan-activity | ||||
| 6078 | MALWARE-BACKDOOR autospy runtime detection - get information (more info ...) | trojan-activity | URL | |||
| 6079 | MALWARE-BACKDOOR autospy runtime detection - show autospy (more info ...) | trojan-activity | ||||
| 6080 | MALWARE-BACKDOOR autospy runtime detection - show autospy (more info ...) | trojan-activity | URL | |||
| 6081 | MALWARE-BACKDOOR autospy runtime detection - show nude pic (more info ...) | trojan-activity | ||||
| 6082 | MALWARE-BACKDOOR autospy runtime detection - show nude pic (more info ...) | trojan-activity | URL | |||
| 6083 | MALWARE-BACKDOOR autospy runtime detection - hide taskbar (more info ...) | trojan-activity | ||||
| 6084 | MALWARE-BACKDOOR autospy runtime detection - hide taskbar (more info ...) | trojan-activity | URL | |||
| 6085 | MALWARE-BACKDOOR autospy runtime detection - make directory (more info ...) | trojan-activity | ||||
| 6086 | MALWARE-BACKDOOR autospy runtime detection - make directory (more info ...) | trojan-activity | URL | |||
| 6087 | MALWARE-BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6088 | MALWARE-BACKDOOR a trojan 2.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 6089 | MALWARE-BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6090 | MALWARE-BACKDOOR a trojan 2.0 runtime detection - get memory info (more info ...) | trojan-activity | URL | |||
| 6091 | MALWARE-BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6092 | MALWARE-BACKDOOR a trojan 2.0 runtime detection - get harddisk info (more info ...) | trojan-activity | URL | |||
| 6093 | MALWARE-BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6094 | MALWARE-BACKDOOR a trojan 2.0 runtime detection - get drive info (more info ...) | trojan-activity | URL | |||
| 6095 | MALWARE-BACKDOOR a trojan 2.0 runtime detection (more info ...) | trojan-activity | ||||
| 6096 | MALWARE-BACKDOOR a trojan 2.0 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 6097 | MALWARE-BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6098 | MALWARE-BACKDOOR alvgus 2000 runtime detection - check server (more info ...) | trojan-activity | URL | |||
| 6099 | MALWARE-BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6100 | MALWARE-BACKDOOR alvgus 2000 runtime detection - view content of directory (more info ...) | trojan-activity | URL | |||
| 6101 | MALWARE-BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6102 | MALWARE-BACKDOOR alvgus 2000 runtime detection - execute command (more info ...) | trojan-activity | URL | |||
| 6103 | MALWARE-BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6104 | MALWARE-BACKDOOR alvgus 2000 runtime detection - upload file (more info ...) | trojan-activity | URL | |||
| 6105 | MALWARE-BACKDOOR alvgus 2000 runtime detection (more info ...) | trojan-activity | ||||
| 6106 | MALWARE-BACKDOOR alvgus 2000 runtime detection - download file (more info ...) | trojan-activity | URL | |||
| 6107 | MALWARE-BACKDOOR backage 3.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6108 | MALWARE-BACKDOOR dagger v1.1.40 runtime detection (more info ...) | trojan-activity | URL | |||
| 6109 | MALWARE-BACKDOOR dagger v1.1.40 runtime detection (more info ...) | trojan-activity | URL | |||
| 6110 | MALWARE-BACKDOOR forced entry v1.1 beta runtime detection (more info ...) | trojan-activity | URL | |||
| 6111 | MALWARE-BACKDOOR optix 1.32 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6112 | MALWARE-BACKDOOR optix 1.32 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6113 | MALWARE-BACKDOOR optix 1.32 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6114 | MALWARE-BACKDOOR optix 1.32 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 6115 | MALWARE-CNC optix 1.32 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6116 | MALWARE-BACKDOOR fore v1.0 beta runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6117 | MALWARE-BACKDOOR fore v1.0 beta runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6118 | MALWARE-BACKDOOR net runner runtime detection - initial connection client-to-server (more info ...) | trojan-activity | URL | |||
| 6119 | MALWARE-BACKDOOR net runner runtime detection - initial connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6120 | MALWARE-BACKDOOR net runner runtime detection - download file client-to-server (more info ...) | trojan-activity | URL | |||
| 6121 | MALWARE-BACKDOOR net runner runtime detection - download file server-to-client (more info ...) | trojan-activity | URL | |||
| 6122 | MALWARE-BACKDOOR millenium v1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6123 | MALWARE-BACKDOOR ambush 1.0 runtime detection - ping client-to-server (more info ...) | trojan-activity | URL | |||
| 6124 | MALWARE-BACKDOOR ambush 1.0 runtime detection - ping server-to-client (more info ...) | trojan-activity | URL | |||
| 6127 | MALWARE-BACKDOOR dkangel runtime detection - udp client-to-server (more info ...) | trojan-activity | URL | |||
| 6129 | MALWARE-BACKDOOR chupacabra 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 6130 | MALWARE-BACKDOOR chupacabra 1.0 runtime detection - get computer name (more info ...) | trojan-activity | URL | |||
| 6131 | MALWARE-BACKDOOR chupacabra 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 6132 | MALWARE-BACKDOOR chupacabra 1.0 runtime detection - get user name (more info ...) | trojan-activity | URL | |||
| 6133 | MALWARE-BACKDOOR chupacabra 1.0 runtime detection - send messages (more info ...) | trojan-activity | URL | |||
| 6134 | MALWARE-BACKDOOR chupacabra 1.0 runtime detection - delete file (more info ...) | trojan-activity | URL | |||
| 6136 | MALWARE-BACKDOOR clindestine 1.0 runtime detection - capture big screen (more info ...) | trojan-activity | URL | |||
| 6137 | MALWARE-BACKDOOR clindestine 1.0 runtime detection - capture small screen (more info ...) | trojan-activity | URL | |||
| 6138 | MALWARE-BACKDOOR clindestine 1.0 runtime detection - get computer info (more info ...) | trojan-activity | URL | |||
| 6139 | MALWARE-BACKDOOR clindestine 1.0 runtime detection - get system directory (more info ...) | trojan-activity | URL | |||
| 6141 | MALWARE-BACKDOOR hellzaddiction v1.0e runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 6143 | MALWARE-BACKDOOR dark connection inside v1.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 6144 | MALWARE-BACKDOOR mantis runtime detection - sent notify option client-to-server 1 (more info ...) | trojan-activity | URL | |||
| 6145 | MALWARE-BACKDOOR mantis runtime detection - sent notify option server-to-client (more info ...) | trojan-activity | URL | |||
| 6146 | MALWARE-BACKDOOR mantis runtime detection - sent notify option client-to-server 2 (more info ...) | trojan-activity | URL | |||
| 6147 | MALWARE-BACKDOOR mantis runtime detection - go to address client-to-server (more info ...) | trojan-activity | URL | |||
| 6148 | MALWARE-BACKDOOR mantis runtime detection - go to address server-to-client (more info ...) | trojan-activity | URL | |||
| 6149 | MALWARE-BACKDOOR netcontrol v1.0.8 runtime detection (more info ...) | trojan-activity | URL | |||
| 6150 | MALWARE-BACKDOOR netcontrol v1.0.8 runtime detection (more info ...) | trojan-activity | URL | |||
| 6151 | MALWARE-BACKDOOR back attack v1.4 runtime detection (more info ...) | trojan-activity | URL | |||
| 6152 | MALWARE-BACKDOOR dirtxt runtime detection - chdir client-to-server (more info ...) | trojan-activity | URL | |||
| 6153 | MALWARE-BACKDOOR dirtxt runtime detection - chdir server-to-client (more info ...) | trojan-activity | URL | |||
| 6154 | MALWARE-BACKDOOR dirtxt runtime detection - info client-to-server (more info ...) | trojan-activity | URL | |||
| 6155 | MALWARE-BACKDOOR dirtxt runtime detection - info server-to-client (more info ...) | trojan-activity | URL | |||
| 6156 | MALWARE-BACKDOOR dirtxt runtime detection - view client-to-server (more info ...) | trojan-activity | URL | |||
| 6157 | MALWARE-BACKDOOR dirtxt runtime detection - view server-to-client (more info ...) | trojan-activity | URL | |||
| 6159 | MALWARE-BACKDOOR delirium of disorder runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 6160 | MALWARE-BACKDOOR delirium of disorder runtime detection - stop keylogger (more info ...) | trojan-activity | URL | |||
| 6161 | MALWARE-BACKDOOR furax 1.0 b2 runtime detection (more info ...) | trojan-activity | URL | |||
| 6164 | MALWARE-BACKDOOR psyrat 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6165 | MALWARE-BACKDOOR psyrat 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6166 | MALWARE-BACKDOOR unicorn runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6167 | MALWARE-BACKDOOR unicorn runtime detection - set wallpaper client-to-server (more info ...) | trojan-activity | URL | |||
| 6168 | MALWARE-BACKDOOR unicorn runtime detection - set wallpaper server-to-client (more info ...) | trojan-activity | URL | |||
| 6169 | MALWARE-BACKDOOR digital rootbeer runtime detection (more info ...) | trojan-activity | URL | |||
| 6170 | MALWARE-BACKDOOR digital rootbeer runtime detection (more info ...) | trojan-activity | URL | |||
| 6171 | MALWARE-BACKDOOR cookie monster 0.24 runtime detection (more info ...) | trojan-activity | ||||
| 6172 | MALWARE-BACKDOOR cookie monster 0.24 runtime detection - get version info (more info ...) | trojan-activity | URL | |||
| 6173 | MALWARE-BACKDOOR cookie monster 0.24 runtime detection (more info ...) | trojan-activity | ||||
| 6174 | MALWARE-BACKDOOR cookie monster 0.24 runtime detection - file explorer (more info ...) | trojan-activity | URL | |||
| 6175 | MALWARE-BACKDOOR cookie monster 0.24 runtime detection - kill kernel (more info ...) | trojan-activity | URL | |||
| 6176 | MALWARE-BACKDOOR guptachar 2.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6177 | MALWARE-BACKDOOR ultimate destruction runtime detection - kill process client-to-server (more info ...) | trojan-activity | URL | |||
| 6178 | MALWARE-BACKDOOR ultimate destruction runtime detection - kill windows client-to-server (more info ...) | trojan-activity | URL | |||
| 6179 | MALWARE-BACKDOOR bladerunner 0.80 runtime detection (more info ...) | trojan-activity | URL | |||
| 6180 | MALWARE-BACKDOOR netraider 0.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6181 | MALWARE-BACKDOOR netraider 0.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6183 | PUA-ADWARE Adware 180Search assistant runtime detection - tracked event URL (more info ...) | misc-activity | URL | |||
| 6184 | PUA-ADWARE Adware 180Search assistant runtime detection - config upload (more info ...) | misc-activity | URL | |||
| 6186 | MALWARE-CNC User-Agent known malicious user agent - SpywareStrike (more info ...) | misc-activity | URL | |||
| 6187 | PUA-ADWARE Adware ISTBar runtime detection - scripts (more info ...) | misc-activity | URL | |||
| 6188 | PUA-ADWARE Adware ISTBar runtime detection - bar (more info ...) | misc-activity | URL | |||
| 6189 | PUA-TOOLBARS Trackware try2find detection (more info ...) | successful-recon-limited | URL | |||
| 6190 | MALWARE-OTHER Keylogger eblaster 5.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6191 | PUA-TOOLBARS Trackware onetoolbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6193 | PUA-ADWARE Adware seekmo runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 6194 | PUA-ADWARE Adware seekmo runtime detection - config upload (more info ...) | misc-activity | URL | |||
| 6195 | PUA-ADWARE Adware seekmo runtime detection - download .cab (more info ...) | misc-activity | URL | |||
| 6196 | PUA-ADWARE Hijacker smart shopper outbound connection - services requests (more info ...) | misc-activity | URL | |||
| 6197 | MALWARE-CNC User-Agent known malicious user agent - smrtshpr-cs (more info ...) | misc-activity | URL | |||
| 6198 | MALWARE-CNC User-Agent known malicious user agent - SQTR_VERIFY (more info ...) | successful-recon-limited | URL | |||
| 6199 | PUA-ADWARE Hijacker smart search outbound connection - hijack/ads (more info ...) | misc-activity | URL | |||
| 6200 | PUA-ADWARE Hijacker smart search outbound connection - get settings (more info ...) | misc-activity | URL | |||
| 6201 | PUA-ADWARE Adware twaintec runtime detection (more info ...) | misc-activity | URL | |||
| 6203 | PUA-ADWARE Trickler farmmext outbound connection - drk.syn request (more info ...) | misc-activity | URL | |||
| 6204 | PUA-ADWARE Trickler farmmext outbound connection - track activity (more info ...) | misc-activity | URL | |||
| 6205 | MALWARE-TOOLS Hacker-Tool freak 88 das runtime detection (more info ...) | misc-activity | URL | |||
| 6206 | MALWARE-TOOLS Hacker-Tool sin stealer 1.1 runtime detection (more info ...) | misc-activity | URL | |||
| 6209 | PUA-ADWARE Adware deskwizz/zquest runtime detection - get config information / ad banner (more info ...) | misc-activity | URL | |||
| 6211 | PUA-ADWARE Adware deskwizz runtime detection - pop-up ad request (more info ...) | misc-activity | URL | |||
| 6212 | PUA-ADWARE Adware commonname runtime detection (more info ...) | misc-activity | URL | |||
| 6213 | PUA-ADWARE Hijacker 7fasst outbound connection - auto requests (more info ...) | misc-activity | URL | |||
| 6214 | PUA-ADWARE Hijacker 7fasst outbound connection - search (more info ...) | misc-activity | URL | |||
| 6215 | PUA-ADWARE Hijacker 7fasst outbound connection - track (more info ...) | misc-activity | URL | |||
| 6216 | PUA-ADWARE Adware aornum/iwon copilot runtime detection - config (more info ...) | misc-activity | URL | |||
| 6218 | PUA-ADWARE Adware aornum/iwon copilot runtime detection - ads (more info ...) | misc-activity | URL | |||
| 6219 | PUA-ADWARE Adware bonzibuddy runtime detection (more info ...) | misc-activity | URL | |||
| 6220 | MALWARE-OTHER Keylogger boss everyware runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6221 | MALWARE-OTHER Keylogger computerspy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6222 | PUA-ADWARE Adware delfin media viewer runtime detection - contact server (more info ...) | misc-activity | URL | |||
| 6223 | PUA-ADWARE Adware delfin media viewer runtime detection - retrieve schedule (more info ...) | misc-activity | URL | |||
| 6224 | PUA-ADWARE Hijacker ieplugin outbound connection - search (more info ...) | misc-activity | URL | |||
| 6230 | PUA-TOOLBARS Hijacker i-lookup runtime detection (more info ...) | misc-activity | URL | |||
| 6233 | PUA-ADWARE Adware mirar runtime detection - delayed (more info ...) | misc-activity | URL | |||
| 6236 | PUA-ADWARE Adware lop runtime detection - pass info to server (more info ...) | misc-activity | URL | |||
| 6237 | PUA-ADWARE Adware lop runtime detection - check update request (more info ...) | misc-activity | ||||
| 6238 | PUA-ADWARE Adware lop runtime detection - collect info request 1 (more info ...) | misc-activity | URL | |||
| 6239 | PUA-ADWARE Adware lop runtime detection - collect info request 2 (more info ...) | misc-activity | URL | |||
| 6240 | PUA-ADWARE Adware lop runtime detection - pop up ads (more info ...) | misc-activity | URL | |||
| 6241 | PUA-ADWARE Adware lop runtime detection - ie autosearch hijack (more info ...) | misc-activity | URL | |||
| 6242 | PUA-ADWARE Hijacker coolwebsearch.cameup outbound connection (more info ...) | misc-activity | URL | |||
| 6243 | PUA-ADWARE Hijacker coolwebsearch cameup outbound connection - home page hijack (more info ...) | misc-activity | URL | |||
| 6244 | PUA-ADWARE Hijacker coolwebsearch cameup outbound connection - ie auto search hijack (more info ...) | misc-activity | URL | |||
| 6245 | PUA-ADWARE Hijacker coolwebsearch startpage outbound connection (more info ...) | misc-activity | URL | |||
| 6246 | PUA-ADWARE Hijacker exact navisearch outbound connection - search hijack (more info ...) | misc-activity | URL | |||
| 6247 | PUA-ADWARE Adware ezula toptext runtime detection - help redirect (more info ...) | misc-activity | URL | |||
| 6248 | PUA-ADWARE Adware ezula toptext runtime detection - popup (more info ...) | misc-activity | URL | |||
| 6249 | PUA-ADWARE Adware ezula toptext runtime detection - redirect (more info ...) | misc-activity | URL | |||
| 6250 | PUA-ADWARE Adware hotbar runtime detection - hotbar user-agent (more info ...) | misc-activity | URL | |||
| 6251 | PUA-ADWARE Adware hotbar runtime detection - hostie user-agent (more info ...) | misc-activity | URL | |||
| 6252 | PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - search request (more info ...) | successful-recon-limited | URL | |||
| 6253 | PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - log user ativity (more info ...) | successful-recon-limited | URL | |||
| 6254 | PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - redirect (more info ...) | successful-recon-limited | URL | |||
| 6255 | PUA-TOOLBARS Trackware quicksearch toolbar runtime detection - update (more info ...) | successful-recon-limited | URL | |||
| 6256 | PUA-ADWARE Adware searchsquire installtime/auto-update (more info ...) | misc-activity | URL | |||
| 6257 | PUA-ADWARE Adware searchsquire runtime detection - testgeonew query (more info ...) | misc-activity | URL | |||
| 6258 | PUA-ADWARE Adware searchsquire runtime detection - get engine file (more info ...) | misc-activity | URL | |||
| 6259 | PUA-ADWARE Adware searchsquire runtime detection - search forward (more info ...) | misc-activity | URL | |||
| 6260 | PUA-ADWARE Adware overpro runtime detection (more info ...) | misc-activity | URL | |||
| 6261 | PUA-TOOLBARS Trickler slinkyslate toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 6263 | PUA-ADWARE Hijacker gigatech superbar outbound connection - collect information (more info ...) | misc-activity | URL | |||
| 6264 | PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - movie (more info ...) | misc-activity | URL | |||
| 6265 | PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - engine (more info ...) | misc-activity | URL | |||
| 6266 | PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - check update (more info ...) | misc-activity | URL | |||
| 6267 | PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - get update (more info ...) | misc-activity | URL | |||
| 6268 | PUA-ADWARE Hijacker gigatech superbar outbound connection - self update - download exe (more info ...) | misc-activity | URL | |||
| 6269 | PUA-ADWARE Hijacker gigatech superbar outbound connection - track event (more info ...) | misc-activity | URL | |||
| 6270 | MALWARE-CNC User-Agent known malicious user agent - MyBrowser (more info ...) | misc-activity | URL | |||
| 6271 | PUA-ADWARE Trickler bundleware runtime detection (more info ...) | misc-activity | URL | |||
| 6274 | MALWARE-CNC User-Agent known malicious user agent - Stubby (more info ...) | misc-activity | URL | |||
| 6275 | PUA-ADWARE Hijacker incredifind outbound connection - cookie (more info ...) | misc-activity | URL | |||
| 6279 | PUA-ADWARE Hijacker sidefind outbound connection (more info ...) | misc-activity | URL | |||
| 6280 | PUA-ADWARE Hijacker sidefind outbound connection - cookie (more info ...) | misc-activity | URL | |||
| 6281 | MALWARE-CNC User-Agent known malicious user agent - istsvc (more info ...) | misc-activity | URL | |||
| 6282 | PUA-TOOLBARS Hijacker customtoolbar runtime detection (more info ...) | misc-activity | URL | |||
| 6283 | PUA-ADWARE Hijacker websearch outbound connection - sitereview (more info ...) | misc-activity | URL | |||
| 6284 | PUA-ADWARE Hijacker websearch outbound connection - webstat (more info ...) | misc-activity | URL | |||
| 6285 | MALWARE-BACKDOOR antilamer 1.1 runtime detection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6286 | MALWARE-BACKDOOR antilamer 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6287 | MALWARE-BACKDOOR fictional daemon 4.4 runtime detection - telent (more info ...) | trojan-activity | URL | |||
| 6289 | MALWARE-BACKDOOR netspy runtime detection - command pattern client-to-server (more info ...) | trojan-activity | URL | |||
| 6291 | MALWARE-CNC justjoke v2.6 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 6292 | MALWARE-BACKDOOR joker ddos v1.0.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6293 | MALWARE-BACKDOOR joker ddos v1.0.1 runtime detection - bomb - initial flowbit (more info ...) | trojan-activity | URL | |||
| 6294 | MALWARE-BACKDOOR joker ddos v1.0.1 runtime detection - bomb - second flowbit (more info ...) | trojan-activity | URL | |||
| 6295 | MALWARE-BACKDOOR joker ddos v1.0.1 runtime detection - bomb (more info ...) | trojan-activity | URL | |||
| 6296 | MALWARE-CNC insurrection 1.1.0 variant outbound connection icq notification 1 (more info ...) | trojan-activity | URL | |||
| 6297 | MALWARE-CNC insurrection 1.1.0 variant outbound connection icq notification 2 (more info ...) | trojan-activity | URL | |||
| 6299 | MALWARE-BACKDOOR insurrection 1.1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6300 | MALWARE-CNC cia 1.3 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 6302 | MALWARE-BACKDOOR cia runtime detection - initial connection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6303 | MALWARE-BACKDOOR cia runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6304 | MALWARE-BACKDOOR softwar shadowthief runtime detection - initial connection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6305 | MALWARE-BACKDOOR softwar shadowthief runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6306 | MALWARE-BACKDOOR shit heep runtime detection (more info ...) | trojan-activity | URL | |||
| 6307 | MALWARE-BACKDOOR lamespy runtime detection - initial connection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6308 | MALWARE-BACKDOOR lamespy runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6312 | MALWARE-BACKDOOR net demon runtime detection - message send (more info ...) | trojan-activity | URL | |||
| 6313 | MALWARE-BACKDOOR net demon runtime detection - message response (more info ...) | trojan-activity | ||||
| 6314 | MALWARE-BACKDOOR net demon runtime detection - open browser request (more info ...) | trojan-activity | URL | |||
| 6315 | MALWARE-BACKDOOR net demon runtime detection - open browser response (more info ...) | trojan-activity | ||||
| 6316 | MALWARE-BACKDOOR net demon runtime detection - file manager request (more info ...) | trojan-activity | URL | |||
| 6317 | MALWARE-BACKDOOR net demon runtime detection - file manager response (more info ...) | trojan-activity | ||||
| 6318 | MALWARE-BACKDOOR rtb666 runtime detection (more info ...) | trojan-activity | URL | |||
| 6320 | MALWARE-BACKDOOR ptakks2.1 runtime detection - keepalive (more info ...) | trojan-activity | URL | |||
| 6321 | MALWARE-BACKDOOR ptakks2.1 runtime detection - keepalive acknowledgement (more info ...) | trojan-activity | URL | |||
| 6322 | MALWARE-BACKDOOR ptakks2.1 runtime detection - command pattern (more info ...) | trojan-activity | URL | |||
| 6323 | MALWARE-BACKDOOR 3xBackdoor runtime detection - set flowbit (more info ...) | trojan-activity | URL | |||
| 6324 | MALWARE-BACKDOOR 3xBackdoor runtime detection (more info ...) | trojan-activity | URL | |||
| 6325 | MALWARE-BACKDOOR fucktrojan 1.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6326 | MALWARE-BACKDOOR fucktrojan 1.2 runtime detection - flood (more info ...) | trojan-activity | ||||
| 6327 | MALWARE-BACKDOOR fucktrojan 1.2 runtime detection - flood (more info ...) | trojan-activity | URL | |||
| 6328 | MALWARE-BACKDOOR commando runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6329 | MALWARE-BACKDOOR commando runtime detection - chat client-to-server (more info ...) | trojan-activity | URL | |||
| 6330 | MALWARE-BACKDOOR commando runtime detection - chat server-to-client (more info ...) | trojan-activity | URL | |||
| 6331 | MALWARE-CNC globalkiller1.0 variant outbound connection notification (more info ...) | trojan-activity | URL | |||
| 6332 | MALWARE-BACKDOOR globalkiller1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 6333 | MALWARE-BACKDOOR wincrash 2.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6334 | MALWARE-BACKDOOR backlash runtime detection (more info ...) | trojan-activity | URL | |||
| 6335 | MALWARE-BACKDOOR buttman v0.9p runtime detection - remote control - set flowbit (more info ...) | trojan-activity | URL | |||
| 6336 | MALWARE-BACKDOOR buttman v0.9p runtime detection - remote control (more info ...) | trojan-activity | URL | |||
| 6337 | MALWARE-BACKDOOR hatredfriend file manage command - set flowbit (more info ...) | trojan-activity | URL | |||
| 6338 | MALWARE-BACKDOOR hatredfriend file manage command (more info ...) | trojan-activity | URL | |||
| 6339 | MALWARE-BACKDOOR hatredfriend email notification detection (more info ...) | trojan-activity | URL | |||
| 6340 | MALWARE-OTHER Keylogger handy keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 6341 | MALWARE-CNC User-Agent known malicious user agent - Spedia (more info ...) | misc-activity | URL | |||
| 6342 | PUA-ADWARE Hijacker spediabar outbound connection - info check (more info ...) | misc-activity | URL | |||
| 6344 | PUA-ADWARE Adware excite search bar runtime detection - config (more info ...) | misc-activity | URL | |||
| 6345 | PUA-ADWARE Adware excite search bar runtime detection - search (more info ...) | misc-activity | URL | |||
| 6346 | PUA-ADWARE Adware stationripper update detection (more info ...) | misc-activity | URL | |||
| 6347 | PUA-ADWARE Adware stationripper ad display detection (more info ...) | misc-activity | URL | |||
| 6348 | PUA-ADWARE Snoopware zenosearch outbound connection (more info ...) | successful-recon-limited | URL | |||
| 6349 | PUA-ADWARE Hijacker richfind update detection (more info ...) | misc-activity | URL | |||
| 6350 | PUA-ADWARE Hijacker richfind auto search redirect detection (more info ...) | misc-activity | URL | |||
| 6351 | PUA-ADWARE Hijacker adblock update detection (more info ...) | misc-activity | URL | |||
| 6352 | PUA-ADWARE Hijacker adblock auto search redirect detection (more info ...) | misc-activity | URL | |||
| 6353 | PUA-ADWARE Hijacker adblock ie search assistant redirect detection (more info ...) | misc-activity | URL | |||
| 6354 | MALWARE-CNC User-Agent known malicious user agent - ProxyDown (more info ...) | misc-activity | URL | |||
| 6355 | PUA-ADWARE Trickler wsearch outbound connection - mp3 search (more info ...) | misc-activity | URL | |||
| 6356 | PUA-ADWARE Trickler wsearch outbound connection - desktop search (more info ...) | misc-activity | URL | |||
| 6357 | MALWARE-CNC User-Agent known malicious user agent - Need2Find (more info ...) | misc-activity | URL | |||
| 6358 | PUA-ADWARE Hijacker need2find search query detection (more info ...) | misc-activity | URL | |||
| 6359 | PUA-ADWARE Adware altnet runtime detection - initial retrieval (more info ...) | misc-activity | URL | |||
| 6360 | PUA-ADWARE Adware altnet runtime detection - update (more info ...) | misc-activity | URL | |||
| 6361 | PUA-ADWARE Adware altnet runtime detection - status report (more info ...) | misc-activity | URL | |||
| 6362 | MALWARE-CNC User-Agent known malicious user agent - MGS-Internal-Web-Manager (more info ...) | misc-activity | URL | |||
| 6363 | MALWARE-CNC User-Agent known malicious user agent - SAcc (more info ...) | misc-activity | URL | |||
| 6364 | MALWARE-CNC User-Agent known malicious user agent - iMeshBar (more info ...) | misc-activity | URL | |||
| 6365 | MALWARE-OTHER Sony rootkit runtime detection (more info ...) | misc-activity | URL | |||
| 6366 | MALWARE-CNC User-Agent known malicious user agent - eAnthMngr (more info ...) | misc-activity | URL | |||
| 6367 | PUA-ADWARE Trickler eacceleration downloadreceiver outbound connection - stop-sign ads (more info ...) | misc-activity | URL | |||
| 6372 | PUA-ADWARE Trickler spyblocs eblocs detection - get wsliveup.dat (more info ...) | misc-activity | URL | |||
| 6373 | PUA-ADWARE Trickler spyblocs eblocs detection - stbarpat.dat (more info ...) | misc-activity | URL | |||
| 6374 | PUA-ADWARE Trickler spyblocs eblocs detection - get spyblpat.dat/spyblini.ini (more info ...) | misc-activity | URL | |||
| 6375 | PUA-ADWARE Trickler spyblocs.eblocs detection - register request (more info ...) | misc-activity | URL | |||
| 6376 | PUA-TOOLBARS Hijacker girafa toolbar - toolbar update (more info ...) | misc-activity | URL | |||
| 6377 | PUA-TOOLBARS Hijacker girafa toolbar - browser hijack (more info ...) | misc-activity | URL | |||
| 6378 | PUA-ADWARE Hijacker adbars outbound connection - homepage hijack (more info ...) | misc-activity | URL | |||
| 6379 | PUA-TOOLBARS Hijacker adbars runtime detection - search in toolbar (more info ...) | misc-activity | URL | |||
| 6380 | PUA-TOOLBARS Hijacker dotcomtoolbar runtime detection - toolbar information retrieve (more info ...) | misc-activity | URL | |||
| 6381 | PUA-TOOLBARS Hijacker dotcomtoolbar runtime detection - search in toolbar (more info ...) | misc-activity | URL | |||
| 6382 | PUA-TOOLBARS Hijacker dotcomtoolbar runtime detection - url hook (more info ...) | misc-activity | URL | |||
| 6383 | MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - tcp connection setup (more info ...) | successful-recon-limited | URL | |||
| 6385 | MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - agent status monitoring (more info ...) | successful-recon-limited | URL | |||
| 6386 | MALWARE-OTHER Keylogger stealthwatcher 2000 runtime detection - agent up notification (more info ...) | successful-recon-limited | URL | |||
| 6387 | PUA-ADWARE Hijacker internet optimizer outbound connection - autosearch hijack (more info ...) | misc-activity | URL | |||
| 6388 | PUA-ADWARE Hijacker internet optimizer outbound connection - error page hijack (more info ...) | misc-activity | URL | |||
| 6389 | PUA-ADWARE Adware esyndicate runtime detection - postinstall request (more info ...) | misc-activity | URL | |||
| 6390 | PUA-ADWARE Adware esyndicate runtime detection - ads popup (more info ...) | misc-activity | ||||
| 6391 | PUA-ADWARE Adware esyndicate runtime detection - ads popup (more info ...) | misc-activity | URL | |||
| 6392 | PUA-ADWARE Hijacker zeropopup outbound connection (more info ...) | misc-activity | URL | |||
| 6394 | MALWARE-CNC User-Agent known malicious user agent - CodeguruBrowser (more info ...) | misc-activity | URL | |||
| 6395 | MALWARE-CNC a-311 death variant outbound connection server-to-client (more info ...) | trojan-activity | URL | |||
| 6396 | MALWARE-CNC a-311 death user-agent string detected (more info ...) | trojan-activity | URL | |||
| 6398 | MALWARE-BACKDOOR http rat runtime detection - http (more info ...) | trojan-activity | URL | |||
| 6399 | MALWARE-BACKDOOR rad 1.2.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 6400 | MALWARE-BACKDOOR snowdoor runtime detection client-to-server (more info ...) | trojan-activity | URL | |||
| 6401 | MALWARE-BACKDOOR snowdoor runtime detection server-to-client (more info ...) | trojan-activity | URL | |||
| 6402 | MALWARE-BACKDOOR netangel connection client-to-server (more info ...) | trojan-activity | URL | |||
| 6403 | SERVER-WEBAPP horde help module arbitrary command execution attempt (more info ...) | web-application-attack | 2006-1491 | 17292 | ||
| 6408 | POLICY-SOCIAL webshots desktop traffic (more info ...) | misc-activity | URL | |||
| 6469 | SERVER-OTHER RealVNC connection attempt (more info ...) | protocol-command-decode | ||||
| 6470 | SERVER-OTHER RealVNC authentication types without None type sent attempt (more info ...) | protocol-command-decode | ||||
| 6472 | MALWARE-BACKDOOR bugs runtime detection - file manager client-to-server (more info ...) | trojan-activity | URL | |||
| 6473 | MALWARE-BACKDOOR bugs runtime detection - file manager server-to-client (more info ...) | trojan-activity | URL | |||
| 6474 | MALWARE-CNC Win.Trojan.loosky.gen variant outbound connection notification (more info ...) | trojan-activity | URL | |||
| 6475 | MALWARE-BACKDOOR badrat 1.1 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 6476 | MALWARE-BACKDOOR badrat 1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 6478 | PUA-TOOLBARS Trackware searchingall toolbar runtime detection - send user url request (more info ...) | successful-recon-limited | URL | |||
| 6479 | PUA-ADWARE Snoopware totalvelocity zsearch outbound connection (more info ...) | successful-recon-limited | URL | |||
| 6480 | PUA-ADWARE Hijacker cws.cameup outbound connection - home page (more info ...) | misc-activity | URL | |||
| 6481 | PUA-ADWARE Hijacker cws.cameup outbound connection - search (more info ...) | misc-activity | URL | |||
| 6482 | PUA-TOOLBARS Hijacker makemesearch toolbar runtime detection - get info (more info ...) | misc-activity | URL | |||
| 6483 | PUA-TOOLBARS Hijacker makemesearch toolbar runtime detection - home page hijacker (more info ...) | misc-activity | URL | |||
| 6484 | PUA-TOOLBARS Hijacker makemesearch toolbar runtime detection - search (more info ...) | misc-activity | URL | |||
| 6487 | PUA-TOOLBARS Adware searchnugget toolbar runtime detection - check updates (more info ...) | misc-activity | URL | |||
| 6488 | PUA-TOOLBARS Adware searchnugget toolbar runtime detection - redirect mistyped urls (more info ...) | misc-activity | URL | |||
| 6489 | PUA-ADWARE Hijacker analyze IE outbound connection - default page hijacker (more info ...) | misc-activity | URL | |||
| 6491 | MALWARE-CNC User-Agent known malicious user agent - snprtzdialno (more info ...) | misc-activity | URL | |||
| 6492 | MALWARE-BACKDOOR Trickler Backdoor-BAC.gen.e runtime detection - notification (more info ...) | misc-activity | URL | |||
| 6493 | MALWARE-BACKDOOR Trickler Backdoor-BAC.gen.e runtime detection - post data (more info ...) | misc-activity | URL | |||
| 6494 | PUA-ADWARE Adware yourenhancement runtime detection (more info ...) | misc-activity | URL | |||
| 6495 | PUA-ADWARE Hijacker troj_spywad.x outbound connection (more info ...) | misc-activity | URL | |||
| 6496 | PUA-ADWARE Adware adpowerzone runtime detection (more info ...) | misc-activity | URL | |||
| 6497 | MALWARE-BACKDOOR exploiter 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6498 | MALWARE-BACKDOOR exploiter 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 6499 | MALWARE-BACKDOOR omerta 1.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 6500 | MALWARE-BACKDOOR omerta 1.3 runtime detection (more info ...) | trojan-activity | URL | |||
| 6511 | SERVER-WEBAPP ALT-N WebAdmin user param overflow attempt (more info ...) | attempted-admin | 2003-0471 | 8024 | ||
| 6513 | PROTOCOL-VOIP Digium Asterisk IAX2 truncated video mini-frame packet overflow attempt (more info ...) | attempted-admin | 2006-2898 | 18295 | ||
| 6514 | PROTOCOL-VOIP Digium Asterisk IAX2 truncated full-frame packet overflow attempt (more info ...) | attempted-admin | 2006-2923 | 18307 | ||
| 6515 | PROTOCOL-VOIP Digium Asterisk IAX2 truncated mini-frame packet overflow attempt (more info ...) | attempted-admin | 2006-2923 | 18307 | ||
| 7049 | PUA-ADWARE Hijacker extreme biz outbound connection - uniq1 (more info ...) | misc-activity | URL | |||
| 7050 | PUA-TOOLBARS Hijacker freecruise toolbar runtime detection (more info ...) | misc-activity | ||||
| 7051 | PUA-ADWARE Trickler generic downloader.g outbound connection - spyware injection (more info ...) | misc-activity | URL | |||
| 7052 | PUA-ADWARE Trickler generic downloader.g outbound connection - adv (more info ...) | misc-activity | URL | |||
| 7053 | PUA-ADWARE Adware webredir runtime detection (more info ...) | misc-activity | URL | |||
| 7054 | PUA-ADWARE Trickler download arq variant outbound connection (more info ...) | misc-activity | URL | |||
| 7055 | PUA-ADWARE Hijacker vip01 biz outbound connection - adv (more info ...) | misc-activity | URL | |||
| 7057 | MALWARE-BACKDOOR charon runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7058 | MALWARE-BACKDOOR charon runtime detection - download file flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7059 | MALWARE-BACKDOOR charon runtime detection - download file/log flowbit 2 (more info ...) | trojan-activity | URL | |||
| 7060 | MALWARE-BACKDOOR charon runtime detection - download file/log (more info ...) | trojan-activity | URL | |||
| 7061 | MALWARE-BACKDOOR charon runtime detection - download log flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7064 | MALWARE-BACKDOOR cybernetic 1.62 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 7065 | MALWARE-BACKDOOR cybernetic 1.62 runtime detection - reverse connection flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7068 | MALWARE-BACKDOOR delta source 0.5 beta runtime detection - ping (more info ...) | trojan-activity | URL | |||
| 7069 | MALWARE-BACKDOOR delta source 0.5 beta runtime detection - pc info (more info ...) | trojan-activity | URL | |||
| 7072 | MALWARE-BACKDOOR fraggle rock 2.0 lite runtime detection - pc info (more info ...) | trojan-activity | URL | |||
| 7073 | MALWARE-CNC Win.Trojan.dumaru.gen variant outbound connection notification (more info ...) | trojan-activity | URL | |||
| 7074 | MALWARE-CNC Win.Trojan.dumaru.gen variant outbound connection cmd (more info ...) | trojan-activity | URL | |||
| 7075 | MALWARE-BACKDOOR bandook 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 7077 | MALWARE-CNC minimo v0.6 variant outbound connection icq notification (more info ...) | trojan-activity | ||||
| 7078 | MALWARE-BACKDOOR up and run v1.0 beta runtime detection flowbit 1 (more info ...) | trojan-activity | URL | |||
| 7079 | MALWARE-BACKDOOR up and run v1.0 beta runtime detection flowbit 2 (more info ...) | trojan-activity | URL | |||
| 7080 | MALWARE-BACKDOOR up and run v1.0 beta runtime detection flowbit 3 (more info ...) | trojan-activity | URL | |||
| 7081 | MALWARE-BACKDOOR up and run v1.0 beta runtime detection (more info ...) | trojan-activity | URL | |||
| 7082 | MALWARE-BACKDOOR mosucker3.0 runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7083 | MALWARE-BACKDOOR mosucker3.0 runtime detection - server-to-client1 (more info ...) | trojan-activity | URL | |||
| 7084 | MALWARE-BACKDOOR erazer v1.1 runtime detection - sin notification (more info ...) | trojan-activity | URL | |||
| 7085 | MALWARE-BACKDOOR erazer v1.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 7086 | MALWARE-BACKDOOR erazer v1.1 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7101 | MALWARE-BACKDOOR gwboy 0.92 runtime detection (more info ...) | trojan-activity | URL | |||
| 7103 | MALWARE-CNC gwboy 0.92 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 7104 | MALWARE-BACKDOOR aol admin runtime detection (more info ...) | trojan-activity | URL | |||
| 7106 | MALWARE-BACKDOOR girlfriend runtime detection (more info ...) | trojan-activity | URL | |||
| 7107 | MALWARE-BACKDOOR girlfriend runtime detection (more info ...) | trojan-activity | URL | |||
| 7113 | MALWARE-BACKDOOR Win.Trojan.DonaldDick variant inbound connection detection (more info ...) | trojan-activity | URL | |||
| 7114 | MALWARE-BACKDOOR Win.Trojan.DonaldDick variant outbound connection detection (more info ...) | trojan-activity | URL | |||
| 7116 | MALWARE-CNC y3k 1.2 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 7118 | MALWARE-CNC y3k 1.2 variant outbound connection user-agent string detected (more info ...) | trojan-activity | URL | |||
| 7119 | MALWARE-BACKDOOR y3k 1.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 7120 | MALWARE-BACKDOOR y3k 1.2 runtime detection - init connection 1 (more info ...) | trojan-activity | URL | |||
| 7121 | MALWARE-BACKDOOR y3k 1.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 7122 | MALWARE-BACKDOOR y3k 1.2 runtime detection - init connection 2 (more info ...) | trojan-activity | URL | |||
| 7123 | PUA-ADWARE Other-Technologies alfacleaner outbound connection - update (more info ...) | misc-activity | URL | |||
| 7124 | PUA-ADWARE Other-Technologies alfacleaner outbound connection - buy (more info ...) | misc-activity | URL | |||
| 7125 | PUA-ADWARE Hijacker traffbest biz outbound connection - adv (more info ...) | misc-activity | URL | |||
| 7126 | PUA-ADWARE Hijacker trojan proxy atiup outbound connection - notification (more info ...) | misc-activity | URL | |||
| 7127 | PUA-ADWARE Hijacker wowok mp3 bar outbound connection - tracking (more info ...) | misc-activity | ||||
| 7128 | PUA-ADWARE Hijacker wowok mp3 bar outbound connection - advertising 1 (more info ...) | misc-activity | ||||
| 7129 | PUA-ADWARE Hijacker wowok mp3 bar outbound connection - advertising 2 (more info ...) | misc-activity | ||||
| 7130 | PUA-ADWARE Hijacker wowok mp3 bar outbound connection - search assissant hijacking (more info ...) | misc-activity | ||||
| 7135 | MALWARE-CNC User-Agent known malicious user agent - IEP (more info ...) | misc-activity | URL | |||
| 7136 | PUA-ADWARE Hijacker dsrch outbound connection - search assistant redirect (more info ...) | misc-activity | URL | |||
| 7137 | PUA-ADWARE Hijacker dsrch outbound connection - side search redirect (more info ...) | misc-activity | URL | |||
| 7138 | PUA-ADWARE Other-Technologies clicktrojan outbound connection - version check (more info ...) | misc-activity | URL | |||
| 7139 | PUA-ADWARE Other-Technologies clicktrojan outbound connection - fake search query (more info ...) | misc-activity | URL | |||
| 7140 | PUA-ADWARE Adware pay-per-click runtime detection - configuration (more info ...) | misc-activity | URL | |||
| 7141 | PUA-ADWARE Adware pay-per-click runtime detection - update (more info ...) | misc-activity | URL | |||
| 7143 | PUA-ADWARE Adware digink.com runtime detection (more info ...) | misc-activity | URL | |||
| 7144 | PUA-ADWARE Hijacker cool search outbound connection (more info ...) | misc-activity | URL | |||
| 7145 | MALWARE-CNC User-Agent known malicious user agent - adfsgecoiwnf (more info ...) | misc-activity | URL | |||
| 7147 | MALWARE-CNC Hacker-Tool sars notifier variant outbound connection icq notification (more info ...) | misc-activity | URL | |||
| 7150 | MALWARE-CNC Hacker-Tool sars notifier variant outbound connection irc notification (more info ...) | misc-activity | URL | |||
| 7151 | MALWARE-CNC Hacker-Tool sars notifier variant outbound connection net send notification (more info ...) | misc-activity | URL | |||
| 7152 | PUA-ADWARE Hijacker cnsmin 3721 outbound connection - installation (more info ...) | misc-activity | URL | |||
| 7153 | PUA-ADWARE Hijacker cnsmin 3721 outbound connection - hijacking (more info ...) | misc-activity | URL | |||
| 7154 | MALWARE-OTHER Keylogger active keylogger home runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7155 | PUA-ADWARE Trickler jubster outbound connection (more info ...) | misc-activity | URL | |||
| 7156 | MALWARE-OTHER Keylogger win-spy runtime detection - email delivery (more info ...) | successful-recon-limited | URL | |||
| 7157 | MALWARE-OTHER Keylogger win-spy runtime detection - remote conn client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7158 | MALWARE-OTHER Keylogger win-spy runtime detection - remote conn server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7159 | MALWARE-OTHER Keylogger win-spy runtime detection - upload file client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7160 | MALWARE-OTHER Keylogger win-spy runtime detection - upload file server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7161 | MALWARE-OTHER Keylogger win-spy runtime detection - download file client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7162 | MALWARE-OTHER Keylogger win-spy runtime detection - download file server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7163 | MALWARE-OTHER Keylogger win-spy runtime detection - execute file client-to-server (more info ...) | successful-recon-limited | URL | |||
| 7164 | MALWARE-OTHER Keylogger win-spy runtime detection - execute file server-to-client (more info ...) | successful-recon-limited | URL | |||
| 7175 | MALWARE-OTHER Keylogger ab system spy runtime detection - log retrieve (more info ...) | successful-recon-limited | URL | |||
| 7176 | MALWARE-OTHER Keylogger ab system spy runtime detection - log retrieve (more info ...) | successful-recon-limited | URL | |||
| 7177 | MALWARE-OTHER Keylogger ab system spy runtime detection - info send through email (more info ...) | successful-recon-limited | URL | |||
| 7178 | MALWARE-OTHER Keylogger desktop detective 2000 runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 7179 | MALWARE-OTHER Keylogger desktop detective 2000 runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 7180 | MALWARE-OTHER Keylogger desktop detective 2000 runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 7183 | MALWARE-CNC Snoopware barok variant outbound connection (more info ...) | successful-recon-limited | URL | |||
| 7186 | MALWARE-OTHER Keylogger kgb Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7187 | MALWARE-CNC User-Agent known malicious user agent - SAH Agent (more info ...) | successful-recon-limited | URL | |||
| 7188 | PUA-ADWARE Hijacker shop at home select - merchant redirect in progress (more info ...) | successful-recon-limited | URL | |||
| 7189 | MALWARE-OTHER Trackware shopathome runtime detection - setcookie request (more info ...) | successful-recon-limited | URL | |||
| 7190 | PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - host retrieval (more info ...) | misc-activity | URL | |||
| 7191 | PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - url retrieval (more info ...) | misc-activity | URL | |||
| 7192 | PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - sponsor selection (more info ...) | misc-activity | URL | |||
| 7193 | PUA-ADWARE Adware trustyfiles v3.1.0.1 runtime detection - startup access (more info ...) | misc-activity | URL | |||
| 7194 | PUA-ADWARE Hijacker shopprreports outbound connection - services requests (more info ...) | misc-activity | URL | |||
| 7195 | MALWARE-CNC User-Agent known malicious user agent - shprrprt-cs- (more info ...) | misc-activity | URL | |||
| 7206 | SERVER-ORACLE DBMS_EXPORT_EXTENSION access attempt (more info ...) | attempted-user | ||||
| 7208 | SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_DOMAIN_INDEX_METADATA access attempt (more info ...) | attempted-user | 2006-2081 | 17699 | ||
| 7421 | SERVER-ORACLE DBMS_EXPORT_EXTENSION.GET_V2_DOMAIN_INDEX_TABLES access attempt (more info ...) | attempted-user | 2006-1887 | 17590 | ||
| 7506 | MALWARE-TOOLS Hacker-Tool coma runtime detection - init connection - flowbit set (more info ...) | misc-activity | ||||
| 7507 | MALWARE-TOOLS Hacker-Tool coma runtime detection - init connection (more info ...) | misc-activity | URL | |||
| 7508 | MALWARE-TOOLS Hacker-Tool coma runtime detection - ping - flowbit set (more info ...) | misc-activity | ||||
| 7509 | MALWARE-TOOLS Hacker-Tool coma runtime detection - ping (more info ...) | misc-activity | URL | |||
| 7510 | PUA-ADWARE Trickler edonkey2000 outbound connection - version verification (more info ...) | misc-activity | URL | |||
| 7511 | MALWARE-CNC User-Agent known malicious user agent - ed2k edonkey2000 runtime detection (more info ...) | misc-activity | URL | |||
| 7512 | MALWARE-OTHER Keylogger watchdog runtime detection - init connection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7513 | MALWARE-OTHER Keylogger watchdog runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 7514 | MALWARE-OTHER Keylogger watchdog runtime detection - send out info to server periodically (more info ...) | successful-recon-limited | URL | |||
| 7515 | MALWARE-OTHER Keylogger watchdog runtime detection - remote monitoring (more info ...) | successful-recon-limited | URL | |||
| 7516 | PUA-TOOLBARS Trickler hmtoolbar runtime detection (more info ...) | misc-activity | URL | |||
| 7518 | PUA-TOOLBARS Trackware earthlink toolbar runtime detection - get up-to-date news info (more info ...) | successful-recon-limited | URL | |||
| 7520 | PUA-TOOLBARS Trackware earthlink toolbar runtime detection - ie autosearch hijack (more info ...) | successful-recon-limited | URL | |||
| 7521 | PUA-TOOLBARS Trackware earthlink toolbar runtime detection - search toolbar request 1 (more info ...) | successful-recon-limited | URL | |||
| 7522 | PUA-TOOLBARS Trackware earthlink toolbar runtime detection - search toolbar request 2 (more info ...) | successful-recon-limited | URL | |||
| 7525 | PUA-TOOLBARS Trackware hotblox toolbar runtime detection - barad.asp request (more info ...) | successful-recon-limited | URL | |||
| 7526 | PUA-TOOLBARS Trackware hotblox toolbar runtime detection - stat counter (more info ...) | successful-recon-limited | URL | |||
| 7527 | PUA-TOOLBARS Trackware hotblox toolbar runtime detection - toolbar find function (more info ...) | successful-recon-limited | URL | |||
| 7528 | PUA-TOOLBARS Trackware hotblox toolbar runtime detection - ie autosearch hijack (more info ...) | successful-recon-limited | URL | |||
| 7529 | PUA-ADWARE Snoopware halflife jacker outbound connection (more info ...) | successful-recon-limited | URL | |||
| 7530 | PUA-ADWARE Trickler mediaseek.pl client outbound connection - trickler (more info ...) | misc-activity | URL | |||
| 7531 | PUA-ADWARE Trickler mediaseek.pl client outbound connection - login (more info ...) | misc-activity | URL | |||
| 7532 | PUA-ADWARE Adware piolet runtime detection - user-agent (more info ...) | misc-activity | URL | |||
| 7533 | PUA-ADWARE Adware piolet runtime detection - ads request (more info ...) | misc-activity | URL | |||
| 7535 | PUA-ADWARE Hijacker clearsearch variant outbound connection - pass information (more info ...) | misc-activity | URL | |||
| 7536 | PUA-ADWARE Hijacker clearsearch variant outbound connection - popup (more info ...) | misc-activity | URL | |||
| 7537 | MALWARE-CNC User-Agent known malicious user agent - Arrow Search (more info ...) | successful-recon-limited | URL | |||
| 7538 | PUA-ADWARE Screen-Scraper hidden camera outbound connection (more info ...) | successful-recon-limited | URL | |||
| 7540 | MALWARE-CNC User-Agent known malicious user agent - http protocol (more info ...) | misc-activity | URL | |||
| 7541 | MALWARE-OTHER Keylogger starlogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7542 | MALWARE-TOOLS Hacker-Tool mini oblivion runtime detection - successful init connection (more info ...) | misc-activity | URL | |||
| 7543 | PUA-ADWARE Hijacker 2020search outbound connection (more info ...) | misc-activity | URL | |||
| 7544 | MALWARE-OTHER Keylogger PerfectKeylogger runtime detection - flowbit set 1 (more info ...) | successful-recon-limited | URL | |||
| 7545 | MALWARE-OTHER Keylogger PerfectKeylogger runtime detection - flowbit set 2 (more info ...) | successful-recon-limited | URL | |||
| 7546 | MALWARE-OTHER Keylogger PerfectKeylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7547 | MALWARE-OTHER Keylogger activity monitor 3.8 runtime detection - agent status monitoring (more info ...) | successful-recon-limited | URL | |||
| 7548 | MALWARE-OTHER Keylogger activity monitor 3.8 runtime detection - agent up notification (more info ...) | successful-recon-limited | URL | |||
| 7549 | MALWARE-OTHER Keylogger activity monitor 3.8 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7550 | PUA-ADWARE Adware adroar runtime detection (more info ...) | misc-activity | URL | |||
| 7553 | PUA-ADWARE Adware hxdl runtime detection - hxlogonly user-agent (more info ...) | misc-activity | URL | |||
| 7554 | PUA-ADWARE Adware hxdl runtime detection - hxdownload user-agent (more info ...) | misc-activity | URL | |||
| 7556 | PUA-ADWARE Hijacker blazefind outbound connection - search bar (more info ...) | misc-activity | URL | |||
| 7557 | MALWARE-OTHER Trackware purityscan runtime detection - start up (more info ...) | successful-recon-limited | URL | |||
| 7558 | MALWARE-OTHER Trackware purityscan runtime detection - installation notify (more info ...) | successful-recon-limited | URL | |||
| 7559 | MALWARE-OTHER Trackware purityscan runtime detection - track user activity and status (more info ...) | successful-recon-limited | URL | |||
| 7560 | MALWARE-OTHER Trackware purityscan runtime detection - self update (more info ...) | successful-recon-limited | URL | |||
| 7561 | MALWARE-OTHER Trackware purityscan runtime detection - opt out of interstitial advertising (more info ...) | successful-recon-limited | URL | |||
| 7562 | PUA-ADWARE Adware morpheus runtime detection - ad 1 (more info ...) | misc-activity | URL | |||
| 7563 | PUA-ADWARE Adware morpheus runtime detection - ad 2 (more info ...) | misc-activity | URL | |||
| 7564 | PUA-ADWARE Hijacker startnow outbound connection (more info ...) | misc-activity | URL | |||
| 7565 | PUA-ADWARE Hijacker adshooter.searchforit outbound connection - search engine (more info ...) | misc-activity | URL | |||
| 7566 | PUA-ADWARE Hijacker adshooter.searchforit outbound connection - redirector (more info ...) | misc-activity | URL | |||
| 7568 | MALWARE-OTHER Trackware webhancer runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7569 | PUA-ADWARE Adware lordofsearch runtime detection (more info ...) | misc-activity | URL | |||
| 7570 | PUA-ADWARE Hijacker linkspider search bar outbound connection - ads (more info ...) | misc-activity | URL | |||
| 7571 | PUA-TOOLBARS Hijacker linkspider search bar runtime detection - toolbar search (more info ...) | misc-activity | URL | |||
| 7573 | PUA-ADWARE Trickler album galaxy outbound connection - p2p gnutella (more info ...) | misc-activity | URL | |||
| 7574 | MALWARE-OTHER Keylogger proagent 2.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7575 | PUA-TOOLBARS Hijacker starware toolbar runtime detection - weather request (more info ...) | misc-activity | URL | |||
| 7576 | PUA-TOOLBARS Hijacker starware toolbar runtime detection - hijack ie browser (more info ...) | misc-activity | URL | |||
| 7577 | PUA-TOOLBARS Hijacker starware toolbar runtime detection - collect information (more info ...) | misc-activity | URL | |||
| 7578 | PUA-TOOLBARS Hijacker starware toolbar runtime detection - reference (more info ...) | misc-activity | URL | |||
| 7579 | PUA-TOOLBARS Hijacker starware toolbar runtime detection - smileys (more info ...) | misc-activity | URL | |||
| 7580 | PUA-TOOLBARS Hijacker starware toolbar runtime detection - update (more info ...) | misc-activity | URL | |||
| 7582 | MALWARE-CNC User-Agent known malicious user agent - Pcast Live (more info ...) | misc-activity | URL | |||
| 7583 | MALWARE-TOOLS Hacker-Tool clandestine runtime detection - flowbit set big (more info ...) | misc-activity | URL | |||
| 7584 | MALWARE-TOOLS Hacker-Tool clandestine runtime detection - flowbit set open (more info ...) | misc-activity | URL | |||
| 7585 | MALWARE-TOOLS Hacker-Tool clandestine runtime detection - flowbit set image (more info ...) | misc-activity | URL | |||
| 7586 | MALWARE-TOOLS Hacker-Tool clandestine runtime detection - image transferred (more info ...) | misc-activity | URL | |||
| 7587 | MALWARE-CNC User-Agent known malicious user agent - URLBlaze (more info ...) | misc-activity | URL | |||
| 7588 | PUA-ADWARE Trickler urlblaze outbound connection - files search or download (more info ...) | misc-activity | URL | |||
| 7589 | PUA-ADWARE Trickler urlblaze outbound connection - irc notification (more info ...) | misc-activity | URL | |||
| 7590 | PUA-TOOLBARS Hijacker swbar runtime detection (more info ...) | misc-activity | URL | |||
| 7591 | MALWARE-OTHER Keylogger keylogger pro runtime detection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7592 | MALWARE-OTHER Keylogger keylogger pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7593 | PUA-TOOLBARS Trackware trellian toolbarbrowser runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7594 | PUA-ADWARE Adware comedy planet runtime detection - ads (more info ...) | misc-activity | URL | |||
| 7595 | PUA-ADWARE Adware comedy planet runtime detection - collect user information (more info ...) | misc-activity | URL | |||
| 7596 | MALWARE-OTHER Keylogger spy lantern keylogger runtime detection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7597 | MALWARE-OTHER Keylogger spy lantern keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7598 | PUA-TOOLBARS Snoopware 2-seek runtime detection - search in toolbar (more info ...) | successful-recon-limited | URL | |||
| 7599 | PUA-TOOLBARS Snoopware 2-seek runtime detection - user info collection (more info ...) | successful-recon-limited | URL | |||
| 7600 | PUA-ADWARE Hijacker adtraffic outbound connection - notfound website search hijack and redirection (more info ...) | misc-activity | URL | |||
| 7601 | PUA-ADWARE Snoopware big brother v3.5.1 outbound connection - connect to keyserver (more info ...) | successful-recon-limited | URL | |||
| 7602 | PUA-ADWARE Snoopware big brother v3.5.1 outbound connection - connect to receiver - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 7603 | PUA-ADWARE Snoopware big brother v3.5.1 outbound connection - connect to receiver (more info ...) | successful-recon-limited | URL | |||
| 7604 | MALWARE-BACKDOOR katux 2.0 runtime detection - screen capture - flowbit set (more info ...) | trojan-activity | ||||
| 7605 | MALWARE-BACKDOOR katux 2.0 runtime detection - screen capture (more info ...) | trojan-activity | URL | |||
| 7606 | MALWARE-BACKDOOR katux 2.0 runtime detection - get system info - flowbit set (more info ...) | trojan-activity | ||||
| 7607 | MALWARE-BACKDOOR katux 2.0 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 7608 | MALWARE-BACKDOOR katux 2.0 runtime detection - chat - flowbit set (more info ...) | trojan-activity | ||||
| 7609 | MALWARE-BACKDOOR katux 2.0 runtime detection - chat (more info ...) | trojan-activity | URL | |||
| 7620 | MALWARE-BACKDOOR remote control 1.7 runtime detection - connection request flowbit 1 (more info ...) | trojan-activity | ||||
| 7621 | MALWARE-BACKDOOR remote control 1.7 runtime detection - connection request - flowbit 2 (more info ...) | trojan-activity | ||||
| 7622 | MALWARE-BACKDOOR remote control 1.7 runtime detection - connection request - flowbit 3 (more info ...) | trojan-activity | ||||
| 7623 | MALWARE-BACKDOOR remote control 1.7 runtime detection - connection request (more info ...) | trojan-activity | URL | |||
| 7624 | MALWARE-BACKDOOR remote control 1.7 runtime detection - data connection (more info ...) | trojan-activity | URL | |||
| 7625 | MALWARE-BACKDOOR skyrat show runtime detection - initial connection - flowbit 1 (more info ...) | trojan-activity | ||||
| 7626 | MALWARE-BACKDOOR skyrat show runtime detection - initial connection - flowbit 2 (more info ...) | trojan-activity | ||||
| 7627 | MALWARE-BACKDOOR skyrat show runtime detection - initial connection - flowbit 3 (more info ...) | trojan-activity | ||||
| 7628 | MALWARE-BACKDOOR skyrat show runtime detection - initial connection - flowbit 4 (more info ...) | trojan-activity | ||||
| 7629 | MALWARE-BACKDOOR skyrat show runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7630 | MALWARE-BACKDOOR helios 3.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7631 | MALWARE-BACKDOOR hornet 1.0 runtime detection - fetch system info - flowbit set (more info ...) | trojan-activity | URL | |||
| 7632 | MALWARE-BACKDOOR hornet 1.0 runtime detection - fetch system info (more info ...) | trojan-activity | URL | |||
| 7633 | MALWARE-BACKDOOR hornet 1.0 runtime detection - irc connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7634 | MALWARE-BACKDOOR hornet 1.0 runtime detection - irc connection (more info ...) | trojan-activity | URL | |||
| 7635 | MALWARE-BACKDOOR hornet 1.0 runtime detection - fetch process list - flowbit set (more info ...) | trojan-activity | URL | |||
| 7636 | MALWARE-BACKDOOR hornet 1.0 runtime detection - fetch processes list (more info ...) | trojan-activity | URL | |||
| 7637 | MALWARE-CNC hornet 1.0 variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 7638 | MALWARE-BACKDOOR Win.Exploit.Backdoor ncph runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7640 | MALWARE-CNC air variant outbound connection webmail notification (more info ...) | trojan-activity | URL | |||
| 7641 | MALWARE-BACKDOOR am remote client runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7642 | MALWARE-BACKDOOR am remote client runtime detection - client response (more info ...) | trojan-activity | URL | |||
| 7643 | MALWARE-BACKDOOR netcontrol takeover runtime detection (more info ...) | trojan-activity | URL | |||
| 7644 | MALWARE-BACKDOOR ullysse runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7645 | MALWARE-BACKDOOR snipernet 2.1 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7646 | MALWARE-BACKDOOR snipernet 2.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 7647 | MALWARE-BACKDOOR minicom lite runtime detection - udp (more info ...) | trojan-activity | URL | |||
| 7650 | MALWARE-BACKDOOR small uploader 1.01 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7651 | MALWARE-BACKDOOR small uploader 1.01 runtime detection - initial connection (more info ...) | trojan-activity | ||||
| 7658 | MALWARE-BACKDOOR jodeitor 1.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7659 | MALWARE-BACKDOOR lan filtrator 1.1 runtime detection - sin notification (more info ...) | trojan-activity | URL | |||
| 7660 | MALWARE-BACKDOOR lan filtrator 1.1 runtime detection - initial connection request - flowbit set (more info ...) | trojan-activity | ||||
| 7661 | MALWARE-BACKDOOR lan filtrator 1.1 runtime detection - initial connection request (more info ...) | trojan-activity | URL | |||
| 7662 | MALWARE-BACKDOOR snid x2 v1.2 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7663 | MALWARE-BACKDOOR snid x2 v1.2 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7664 | MALWARE-BACKDOOR screen control 1.0 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7665 | MALWARE-BACKDOOR screen control 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7667 | MALWARE-BACKDOOR screen control 1.0 runtime detection - capture on port 2208 (more info ...) | trojan-activity | URL | |||
| 7668 | MALWARE-BACKDOOR screen control 1.0 runtime detection - capture on port 2213 - flowbit set (more info ...) | trojan-activity | URL | |||
| 7669 | MALWARE-BACKDOOR screen control 1.0 runtime detection - capture on port 2213 (more info ...) | trojan-activity | URL | |||
| 7670 | MALWARE-BACKDOOR digital upload runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7671 | MALWARE-BACKDOOR digital upload runtime detection - chat (more info ...) | trojan-activity | URL | |||
| 7672 | MALWARE-BACKDOOR remoter runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7673 | MALWARE-BACKDOOR remote havoc runtime detection - flowbit set 1 (more info ...) | trojan-activity | URL | |||
| 7674 | MALWARE-BACKDOOR remote havoc runtime detection - flowbit set 2 (more info ...) | trojan-activity | URL | |||
| 7675 | MALWARE-BACKDOOR remote havoc runtime detection (more info ...) | trojan-activity | URL | |||
| 7676 | MALWARE-BACKDOOR cool remote control or crackdown runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7677 | MALWARE-BACKDOOR cool remote control or crackdown runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7678 | MALWARE-BACKDOOR cool remote control 1.12 runtime detection - upload file - flowbit set (more info ...) | trojan-activity | URL | |||
| 7679 | MALWARE-BACKDOOR cool remote control 1.12 runtime detection - upload file (more info ...) | trojan-activity | URL | |||
| 7680 | MALWARE-BACKDOOR cool remote control 1.12 runtime detection - download file - flowbit set (more info ...) | trojan-activity | URL | |||
| 7681 | MALWARE-BACKDOOR cool remote control 1.12 runtime detection - download file (more info ...) | trojan-activity | URL | |||
| 7682 | MALWARE-BACKDOOR acid head 1.00 runtime detection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7683 | MALWARE-BACKDOOR acid head 1.00 runtime detection (more info ...) | trojan-activity | URL | |||
| 7684 | MALWARE-BACKDOOR hrat 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 7685 | MALWARE-BACKDOOR illusion runtime detection - get remote info client-to-server (more info ...) | trojan-activity | URL | |||
| 7686 | MALWARE-BACKDOOR illusion runtime detection - get remote info server-to-client (more info ...) | trojan-activity | URL | |||
| 7687 | MALWARE-BACKDOOR illusion runtime detection - file browser client-to-server (more info ...) | trojan-activity | URL | |||
| 7688 | MALWARE-BACKDOOR illusion runtime detection - file browser server-to-client (more info ...) | trojan-activity | URL | |||
| 7689 | MALWARE-BACKDOOR evade runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7690 | MALWARE-BACKDOOR evade runtime detection - file manager - flowbit set (more info ...) | trojan-activity | URL | |||
| 7691 | MALWARE-BACKDOOR evade runtime detection - file manager (more info ...) | trojan-activity | URL | |||
| 7692 | MALWARE-BACKDOOR exception 1.0 runtime detection - notification (more info ...) | trojan-activity | URL | |||
| 7695 | MALWARE-BACKDOOR hanky panky 1.1 runtime detection - initial connection - flowbit set 1 (more info ...) | trojan-activity | URL | |||
| 7696 | MALWARE-BACKDOOR hanky panky 1.1 runtime detection - initial connection - flowbit set 2 (more info ...) | trojan-activity | URL | |||
| 7697 | MALWARE-BACKDOOR hanky panky 1.1 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7698 | MALWARE-BACKDOOR brain wiper runtime detection - launch application - flowbit set (more info ...) | trojan-activity | URL | |||
| 7699 | MALWARE-BACKDOOR brain wiper runtime detection - launch application (more info ...) | trojan-activity | URL | |||
| 7700 | MALWARE-BACKDOOR brain wiper runtime detection - chat - flowbit set (more info ...) | trojan-activity | URL | |||
| 7701 | MALWARE-BACKDOOR brain wiper runtime detection - chat (more info ...) | trojan-activity | URL | |||
| 7702 | MALWARE-BACKDOOR roach 1.0 runtime detection - remote control actions - flowbit set (more info ...) | trojan-activity | ||||
| 7703 | MALWARE-BACKDOOR roach 1.0 runtime detection - remote control actions (more info ...) | trojan-activity | URL | |||
| 7704 | MALWARE-CNC roach 1.0 server installation notification - email (more info ...) | trojan-activity | URL | |||
| 7705 | MALWARE-BACKDOOR omniquad instant remote control runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7706 | MALWARE-BACKDOOR omniquad instant remote control runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7707 | MALWARE-CNC omniquad instant remote control runtime detection - file transfer setup (more info ...) | trojan-activity | URL | |||
| 7708 | MALWARE-BACKDOOR fear1.5/aciddrop1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7709 | MALWARE-BACKDOOR fear1.5/aciddrop1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7710 | MALWARE-BACKDOOR fear1.5/aciddrop1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7711 | MALWARE-BACKDOOR Amitis runtime command detection attacker to victim (more info ...) | trojan-activity | URL | |||
| 7712 | MALWARE-BACKDOOR Amitis runtime detection victim to attacker (more info ...) | trojan-activity | URL | |||
| 7713 | MALWARE-BACKDOOR Amitis v1.3 runtime detection - email notification (more info ...) | trojan-activity | URL | |||
| 7714 | MALWARE-BACKDOOR netdevil runtime detection - flowbit set 1 (more info ...) | trojan-activity | URL | |||
| 7717 | MALWARE-BACKDOOR snake trojan runtime detection (more info ...) | trojan-activity | URL | |||
| 7718 | MALWARE-BACKDOOR dameware mini remote control runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7719 | MALWARE-BACKDOOR dameware mini remote control runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7721 | MALWARE-BACKDOOR prorat 1.9 initial connection detection (more info ...) | trojan-activity | URL | |||
| 7723 | MALWARE-BACKDOOR wollf runtime detection (more info ...) | trojan-activity | URL | |||
| 7724 | MALWARE-BACKDOOR reversable ver1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7726 | MALWARE-BACKDOOR reversable ver1.0 runtime detection - execute command - flowbit set (more info ...) | trojan-activity | ||||
| 7727 | MALWARE-BACKDOOR reversable ver1.0 runtime detection - execute command (more info ...) | trojan-activity | URL | |||
| 7728 | MALWARE-BACKDOOR radmin runtime detection - client-to-server (more info ...) | trojan-activity | URL | |||
| 7729 | MALWARE-BACKDOOR radmin runtime detection - server-to-client (more info ...) | trojan-activity | URL | |||
| 7730 | MALWARE-BACKDOOR outbreak_0.2.7 runtime detection - reverse connection (more info ...) | trojan-activity | URL | |||
| 7731 | MALWARE-BACKDOOR outbreak_0.2.7 runtime detection - ring server-to-client (more info ...) | trojan-activity | URL | |||
| 7732 | MALWARE-BACKDOOR outbreak_0.2.7 runtime detection - ring client-to-server (more info ...) | trojan-activity | URL | |||
| 7733 | MALWARE-BACKDOOR outbreak_0.2.7 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7734 | MALWARE-BACKDOOR bionet 4.05 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | URL | |||
| 7735 | MALWARE-BACKDOOR bionet 4.05 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7738 | MALWARE-BACKDOOR alexmessomalex runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7739 | MALWARE-BACKDOOR alexmessomalex runtime detection - grab (more info ...) | trojan-activity | URL | |||
| 7740 | MALWARE-BACKDOOR nova 1.0 runtime detection - initial connection with pwd set - flowbit set (more info ...) | trojan-activity | URL | |||
| 7741 | MALWARE-BACKDOOR nova 1.0 runtime detection - initial connection with pwd set (more info ...) | trojan-activity | URL | |||
| 7744 | MALWARE-BACKDOOR phoenix 2.1 runtime detection - flowbit set (more info ...) | trojan-activity | ||||
| 7745 | MALWARE-BACKDOOR phoenix 2.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 7746 | MALWARE-BACKDOOR bobo 1.0 runtime detection - initial connection - flowbit set (more info ...) | trojan-activity | ||||
| 7747 | MALWARE-BACKDOOR bobo 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7748 | MALWARE-BACKDOOR bobo 1.0 runtime detection - send message - flowbit set (more info ...) | trojan-activity | ||||
| 7749 | MALWARE-BACKDOOR bobo 1.0 runtime detection - send message (more info ...) | trojan-activity | URL | |||
| 7753 | MALWARE-BACKDOOR buschtrommel 1.22 runtime detection - spy function - flowbit set 1 (more info ...) | trojan-activity | ||||
| 7754 | MALWARE-BACKDOOR buschtrommel 1.22 runtime detection - spy function - flowbit set 2 (more info ...) | trojan-activity | ||||
| 7755 | MALWARE-BACKDOOR buschtrommel 1.22 runtime detection - spy function (more info ...) | trojan-activity | URL | |||
| 7758 | MALWARE-BACKDOOR glacier runtime detection - initial connection and directory browse (more info ...) | trojan-activity | URL | |||
| 7759 | MALWARE-BACKDOOR glacier runtime detection - screen capture (more info ...) | trojan-activity | URL | |||
| 7763 | MALWARE-BACKDOOR nt remote controller 2000 runtime detection - services client-to-server (more info ...) | trojan-activity | URL | |||
| 7764 | MALWARE-BACKDOOR nt remote controller 2000 runtime detection - sysinfo client-to-server (more info ...) | trojan-activity | URL | |||
| 7765 | MALWARE-BACKDOOR nt remote controller 2000 runtime detection - sysinfo server-to-client (more info ...) | trojan-activity | URL | |||
| 7766 | MALWARE-BACKDOOR nt remote controller 2000 runtime detection - foldermonitor client-to-server (more info ...) | trojan-activity | URL | |||
| 7767 | MALWARE-BACKDOOR nt remote controller 2000 runtime detection - foldermonitor server-to-client (more info ...) | trojan-activity | URL | |||
| 7769 | MALWARE-BACKDOOR data rape runtime detection - execute program server-to-client (more info ...) | trojan-activity | URL | |||
| 7770 | MALWARE-BACKDOOR messiah 4.0 runtime detection - get server info - flowbit set (more info ...) | trojan-activity | ||||
| 7771 | MALWARE-BACKDOOR messiah 4.0 runtime detection - get server info (more info ...) | trojan-activity | URL | |||
| 7772 | MALWARE-BACKDOOR messiah 4.0 runtime detection - enable keylogger - flowbit set (more info ...) | trojan-activity | URL | |||
| 7773 | MALWARE-BACKDOOR messiah 4.0 runtime detection - enable keylogger (more info ...) | trojan-activity | URL | |||
| 7774 | MALWARE-BACKDOOR messiah 4.0 runtime detection - screen capture - flowbit set (more info ...) | trojan-activity | ||||
| 7775 | MALWARE-BACKDOOR messiah 4.0 runtime detection - screen capture (more info ...) | trojan-activity | URL | |||
| 7776 | MALWARE-BACKDOOR messiah 4.0 runtime detection - get drives - flowbit set (more info ...) | trojan-activity | ||||
| 7777 | MALWARE-BACKDOOR messiah 4.0 runtime detection - get drives (more info ...) | trojan-activity | URL | |||
| 7778 | MALWARE-BACKDOOR elfrat runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7782 | MALWARE-BACKDOOR netdevil runtime detection - file manager - flowbit set (more info ...) | trojan-activity | URL | |||
| 7783 | MALWARE-BACKDOOR netdevil runtime detection - file manager (more info ...) | trojan-activity | URL | |||
| 7788 | MALWARE-BACKDOOR forced control uploader runtime detection directory listing - client to server (more info ...) | trojan-activity | ||||
| 7789 | MALWARE-BACKDOOR forced control uploader runtime detection directory listing - server to client (more info ...) | trojan-activity | ||||
| 7791 | MALWARE-BACKDOOR remote anything 5.11.22 runtime detection - victim response (more info ...) | trojan-activity | URL | |||
| 7792 | MALWARE-BACKDOOR remote anything 5.11.22 runtime detection - chat with victim (more info ...) | trojan-activity | URL | |||
| 7793 | MALWARE-BACKDOOR remote anything 5.11.22 runtime detection - chat with attacker (more info ...) | trojan-activity | URL | |||
| 7794 | MALWARE-BACKDOOR fraggle rock 2.0 lite runtime detection - pc info - flowbit set (more info ...) | trojan-activity | URL | |||
| 7795 | MALWARE-BACKDOOR incommand 1.7 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 7796 | MALWARE-BACKDOOR incommand 1.7 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 7797 | MALWARE-BACKDOOR incommand 1.7 runtime detection - file manage 1 (more info ...) | trojan-activity | ||||
| 7798 | MALWARE-BACKDOOR incommand 1.7 runtime detection - file manage 1 (more info ...) | trojan-activity | URL | |||
| 7799 | MALWARE-BACKDOOR incommand 1.7 runtime detection - file manage 2 (more info ...) | trojan-activity | ||||
| 7800 | MALWARE-BACKDOOR incommand 1.7 runtime detection - file manage 2 (more info ...) | trojan-activity | URL | |||
| 7801 | MALWARE-BACKDOOR portal of doom runtime detection - udp cts (more info ...) | trojan-activity | URL | |||
| 7802 | MALWARE-BACKDOOR portal of doom runtime detection - udp stc (more info ...) | trojan-activity | URL | |||
| 7803 | MALWARE-BACKDOOR war trojan ver1.0 runtime detection - send messages (more info ...) | trojan-activity | URL | |||
| 7804 | MALWARE-BACKDOOR war trojan ver1.0 runtime detection - disable ctrl+alt+del (more info ...) | trojan-activity | URL | |||
| 7805 | MALWARE-CNC war trojan ver1.0 variant outbound connection ie hijacker (more info ...) | trojan-activity | URL | |||
| 7806 | MALWARE-BACKDOOR fatal wound 1.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 7807 | MALWARE-BACKDOOR fatal wound 1.0 runtime detection - execute file (more info ...) | trojan-activity | URL | |||
| 7808 | MALWARE-BACKDOOR fatal wound 1.0 runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 7809 | MALWARE-BACKDOOR fatal wound 1.0 runtime detection - upload (more info ...) | trojan-activity | URL | |||
| 7810 | MALWARE-BACKDOOR nuclear uploader 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 7811 | MALWARE-BACKDOOR abacab runtime detection - telnet initial (more info ...) | trojan-activity | URL | |||
| 7812 | MALWARE-BACKDOOR abacab runtime detection - banner (more info ...) | trojan-activity | URL | |||
| 7813 | MALWARE-BACKDOOR darkmoon initial connection detection - cts (more info ...) | trojan-activity | URL | |||
| 7814 | MALWARE-BACKDOOR darkmoon initial connection detection - stc (more info ...) | trojan-activity | URL | |||
| 7815 | MALWARE-BACKDOOR darkmoon reverse connection detection - stc (more info ...) | trojan-activity | URL | |||
| 7816 | MALWARE-BACKDOOR darkmoon reverse connection detection - cts (more info ...) | trojan-activity | URL | |||
| 7817 | MALWARE-BACKDOOR infector v1.0 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 7818 | MALWARE-BACKDOOR infector v1.0 runtime detection - init conn (more info ...) | trojan-activity | URL | |||
| 7821 | MALWARE-BACKDOOR nightcreature beta 0.01 runtime detection (more info ...) | trojan-activity | URL | |||
| 7822 | MALWARE-BACKDOOR xbkdr runtime detection (more info ...) | trojan-activity | URL | |||
| 7823 | PUA-ADWARE Adware whenu runtime detection - datachunksgz (more info ...) | misc-activity | URL | |||
| 7824 | PUA-ADWARE Trickler whenu.clocksync outbound connection (more info ...) | misc-activity | URL | |||
| 7825 | PUA-ADWARE Adware whenu.savenow runtime detection (more info ...) | misc-activity | URL | |||
| 7826 | PUA-ADWARE Trickler whenu.weathercast outbound connection - check (more info ...) | misc-activity | URL | |||
| 7827 | PUA-ADWARE Adware whenu runtime detection - search request 1 (more info ...) | misc-activity | URL | |||
| 7828 | PUA-ADWARE Adware whenu runtime detection - search request 2 (more info ...) | misc-activity | URL | |||
| 7829 | PUA-ADWARE Adware gator user-agent detected (more info ...) | misc-activity | URL | |||
| 7830 | PUA-ADWARE Botnet dacryptic outbound connection (more info ...) | trojan-activity | URL | |||
| 7831 | PUA-ADWARE Adware downloadplus runtime detection (more info ...) | misc-activity | URL | |||
| 7832 | MALWARE-CNC User-Agent known malicious user agent - Navhelper (more info ...) | misc-activity | URL | |||
| 7834 | MALWARE-TOOLS Hacker-Tool nettracker runtime detection - report browsing (more info ...) | misc-activity | ||||
| 7835 | MALWARE-TOOLS Hacker-Tool nettracker runtime detection - report browsing (more info ...) | misc-activity | URL | |||
| 7836 | MALWARE-TOOLS Hacker-Tool nettracker runtime detection - report send through email (more info ...) | misc-activity | URL | |||
| 7837 | MALWARE-OTHER Keylogger spyoutside runtime detection - email delivery (more info ...) | successful-recon-limited | URL | |||
| 7838 | PUA-ADWARE Adware smiley central runtime detection (more info ...) | misc-activity | URL | |||
| 7839 | PUA-TOOLBARS Hijacker rx toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 7840 | PUA-TOOLBARS Hijacker instafinder initial configuration detection (more info ...) | misc-activity | URL | |||
| 7841 | PUA-ADWARE Hijacker instafinder error redirect detection (more info ...) | misc-activity | URL | |||
| 7842 | MALWARE-TOOLS Hacker-Tool davps runtime detection (more info ...) | misc-activity | URL | |||
| 7843 | PUA-ADWARE Hijacker avenuemedia.dyfuca outbound connection - search engine hijack (more info ...) | misc-activity | URL | |||
| 7844 | PUA-ADWARE Hijacker avenuemedia.dyfuca outbound connection - post data (more info ...) | misc-activity | URL | |||
| 7845 | MALWARE-OTHER Keylogger clogger 1.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7846 | MALWARE-OTHER Keylogger clogger 1.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7847 | MALWARE-OTHER Keylogger clogger 1.0 runtime detection - send log through email (more info ...) | successful-recon-limited | URL | |||
| 7848 | PUA-TOOLBARS Hijacker netguide runtime detection (more info ...) | misc-activity | URL | |||
| 7849 | PUA-TOOLBARS Trickler maxsearch runtime detection - toolbar download (more info ...) | misc-activity | URL | |||
| 7850 | PUA-ADWARE Trickler maxsearch outbound connection - retrieve command (more info ...) | misc-activity | URL | |||
| 7851 | PUA-ADWARE Trickler maxsearch outbound connection - ack (more info ...) | misc-activity | URL | |||
| 7852 | PUA-ADWARE Trickler maxsearch outbound connection - advertisement (more info ...) | misc-activity | URL | |||
| 7853 | PUA-ADWARE Adware web-nexus runtime detection - ad url 1 (more info ...) | misc-activity | URL | |||
| 7854 | PUA-ADWARE Adware web-nexus runtime detection - config retrieval (more info ...) | misc-activity | URL | |||
| 7855 | PUA-ADWARE Adware web-nexus runtime detection - ad url 2 (more info ...) | misc-activity | URL | |||
| 7857 | MALWARE-OTHER Keylogger EliteKeylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 7858 | PUA-TOOLBARS Google Desktop initial install - firstuse request (more info ...) | policy-violation | ||||
| 7860 | PUA-TOOLBARS Google Desktop search query (more info ...) | policy-violation | ||||
| 7861 | APP-DETECT Google Desktop activity (more info ...) | policy-violation | ||||
| 8056 | SERVER-OTHER ISC DHCP server 2 client_id length denial of service attempt (more info ...) | attempted-dos | 2006-3122 | URL | ||
| 8060 | SERVER-OTHER UltraVNC VNCLog buffer overflow (more info ...) | attempted-admin | 2006-1652 | 17378 | ||
| 8071 | PUA-ADWARE Hijacker findthewebsiteyouneed outbound connection - search hijack (more info ...) | misc-activity | URL | |||
| 8072 | PUA-ADWARE Hijacker findthewebsiteyouneed outbound connection - surf monitor (more info ...) | misc-activity | URL | |||
| 8073 | PUA-TOOLBARS Adware zango toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 8074 | MALWARE-BACKDOOR mithril runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 8075 | MALWARE-BACKDOOR mithril runtime detection - get system information (more info ...) | trojan-activity | URL | |||
| 8076 | MALWARE-BACKDOOR mithril runtime detection - get system information (more info ...) | trojan-activity | URL | |||
| 8077 | MALWARE-BACKDOOR mithril runtime detection - get process list (more info ...) | trojan-activity | URL | |||
| 8078 | MALWARE-BACKDOOR mithril runtime detection - get process list (more info ...) | trojan-activity | URL | |||
| 8079 | MALWARE-BACKDOOR x2a runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 8080 | MALWARE-CNC x2a variant outbound connection client update (more info ...) | trojan-activity | URL | |||
| 8085 | SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (more info ...) | attempted-admin | 2005-2773 | 14662 | ||
| 8086 | SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (more info ...) | attempted-admin | 2005-2773 | 14662 | ||
| 8087 | SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (more info ...) | attempted-admin | 2005-2773 | 14662 | ||
| 8088 | SERVER-WEBAPP HP OpenView Network Node Manager connectedNodes.ovpl command injection attempt (more info ...) | attempted-admin | 2005-2773 | 14662 | ||
| 8089 | SERVER-WEBAPP HP OpenView Network Node Manager cdpView.ovpl command injection attempt (more info ...) | attempted-admin | 2005-2773 | 14662 | ||
| 8090 | SERVER-WEBAPP HP OpenView Network Node Manager freeIPaddrs.ovpl command injection attempt (more info ...) | attempted-admin | 2005-2773 | 14662 | ||
| 8352 | PUA-ADWARE Adware desktopmedia runtime detection - ads popup (more info ...) | misc-activity | URL | |||
| 8353 | PUA-ADWARE Adware desktopmedia runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 8354 | PUA-ADWARE Adware desktopmedia runtime detection - surf monitoring (more info ...) | misc-activity | URL | |||
| 8355 | MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 8356 | MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection - send log out through email (more info ...) | successful-recon-limited | URL | |||
| 8357 | MALWARE-OTHER Keylogger spybuddy 3.72 runtime detection - send alert out through email (more info ...) | successful-recon-limited | URL | |||
| 8359 | PUA-ADWARE Hijacker yok supersearch outbound connection - target website display (more info ...) | misc-activity | URL | |||
| 8360 | PUA-ADWARE Hijacker yok supersearch outbound connection - search info collect (more info ...) | misc-activity | URL | |||
| 8361 | MALWARE-BACKDOOR black curse 4.0 runtime detection - inverse init connection (more info ...) | trojan-activity | URL | |||
| 8362 | MALWARE-BACKDOOR black curse 4.0 runtime detection - normal init connection (more info ...) | trojan-activity | URL | |||
| 8413 | FILE-OTHER HCP URI uplddrvinfo access (more info ...) | misc-activity | 2002-0974 | 5478 | URL | |
| 8444 | SERVER-WEBAPP Trend Micro atxconsole format string server response attempt (more info ...) | attempted-user | 2006-5157 | 20284 | ||
| 8461 | MALWARE-OTHER Trackware duduaccelerator runtime detection - send userinfo (more info ...) | successful-recon-limited | URL | |||
| 8462 | MALWARE-OTHER Trackware duduaccelerator runtime detection - trace info downloaded (more info ...) | successful-recon-limited | URL | |||
| 8463 | MALWARE-OTHER Trackware duduaccelerator runtime detection - trace login info (more info ...) | successful-recon-limited | URL | |||
| 8464 | PUA-ADWARE Adware henbang runtime detection (more info ...) | misc-activity | URL | |||
| 8465 | MALWARE-OTHER Keylogger netobserve runtime detection - email notification (more info ...) | successful-recon-limited | URL | |||
| 8466 | MALWARE-OTHER Keylogger netobserve runtime detection - email notification (more info ...) | successful-recon-limited | URL | |||
| 8467 | MALWARE-OTHER Keylogger netobserve runtime detection - remote login response (more info ...) | successful-recon-limited | URL | |||
| 8468 | PUA-ADWARE Hijacker accoona outbound connection - collect info (more info ...) | misc-activity | URL | |||
| 8469 | PUA-ADWARE Hijacker accoona outbound connection - open sidebar search url (more info ...) | misc-activity | URL | |||
| 8482 | POLICY-SOCIAL Xfire session initiated (more info ...) | policy-violation | URL | |||
| 8483 | POLICY-SOCIAL Xfire login attempted (more info ...) | policy-violation | URL | |||
| 8484 | POLICY-SOCIAL Xfire login successful (more info ...) | policy-violation | URL | |||
| 8541 | SERVER-ORACLE sdo_cs.transform_layer buffer overflow attempt (more info ...) | attempted-user | 2006-5372 | 20588 | URL | |
| 8542 | MALWARE-OTHER Trackware deluxecommunications runtime detection - collect info (more info ...) | successful-recon-limited | URL | |||
| 8543 | MALWARE-OTHER Trackware deluxecommunications runtime detection - display popup ads (more info ...) | successful-recon-limited | URL | |||
| 8545 | PUA-ADWARE Adware roogoo runtime detection - surfing monitor (more info ...) | misc-activity | URL | |||
| 8546 | PUA-ADWARE Adware roogoo runtime detection - show ads (more info ...) | misc-activity | URL | |||
| 8547 | MALWARE-BACKDOOR zzmm 2.0 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 8548 | MALWARE-BACKDOOR zzmm 2.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 8549 | MALWARE-BACKDOOR zxshell runtime detection - setting information retrieve (more info ...) | trojan-activity | URL | |||
| 8550 | SERVER-ORACLE dbms_mview.register_mview buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 8551 | SERVER-ORACLE dbms_mview.unregister_mview buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 8704 | SERVER-MAIL Yahoo YPOPS Banner (more info ...) | not-suspicious | ||||
| 8705 | SERVER-MAIL Yahoo YPOPS buffer overflow attempt (more info ...) | attempted-admin | 2004-1558 | 11256 | ||
| 8706 | SERVER-MAIL YPOPS buffer overflow attempt (more info ...) | attempted-admin | 2004-1558 | 11256 | ||
| 8712 | SERVER-WEBAPP cacti graph_image arbitrary command execution attempt (more info ...) | web-application-attack | 2005-1524 | 14129 | ||
| 8729 | SERVER-OTHER Shixxnote font buffer overflow attempt (more info ...) | attempted-user | 2004-1595 | 11409 | ||
| 9324 | POLICY-OTHER TOR traffic anonymizer server request (more info ...) | policy-violation | ||||
| 9325 | SERVER-OTHER Citrix IMA DOS event data length denial of service attempt (more info ...) | denial-of-service | 2006-5861 | 20986 | ||
| 9339 | MALWARE-OTHER klez.g web propagation detection (more info ...) | trojan-activity | URL | |||
| 9340 | MALWARE-OTHER klez.i web propagation detection (more info ...) | trojan-activity | URL | |||
| 9346 | MALWARE-OTHER klez.b web propagation detection (more info ...) | trojan-activity | URL | |||
| 9347 | MALWARE-OTHER klez.b netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9351 | MALWARE-OTHER lovgate.a netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9353 | MALWARE-OTHER deborm.x netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9354 | MALWARE-OTHER deborm.y netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9355 | MALWARE-OTHER deborm.u netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9356 | MALWARE-OTHER deborm.q netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9357 | MALWARE-OTHER deborm.r netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9363 | MALWARE-OTHER klez.d web propagation detection (more info ...) | trojan-activity | URL | |||
| 9364 | MALWARE-OTHER klez.e web propagation detection (more info ...) | trojan-activity | URL | |||
| 9387 | MALWARE-OTHER klez.j web propagation detection (more info ...) | trojan-activity | URL | |||
| 9390 | MALWARE-OTHER deborm.d netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9395 | MALWARE-OTHER deborm.j netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9396 | MALWARE-OTHER deborm.t netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9401 | MALWARE-OTHER gokar http propagation detection (more info ...) | trojan-activity | URL | |||
| 9407 | MALWARE-OTHER lovgate.b netshare propagation detection (more info ...) | trojan-activity | URL | |||
| 9412 | MALWARE-OTHER sinmsn.b msn propagation detection (more info ...) | trojan-activity | URL | |||
| 9418 | MALWARE-CNC bagle.a http notification detection (more info ...) | trojan-activity | URL | |||
| 9419 | MALWARE-OTHER sasser attempt (more info ...) | trojan-activity | 2003-0533 | 10108 | 12205 | URL |
| 9420 | MALWARE-OTHER korgo attempt (more info ...) | trojan-activity | 2003-0533 | 10108 | 12205 | URL |
| 9424 | MALWARE-OTHER /winnt/explorer.exe unicode klez infection (more info ...) | trojan-activity | ||||
| 9425 | MALWARE-OTHER netsky attachment (more info ...) | trojan-activity | ||||
| 9426 | MALWARE-OTHER mydoom.ap attachment (more info ...) | trojan-activity | ||||
| 9434 | FILE-OTHER Ultravox-Max-Msg header integer overflow attempt (more info ...) | attempted-user | 2006-5567 | 20744 | URL | |
| 9619 | FILE-OTHER Gnu gv buffer overflow attempt (more info ...) | attempted-user | 2006-5864 | 20978 | ||
| 9620 | SERVER-WEBAPP Pajax call_dispatcher remote code execution attempt (more info ...) | attempted-admin | 2006-1551 | 17519 | ||
| 9622 | SERVER-OTHER Spiffit UDP denial of service attempt (more info ...) | attempted-dos | 1999-0194 | |||
| 9644 | PUA-ADWARE Adware imnames runtime detection (more info ...) | misc-activity | URL | |||
| 9646 | PUA-TOOLBARS Hijacker sogou runtime detection - search through sogou toolbar (more info ...) | misc-activity | URL | |||
| 9647 | MALWARE-OTHER Keylogger system surveillance pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9648 | MALWARE-OTHER Keylogger emailspypro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9649 | MALWARE-OTHER Keylogger ghost Keylogger runtime detection - flowbit set (more info ...) | successful-recon-limited | URL | |||
| 9650 | MALWARE-OTHER Keylogger ghost Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9651 | PUA-ADWARE Hijacker ricercadoppia outbound connection (more info ...) | misc-activity | URL | |||
| 9652 | PUA-ADWARE Hijacker oemji bar outbound connection (more info ...) | misc-activity | URL | |||
| 9654 | MALWARE-BACKDOOR apofis 1.0 runtime detection - remote controlling (more info ...) | trojan-activity | ||||
| 9655 | MALWARE-BACKDOOR apofis 1.0 runtime detection - remote controlling (more info ...) | trojan-activity | URL | |||
| 9656 | MALWARE-BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9657 | MALWARE-BACKDOOR bersek 1.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 9658 | MALWARE-BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9659 | MALWARE-BACKDOOR bersek 1.0 runtime detection - file manage (more info ...) | trojan-activity | URL | |||
| 9660 | MALWARE-BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9661 | MALWARE-BACKDOOR bersek 1.0 runtime detection - show processes (more info ...) | trojan-activity | URL | |||
| 9662 | MALWARE-BACKDOOR bersek 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 9663 | MALWARE-BACKDOOR bersek 1.0 runtime detection - start remote shell (more info ...) | trojan-activity | URL | |||
| 9664 | MALWARE-BACKDOOR crossbow 1.12 runtime detection (more info ...) | trojan-activity | ||||
| 9665 | MALWARE-BACKDOOR crossbow 1.12 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 9666 | MALWARE-BACKDOOR superra runtime detection - success init connection (more info ...) | trojan-activity | ||||
| 9667 | MALWARE-BACKDOOR superra runtime detection - issue remote control command (more info ...) | trojan-activity | ||||
| 9790 | SERVER-OTHER HP-UX lpd command execution attempt (more info ...) | attempted-admin | 2005-3277 | 15136 | ||
| 9791 | SERVER-WEBAPP .cmd? access (more info ...) | web-application-activity | 2019-0232 | 4335 | ||
| 9813 | SERVER-OTHER Symantec NetBackup connect_options buffer overflow attempt (more info ...) | attempted-admin | 2006-5822 | 21565 | ||
| 9830 | MALWARE-OTHER Keylogger supreme spy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 9831 | PUA-ADWARE Adware u88 runtime detection (more info ...) | misc-activity | URL | |||
| 9832 | MALWARE-BACKDOOR ieva 1.0 runtime detection - send message (more info ...) | trojan-activity | URL | |||
| 9833 | MALWARE-BACKDOOR ieva 1.0 runtime detection - fake delete harddisk message (more info ...) | trojan-activity | URL | |||
| 9834 | MALWARE-BACKDOOR ieva 1.0 runtime detection - black screen (more info ...) | trojan-activity | URL | |||
| 9835 | MALWARE-BACKDOOR ieva 1.0 runtime detection - swap mouse (more info ...) | trojan-activity | URL | |||
| 9836 | MALWARE-BACKDOOR ieva 1.0 runtime detection - crazy mouse (more info ...) | trojan-activity | URL | |||
| 9837 | MALWARE-BACKDOOR sun shadow 1.70 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 9838 | MALWARE-BACKDOOR sun shadow 1.70 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 9839 | MALWARE-BACKDOOR sun shadow 1.70 runtime detection - keep alive (more info ...) | trojan-activity | URL | |||
| 9844 | FILE-MULTIMEDIA VLC Media Player udp URI format string attempt (more info ...) | attempted-user | 2007-0017 | 21852 | URL | |
| 10064 | SERVER-OTHER Peercast URL Parameter overflow attempt (more info ...) | attempted-user | 2006-1148 | 17040 | ||
| 10090 | PUA-ADWARE Trickler zango easymessenger outbound connection (more info ...) | misc-activity | URL | |||
| 10091 | MALWARE-TOOLS Hacker-Tool spylply.a runtime detection (more info ...) | misc-activity | URL | |||
| 10092 | MALWARE-OTHER Trackware russian searchbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10093 | PUA-TOOLBARS Hijacker kuaiso toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 10094 | PUA-ADWARE Adware borlan runtime detection (more info ...) | misc-activity | URL | |||
| 10095 | MALWARE-OTHER Trackware bydou runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10096 | MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection - keylog (more info ...) | successful-recon-limited | URL | |||
| 10097 | MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10098 | MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection - get system info (more info ...) | successful-recon-limited | URL | |||
| 10099 | MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10100 | MALWARE-OTHER Keylogger win32.remotekeylog.b runtime detection - open website (more info ...) | successful-recon-limited | URL | |||
| 10101 | MALWARE-BACKDOOR crossfires trojan 3.0 runtime detection - delete file (more info ...) | trojan-activity | URL | |||
| 10102 | MALWARE-BACKDOOR crossfires trojan 3.0 runtime detection - chat with victim (more info ...) | trojan-activity | URL | |||
| 10103 | MALWARE-BACKDOOR hav-rat 1.1 runtime detection (more info ...) | trojan-activity | ||||
| 10104 | MALWARE-BACKDOOR hav-rat 1.1 runtime detection (more info ...) | trojan-activity | ||||
| 10105 | MALWARE-BACKDOOR hav-rat 1.1 runtime detection - retrieve pc info (more info ...) | trojan-activity | URL | |||
| 10109 | MALWARE-BACKDOOR k-msnrat 1.0.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10110 | MALWARE-BACKDOOR poison ivy 2.1.2 runtime detection (more info ...) | trojan-activity | ||||
| 10111 | MALWARE-BACKDOOR poison ivy 2.1.2 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10112 | MALWARE-BACKDOOR rix3 1.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10113 | MALWARE-CNC Win.Trojan.Peacomm command and control propagation detected (more info ...) | trojan-activity | ||||
| 10114 | MALWARE-CNC Win.Trojan.Peacomm command and control propagation detected (more info ...) | trojan-activity | ||||
| 10124 | PROTOCOL-VOIP PA168 chipset based IP phone authentication bypass (more info ...) | attempted-admin | 2007-0528 | 22191 | URL | |
| 10125 | SERVER-OTHER bomberclone buffer overflow attempt (more info ...) | attempted-user | 2006-0460 | 16697 | ||
| 10164 | PUA-ADWARE Adware adclicker-ej runtime detection (more info ...) | misc-activity | URL | |||
| 10165 | MALWARE-OTHER Keylogger mybr Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10166 | MALWARE-OTHER Trackware baigoo runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10167 | MALWARE-OTHER Keylogger radar spy 1.0 runtime detection - send html log (more info ...) | successful-recon-limited | URL | |||
| 10168 | MALWARE-BACKDOOR one runtime detection (more info ...) | trojan-activity | URL | |||
| 10169 | MALWARE-BACKDOOR matrix 1.03 by mtronic runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10172 | SERVER-WEBAPP uTorrent announce buffer overflow attempt (more info ...) | attempted-user | 2007-0927 | 22530 | ||
| 10179 | MALWARE-CNC User-Agent known malicious user agent - BysooTB (more info ...) | successful-recon-limited | URL | |||
| 10180 | PUA-TOOLBARS Adware eqiso runtime detection (more info ...) | misc-activity | URL | |||
| 10181 | MALWARE-OTHER Keylogger systemsleuth runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10182 | PUA-ADWARE Adware newweb runtime detection (more info ...) | misc-activity | URL | |||
| 10183 | MALWARE-OTHER Keylogger activity Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10184 | MALWARE-BACKDOOR wow 23 runtime detection (more info ...) | trojan-activity | URL | |||
| 10186 | SERVER-MAIL ClamAV mime parsing directory traversal (more info ...) | attempted-user | 2007-0898 | 22581 | URL | |
| 10195 | SERVER-WEBAPP Content-Length buffer overflow attempt (more info ...) | attempted-admin | 2007-1260 | URL | ||
| 10403 | MALWARE-CNC Win.Trojan.Duntek Checkin GET Request (more info ...) | trojan-activity | URL | |||
| 10435 | MALWARE-OTHER Trackware admedia runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10436 | MALWARE-OTHER Keylogger keyspy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 10437 | PUA-ADWARE Hijacker bazookabar outbound connection (more info ...) | misc-activity | URL | |||
| 10439 | PUA-ADWARE Adware mokead runtime detection (more info ...) | misc-activity | URL | |||
| 10441 | MALWARE-TOOLS Hacker-Tool statwin runtime detection (more info ...) | misc-activity | URL | |||
| 10442 | MALWARE-BACKDOOR nirvana 2.0 runtime detection - explore c drive (more info ...) | trojan-activity | URL | |||
| 10443 | MALWARE-BACKDOOR acidbattery 1.0 runtime detection - sniff info (more info ...) | trojan-activity | URL | |||
| 10446 | MALWARE-BACKDOOR acidbattery 1.0 runtime detection - get server info (more info ...) | trojan-activity | URL | |||
| 10447 | MALWARE-CNC 51d 1b variant outbound connection icq notification (more info ...) | trojan-activity | URL | |||
| 10448 | MALWARE-BACKDOOR acessor 2.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10449 | MALWARE-BACKDOOR acid shivers runtime detection - init telnet connection (more info ...) | trojan-activity | URL | |||
| 10450 | MALWARE-BACKDOOR only 1 rat runtime detection - control command (more info ...) | trojan-activity | ||||
| 10451 | MALWARE-BACKDOOR only 1 rat runtime detection - control command (more info ...) | trojan-activity | URL | |||
| 10454 | MALWARE-BACKDOOR [x]-ztoo 1.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10455 | MALWARE-BACKDOOR [x]-ztoo 1.0 runtime detection - get system info (more info ...) | trojan-activity | ||||
| 10456 | MALWARE-BACKDOOR [x]-ztoo 1.0 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 10457 | MALWARE-BACKDOOR [x]-ztoo 1.0 runtime detection - start keylogger (more info ...) | trojan-activity | URL | |||
| 10458 | MALWARE-BACKDOOR [x]-ztoo 1.0 or illusion runtime detection - open file manager (more info ...) | trojan-activity | URL | |||
| 10459 | MALWARE-BACKDOOR wineggdrop shell pro runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 10460 | MALWARE-BACKDOOR winicabras 1.1 runtime detection - get system info (more info ...) | trojan-activity | ||||
| 10461 | MALWARE-BACKDOOR winicabras 1.1 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 10462 | MALWARE-BACKDOOR winicabras 1.1 runtime detection - explorer (more info ...) | trojan-activity | ||||
| 10463 | MALWARE-BACKDOOR winicabras 1.1 runtime detection - explorer (more info ...) | trojan-activity | URL | |||
| 10480 | SERVER-OTHER imail ldap buffer overflow exploit attempt (more info ...) | attempted-admin | 2004-0297 | URL | ||
| 10504 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 10505 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 10990 | SERVER-WEBAPP encoded cross site scripting HTML Image tag attempt (more info ...) | web-application-attack | 2002-0840 | 5847 | ||
| 10997 | SERVER-WEBAPP SSLv2 OpenSSl KEY_ARG buffer overflow attempt (more info ...) | misc-attack | 2002-0656 | 5362 | ||
| 10999 | SERVER-WEBAPP chetcpasswd access (more info ...) | web-application-activity | 2006-6679 | 6472 | ||
| 11175 | SERVER-ORACLE dbms_cdc_ipublish.chgtab_cache buffer overflow attempt (more info ...) | attempted-user | 2007-2126 | 23532 | ||
| 11185 | SERVER-OTHER CA eTrust key handling dos via username attempt (more info ...) | denial-of-service | 2007-1005 | 22743 | ||
| 11203 | SERVER-ORACLE sys.dbms_apply_user_agent.set_registration_handler access attempt (more info ...) | attempted-user | URL | |||
| 11205 | SERVER-ORACLE sys.dbms_upgrade_internal access attempt (more info ...) | attempted-user | URL | |||
| 11223 | SERVER-WEBAPP google proxystylesheet arbitrary command execution attempt (more info ...) | web-application-attack | 2005-3757 | 15509 | URL | |
| 11266 | SERVER-OTHER Kerio Personal Firewall authentication buffer overflow attempt (more info ...) | attempted-admin | 2003-0220 | 7180 | ||
| 11306 | PUA-ADWARE Snoopware childwebguardian outbound connection - udp broadcast (more info ...) | successful-recon-limited | URL | |||
| 11307 | MALWARE-OTHER Keylogger computer monitor Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 11308 | MALWARE-CNC User-Agent known malicious user agent - SpyDawn (more info ...) | misc-activity | URL | |||
| 11309 | MALWARE-OTHER Keylogger sskc v2.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 11310 | PUA-ADWARE Trickler iowa webdownloader - icq notification (more info ...) | misc-activity | URL | |||
| 11311 | MALWARE-OTHER Keylogger pcsentinelsoftware Keylogger runtime detection - upload infor (more info ...) | successful-recon-limited | URL | |||
| 11312 | MALWARE-OTHER Trackware uplink runtime detection (more info ...) | successful-recon-limited | URL | |||
| 11313 | MALWARE-CNC User-Agent known malicious user agent - Spy-Locked (more info ...) | misc-activity | URL | |||
| 11314 | MALWARE-BACKDOOR shadownet remote spy 2.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 11316 | MALWARE-BACKDOOR lurker 1.1 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 11317 | MALWARE-BACKDOOR abremote pro 3.1 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 11318 | MALWARE-BACKDOOR boer runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 11319 | MALWARE-BACKDOOR netwindow runtime detection - init connection request (more info ...) | trojan-activity | URL | |||
| 11320 | MALWARE-BACKDOOR netwindow runtime detection - reverse mode init connection request (more info ...) | trojan-activity | URL | |||
| 11321 | MALWARE-BACKDOOR netwindow runtime detection - udp broadcast (more info ...) | trojan-activity | URL | |||
| 11322 | MALWARE-BACKDOOR sohoanywhere runtime detection (more info ...) | trojan-activity | ||||
| 11323 | MALWARE-BACKDOOR sohoanywhere runtime detection (more info ...) | trojan-activity | URL | |||
| 11681 | SERVER-OTHER Openview Omni II command bypass attempt (more info ...) | attempted-admin | 2001-0311 | 11032 | ||
| 11682 | SERVER-OTHER niprint_lpd module attack attempt (more info ...) | attempted-admin | 2003-1141 | 8968 | ||
| 11948 | PUA-TOOLBARS Hijacker snap toolbar runtime detection - cookie (more info ...) | misc-activity | URL | |||
| 11949 | MALWARE-BACKDOOR lame rat v1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 11950 | MALWARE-CNC killav_gj (more info ...) | trojan-activity | URL | |||
| 11953 | MALWARE-BACKDOOR supervisor plus runtime detection (more info ...) | trojan-activity | ||||
| 11954 | MALWARE-BACKDOOR supervisor plus runtime detection (more info ...) | trojan-activity | URL | |||
| 11971 | PROTOCOL-VOIP CSeq buffer overflow attempt (more info ...) | attempted-dos | 2009-2726 | 36015 | 18986 | URL |
| 11972 | PROTOCOL-VOIP Max-Forwards value over 70 (more info ...) | misc-activity | URL | |||
| 11973 | PROTOCOL-VOIP Via header hostname buffer overflow attempt (more info ...) | attempted-user | 2007-3369 | 24542 | URL | |
| 11975 | PROTOCOL-VOIP Via header missing SIP field (more info ...) | misc-activity | URL | |||
| 11976 | PROTOCOL-VOIP SIP URI type overflow attempt (more info ...) | attempted-user | URL | |||
| 11977 | PROTOCOL-VOIP TEL URI type overflow attempt (more info ...) | attempted-user | URL | |||
| 11979 | PROTOCOL-VOIP Media header port field invalid value (more info ...) | attempted-user | URL | |||
| 11980 | PROTOCOL-VOIP Attribute header buffer overflow attempt (more info ...) | attempted-user | 2006-0189 | 16213 | URL | |
| 11982 | PROTOCOL-VOIP To header contains recursive URL-encoded data (more info ...) | attempted-dos | URL | |||
| 11983 | PROTOCOL-VOIP Time header contains negative value (more info ...) | attempted-user | URL | |||
| 11984 | PROTOCOL-VOIP Time header contains long value (more info ...) | attempted-user | URL | |||
| 11985 | PROTOCOL-VOIP Expires header overflow attempt (more info ...) | attempted-user | URL | |||
| 11986 | PROTOCOL-VOIP Authorization header invalid characters in response parameter (more info ...) | attempted-user | URL | |||
| 11987 | PROTOCOL-VOIP Via header format string attempt (more info ...) | attempted-dos | URL | |||
| 11988 | PROTOCOL-VOIP From header format string attempt (more info ...) | attempted-dos | URL | |||
| 11989 | PROTOCOL-VOIP Call-ID header format string attempt (more info ...) | attempted-dos | URL | |||
| 11990 | PROTOCOL-VOIP Contact header format string attempt (more info ...) | attempted-dos | URL | |||
| 11991 | PROTOCOL-VOIP CSeq header format string attempt (more info ...) | attempted-dos | URL | |||
| 11992 | PROTOCOL-VOIP Content-Type header format string attempt (more info ...) | attempted-dos | URL | |||
| 11993 | PROTOCOL-VOIP Call-ID header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 11994 | PROTOCOL-VOIP Contact header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 11995 | PROTOCOL-VOIP Content-Type header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 11996 | PROTOCOL-VOIP CSeq header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 11997 | PROTOCOL-VOIP From header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 11998 | PROTOCOL-VOIP To header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 11999 | PROTOCOL-VOIP Via header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 12001 | PROTOCOL-VOIP Version header overflow attempt (more info ...) | attempted-dos | URL | |||
| 12005 | PROTOCOL-VOIP Connection header invalid value (more info ...) | attempted-dos | URL | |||
| 12044 | SERVER-ORACLE Oracle Web Cache denial of service attempt (more info ...) | attempted-dos | 2002-0386 | 5902 | URL | |
| 12045 | SERVER-ORACLE Oracle Web Cache denial of service attempt (more info ...) | attempted-dos | 2002-0386 | 5902 | URL | |
| 12047 | PUA-ADWARE Adware yayad runtime detection (more info ...) | misc-activity | URL | |||
| 12048 | MALWARE-OTHER Keylogger computer Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12049 | MALWARE-OTHER Keylogger apophis spy 1.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12050 | PUA-TOOLBARS Hijacker ez-greets toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 12051 | MALWARE-BACKDOOR ultimate rat 2.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 12052 | MALWARE-BACKDOOR the[x] 1.2 runtime detection - execute command (more info ...) | trojan-activity | URL | |||
| 12053 | MALWARE-BACKDOOR trail of destruction 2.0 runtime detection - get system info (more info ...) | trojan-activity | URL | |||
| 12054 | MALWARE-BACKDOOR tron runtime detection - init connection - flowbit set (more info ...) | trojan-activity | ||||
| 12055 | MALWARE-BACKDOOR tron runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12057 | SERVER-WEBAPP Ipswitch WhatsUpGold configuration access (more info ...) | web-application-activity | 2004-0798 | 11109 | ||
| 12065 | POLICY-OTHER Outbound Teredo traffic detected (more info ...) | policy-violation | 2007-3038 | URL | ||
| 12066 | POLICY-OTHER Inbound Teredo traffic detected (more info ...) | policy-violation | 2007-3038 | URL | ||
| 12067 | POLICY-OTHER Outbound Teredo traffic detected (more info ...) | policy-violation | 2007-3038 | URL | ||
| 12068 | POLICY-OTHER Inbound Teredo traffic detected (more info ...) | policy-violation | 2007-3038 | URL | ||
| 12081 | SERVER-OTHER BakBone NetVault server heap overflow attempt (more info ...) | attempted-admin | 2005-1009 | 12967 | ||
| 12082 | SERVER-ORACLE Oracle 9i TNS denial of service attempt (more info ...) | attempted-dos | 2002-0509 | 4391 | ||
| 12112 | PROTOCOL-VOIP Sivus scanner detected (more info ...) | network-scan | URL | |||
| 12113 | PROTOCOL-VOIP SIP URI overflow attempt (more info ...) | misc-activity | URL | |||
| 12114 | SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12115 | SERVER-MAIL Ipswitch IMail search command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12120 | PUA-ADWARE Adware pprich runtime detection - version check (more info ...) | misc-activity | URL | |||
| 12121 | PUA-ADWARE Adware pprich runtime detection - udp info sent out (more info ...) | misc-activity | URL | |||
| 12122 | PUA-TOOLBARS Trackware spynova runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12123 | PUA-ADWARE Hijacker lookquick outbound connection - hijack ie (more info ...) | misc-activity | URL | |||
| 12124 | PUA-ADWARE Hijacker lookquick outbound connection - monitor and collect user info (more info ...) | misc-activity | URL | |||
| 12125 | PUA-TOOLBARS Trackware lookster toolbar runtime detection - hijack ie search assistant (more info ...) | successful-recon-limited | URL | |||
| 12126 | PUA-TOOLBARS Trackware lookster toolbar runtime detection - collect user information (more info ...) | successful-recon-limited | URL | |||
| 12127 | PUA-TOOLBARS Trackware lookster toolbar runtime detection - ads (more info ...) | successful-recon-limited | URL | |||
| 12128 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 12129 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - get sys info (more info ...) | successful-recon-limited | URL | |||
| 12130 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - get sys info (more info ...) | successful-recon-limited | URL | |||
| 12131 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - keylogging (more info ...) | successful-recon-limited | URL | |||
| 12132 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - keylogging (more info ...) | successful-recon-limited | URL | |||
| 12133 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - open url (more info ...) | successful-recon-limited | URL | |||
| 12134 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - open url (more info ...) | successful-recon-limited | URL | |||
| 12135 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - fun (more info ...) | successful-recon-limited | URL | |||
| 12136 | MALWARE-OTHER Keylogger remotekeylog.b runtime detection - fun (more info ...) | successful-recon-limited | URL | |||
| 12137 | MALWARE-OTHER Keylogger Keylogger king home 2.3 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12138 | PUA-ADWARE Adware zamingo runtime detection (more info ...) | misc-activity | URL | |||
| 12139 | MALWARE-OTHER Trackware stealth website logger 3.4 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12140 | PUA-ADWARE Hijacker cnnic update outbound connection (more info ...) | misc-activity | URL | |||
| 12141 | MALWARE-OTHER Keylogger logit v1.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12142 | MALWARE-BACKDOOR access remote pc runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12143 | MALWARE-BACKDOOR access remote pc runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12146 | MALWARE-BACKDOOR blue eye 1.0b runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12147 | MALWARE-BACKDOOR blue eye 1.0b runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12148 | MALWARE-BACKDOOR back orifice 2006 - v1.1.5 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12149 | MALWARE-BACKDOOR back orifice 2006 - v1.1.5 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12150 | MALWARE-BACKDOOR cafeini 1.0 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12151 | MALWARE-BACKDOOR cafeini 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 12152 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12153 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - download file (more info ...) | trojan-activity | ||||
| 12154 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - download file (more info ...) | trojan-activity | ||||
| 12155 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - download file (more info ...) | trojan-activity | URL | |||
| 12156 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - upload file (more info ...) | trojan-activity | ||||
| 12157 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - upload file (more info ...) | trojan-activity | ||||
| 12158 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - upload file (more info ...) | trojan-activity | URL | |||
| 12159 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - keylogging (more info ...) | trojan-activity | URL | |||
| 12160 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - screen capturing (more info ...) | trojan-activity | ||||
| 12161 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - screen capturing (more info ...) | trojan-activity | ||||
| 12162 | MALWARE-BACKDOOR optix pro v1.32 runtime detection - screen capturing (more info ...) | trojan-activity | URL | |||
| 12163 | MALWARE-BACKDOOR cobra uploader 1.0 runtime detection (more info ...) | trojan-activity | ||||
| 12164 | MALWARE-BACKDOOR cobra uploader 1.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 12165 | MALWARE-CNC lithium 1.02 variant outbound connection (more info ...) | trojan-activity | ||||
| 12166 | MALWARE-CNC lithium 1.02 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 12167 | PROTOCOL-VOIP SIP URI multiple at signs in message (more info ...) | misc-activity | URL | |||
| 12197 | SERVER-OTHER CA message queuing server buffer overflow attempt (more info ...) | attempted-admin | 2007-0060 | 25051 | URL | |
| 12199 | SERVER-OTHER RIM BlackBerry SRP negative string size (more info ...) | attempted-dos | 2005-2342 | 16100 | ||
| 12202 | SERVER-OTHER Ingres long message heap buffer overflow attempt (more info ...) | attempted-admin | 2007-3334 | |||
| 12209 | PUA-P2P P2PTv TVAnt udp traffic detected (more info ...) | policy-violation | ||||
| 12210 | PUA-P2P P2PTv TVAnts TCP tracker connect traffic detected (more info ...) | policy-violation | ||||
| 12211 | PUA-P2P P2PTv TVAnts TCP connection traffic detected (more info ...) | policy-violation | ||||
| 12212 | SERVER-MAIL Ipswitch IMail literal search date command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12213 | SERVER-MAIL Ipswitch IMail search date command buffer overflow attempt (more info ...) | attempted-admin | 2007-3925 | 24962 | URL | |
| 12216 | SERVER-OTHER Borland interbase Create Request opcode string length buffer overflow attempt (more info ...) | attempted-admin | 2007-3566 | 25048 | ||
| 12217 | SERVER-OTHER Borland interbase string length buffer overflow attempt (more info ...) | attempted-admin | 2007-3566 | 25048 | ||
| 12218 | SERVER-OTHER Borland interbase string length buffer overflow attempt (more info ...) | attempted-admin | 2007-3566 | 25048 | ||
| 12220 | SERVER-OTHER IBM Informix Dynamic Server long username buffer overflow attempt (more info ...) | attempted-admin | 2006-3854 | 19264 | ||
| 12221 | SERVER-WEBAPP file upload GLOBAL variable overwrite attempt (more info ...) | web-application-attack | 2005-3390 | 15250 | ||
| 12222 | SERVER-OTHER Squid proxy long WCCP packet (more info ...) | attempted-user | 2005-0211 | 12432 | ||
| 12224 | PUA-ADWARE Adware enbrowser snackman runtime detection (more info ...) | misc-activity | URL | |||
| 12225 | PUA-TOOLBARS Adware zango2007 toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 12226 | MALWARE-OTHER Keylogger overspy runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12227 | PUA-TOOLBARS Trackware snap ultrasearch/desktop toolbar runtime detection - search (more info ...) | successful-recon-limited | URL | |||
| 12228 | PUA-TOOLBARS Trackware snap ultrasearch/desktop toolbar runtime detection - cookie (more info ...) | successful-recon-limited | URL | |||
| 12229 | PUA-ADWARE Adware vroomsearch runtime detection (more info ...) | misc-activity | URL | |||
| 12230 | MALWARE-TOOLS Hacker-Tool hippynotify 2.0 runtime detection (more info ...) | misc-activity | URL | |||
| 12231 | PUA-ADWARE Adware vroomsearch runtime detection (more info ...) | misc-activity | URL | |||
| 12232 | PUA-ADWARE Adware errorsafe runtime detection (more info ...) | misc-activity | URL | |||
| 12239 | MALWARE-BACKDOOR webcenter v1.0 Backdoor - init connection (more info ...) | trojan-activity | URL | |||
| 12240 | MALWARE-BACKDOOR genie 1.7 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12241 | MALWARE-BACKDOOR genie 1.7 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12242 | MALWARE-BACKDOOR hotmail hacker log edition 5.0 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12243 | MALWARE-BACKDOOR hotmail hacker log edition 5.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12244 | MALWARE-BACKDOOR itadem trojan 3.0 runtime detection (more info ...) | trojan-activity | URL | |||
| 12245 | MALWARE-BACKDOOR furax 1.0 b3 runtime detection (more info ...) | trojan-activity | URL | |||
| 12255 | SERVER-WEBAPP CSGuestbook setup attempt (more info ...) | web-application-activity | 2002-1750 | 4448 | ||
| 12287 | PUA-TOOLBARS Hijacker scn toolbar runtime detection - ebrss request (more info ...) | misc-activity | URL | |||
| 12288 | PUA-TOOLBARS Hijacker scn toolbar runtime detection - hijack ie searches (more info ...) | misc-activity | URL | |||
| 12289 | PUA-TOOLBARS Hijacker scn toolbar runtime detection - get updates (more info ...) | misc-activity | URL | |||
| 12290 | PUA-ADWARE Hijacker newdotnet quick! search outbound connection (more info ...) | misc-activity | URL | |||
| 12291 | PUA-TOOLBARS Trackware vmn toolbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12292 | PUA-TOOLBARS Hijacker morpheus toolbar runtime detection - hijack/search (more info ...) | misc-activity | URL | |||
| 12293 | PUA-TOOLBARS Hijacker morpheus toolbar runtime detection - get cfg info (more info ...) | misc-activity | URL | |||
| 12294 | PUA-TOOLBARS Hijacker 3search runtime detection - counter (more info ...) | misc-activity | URL | |||
| 12295 | PUA-ADWARE Hijacker 3search outbound connection - hijacking (more info ...) | misc-activity | URL | |||
| 12296 | PUA-TOOLBARS Hijacker 3search runtime detection - update (more info ...) | misc-activity | URL | |||
| 12297 | MALWARE-BACKDOOR bifrost v1.2.1 runtime detection (more info ...) | trojan-activity | ||||
| 12298 | MALWARE-BACKDOOR bifrost v1.2.1 runtime detection (more info ...) | trojan-activity | URL | |||
| 12303 | POLICY-SOCIAL Google Chat web client connection (more info ...) | policy-violation | ||||
| 12304 | POLICY-SOCIAL AOL Instant Messenger web client connection (more info ...) | policy-violation | ||||
| 12305 | POLICY-SOCIAL Yahoo Messenger web client connection (more info ...) | policy-violation | ||||
| 12358 | SERVER-OTHER Helix DNA Server RTSP require tag heap overflow attempt (more info ...) | attempted-admin | 2007-4561 | 25440 | ||
| 12359 | PROTOCOL-VOIP Digium Asterisk data length field overflow attempt (more info ...) | attempted-user | 2006-5444 | 20617 | URL | |
| 12361 | PUA-ADWARE Infostealer.Monstres outbound connection (more info ...) | misc-activity | URL | |||
| 12363 | PUA-ADWARE Other-Technologies malware-stopper outbound connection (more info ...) | misc-activity | URL | |||
| 12364 | PUA-TOOLBARS Hijacker proventactics 3.5 runtime detection - get cfg information (more info ...) | misc-activity | URL | |||
| 12365 | PUA-ADWARE Hijacker proventactics 3.5 outbound connection - redirect searches (more info ...) | misc-activity | URL | |||
| 12366 | PUA-TOOLBARS Hijacker proventactics 3.5 runtime detection - toolbar search function (more info ...) | misc-activity | URL | |||
| 12367 | PUA-ADWARE Hijacker imesh mediabar outbound connection - hijack ie searches (more info ...) | misc-activity | URL | |||
| 12368 | PUA-ADWARE Hijacker imesh mediabar outbound connection - hijack ie side search (more info ...) | misc-activity | URL | |||
| 12369 | PUA-ADWARE Hijacker imesh mediabar outbound connection - collect user information (more info ...) | misc-activity | URL | |||
| 12370 | PUA-TOOLBARS Hijacker imesh mediabar runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 12371 | MALWARE-CNC User-Agent known malicious user agent - SpamBlockerUtility (more info ...) | misc-activity | URL | |||
| 12372 | MALWARE-OTHER Keylogger mg-shadow 2.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12373 | MALWARE-BACKDOOR radmin 3.0 runtime detection - initial connection (more info ...) | trojan-activity | ||||
| 12374 | MALWARE-BACKDOOR radmin 3.0 runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 12375 | MALWARE-BACKDOOR radmin 3.0 runtime detection - login & remote control (more info ...) | trojan-activity | ||||
| 12376 | MALWARE-BACKDOOR radmin 3.0 runtime detection - login & remote control (more info ...) | trojan-activity | URL | |||
| 12377 | MALWARE-BACKDOOR shark 2.3.2 runtime detection (more info ...) | trojan-activity | ||||
| 12378 | MALWARE-BACKDOOR shark 2.3.2 runtime detection (more info ...) | trojan-activity | URL | |||
| 12392 | SERVER-MAIL GNU Mailutils request tag format string vulnerability attempt (more info ...) | attempted-admin | 2005-1523 | 13764 | ||
| 12421 | SERVER-OTHER RealNetworks Helix RTSP long transport header (more info ...) | attempted-user | 2002-1643 | 6454 | ||
| 12422 | SERVER-OTHER RealNetworks Helix RTSP long describe request exploit attempt (more info ...) | attempted-user | 2002-1643 | 6454 | ||
| 12425 | PUA-P2P Ruckus P2P client activity (more info ...) | policy-violation | ||||
| 12426 | PUA-P2P Ruckus P2P broadcast domain probe (more info ...) | policy-violation | ||||
| 12427 | PUA-P2P Ruckus P2P encrypted authentication connection (more info ...) | policy-violation | ||||
| 12464 | PROTOCOL-NNTP cancel overflow attempt (more info ...) | attempted-admin | 2004-0045 | 9382 | 11984 | |
| 12481 | PUA-TOOLBARS Hijacker 411web toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 12482 | MALWARE-CNC User-Agent known malicious user agent - ZOMBIES_HTTP_GET (more info ...) | misc-activity | URL | |||
| 12483 | PUA-ADWARE Other-Technologies virusprotectpro 3.7 outbound connection (more info ...) | misc-activity | URL | |||
| 12484 | PUA-ADWARE Adware instant buzz runtime detection - ads for members (more info ...) | misc-activity | URL | |||
| 12485 | PUA-ADWARE Adware instant buzz runtime detection - random text ads (more info ...) | misc-activity | URL | |||
| 12486 | PUA-TOOLBARS Hijacker soso toolbar runtime detection - get weather information (more info ...) | misc-activity | URL | |||
| 12487 | PUA-TOOLBARS Hijacker soso toolbar runtime detection - hijack ie auto searches / soso toolbar searches requests (more info ...) | misc-activity | URL | |||
| 12594 | SERVER-OTHER Oracle TNS Service_CurLoad command (more info ...) | attempted-dos | 2002-1118 | 5678 | ||
| 12597 | SERVER-OTHER utf8 filename transfer attempt (more info ...) | suspicious-filename-detect | 2005-3573 | 15408 | ||
| 12620 | PUA-ADWARE Adware drive cleaner 1.0.111 runtime detection (more info ...) | misc-activity | URL | |||
| 12621 | PUA-TOOLBARS Trackware extra toolbar 1.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12622 | PUA-TOOLBARS Trackware extra toolbar 1.0 runtime detection - file download (more info ...) | successful-recon-limited | URL | |||
| 12623 | PUA-ADWARE Hijacker onestepsearch 1.0.118 outbound connection (more info ...) | misc-activity | URL | |||
| 12624 | PUA-ADWARE Hijacker onestepsearch 1.0.118 outbound connection - upgrade (more info ...) | misc-activity | URL | |||
| 12625 | MALWARE-OTHER Keylogger windows family safety 2.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12630 | INDICATOR-SHELLCODE unescape unicode encoded shellcode (more info ...) | shellcode-detect | ||||
| 12636 | PROTOCOL-NNTP XHDR buffer overflow attempt (more info ...) | attempted-user | 2007-3897 | URL | ||
| 12652 | PUA-ADWARE Hijacker new.net domain 7.2.2 outbound connection - hijack browser (more info ...) | misc-activity | URL | |||
| 12653 | PUA-ADWARE Hijacker new.net domain 7.2.2 outbound connection - download code (more info ...) | misc-activity | URL | |||
| 12654 | PUA-ADWARE Hijacker rabio 4.2 outbound connection - hijack browser (more info ...) | misc-activity | URL | |||
| 12655 | PUA-ADWARE Hijacker rabio 4.2 outbound connection - download updates (more info ...) | misc-activity | URL | |||
| 12656 | PUA-ADWARE Adware icoo loader 2.5 runtime detection 1 (more info ...) | misc-activity | URL | |||
| 12657 | PUA-ADWARE Adware icoo loader 2.5 runtime detection 2 (more info ...) | misc-activity | URL | |||
| 12658 | PUA-ADWARE Adware winantivirus pro 2007 runtime detection (more info ...) | misc-activity | URL | |||
| 12659 | PUA-ADWARE Trickler zlob media codec outbound connection - automatic updates (more info ...) | misc-activity | URL | |||
| 12660 | PUA-ADWARE Trickler zlob media codec outbound connection - download redirect domains (more info ...) | misc-activity | URL | |||
| 12661 | MALWARE-CNC troll.a variant outbound connection (more info ...) | trojan-activity | URL | |||
| 12665 | SERVER-OTHER CA BrightStor LGSever username buffer overflow attempt (more info ...) | attempted-admin | 2007-5004 | 24348 | ||
| 12666 | SERVER-OTHER HP OpenView OVTrace buffer overflow attempt (more info ...) | attempted-admin | 2007-3872 | 25255 | ||
| 12672 | PUA-TOOLBARS Trackware searchmiracle elitebar runtime detection - get ads (more info ...) | successful-recon-limited | URL | |||
| 12674 | MALWARE-CNC User-Agent known malicious user agent - iebar (more info ...) | successful-recon-limited | URL | |||
| 12675 | MALWARE-BACKDOOR Versi TheTheef Detection (more info ...) | misc-activity | ||||
| 12676 | PUA-ADWARE Conspy Update Checking Detected (more info ...) | misc-activity | URL | |||
| 12677 | PUA-ADWARE Adware ISTBar runtime detection - softwares (more info ...) | misc-activity | URL | |||
| 12678 | PUA-ADWARE SpyTech Realtime Spy Detection (more info ...) | misc-activity | URL | |||
| 12679 | PUA-TOOLBARS Trackware myway speedbar / mywebsearch toolbar user-agent detection (more info ...) | successful-recon-limited | URL | |||
| 12680 | PROTOCOL-VOIP Via header hostname buffer overflow attempt (more info ...) | attempted-user | 2007-3369 | 24542 | URL | |
| 12681 | PROTOCOL-VOIP SIP URI overflow attempt (more info ...) | misc-activity | URL | |||
| 12682 | PROTOCOL-VOIP From header field buffer overflow attempt (more info ...) | attempted-user | 2003-1115 | 6904 | URL | |
| 12683 | PROTOCOL-VOIP From header field buffer overflow attempt (more info ...) | attempted-user | 2003-1115 | 6904 | URL | |
| 12684 | MALWARE-BACKDOOR Sygate Remote Administration Engine (more info ...) | misc-activity | 2000-0113 | 952 | URL | |
| 12685 | SERVER-OTHER IBM Tivoli Storage Manager Express CAD Host buffer overflow (more info ...) | attempted-admin | 2007-4880 | 25743 | ||
| 12686 | POLICY-SOCIAL AIM Express usage (more info ...) | policy-violation | URL | |||
| 12691 | PUA-P2P Outbound Joltid PeerEnabler traffic detected (more info ...) | policy-violation | URL | |||
| 12693 | PUA-ADWARE Hijacker personalweb outbound connection (more info ...) | misc-activity | URL | |||
| 12694 | PUA-ADWARE Adware avsystemcare runtime detection (more info ...) | misc-activity | URL | |||
| 12695 | PUA-ADWARE Adware coopen 3.6.1 runtime detection - initial connection (more info ...) | misc-activity | URL | |||
| 12696 | PUA-ADWARE Adware coopen 3.6.1 runtime detection - automatic upgrade (more info ...) | misc-activity | URL | |||
| 12697 | MALWARE-OTHER Trackware browser accelerator runtime detection - pass user information to server (more info ...) | successful-recon-limited | URL | |||
| 12698 | MALWARE-OTHER Keylogger net vizo 5.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12699 | MALWARE-BACKDOOR poison ivy 2.3.0 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 12700 | MALWARE-BACKDOOR poison ivy 2.3.0 runtime detection - init connection (more info ...) | trojan-activity | URL | |||
| 12704 | SERVER-MAIL IBM Lotus Notes MIF viewer MIFFILE comment overflow (more info ...) | attempted-user | 2007-5910 | 26175 | ||
| 12705 | SERVER-MAIL IBM Lotus Notes MIF viewer statement overflow (more info ...) | attempted-user | 2007-5910 | 26175 | ||
| 12710 | SERVER-OTHER ASN.1 constructed bit string (more info ...) | attempted-admin | 2005-1935 | 9633 | URL | |
| 12712 | PROTOCOL-SNMP oversized sysName set request (more info ...) | attempted-admin | 2007-5381 | 26001 | ||
| 12713 | SERVER-ORACLE Oracle Database Server pitrig_dropmetadata buffer overflow attempt (more info ...) | attempted-admin | 2007-4517 | 26374 | ||
| 12718 | PUA-ADWARE Hijacker side find 1.0 outbound connection - initial connection (more info ...) | misc-activity | URL | |||
| 12719 | PUA-ADWARE Hijacker side find 1.0 outbound connection - hijacks search engine (more info ...) | misc-activity | URL | |||
| 12720 | PUA-ADWARE Adware pestbot runtime detection - update (more info ...) | misc-activity | URL | |||
| 12721 | PUA-ADWARE Adware pestbot runtime detection - purchase (more info ...) | misc-activity | URL | |||
| 12722 | PUA-ADWARE Hijacker sexyvideoscreensaver outbound connection (more info ...) | misc-activity | URL | |||
| 12723 | MALWARE-CNC User-Agent known malicious user agent - WakeSpace (more info ...) | successful-recon-limited | URL | |||
| 12724 | MALWARE-BACKDOOR dark moon 4.11 runtime detection (more info ...) | trojan-activity | ||||
| 12725 | MALWARE-BACKDOOR dark moon 4.11 runtime detection (more info ...) | trojan-activity | URL | |||
| 12726 | MALWARE-BACKDOOR bandook 1.35 runtime detection (more info ...) | trojan-activity | ||||
| 12727 | MALWARE-BACKDOOR bandook 1.35 runtime detection (more info ...) | trojan-activity | URL | |||
| 12728 | FILE-MULTIMEDIA RealNetworks SMIL wallclock stack overflow attempt (more info ...) | attempted-user | 2007-3410 | 24658 | ||
| 12743 | FILE-MULTIMEDIA FLAC libFLAC picture description metadata buffer overflow attempt (more info ...) | attempted-user | 2007-4619 | 26042 | ||
| 12745 | FILE-MULTIMEDIA FLAC libFLAC picture metadata buffer overflow attempt (more info ...) | attempted-user | 2007-4619 | 26042 | ||
| 12758 | MALWARE-OTHER Keylogger/RAT digi watcher 2.32 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12759 | MALWARE-OTHER Keylogger/RAT digi watcher 2.32 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12760 | MALWARE-OTHER Keylogger powered Keylogger 2.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12761 | MALWARE-OTHER Keylogger powered Keylogger 2.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12789 | PUA-ADWARE Adware sunshine spy 1.0 runtime detection - check update (more info ...) | misc-activity | URL | |||
| 12790 | MALWARE-OTHER Trackware partypoker runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12791 | PUA-TOOLBARS Adware gophoria toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 12792 | MALWARE-OTHER Keylogger spy lantern Keylogger pro 6.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12793 | MALWARE-OTHER Keylogger spy lantern Keylogger pro 6.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12794 | PUA-ADWARE Hijacker gralicwrap outbound connection - search frauddb process (more info ...) | misc-activity | URL | |||
| 12795 | PUA-ADWARE Hijacker gralicwrap outbound connection - display frauddb information (more info ...) | misc-activity | URL | |||
| 12796 | PUA-TOOLBARS Trackware happytofind toolbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 12797 | PUA-ADWARE Adware x-con spyware destroyer eh 3.2.8 runtime detection (more info ...) | misc-activity | URL | |||
| 12807 | FILE-IDENTIFY Lotus 123 file attachment (more info ...) | suspicious-filename-detect | 2007-6593 | 27835 | URL | |
| 13236 | MALWARE-OTHER Keylogger active Keylogger 3.9.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13237 | MALWARE-OTHER Keylogger active Keylogger 3.9.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13238 | PUA-ADWARE Adware adult p2p 1.5 runtime detection (more info ...) | misc-activity | URL | |||
| 13239 | PUA-TOOLBARS Hijacker blue wave adult links toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 13240 | PUA-ADWARE Adware live protection 2.1 runtime detection - redirects to purchase page (more info ...) | misc-activity | URL | |||
| 13241 | PUA-ADWARE Adware live protection 2.1 runtime detection - application updates (more info ...) | misc-activity | URL | |||
| 13242 | PUA-ADWARE Adware netpumper 1.26 runtime detection (more info ...) | misc-activity | URL | |||
| 13243 | MALWARE-OTHER Keylogger computer monitor 1.1 by lastcomfort runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13244 | MALWARE-OTHER Keylogger computer monitor 1.1 by lastcomfort runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13246 | MALWARE-BACKDOOR troya 1.4 inbound connection (more info ...) | trojan-activity | URL | |||
| 13247 | MALWARE-BACKDOOR yuri 1.2 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 13248 | MALWARE-CNC yuri 1.2 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13269 | OS-WINDOWS Multiple product nntp uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 13270 | OS-WINDOWS Multiple product news uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 13271 | OS-WINDOWS Multiple product telnet uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 13272 | OS-WINDOWS Multiple product mailto uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 13278 | MALWARE-OTHER Keylogger advanced spy 4.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13279 | MALWARE-OTHER Keylogger advanced spy 4.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13280 | MALWARE-OTHER Keylogger email spy monitor 6.9 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13281 | MALWARE-OTHER Keylogger email spy monitor 6.9 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13282 | PUA-TOOLBARS Adware jily ie toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 13283 | PUA-ADWARE Hijacker dreambar outbound connection (more info ...) | misc-activity | URL | |||
| 13284 | PUA-ADWARE Adware netguarder web cleaner runtime detection (more info ...) | misc-activity | URL | |||
| 13285 | PUA-ADWARE Hijacker phazebar outbound connection (more info ...) | misc-activity | URL | |||
| 13286 | PUA-ADWARE Adware 3wplayer 1.7 runtime detection (more info ...) | misc-activity | URL | |||
| 13291 | SERVER-SAMBA Samba send_mailslot buffer overflow attempt (more info ...) | attempted-admin | 2007-6015 | 26791 | ||
| 13316 | FILE-MULTIMEDIA 3ivx MP4 file parsing ART buffer overflow attempt (more info ...) | attempted-user | 2007-6402 | 26773 | ||
| 13318 | FILE-MULTIMEDIA 3ivx MP4 file parsing cmt buffer overflow attempt (more info ...) | attempted-user | 2007-6402 | 26773 | ||
| 13319 | FILE-MULTIMEDIA 3ivx MP4 file parsing des buffer overflow attempt (more info ...) | attempted-user | 2007-6402 | 26773 | ||
| 13320 | FILE-MULTIMEDIA 3ivx MP4 file parsing cpy buffer overflow attempt (more info ...) | attempted-user | 2007-6402 | 26773 | ||
| 13339 | PUA-TOOLBARS Hijacker direct toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 13340 | PUA-ADWARE Hijacker search4top outbound connection - hijack ie searches and error pages (more info ...) | misc-activity | URL | |||
| 13341 | PUA-ADWARE Hijacker search4top outbound connection - popup ads (more info ...) | misc-activity | URL | |||
| 13342 | PUA-TOOLBARS Hijacker ditto toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 13343 | PUA-ADWARE Adware 2005-search loader runtime detection (more info ...) | misc-activity | URL | |||
| 13344 | PUA-ADWARE Adware yourprivacyguard runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13345 | PUA-ADWARE Adware yourprivacyguard runtime detection - update (more info ...) | misc-activity | URL | |||
| 13346 | PUA-ADWARE Snoopware remote desktop inspector outbound connection - init connection (more info ...) | successful-recon-limited | URL | |||
| 13347 | PUA-ADWARE Snoopware remote desktop inspector runtime detection - init connection (more info ...) | successful-recon-limited | URL | |||
| 13361 | FILE-OTHER ClamAV MEW PE file integer overflow attempt (more info ...) | attempted-user | 2007-6335 | 26927 | ||
| 13415 | SERVER-OTHER CA BrightStor cheyenneds mailslot overflow (more info ...) | attempted-admin | 2006-5142 | 20364 | ||
| 13417 | SERVER-OTHER Citrix MetaFrame IMA authentication processing buffer overflow attempt (more info ...) | attempted-admin | 2006-5821 | 20986 | URL | |
| 13418 | SERVER-OTHER IBM Tivoli Director LDAP server invalid DN message buffer overflow attempt (more info ...) | attempted-dos | 2011-0917 | 16593 | URL | |
| 13425 | SERVER-OTHER openldap server bind request denial of service attempt (more info ...) | denial-of-service | 2006-5779 | 20939 | ||
| 13479 | MALWARE-OTHER Keylogger findnot guarddog 4.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13480 | MALWARE-OTHER Keylogger findnot guarddog 4.0 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13481 | PUA-TOOLBARS Hijacker baidu toolbar runtime detection - hijacks search engine (more info ...) | misc-activity | URL | |||
| 13482 | PUA-TOOLBARS Hijacker baidu toolbar runtime detection - discloses information (more info ...) | misc-activity | URL | |||
| 13483 | PUA-TOOLBARS Hijacker baidu toolbar runtime detection - updates automatically (more info ...) | misc-activity | ||||
| 13484 | PUA-TOOLBARS Hijacker baidu toolbar runtime detection - updates automatically (more info ...) | misc-activity | URL | |||
| 13485 | PUA-TOOLBARS Hijacker sofa toolbar runtime detection - hijacks search engine (more info ...) | misc-activity | URL | |||
| 13486 | PUA-TOOLBARS Hijacker sofa toolbar runtime detection - records search information (more info ...) | misc-activity | URL | |||
| 13487 | PUA-ADWARE Adware elite protector runtime detection (more info ...) | misc-activity | URL | |||
| 13488 | PUA-TOOLBARS Hijacker people pal toolbar runtime detection - automatic upgrade (more info ...) | misc-activity | URL | |||
| 13489 | PUA-TOOLBARS Hijacker people pal toolbar runtime detection - traffic for searching (more info ...) | misc-activity | URL | |||
| 13490 | PUA-ADWARE Adware spy shredder 2.1 runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13491 | PUA-ADWARE Adware spy shredder 2.1 runtime detection - update (more info ...) | misc-activity | URL | |||
| 13492 | PUA-TOOLBARS Hijacker deepdo toolbar runtime detection - redirects search engine (more info ...) | misc-activity | URL | |||
| 13493 | PUA-TOOLBARS Hijacker deepdo toolbar runtime detection - automatic update (more info ...) | misc-activity | URL | |||
| 13494 | MALWARE-OTHER Keylogger smart pc Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13495 | PUA-TOOLBARS Hijacker ez-tracks toolbar runtime detection - initial traffic 1 (more info ...) | misc-activity | URL | |||
| 13496 | PUA-TOOLBARS Hijacker ez-tracks toolbar runtime detection - initial traffic 2 (more info ...) | misc-activity | URL | |||
| 13497 | PUA-TOOLBARS Hijacker ez-tracks toolbar runtime detection - tracking traffic (more info ...) | misc-activity | URL | |||
| 13498 | PUA-ADWARE Hijacker hbtbar outbound connection - search traffic 1 (more info ...) | misc-activity | URL | |||
| 13499 | PUA-ADWARE Hijacker hbtbar outbound connection - search traffic 2 (more info ...) | misc-activity | URL | |||
| 13500 | PUA-ADWARE Hijacker hbtbar outbound connection - log information (more info ...) | misc-activity | URL | |||
| 13501 | PUA-ADWARE Adware contravirus runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13502 | PUA-ADWARE Adware contravirus runtime detection - update (more info ...) | misc-activity | URL | |||
| 13504 | PUA-ADWARE Adware iedefender runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13505 | PUA-ADWARE Adware iedefender runtime detection - update (more info ...) | misc-activity | URL | |||
| 13506 | MALWARE-BACKDOOR evilotus 1.3.2 runtime detection - init connection (more info ...) | trojan-activity | ||||
| 13507 | MALWARE-CNC evilotus 1.3.2 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13508 | MALWARE-CNC xploit 1.4.5 variant outbound connection (more info ...) | trojan-activity | ||||
| 13509 | MALWARE-CNC xploit 1.4.5 pc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13559 | PUA-TOOLBARS Hijacker kompass toolbar runtime detection - initial connection (more info ...) | misc-activity | URL | |||
| 13560 | PUA-TOOLBARS Hijacker kompass toolbar runtime detection - search traffic (more info ...) | misc-activity | URL | |||
| 13561 | PUA-ADWARE Adware malware alarm runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13562 | PUA-ADWARE Adware malware alarm runtime detection - update request (more info ...) | misc-activity | URL | |||
| 13563 | PUA-ADWARE Adware system doctor runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13564 | PUA-ADWARE Adware system doctor runtime detection - update status (more info ...) | misc-activity | URL | |||
| 13565 | PUA-ADWARE Trickler iecodec outbound connection - initial traffic (more info ...) | misc-activity | URL | |||
| 13566 | PUA-ADWARE Trickler iecodec outbound connection - message dialog (more info ...) | misc-activity | URL | |||
| 13567 | MALWARE-OTHER Keylogger msn spy monitor runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13568 | MALWARE-OTHER Keylogger sys keylog 1.3 advanced runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13617 | SERVER-ORACLE Oracle database version 8 username buffer overflow attempt (more info ...) | attempted-admin | 2003-0095 | 6849 | URL | |
| 13618 | SERVER-ORACLE Oracle database version 9 username buffer overflow attempt (more info ...) | attempted-admin | 2003-0095 | 6849 | URL | |
| 13625 | MALWARE-CNC MBR rootkit HTTP POST activity detected (more info ...) | trojan-activity | URL | |||
| 13631 | SERVER-OTHER McAfee ePolicy Orchestrator Framework Services log handling format string attempt (more info ...) | attempted-admin | 2008-1357 | 28228 | ||
| 13632 | SERVER-OTHER Zango adware installation request (more info ...) | policy-violation | URL | |||
| 13635 | PUA-ADWARE Trickler downloader trojan.gen outbound connection - get malicious link (more info ...) | misc-activity | URL | |||
| 13636 | PUA-ADWARE Trickler downloader trojan.gen outbound connection - download malicious link (more info ...) | misc-activity | URL | |||
| 13637 | PUA-ADWARE Adware virus heat runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13638 | MALWARE-CNC User-Agent known Adware user-agent string - Win.Adware.VirusHeat (more info ...) | trojan-activity | URL | |||
| 13639 | PUA-TOOLBARS Hijacker locmag toolbar runtime detection - connection to toolbar (more info ...) | misc-activity | URL | |||
| 13640 | PUA-TOOLBARS Hijacker locmag toolbar runtime detection - hijacks address bar (more info ...) | misc-activity | URL | |||
| 13641 | PUA-TOOLBARS Hijacker eclickz toolbar runtime detection - search traffic (more info ...) | misc-activity | URL | |||
| 13642 | MALWARE-OTHER Keylogger easy Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13643 | PUA-TOOLBARS Hijacker zztoolbar runtime detection - toolbar traffic (more info ...) | misc-activity | URL | |||
| 13644 | PUA-TOOLBARS Hijacker zztoolbar runtime detection - search traffic (more info ...) | misc-activity | URL | |||
| 13645 | PUA-TOOLBARS Hijacker mxs toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 13646 | PUA-ADWARE Adware registry defender runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13647 | PUA-ADWARE Adware registry defender runtime detection - error report request (more info ...) | misc-activity | URL | |||
| 13648 | PUA-ADWARE Hijacker mysearch bar 2.0.2.28 runtime detection (more info ...) | misc-activity | URL | |||
| 13649 | PUA-ADWARE Adware spyware stop runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13650 | PUA-ADWARE Adware spyware stop runtime detection - auto updates (more info ...) | misc-activity | URL | |||
| 13652 | PUA-ADWARE Keylogger all in one Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13653 | PUA-ADWARE Adware cashfiesta adbar runtime detection - updates traffic (more info ...) | misc-activity | URL | |||
| 13654 | MALWARE-CNC nuclear rat 2.1 variant outbound connection (more info ...) | trojan-activity | ||||
| 13655 | MALWARE-CNC nuclear rat 2.1 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13664 | PROTOCOL-VOIP Remote-Party-ID header hexadecimal characters in IP address field (more info ...) | attempted-admin | 2007-1542 | 23047 | URL | |
| 13693 | PROTOCOL-VOIP Attribute header rtpmap field invalid payload type (more info ...) | attempted-user | 2008-1289 | 28308 | URL | |
| 13694 | SERVER-OTHER RealNetworks Helix RTSP long get request exploit attempt (more info ...) | attempted-user | 2002-1643 | 6454 | ||
| 13695 | SERVER-OTHER RealNetworks Helix RTSP long setup request exploit attempt (more info ...) | attempted-user | 2002-1643 | 6454 | ||
| 13762 | PUA-ADWARE Adware system defender runtime detection (more info ...) | misc-activity | URL | |||
| 13764 | PUA-ADWARE Snoopware xpress remote outbound connection - init connection (more info ...) | successful-recon-limited | URL | |||
| 13765 | PUA-ADWARE Adware winxdefender runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13766 | PUA-ADWARE Adware winxdefender runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 13767 | MALWARE-OTHER Keylogger cyber sitter runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13768 | MALWARE-OTHER Keylogger cyber sitter runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13769 | PUA-TOOLBARS Hijacker searchnine toolbar runtime detection - hijacks address bar (more info ...) | misc-activity | URL | |||
| 13770 | PUA-TOOLBARS Hijacker searchnine toolbar runtime detection - redirects search function (more info ...) | misc-activity | URL | |||
| 13771 | PUA-TOOLBARS Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #1 (more info ...) | misc-activity | URL | |||
| 13772 | PUA-TOOLBARS Hijacker music of faith toolbar runtime detection - hijacks search engine traffic #2 (more info ...) | misc-activity | URL | |||
| 13774 | PUA-ADWARE Trickler trojan ecodec outbound connection - initial server connection #1 (more info ...) | misc-activity | URL | |||
| 13775 | PUA-ADWARE Trickler trojan ecodec outbound connection - initial server connection #2 (more info ...) | misc-activity | URL | |||
| 13776 | MALWARE-OTHER Trackware syscleaner runtime detection - presale traffic (more info ...) | successful-recon-limited | URL | |||
| 13777 | MALWARE-CNC User-Agent known malicious user agent - SysCleaner (more info ...) | successful-recon-limited | URL | |||
| 13778 | MALWARE-OTHER Keylogger kgb employee monitor runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13779 | PUA-TOOLBARS Trackware proofile toolbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13780 | PUA-TOOLBARS Hijacker find.fm toolbar runtime detection - automatic updates (more info ...) | misc-activity | URL | |||
| 13781 | PUA-TOOLBARS Hijacker find.fm toolbar runtime detection - hijacks address bar (more info ...) | misc-activity | URL | |||
| 13782 | MALWARE-CNC User-Agent known malicious user agent - EzReward (more info ...) | misc-activity | URL | |||
| 13797 | FILE-IDENTIFY Portable Executable compact binary file magic detected (more info ...) | misc-activity | ||||
| 13808 | PUA-ADWARE Adware ie antivirus runtime detection - presale request (more info ...) | misc-activity | URL | |||
| 13809 | PUA-ADWARE Adware ie antivirus runtime detection - update request (more info ...) | misc-activity | URL | |||
| 13811 | PUA-ADWARE Adware xp antivirus runtime detection (more info ...) | misc-activity | URL | |||
| 13812 | MALWARE-OTHER Keylogger refog Keylogger runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13813 | PUA-ADWARE Trickler mm.exe outbound connection (more info ...) | misc-activity | URL | |||
| 13815 | MALWARE-CNC zombget.03 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13844 | SERVER-MAIL BDAT size longer than contents exploit attempt (more info ...) | attempted-dos | 2002-0055 | |||
| 13845 | SERVER-MAIL BDAT size public exploit attempt (more info ...) | attempted-dos | 2002-0055 | |||
| 13847 | PUA-ADWARE Adware phoenician casino runtime detection (more info ...) | misc-activity | URL | |||
| 13848 | PUA-ADWARE Trickler zwinky runtime detection (more info ...) | misc-activity | URL | |||
| 13849 | PUA-ADWARE Hijacker rcse 4.4 outbound connection - hijack ie browser (more info ...) | misc-activity | URL | |||
| 13850 | PUA-ADWARE Adware roogoo 2.0 runtime detection - popup ads (more info ...) | misc-activity | URL | |||
| 13851 | PUA-ADWARE Adware roogoo 2.0 runtime detection - upgrade (more info ...) | misc-activity | URL | |||
| 13852 | PUA-ADWARE Hijacker bitroll 5.0 outbound connection (more info ...) | misc-activity | URL | |||
| 13853 | PUA-TOOLBARS Hijacker alot toolbar runtime detection - weather request (more info ...) | misc-activity | URL | |||
| 13854 | PUA-TOOLBARS Hijacker alot toolbar runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 13855 | MALWARE-CNC User-Agent known malicious user agent - SpeedRunner (more info ...) | successful-recon-limited | URL | |||
| 13856 | MALWARE-CNC Win.Trojan.wintrim.z variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13861 | POLICY-SOCIAL Habbo chat client avatar control (more info ...) | policy-violation | URL | |||
| 13862 | POLICY-SOCIAL Habbo chat client item information download (more info ...) | policy-violation | URL | |||
| 13863 | POLICY-SOCIAL Habbo chat client successful login (more info ...) | policy-violation | URL | |||
| 13866 | MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection - popup ads (more info ...) | successful-recon-limited | URL | |||
| 13867 | MALWARE-OTHER Trackware adclicker-fc.gen.a runtime detection (more info ...) | successful-recon-limited | URL | |||
| 13868 | PUA-ADWARE Adware antispywaremaster runtime detection - start fake scanning (more info ...) | misc-activity | URL | |||
| 13869 | PUA-ADWARE Adware antispywaremaster runtime detection - sale/register request (more info ...) | misc-activity | URL | |||
| 13870 | PUA-ADWARE Adware coopen 5.0.0.87 runtime detection - init conn (more info ...) | misc-activity | URL | |||
| 13871 | PUA-ADWARE Adware coopen 5.0.0.87 runtime detection - ads (more info ...) | misc-activity | URL | |||
| 13872 | PUA-ADWARE Trickler fushion 1.2.4.17 outbound connection - notice (more info ...) | misc-activity | URL | |||
| 13873 | PUA-ADWARE Trickler fushion 1.2.4.17 outbound connection - underground traffic (more info ...) | misc-activity | URL | |||
| 13874 | PUA-ADWARE Adware malware destructor 4.5 runtime detection - order request (more info ...) | misc-activity | URL | |||
| 13875 | PUA-ADWARE Adware malware destructor 4.5 runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 13876 | MALWARE-CNC zlob.acc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 13877 | MALWARE-CNC Win.Trojan.delf.uv variant outbound connection (more info ...) | trojan-activity | ||||
| 13878 | MALWARE-CNC Win.Trojan.delf.uv inbound connection (more info ...) | trojan-activity | URL | |||
| 13902 | SERVER-OTHER IBM Lotus Sametime multiplexer stack buffer overflow attempt (more info ...) | attempted-admin | 2008-2499 | 29328 | ||
| 13915 | FILE-IDENTIFY BAK file download request (more info ...) | misc-activity | ||||
| 13916 | SERVER-WEBAPP Alt-N SecurityGateway username buffer overflow attempt (more info ...) | attempted-admin | 2008-4193 | 29457 | URL | |
| 13930 | PUA-ADWARE Trickler pc privacy cleaner outbound connection - order/register request (more info ...) | misc-activity | URL | |||
| 13931 | MALWARE-CNC User-Agent known malicious user agent - PcPcUpdater (more info ...) | misc-activity | URL | |||
| 13933 | MALWARE-OTHER Trackware rightonadz.biz adrotator runtime detection - ads (more info ...) | successful-recon-limited | URL | |||
| 13934 | MALWARE-CNC Hijacker mediatubecodec 1.470.0 variant outbound connection hijack ie (more info ...) | misc-activity | URL | |||
| 13935 | MALWARE-CNC Hijacker mediatubecodec 1.470.0 variant outbound connection download other malware (more info ...) | misc-activity | URL | |||
| 13936 | MALWARE-CNC Trickler dropper agent.rqg variant outbound connection call home (more info ...) | misc-activity | URL | |||
| 13937 | PUA-ADWARE Hijacker adware.win32.ejik.ec variant runtime detection - call home (more info ...) | misc-activity | URL | |||
| 13938 | PUA-ADWARE Hijacker adware.win32.ejik.ec variant outbound connection (more info ...) | misc-activity | ||||
| 13939 | PUA-ADWARE Hijacker adware.win32.ejik.ec variant runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 13940 | PUA-ADWARE Hijacker win32.bho.bgf outbound connection (more info ...) | misc-activity | URL | |||
| 13941 | MALWARE-CNC Win.Trojan.agent.nac variant outbound connection click fraud (more info ...) | trojan-activity | URL | |||
| 13942 | MALWARE-CNC Win.Trojan.agent.nac variant outbound connection call home (more info ...) | trojan-activity | URL | |||
| 13943 | PUA-ADWARE Trickler dropper agent.rqg outbound connection (more info ...) | trojan-activity | ||||
| 13944 | MALWARE-CNC Win.Trojan.small.gy variant outbound connection get whitelist (more info ...) | trojan-activity | URL | |||
| 13945 | MALWARE-CNC Win.Trojan.small.gy variant outbound connection update (more info ...) | trojan-activity | URL | |||
| 13946 | FILE-IMAGE Apple PICT/Quickdraw image converter packType 4 buffer overflow exploit attempt (more info ...) | attempted-user | 2008-3021 | URL | ||
| 13947 | FILE-IMAGE Apple PICT/Quickdraw image converter packType 3 buffer overflow exploit attempt (more info ...) | attempted-user | 2008-3018 | URL | ||
| 13951 | SERVER-WEBAPP Oracle Database Server buffer overflow attempt (more info ...) | misc-attack | 2008-2607 | 30177 | ||
| 13953 | MALWARE-CNC Asprox trojan initial query (more info ...) | trojan-activity | URL | |||
| 14018 | FILE-IDENTIFY PLS multimedia playlist file download request (more info ...) | misc-activity | URL | |||
| 14019 | FILE-MULTIMEDIA CyberLink PowerDVD playlist file handling stack overflow attempt (more info ...) | attempted-user | 30341 | |||
| 14020 | FILE-MULTIMEDIA CyberLink PowerDVD playlist file handling stack overflow attempt (more info ...) | attempted-user | 30341 | |||
| 14039 | FILE-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (more info ...) | attempted-user | 2008-2935 | 30467 | URL | |
| 14040 | SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt (more info ...) | attempted-user | 2008-2935 | 30467 | URL | |
| 14041 | SERVER-OTHER GNOME Project libxslt RC4 key string buffer overflow attempt - 2 (more info ...) | attempted-user | 2008-2935 | 30467 | URL | |
| 14054 | PUA-ADWARE Adware AdwareALERT runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 14055 | PUA-TOOLBARS Hijacker rediff toolbar runtime detection - hijack ie auto search (more info ...) | misc-activity | URL | |||
| 14056 | PUA-TOOLBARS Hijacker rediff toolbar runtime detection - get news info (more info ...) | misc-activity | URL | |||
| 14057 | MALWARE-CNC User-Agent known malicious user agent - DMFR (more info ...) | successful-recon-limited | URL | |||
| 14058 | PUA-ADWARE Hijacker cpush 2 outbound connection - pass info to controlling server (more info ...) | misc-activity | URL | |||
| 14059 | MALWARE-CNC User-Agent known malicious user agent - CPUSH_HOMEPAGE (more info ...) | misc-activity | URL | |||
| 14060 | MALWARE-CNC User-Agent known malicious user agent - CPUSH_UPDATER (more info ...) | misc-activity | URL | |||
| 14061 | PUA-ADWARE Trickler antimalware guard runtime detection - order/register request (more info ...) | misc-activity | URL | |||
| 14062 | PUA-ADWARE Trickler antimalware guard runtime detection - auto update (more info ...) | misc-activity | URL | |||
| 14063 | PUA-ADWARE Hijacker cashon outbound connection - hijack ie searches (more info ...) | misc-activity | URL | |||
| 14064 | PUA-ADWARE Hijacker cashon outbound connection - auto update (more info ...) | misc-activity | URL | |||
| 14065 | MALWARE-OTHER Keylogger emptybase j runtime detection (more info ...) | successful-recon-limited | URL | |||
| 14067 | PUA-ADWARE Adware swizzor runtime detection (more info ...) | misc-activity | URL | |||
| 14068 | PUA-ADWARE Adware rond runtime detection (more info ...) | misc-activity | URL | |||
| 14069 | PUA-ADWARE Adware brave sentry runtime detection - order request (more info ...) | misc-activity | URL | |||
| 14070 | PUA-ADWARE Adware brave sentry runtime detection - self update (more info ...) | misc-activity | URL | |||
| 14071 | PUA-ADWARE Hijacker Adware bho.gen runtime detection - pop-up window traffic #1 (more info ...) | misc-activity | URL | |||
| 14072 | PUA-ADWARE Hijacker Adware bho.gen runtime detection - pop-up window traffic #2 (more info ...) | misc-activity | URL | |||
| 14073 | PUA-ADWARE Hijacker Adware bho.gen runtime detection - prompt download page (more info ...) | misc-activity | URL | |||
| 14074 | MALWARE-OTHER Keylogger spybosspro 4.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 14075 | MALWARE-OTHER Keylogger ultimate Keylogger pro runtime detection (more info ...) | successful-recon-limited | URL | |||
| 14076 | PUA-ADWARE Hijacker Adware win32 mostofate runtime detection - hijack search (more info ...) | misc-activity | URL | |||
| 14077 | PUA-ADWARE Hijacker Adware win32 mostofate runtime detection - redirect search results (more info ...) | misc-activity | URL | |||
| 14081 | MALWARE-CNC Win.Trojan.agent.aarm variant outbound connection call home (more info ...) | trojan-activity | URL | |||
| 14082 | MALWARE-CNC Win.Trojan.agent.aarm variant outbound connection spread via spam (more info ...) | trojan-activity | URL | |||
| 14083 | MALWARE-CNC Win.Trojan.agent.aarm variant outbound connection download other malware (more info ...) | trojan-activity | URL | |||
| 14084 | MALWARE-CNC infostealer.banker.c variant outbound connection download cfg.bin (more info ...) | trojan-activity | URL | |||
| 14085 | MALWARE-CNC infostealer.banker.c variant outbound connection collect user info (more info ...) | trojan-activity | URL | |||
| 14086 | MALWARE-CNC Adware.Win32.Agent.BM variant outbound connection 1 (more info ...) | trojan-activity | URL | |||
| 14087 | MALWARE-CNC Adware.Win32.Agent.BM variant outbound connection 2 (more info ...) | trojan-activity | URL | |||
| 14230 | SERVER-WEBAPP SAP DB web server stack buffer overflow attempt (more info ...) | attempted-admin | 2007-3614 | 24773 | ||
| 14265 | PROTOCOL-SCADA Multiple Schneider Electric SCADA products buffer overflow attempt (more info ...) | attempted-admin | 2008-2639 | 29634 | URL | |
| 14600 | SERVER-OTHER SAP Message Server Heap buffer overflow attempt (more info ...) | attempted-user | 2007-3624 | 24765 | ||
| 14602 | SERVER-OTHER Borland Interbase open_marker_file overflow attempt (more info ...) | attempted-user | 2007-5244 | 25917 | ||
| 14608 | PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (more info ...) | attempted-admin | 2007-2293 | 23648 | ||
| 14609 | PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (more info ...) | attempted-admin | 2007-2293 | 23648 | ||
| 14646 | OS-WINDOWS Active Directory malformed baseObject denial of service attempt (more info ...) | attempted-dos | 2008-4023 | URL | ||
| 14986 | INDICATOR-SHELLCODE x86 fldz get eip shellcode (more info ...) | shellcode-detect | ||||
| 14992 | SERVER-WEBAPP Openwsman HTTP basic authentication buffer overflow attempt (more info ...) | attempted-user | 2008-2234 | 30694 | ||
| 15071 | PROTOCOL-SCADA Modbus exception returned (more info ...) | protocol-command-decode | URL | |||
| 15074 | PROTOCOL-SCADA Modbus user-defined function code - 65 to 72 (more info ...) | protocol-command-decode | URL | |||
| 15075 | PROTOCOL-SCADA Modbus user-defined function code - 100 to 110 (more info ...) | protocol-command-decode | URL | |||
| 15078 | SERVER-OTHER HP Openview Network Node Manager OValarmsrv buffer overflow attempt (more info ...) | attempted-admin | 2008-1852 | |||
| 15080 | FILE-MULTIMEDIA VideoLAN VLC Media Player WAV processing integer overflow attempt (more info ...) | misc-activity | 2008-2430 | 30058 | ||
| 15124 | OS-WINDOWS Web-based NTLM replay attack attempt (more info ...) | attempted-user | 2015-0005 | URL | ||
| 15145 | SERVER-OTHER Apple CUPS TrueColor PNG filter overly large image height integer overflow attempt (more info ...) | attempted-admin | 2008-5286 | 32518 | URL | |
| 15146 | SERVER-OTHER Apple CUPS RGB+Alpha PNG filter overly large image height integer overflow attempt (more info ...) | attempted-admin | 2008-5286 | 32518 | URL | |
| 15149 | SERVER-ORACLE Oracle Internet Directory pre-auth ldap denial of service attempt (more info ...) | attempted-dos | 2008-2595 | 30177 | URL | |
| 15157 | FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (more info ...) | attempted-user | 2008-4558 | |||
| 15158 | FILE-IDENTIFY XML Shareable Playlist Format file download request (more info ...) | misc-activity | URL | |||
| 15165 | MALWARE-CNC Pushdo client communication (more info ...) | trojan-activity | URL | |||
| 15166 | FILE-MULTIMEDIA VideoLAN VLC Media Player RealText buffer overflow attempt (more info ...) | attempted-user | 2008-5036 | |||
| 15170 | POLICY-SOCIAL XBOX Netflix client activity (more info ...) | policy-violation | ||||
| 15171 | POLICY-SOCIAL XBOX Marketplace http request (more info ...) | policy-violation | ||||
| 15172 | POLICY-SOCIAL XBOX avatar retrieval request (more info ...) | policy-violation | ||||
| 15183 | POLICY-SOCIAL Yahoo messenger http link transmission attempt (more info ...) | trojan-activity | URL | |||
| 15185 | APP-DETECT Nintendo Wii SSL Server Hello (more info ...) | policy-violation | ||||
| 15188 | SERVER-OTHER Multiple vendors CUPS HPGL filter remote code execution attempt (more info ...) | attempted-user | 2008-3641 | 31688 | URL | |
| 15190 | SERVER-WEBAPP Youngzsoft CCProxy CONNECT Request buffer overflow attempt (more info ...) | attempted-user | 2008-6415 | 31416 | ||
| 15236 | FILE-IMAGE ACD Systems ACDSee XPM file format overflow attempt (more info ...) | attempted-user | 2007-2193 | 23620 | ||
| 15239 | FILE-IDENTIFY RealNetworks RealMedia format file download request (more info ...) | misc-activity | URL | |||
| 15240 | FILE-IDENTIFY RealNetworks RealMedia format file download request (more info ...) | misc-activity | URL | |||
| 15241 | FILE-MULTIMEDIA VideoLAN VLC real.c ReadRealIndex real demuxer integer overflow attempt (more info ...) | attempted-user | 2008-5276 | 32545 | ||
| 15256 | SERVER-ORACLE BPEL process manager XSS injection attempt (more info ...) | web-application-attack | 2008-4014 | URL | ||
| 15296 | MALWARE-CNC Win.Trojan.Bankpatch malicious file download (more info ...) | trojan-activity | URL | |||
| 15297 | MALWARE-CNC Win.Trojan.Bankpatch report home (more info ...) | trojan-activity | URL | |||
| 15364 | SERVER-OTHER Ganglia Meta Daemon process_path stack buffer overflow attempt (more info ...) | attempted-user | 2009-0241 | 33299 | URL | |
| 15382 | SERVER-OTHER X.Org X Font Server QueryXBitmaps and QueryXExtents Handlers integer overflow attempt (more info ...) | attempted-admin | 2007-4568 | 25898 | ||
| 15389 | PROTOCOL-SCADA OMRON-FINS memory area write attempt (more info ...) | protocol-command-decode | URL | |||
| 15390 | PROTOCOL-SCADA OMRON-FINS memory area fill attempt (more info ...) | protocol-command-decode | URL | |||
| 15391 | PROTOCOL-SCADA OMRON-FINS memory area transfer attempt (more info ...) | protocol-command-decode | URL | |||
| 15392 | PROTOCOL-SCADA OMRON-FINS parameter area write attempt (more info ...) | protocol-command-decode | URL | |||
| 15393 | PROTOCOL-SCADA OMRON-FINS parameter area clear attempt (more info ...) | protocol-command-decode | URL | |||
| 15394 | PROTOCOL-SCADA OMRON-FINS program area protect attempt (more info ...) | protocol-command-decode | URL | |||
| 15396 | PROTOCOL-SCADA OMRON-FINS program area write attempt (more info ...) | protocol-command-decode | URL | |||
| 15397 | PROTOCOL-SCADA OMRON-FINS program area clear attempt (more info ...) | protocol-command-decode | URL | |||
| 15398 | PROTOCOL-SCADA OMRON-FINS RUN attempt (more info ...) | protocol-command-decode | URL | |||
| 15399 | PROTOCOL-SCADA OMRON-FINS STOP attempt (more info ...) | protocol-command-decode | URL | |||
| 15400 | PROTOCOL-SCADA OMRON-FINS clock write attempt (more info ...) | protocol-command-decode | URL | |||
| 15401 | PROTOCOL-SCADA OMRON-FINS access right acquire attempt (more info ...) | protocol-command-decode | URL | |||
| 15402 | PROTOCOL-SCADA OMRON-FINS access right forced acquire attempt (more info ...) | protocol-command-decode | URL | |||
| 15403 | PROTOCOL-SCADA OMRON-FINS single file write attempt (more info ...) | protocol-command-decode | URL | |||
| 15404 | PROTOCOL-SCADA OMRON-FINS file delete attempt (more info ...) | protocol-command-decode | URL | |||
| 15405 | PROTOCOL-SCADA OMRON-FINS forced set/reset attempt (more info ...) | protocol-command-decode | URL | |||
| 15406 | PROTOCOL-SCADA OMRON-FINS forced set/reset cancel attempt (more info ...) | protocol-command-decode | URL | |||
| 15407 | PROTOCOL-SCADA OMRON-FINS file memory write attempt (more info ...) | protocol-command-decode | URL | |||
| 15408 | PROTOCOL-SCADA OMRON-FINS data link table write attempt (more info ...) | protocol-command-decode | URL | |||
| 15409 | PROTOCOL-SCADA OMRON-FINS RESET attempt (more info ...) | protocol-command-decode | URL | |||
| 15410 | PROTOCOL-SCADA OMRON-FINS name delete attempt (more info ...) | protocol-command-decode | URL | |||
| 15411 | PROTOCOL-SCADA OMRON-FINS memory card format attempt (more info ...) | protocol-command-decode | URL | |||
| 15412 | PROTOCOL-SCADA OMRON-FINS memory area write overflow attempt (more info ...) | protocol-command-decode | URL | |||
| 15413 | PROTOCOL-SCADA OMRON-FINS memory area fill overflow attempt (more info ...) | protocol-command-decode | URL | |||
| 15414 | PROTOCOL-SCADA OMRON-FINS program area protect clear brute force attempt (more info ...) | protocol-command-decode | URL | |||
| 15423 | MALWARE-CNC Clampi virus communication detected (more info ...) | trojan-activity | URL | |||
| 15426 | FILE-IDENTIFY MAKI file download request (more info ...) | misc-activity | ||||
| 15435 | SERVER-OTHER IBM Director CIM server consumer name handling denial of service attempt (more info ...) | attempted-dos | 2009-0879 | 34061 | ||
| 15445 | SERVER-ORACLE Application Server BPEL module cross site scripting attempt (more info ...) | attempted-user | 2008-4014 | |||
| 15451 | MALWARE-CNC possible Conficker.C HTTP traffic 1 (more info ...) | trojan-activity | URL | |||
| 15452 | MALWARE-CNC possible Conficker.C HTTP traffic 2 (more info ...) | trojan-activity | URL | |||
| 15453 | OS-WINDOWS SMB replay attempt via NTLMSSP - overlapping encryption keys detected (more info ...) | attempted-user | 2015-0005 | URL | ||
| 15456 | SERVER-OTHER WinHTTP SSL/TLS impersonation attempt (more info ...) | misc-attack | 2009-0089 | URL | ||
| 15472 | FILE-MULTIMEDIA Multiple MP3 player PLS buffer overflow attempt (more info ...) | attempted-user | 2009-0476 | 33589 | ||
| 15473 | FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2006-6063 | 21206 | ||
| 15476 | PUA-ADWARE Waledac spam bot HTTP POST request (more info ...) | misc-activity | URL | |||
| 15481 | MALWARE-CNC Zeus/Zbot malware config file download request (more info ...) | trojan-activity | URL | |||
| 15485 | SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (more info ...) | attempted-user | 2007-5544 | 26146 | ||
| 15491 | SERVER-WEBAPP Subversion 1.0.2 dated-rev-report buffer overflow over http attempt (more info ...) | attempted-user | 2004-0397 | 10386 | ||
| 15509 | SERVER-OTHER IBM DB2 database server CONNECT denial of service attempt (more info ...) | denial-of-service | 2009-0172 | |||
| 15514 | SERVER-OTHER Multiple Vendors NTP Daemon Autokey stack buffer overflow attempt (more info ...) | attempted-admin | 2009-1252 | 35017 | URL | |
| 15518 | FILE-IDENTIFY Embedded Open Type Font file download request (more info ...) | misc-activity | URL | |||
| 15553 | MALWARE-CNC Sality virus HTTP GET request (more info ...) | trojan-activity | URL | |||
| 15555 | SERVER-OTHER Symantec Alert Management System Intel Alert Originator Service buffer overflow attempt (more info ...) | attempted-admin | 2009-1430 | 34672 | URL | |
| 15563 | MALWARE-CNC RSPlug Win.Trojan.server connection (more info ...) | trojan-activity | URL | |||
| 15564 | MALWARE-CNC RSPlug Win.Trojan.file download (more info ...) | misc-activity | URL | |||
| 15565 | MALWARE-CNC RSPlug Win.Trojan.file download (more info ...) | misc-activity | URL | |||
| 15566 | PUA-ADWARE Gumblar HTTP GET request attempt (more info ...) | trojan-activity | URL | |||
| 15567 | PUA-ADWARE Martuz HTTP GET request attempt (more info ...) | trojan-activity | URL | |||
| 15572 | SERVER-OTHER Curse of Silence Nokia SMS DoS attempt (more info ...) | attempted-dos | 33072 | |||
| 15579 | SERVER-OTHER Squid NTLM fakeauth_auth Helper denial of service attempt (more info ...) | attempted-dos | 2005-0097 | 12220 | ||
| 15580 | SERVER-OTHER Squid oversized reply header handling exploit attempt (more info ...) | bad-unknown | 2005-0241 | 12412 | ||
| 15582 | FILE-IDENTIFY ARJ format file download request (more info ...) | misc-activity | URL | |||
| 15583 | FILE-OTHER F-Secure AntiVirus library heap overflow attempt (more info ...) | attempted-user | 2005-0350 | 12515 | ||
| 15683 | SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (more info ...) | attempted-user | 2009-1135 | URL | ||
| 15684 | OS-WINDOWS Multiple product snews uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 15711 | PUA-OTHER mIRC PRIVMSG message processing overflow attempt (more info ...) | attempted-user | 2008-4449 | 31552 | ||
| 15719 | PROTOCOL-SCADA DNP3 link service not supported (more info ...) | protocol-command-decode | URL | |||
| 15730 | MALWARE-CNC Win.Trojan.Delf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 15847 | OS-WINDOWS Telnet-based NTLM replay attack attempt (more info ...) | attempted-user | 2015-0005 | URL | ||
| 15850 | OS-WINDOWS Remote Desktop orderType remote code execution attempt (more info ...) | attempted-user | 2009-1133 | 35971 | URL | |
| 15870 | FILE-IDENTIFY 4XM file download request (more info ...) | misc-activity | URL | |||
| 15871 | FILE-MULTIMEDIA FFmpeg 4xm processing memory corruption attempt (more info ...) | attempted-user | 2009-0385 | 33502 | ||
| 15882 | SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (more info ...) | attempted-admin | 2008-0127 | URL | ||
| 15892 | SERVER-OTHER SAPLPD 0x53 command denial of service attempt (more info ...) | attempted-dos | 2008-0621 | 27613 | ||
| 15893 | FILE-OTHER fCreateShellLink function use - potential attack (more info ...) | misc-activity | 2008-2959 | 29792 | ||
| 15902 | INDICATOR-SHELLCODE x86 win2k-2k3 decoder base shellcode (more info ...) | attempted-user | 2006-3439 | 19409 | ||
| 15903 | INDICATOR-SHELLCODE x86 PoC CVE-2003-0605 (more info ...) | attempted-user | 2003-0605 | |||
| 15922 | FILE-IDENTIFY MP3 file download request (more info ...) | misc-activity | URL | |||
| 15937 | SERVER-OTHER protos h323 buffer overflow (more info ...) | attempted-admin | URL | |||
| 15938 | MALWARE-CNC SubSeven client connection to server (more info ...) | trojan-activity | URL | |||
| 15941 | SERVER-OTHER Squid Proxy TRACE request remote DoS attempt (more info ...) | attempted-admin | 2007-1560 | 23085 | ||
| 15945 | FILE-IDENTIFY RSS file download request (more info ...) | misc-activity | URL | |||
| 15948 | SERVER-OTHER CA License Software invalid command overflow attempt (more info ...) | attempted-admin | 2005-0581 | 12705 | ||
| 15949 | FILE-OTHER McAfee LHA file handling overflow attempt (more info ...) | attempted-user | 2005-0643 | 10243 | ||
| 15950 | SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (more info ...) | attempted-user | 2005-0644 | 12832 | ||
| 15953 | SERVER-WEBAPP Ipswitch IMail Calendaring arbitrary file read attempt (more info ...) | attempted-recon | 2005-1252 | 13727 | ||
| 15954 | SERVER-MAIL SpamAssassin malformed email header DoS attempt (more info ...) | attempted-dos | 2005-1266 | 13978 | ||
| 15957 | FILE-OTHER Sophos Anti-Virus zip file handling DoS attempt (more info ...) | attempted-dos | 2005-1530 | 14270 | ||
| 15961 | SERVER-OTHER 3Com Network Supervisor directory traversal attempt (more info ...) | attempted-recon | 2005-2020 | 14715 | ||
| 15962 | SERVER-WEBAPP Sybase EAServer WebConsole overflow attempt (more info ...) | attempted-user | 2005-2297 | 14287 | ||
| 15969 | SERVER-OTHER Symantec Multiple Products ISAKMPd denial of service attempt (more info ...) | attempted-dos | 2004-0369 | 11039 | ||
| 15979 | SERVER-OTHER Check Point VPN-1 ASN.1 Decoding heap overflow attempt (more info ...) | attempted-dos | 2004-0699 | 10820 | ||
| 15981 | FILE-OTHER zlib Denial of Service (more info ...) | attempted-user | 2004-0797 | 11051 | ||
| 15982 | SERVER-WEBAPP Ipswitch WhatsUp Gold DOS Device HTTP request denial of service attempt (more info ...) | attempted-dos | 2004-0799 | 11110 | ||
| 15983 | SERVER-SAMBA Samba arbitrary file access exploit attempt (more info ...) | misc-attack | 2004-0815 | 11281 | ||
| 15984 | SERVER-SAMBA Samba Printer Change Notification Request DoS attempt (more info ...) | attempted-dos | 2004-0829 | 11055 | ||
| 15989 | SERVER-OTHER Squid ASN.1 header parsing denial of service attempt (more info ...) | attempted-dos | 2004-0918 | 11385 | ||
| 15990 | SERVER-WEBAPP Multiple Vendor server file disclosure attempt (more info ...) | web-application-attack | 2006-3853 | 19106 | ||
| 15992 | FILE-OTHER Trend Micro Products Antivirus Library overflow attempt (more info ...) | attempted-user | 2005-0533 | 12643 | ||
| 15994 | SERVER-OTHER Squid strListGetItem denial of service attempt (more info ...) | attempted-dos | 2009-2855 | 36091 | ||
| 15998 | SERVER-OTHER HP OpenView Client Configuration Manager Radia Notify Daemon code execution attempt (more info ...) | attempted-admin | 2006-5782 | 20971 | ||
| 16002 | FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (more info ...) | attempted-admin | 2007-0465 | |||
| 16003 | FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (more info ...) | attempted-admin | 2007-0465 | |||
| 16004 | FILE-OTHER Apple Mac OS X installer package filename format string vulnerability (more info ...) | attempted-admin | 2007-0465 | |||
| 16013 | SERVER-OTHER IBM solidDB logging function format string exploit attempt (more info ...) | attempted-user | 2008-1705 | 28468 | ||
| 16018 | SERVER-OTHER HP OpenView network node manager buffer overflow (more info ...) | attempted-admin | 2008-1842 | 28689 | ||
| 16039 | SERVER-OTHER EMC Dantz Retrospect Backup Agent denial of service attempt (more info ...) | denial-of-service | 2006-0995 | |||
| 16040 | SERVER-OTHER SpamAssassin spamd vpopmail and paranoid options code execution attempt (more info ...) | attempted-user | 2006-2447 | 18290 | ||
| 16053 | FILE-OTHER GNU tar PAX extended headers handling overflow attempt (more info ...) | attempted-dos | 2006-0300 | 16764 | ||
| 16056 | SERVER-WEBAPP Symantec Scan Engine authentication bypass attempt (more info ...) | attempted-recon | 2006-0230 | 17637 | ||
| 16061 | FILE-IDENTIFY X PixMap file download request (more info ...) | misc-activity | URL | |||
| 16062 | FILE-OTHER ACD Systems ACDSee Products XPM values section buffer overflow attempt (more info ...) | attempted-user | 2007-6009 | 26554 | ||
| 16069 | SERVER-OTHER IBM Informix server argument processing overflow attempt (more info ...) | attempted-admin | 2008-0727 | 28198 | ||
| 16070 | FILE-OTHER X.org PCF parsing buffer overflow attempt (more info ...) | attempted-user | 2008-0006 | 27352 | ||
| 16072 | SERVER-OTHER CUPS server query metacharacter buffer overflow attempt (more info ...) | attempted-admin | 2008-0047 | 28307 | ||
| 16076 | SERVER-OTHER Tripwire format string vulnerability nfs exploit attempt (more info ...) | attempted-admin | 2004-0536 | 10454 | ||
| 16079 | SERVER-WEBAPP uselang code injection (more info ...) | web-application-attack | 2005-4031 | 15703 | ||
| 16087 | FILE-OTHER Multiple vendor AV gateway virus detection bypass attempt (more info ...) | misc-attack | 2005-0218 | 12269 | ||
| 16092 | MALWARE-BACKDOOR Win.Trojan.delf.jwh runtime detection (more info ...) | trojan-activity | URL | |||
| 16093 | MALWARE-CNC bugsprey variant inbound connection (more info ...) | trojan-activity | ||||
| 16094 | MALWARE-CNC Win.Trojan.exchan.gen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16095 | MALWARE-CNC td.exe variant outbound connection getfile (more info ...) | trojan-activity | URL | |||
| 16096 | MALWARE-CNC td.exe variant outbound connection download (more info ...) | trojan-activity | URL | |||
| 16097 | MALWARE-CNC Win.Trojan.agent.vvm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16098 | MALWARE-CNC Win.Trojan.cekar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16099 | MALWARE-CNC Win.Trojan.agent.wdv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16101 | MALWARE-CNC Win.Trojan.delf.phh variant outbound connection 57329.exe (more info ...) | trojan-activity | URL | |||
| 16102 | MALWARE-CNC Win.Trojan.delf.phh variant outbound connection sft_ver1.1454.0.exe (more info ...) | trojan-activity | URL | |||
| 16103 | MALWARE-CNC lost door 3.0 variant outbound connection (more info ...) | trojan-activity | ||||
| 16104 | MALWARE-CNC lost door 3.0 variant outbound connection (more info ...) | trojan-activity | ||||
| 16105 | MALWARE-CNC Win.Trojan.zlob variant outbound connection topqualityads (more info ...) | trojan-activity | URL | |||
| 16106 | MALWARE-CNC synrat 2.1 pro variant outbound connection (more info ...) | trojan-activity | ||||
| 16107 | MALWARE-CNC synrat 2.1 pro variant outbound connection (more info ...) | trojan-activity | ||||
| 16109 | MALWARE-CNC Win.Trojan.zlob.wwv variant outbound connection onestoponlineshop (more info ...) | trojan-activity | URL | |||
| 16110 | MALWARE-CNC Win.Trojan.zlob.wwv variant outbound connection childhe (more info ...) | trojan-activity | URL | |||
| 16111 | MALWARE-CNC Win.Trojan.zlob.wwv installtime detection (more info ...) | trojan-activity | URL | |||
| 16112 | MALWARE-CNC Win.Trojan.agent.vhb variant outbound connection contact remote server (more info ...) | trojan-activity | URL | |||
| 16113 | MALWARE-CNC Win.Trojan.agent.vhb variant outbound connection request login page (more info ...) | trojan-activity | URL | |||
| 16114 | PUA-TOOLBARS Hijacker cramtoolbar runtime detection - hijack (more info ...) | misc-activity | URL | |||
| 16115 | PUA-TOOLBARS Hijacker cramtoolbar runtime detection - search (more info ...) | misc-activity | URL | |||
| 16116 | MALWARE-OTHER Trackware rightonadz.biz adrotator runtime detection - pass user info to remote server (more info ...) | successful-recon-limited | URL | |||
| 16117 | MALWARE-OTHER Trackware rightonadz.biz adrotator runtime detection - ads (more info ...) | successful-recon-limited | URL | |||
| 16118 | PUA-ADWARE Adware winreanimator runtime detection - register request (more info ...) | misc-activity | URL | |||
| 16119 | PUA-ADWARE Adware winreanimator runtime detection - daily update (more info ...) | misc-activity | URL | |||
| 16120 | PUA-TOOLBARS Trackware 6sq toolbar runtime detection (more info ...) | successful-recon-limited | URL | |||
| 16121 | PUA-ADWARE Hijacker weatherstudio outbound connection (more info ...) | misc-activity | URL | |||
| 16122 | PUA-ADWARE rogue antivirus xp 2008 runtime detection - buy (more info ...) | misc-activity | URL | |||
| 16123 | PUA-ADWARE rogue antivirus xp 2008 runtime detection - update (more info ...) | misc-activity | URL | |||
| 16124 | MALWARE-CNC Win.Trojan.nsis.agent.s variant outbound connection (more info ...) | misc-activity | URL | |||
| 16125 | MALWARE-OTHER Keylogger spyyahoo v2.2 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 16126 | PUA-ADWARE Trickler virusremover 2008 outbound connection (more info ...) | misc-activity | URL | |||
| 16127 | PUA-ADWARE Adware superiorads runtime detection (more info ...) | misc-activity | URL | |||
| 16129 | MALWARE-OTHER Keylogger kamyab Keylogger v.3 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 16130 | MALWARE-OTHER Keylogger lord spy pro 1.4 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 16131 | MALWARE-OTHER Trackware adclicker trojan zlob.dnz runtime detection - ads (more info ...) | successful-recon-limited | ||||
| 16132 | MALWARE-OTHER Trackware owlforce runtime detection - remote server #1 (more info ...) | successful-recon-limited | URL | |||
| 16133 | MALWARE-OTHER Trackware owlforce runtime detection - remote server #2 (more info ...) | successful-recon-limited | URL | |||
| 16134 | PUA-ADWARE Adware spyware guard 2008 runtime detection - contacts remote server (more info ...) | misc-activity | URL | |||
| 16135 | PUA-ADWARE Adware spyware guard 2008 runtime detection - purchase page (more info ...) | misc-activity | URL | |||
| 16136 | PUA-ADWARE Hijacker xp antispyware 2009 runtime detection - pre-sale webpage (more info ...) | misc-activity | URL | |||
| 16137 | MALWARE-OTHER Keylogger cheat monitor runtime detection (more info ...) | successful-recon-limited | URL | |||
| 16138 | MALWARE-TOOLS Hacker-Tool 0desa msn pass stealer 8.5 runtime detection (more info ...) | misc-activity | ||||
| 16139 | MALWARE-CNC Win.Trojan.gen2 variant outbound connection scanner page (more info ...) | misc-activity | URL | |||
| 16140 | MALWARE-CNC torpig-mebroot command and control checkin (more info ...) | trojan-activity | URL | |||
| 16141 | SERVER-OTHER Kaspersky Online Scanner trojaned Dll download attempt (more info ...) | trojan-activity | URL | |||
| 16144 | MALWARE-CNC Bredolab bot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16195 | SERVER-WEBAPP HTTP request with negative Content-Length attempt (more info ...) | attempted-user | 2020-3304 | URL | ||
| 16197 | SERVER-OTHER OpenLDAP ber_get_next BER decoding denial of service attempt (more info ...) | attempted-dos | 2008-2952 | 30013 | ||
| 16199 | SERVER-MAIL SpamAssassin long message header denial of service attempt (more info ...) | attempted-dos | 2005-3351 | 15373 | ||
| 16214 | SERVER-OTHER Squid Proxy invalid HTTP response code denial of service attempt (more info ...) | denial-of-service | 2009-2622 | 35812 | ||
| 16215 | SERVER-ORACLE Oracle Application Server Portal cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 16222 | FILE-IMAGE Malformed BMP dimensions arbitrary code execution attempt (more info ...) | attempted-user | 2013-3259 | URL | ||
| 16227 | SERVER-OTHER Web Service on Devices API WSDAPI URL processing buffer corruption attempt (more info ...) | attempted-user | 2009-2512 | URL | ||
| 16232 | OS-WINDOWS Windows TrueType font file parsing integer overflow attempt (more info ...) | attempted-admin | 2010-2741 | URL | ||
| 16242 | MALWARE-CNC downloader-ash.gen.b variant outbound connection adload (more info ...) | trojan-activity | URL | |||
| 16244 | PUA-ADWARE rogue software xp police antivirus runtime detection - purchase (more info ...) | trojan-activity | URL | |||
| 16245 | PUA-ADWARE rogue software xp police antivirus install-timedetection (more info ...) | trojan-activity | URL | |||
| 16246 | PUA-ADWARE rogue software spyware protect 2009 outbound connection - purchase request (more info ...) | trojan-activity | URL | |||
| 16247 | PUA-ADWARE rogue software spyware protect 2009 outbound connection - block (more info ...) | trojan-activity | URL | |||
| 16248 | PUA-ADWARE rogue software ms antispyware 2009 runtime detection - start (more info ...) | trojan-activity | URL | |||
| 16249 | PUA-ADWARE rogue software ms antispyware 2009 runtime detection - pay (more info ...) | trojan-activity | URL | |||
| 16250 | PUA-ADWARE rogue software win pc defender outbound connection (more info ...) | trojan-activity | URL | |||
| 16251 | PUA-ADWARE rogue software win pc defender outbound connection (more info ...) | trojan-activity | URL | |||
| 16252 | PUA-ADWARE rogue software pro antispyware 2009 runtime detection - purchase (more info ...) | trojan-activity | URL | |||
| 16253 | PUA-ADWARE rogue software system security 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 16254 | PUA-ADWARE rogue software system security 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 16255 | PUA-ADWARE rogue software system security 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 16256 | PUA-ADWARE rogue software coreguard antivirus 2009 runtime detection (more info ...) | trojan-activity | URL | |||
| 16257 | PUA-ADWARE rogue software perfect defender 2009 outbound connection - update (more info ...) | trojan-activity | URL | |||
| 16258 | PUA-ADWARE rogue software perfect defender 2009 outbound connection - purchase (more info ...) | trojan-activity | URL | |||
| 16259 | PUA-ADWARE rogue software antivirusdoktor2009 runtime detection (more info ...) | trojan-activity | URL | |||
| 16260 | PUA-ADWARE rogue software xp antivirus protection runtime detection - installation (more info ...) | trojan-activity | URL | |||
| 16261 | PUA-ADWARE rogue software xp antivirus protection runtime detection - runtime (more info ...) | trojan-activity | URL | |||
| 16262 | PUA-ADWARE rogue software xp-shield outbound connection (more info ...) | trojan-activity | URL | |||
| 16263 | PUA-ADWARE rogue software xp-shield outbound connection - installation (more info ...) | trojan-activity | URL | |||
| 16264 | PUA-ADWARE rogue software 007 anti-spyware runtime detection - update (more info ...) | trojan-activity | URL | |||
| 16265 | PUA-ADWARE rogue software 007 anti-spyware runtime detection - register (more info ...) | trojan-activity | URL | |||
| 16266 | PUA-ADWARE rogue software pc antispyware 2010 runtime detection - buy (more info ...) | trojan-activity | URL | |||
| 16267 | PUA-ADWARE rogue software pc antispyware 2010 runtime detection - files (more info ...) | trojan-activity | URL | |||
| 16268 | MALWARE-CNC Win.Trojan.tdss.1.gen install-time detection - yournewsblog.net (more info ...) | trojan-activity | URL | |||
| 16269 | MALWARE-CNC Win.Trojan.tdss.1.gen install-time detection - findzproportal1.com (more info ...) | trojan-activity | URL | |||
| 16271 | MALWARE-CNC Win.Trojan.TDSS.1.Gen keepalive detection (more info ...) | trojan-activity | URL | |||
| 16272 | MALWARE-CNC Trojan-dropper.irc.tkb variant outbound connection lordhack (more info ...) | trojan-activity | URL | |||
| 16273 | MALWARE-CNC Trojan-dropper.irc.tkb variant outbound connection dxcpm (more info ...) | trojan-activity | URL | |||
| 16274 | MALWARE-CNC Trickler trojan-spy.win32.pophot variant outbound connection connect to server (more info ...) | misc-activity | URL | |||
| 16275 | MALWARE-CNC Trickler trojan-spy.win32.pophot variant outbound connection download files (more info ...) | misc-activity | URL | |||
| 16276 | PUA-ADWARE Trickler win32-fakealert.kl outbound connection (more info ...) | misc-activity | URL | |||
| 16277 | PUA-ADWARE Trickler win32-fakealert.kl outbound connection - downloads malicious files (more info ...) | misc-activity | URL | |||
| 16278 | PUA-ADWARE Trickler win32-fakealert.kl installime detection - updates remote server (more info ...) | misc-activity | URL | |||
| 16279 | PUA-ADWARE rogue-software windows antivirus 2008 runtime detection - pre-sale page (more info ...) | trojan-activity | URL | |||
| 16280 | PUA-ADWARE rogue-software windows antivirus 2008 runtime detection - registration and payment page (more info ...) | trojan-activity | URL | |||
| 16281 | PUA-P2P BitTorrent scrape request (more info ...) | policy-violation | URL | |||
| 16282 | PUA-P2P Bittorrent uTP peer request (more info ...) | policy-violation | URL | |||
| 16283 | SERVER-WEBAPP Borland StarTeam Multicast Service buffer overflow attempt (more info ...) | attempted-admin | 2008-0311 | 28602 | ||
| 16289 | MALWARE-CNC Clob bot traffic (more info ...) | trojan-activity | URL | |||
| 16313 | FILE-EXECUTABLE download of executable content (more info ...) | policy-violation | URL | |||
| 16335 | FILE-PDF XPDF ObjectStream integer overflow (more info ...) | attempted-user | 2009-3608 | 37167 | ||
| 16341 | SERVER-OTHER IBM DB2 Database Server invalid data stream denial of service attempt (more info ...) | attempted-dos | 2009-0173 | 33258 | ||
| 16345 | FILE-OTHER IBM Informix Client SDK NFX file HostList processing stack buffer overflow attempt (more info ...) | attempted-user | 2009-3691 | 36588 | ||
| 16346 | FILE-OTHER IBM Informix Client SDK NFX file InformixServerList processing stack buffer overflow attempt (more info ...) | attempted-user | 2009-3691 | 36588 | ||
| 16351 | PROTOCOL-VOIP CSeq buffer overflow attempt (more info ...) | attempted-dos | 2009-2726 | 36015 | 18986 | URL |
| 16355 | FILE-PDF Xpdf Splash DrawImage integer overflow attempt (more info ...) | attempted-user | 2009-3604 | 36703 | ||
| 16358 | MALWARE-CNC bugsprey variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16362 | MALWARE-CNC SpyForms malware call home (more info ...) | trojan-activity | URL | |||
| 16365 | PUA-ADWARE OnlineGames download attempt (more info ...) | trojan-activity | ||||
| 16368 | MALWARE-CNC Win.Trojan.Hydraq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16374 | SERVER-OTHER Oracle Internet Directory heap corruption attempt (more info ...) | attempted-admin | ||||
| 16375 | SERVER-OTHER LDAP object parameter name buffer overflow attempt (more info ...) | attempted-admin | ||||
| 16384 | SERVER-OTHER VMware Server ISAPI Extension remote denial of service attempt (more info ...) | attempted-dos | 2008-3697 | 30935 | URL | |
| 16391 | MALWARE-CNC Gozi Win.Trojan.connection to C&C (more info ...) | trojan-activity | URL | |||
| 16439 | MALWARE-CNC Possible Zeus User-Agent - _TEST_ (more info ...) | trojan-activity | URL | |||
| 16440 | MALWARE-CNC Possible Zeus User-Agent - ie (more info ...) | trojan-activity | URL | |||
| 16441 | MALWARE-CNC Possible Zeus User-Agent - Download (more info ...) | trojan-activity | URL | |||
| 16445 | PROTOCOL-VOIP Digium Asterisk IAX2 ack response denial of service attempt (more info ...) | attempted-dos | 2008-1897 | 28901 | URL | |
| 16455 | MALWARE-OTHER Keylogger egyspy keylogger 1.13 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 16456 | PUA-ADWARE Rogue-Software ang antivirus 09 runtime detection (more info ...) | trojan-activity | URL | |||
| 16457 | MALWARE-CNC Win.Trojan.Cutwail.AI variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16459 | MALWARE-CNC Win.Trojan.command and control communication (more info ...) | trojan-activity | URL | |||
| 16483 | MALWARE-CNC Koobface worm submission of collected data to C&C server (more info ...) | trojan-activity | URL | |||
| 16484 | MALWARE-CNC Koobface variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16485 | MALWARE-CNC Koobface request for captcha (more info ...) | trojan-activity | URL | |||
| 16489 | MALWARE-CNC Bobax botnet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16493 | MALWARE-CNC TT-bot botnet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16494 | PUA-ADWARE Cutwail spambot server communication attempt (more info ...) | trojan-activity | ||||
| 16495 | MALWARE-CNC Rustock botnet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16496 | MALWARE-CNC Win.Trojan.hacktool variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16497 | MALWARE-CNC User-Agent known malicious user agent - Tear Application (more info ...) | trojan-activity | URL | |||
| 16498 | PUA-ADWARE PC Antispyware 2010 FakeAV download/update attempt (more info ...) | trojan-activity | ||||
| 16516 | SERVER-ORACLE Database sys.olapimpl_t package odcitablestart overflow attempt (more info ...) | attempted-user | 2008-3974 | |||
| 16517 | FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 16518 | FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 16519 | FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 16520 | FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 16523 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 16526 | MALWARE-CNC VanBot IRC communication (more info ...) | trojan-activity | URL | |||
| 16527 | MALWARE-CNC Zbot malware config file download request (more info ...) | trojan-activity | URL | |||
| 16528 | MALWARE-CNC Zbot malware config file download request (more info ...) | trojan-activity | URL | |||
| 16530 | OS-WINDOWS CAB SIP authenticode alteration attempt (more info ...) | attempted-user | 2010-0487 | URL | ||
| 16551 | MALWARE-CNC User-Agent known malicious user agent - malware (more info ...) | trojan-activity | URL | |||
| 16556 | FILE-OTHER 2imaegshack/lmageshack IM worm get request attempt (more info ...) | misc-activity | URL | |||
| 16557 | FILE-OTHER 2imaegshack/lmageshack IM worm inbound communication attempt (more info ...) | misc-activity | URL | |||
| 16558 | MALWARE-CNC SdBot IRC Win.Trojan.server to client communication (more info ...) | trojan-activity | URL | |||
| 16579 | PUA-OTHER mIRC IRC URL buffer overflow attempt (more info ...) | attempted-user | 2003-1336 | 8819 | ||
| 16582 | FILE-OTHER Un4seen Developments XMPlay crafted ASX file buffer overflow attempt (more info ...) | attempted-user | 2006-6063 | 21206 | ||
| 16594 | PROTOCOL-POP STAT command (more info ...) | protocol-command-decode | ||||
| 16598 | SERVER-OTHER Green Dam URL handling overflow attempt (more info ...) | attempted-user | URL | |||
| 16600 | MALWARE-CNC Otlard Win.Trojan.activity (more info ...) | trojan-activity | URL | |||
| 16606 | SERVER-ORACLE BEA WebLogic Server Plug-ins Certificate overflow attempt (more info ...) | attempted-user | 2009-1016 | 34461 | ||
| 16669 | MALWARE-CNC Spyeye bot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16670 | MALWARE-CNC Koobface worm executable download (more info ...) | trojan-activity | URL | |||
| 16678 | SERVER-WEBAPP Tandberg VCS local file disclosure attempt (more info ...) | web-application-attack | 2009-4511 | URL | ||
| 16681 | SERVER-WEBAPP Basic Authorization string overflow attempt (more info ...) | attempted-dos | 2003-0727 | 8375 | ||
| 16682 | SERVER-WEBAPP Oracle ONE Web Server JSP source code disclosure attempt (more info ...) | misc-attack | 2009-2445 | |||
| 16684 | SERVER-SAMBA Samba smbd Session Setup AndX security blob length dos attempt (more info ...) | denial-of-service | 2010-1642 | 40097 | URL | |
| 16686 | SERVER-OTHER IBM WebSphere application server cross site scripting attempt (more info ...) | misc-attack | 2009-0855 | 34001 | ||
| 16688 | SERVER-OTHER iscsi target format string code execution attempt (more info ...) | attempted-admin | 2010-0743 | |||
| 16689 | SERVER-OTHER Palo Alto Networks Firewall editUser.esp XSS attempt (more info ...) | web-application-attack | 2010-0475 | |||
| 16691 | FILE-IDENTIFY PLF playlist file download request (more info ...) | misc-activity | ||||
| 16692 | FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (more info ...) | attempted-user | 2006-6199 | 21337 | ||
| 16695 | MALWARE-CNC Rogue AV download/update (more info ...) | trojan-activity | URL | |||
| 16696 | FILE-OTHER Astonsoft Deepburner db file path buffer overflow attempt (more info ...) | attempted-user | 2006-6665 | 21657 | ||
| 16709 | SERVER-OTHER RealNetworks Helix Server RTSP SET_PARAMETERS empty DataConvertBuffer header denial of service attempt (more info ...) | attempted-dos | 2009-2533 | 35731 | ||
| 16710 | SERVER-OTHER Oracle BEA Weblogic server console-help.portal cross-site scripting attempt (more info ...) | attempted-user | 2009-1975 | 35673 | ||
| 16716 | FILE-IMAGE multiple products PNG processing buffer overflow attempt (more info ...) | attempted-user | 2017-3077 | 34240 | URL | |
| 16717 | SERVER-ORACLE Oracle Secure Enterprise Search search_p_groups cross-site scripting attempt (more info ...) | attempted-user | 2009-1968 | 35681 | ||
| 16719 | FILE-OTHER CA multiple product AV engine CAB header parsing stack overflow attempt (more info ...) | attempted-user | 2007-2864 | 24330 | ||
| 16720 | FILE-MULTIMEDIA VideoLAN VLC Media Player TY processing buffer overflow attempt (more info ...) | attempted-user | 2008-4654 | 31813 | ||
| 16721 | FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (more info ...) | attempted-user | 2010-0688 | 38436 | ||
| 16725 | BROWSER-PLUGINS ActivePDF WebGrabber APWebGrb.ocx GetStatus method overflow attempt (more info ...) | attempted-user | ||||
| 16726 | FILE-OTHER gAlan malformed file stack overflow attempt (more info ...) | attempted-user | ||||
| 16727 | FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (more info ...) | attempted-user | 2009-4265 | |||
| 16730 | FILE-OTHER ProShow Gold PSH file handling overflow attempt (more info ...) | attempted-user | 2009-3214 | |||
| 16731 | FILE-OTHER ProShow Gold PSH file handling overflow attempt (more info ...) | attempted-user | 2009-3214 | |||
| 16732 | FILE-OTHER SafeNet SoftRemote multiple policy file local overflow attempt (more info ...) | attempted-user | 2009-3861 | |||
| 16733 | FILE-OTHER UltraISO CCD file handling overflow attempt (more info ...) | attempted-user | 2009-1260 | |||
| 16734 | FILE-OTHER multiple products malformed CUE file buffer overflow attempt (more info ...) | attempted-user | 2007-2888 | 33960 | ||
| 16735 | FILE-OTHER URSoft W32Dasm Import/Export function buffer overflow attempt (more info ...) | attempted-user | 2005-0308 | 12352 | ||
| 16736 | FILE-OTHER VariCAD multiple products DWB file handling overflow attempt (more info ...) | attempted-user | 38815 | |||
| 16737 | FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 1 (more info ...) | attempted-user | ||||
| 16738 | FILE-MULTIMEDIA Xenorate Media Player XPL file handling overflow attempt - 2 (more info ...) | attempted-user | ||||
| 16742 | FILE-IDENTIFY remote desktop configuration file download request (more info ...) | misc-activity | URL | |||
| 16743 | FILE-OTHER Cain & Abel Remote Desktop Protocol file handling buffer overflow attempt (more info ...) | attempted-user | 2008-5405 | 32543 | URL | |
| 16744 | FILE-MULTIMEDIA Worldweaver DX Studio Player plug-in command injection attempt (more info ...) | attempted-user | 2009-2011 | 35273 | ||
| 16751 | FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (more info ...) | attempted-user | 2009-2484 | 35500 | ||
| 16752 | FILE-MULTIMEDIA VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (more info ...) | attempted-user | 2009-2484 | 35500 | ||
| 16753 | SERVER-WEBAPP VideoLAN VLC Media Player SMB module Win32AddConnection buffer overflow attempt (more info ...) | attempted-user | 2009-2484 | 35500 | ||
| 16777 | SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (more info ...) | attempted-dos | 2008-5441 | 33177 | ||
| 16778 | SERVER-ORACLE Secure Backup NDMP packet handling DoS attempt (more info ...) | attempted-dos | 2008-5441 | 33177 | ||
| 16785 | BROWSER-PLUGINS AwingSoft Winds3D Player SceneURL method command execution attempt (more info ...) | attempted-user | 2009-4850 | |||
| 16788 | SERVER-OTHER RealVNC VNC Server ClientCutText message memory corruption attempt (more info ...) | attempted-admin | 39895 | |||
| 16799 | SERVER-MAIL Eureka Mail 2.2q server error response overflow attempt (more info ...) | misc-attack | 2009-3837 | URL | ||
| 16804 | MALWARE-CNC Win.Trojan.Qakbot.E - initial load (more info ...) | trojan-activity | URL | |||
| 16805 | MALWARE-CNC Win.Trojan.Qakbot.E config check (more info ...) | trojan-activity | URL | |||
| 16808 | MALWARE-CNC Win.Trojan.Qakbot.E - register client (more info ...) | trojan-activity | URL | |||
| 16809 | MALWARE-CNC Win.Trojan.FraudPack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16810 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16811 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16812 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16813 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16814 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16815 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16816 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16817 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16818 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16819 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16820 | MALWARE-CNC Win.Trojan.Kryptik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 16821 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16822 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16823 | MALWARE-CNC Win.Trojan.FlyStudio known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16824 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16825 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16826 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16827 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16828 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16829 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16830 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16831 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16832 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16833 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 16911 | MALWARE-CNC URI request for known malicious URI - ucsp0416.exe?t= (more info ...) | trojan-activity | URL | |||
| 16912 | MALWARE-CNC URI request for known malicious URI - net/cfg2.bin (more info ...) | trojan-activity | URL | |||
| 16914 | MALWARE-CNC URI request for known malicious URI - .bin?ucsp (more info ...) | trojan-activity | URL | |||
| 16915 | MALWARE-CNC URI request for known malicious URI - /MNG/Download/?File=AZF (more info ...) | trojan-activity | URL | |||
| 16916 | MALWARE-CNC URI request for known malicious URI - /jarun/jezerce (more info ...) | trojan-activity | URL | |||
| 16917 | MALWARE-CNC URI request for known malicious URI - /ekaterina/velika (more info ...) | trojan-activity | URL | |||
| 16918 | MALWARE-CNC URI request for known malicious URI - /ultimate/fight (more info ...) | trojan-activity | URL | |||
| 16919 | MALWARE-CNC URI request for known malicious URI - /tmp/pm.exe?t= (more info ...) | trojan-activity | URL | |||
| 16920 | MALWARE-CNC URI request for known malicious URI - /DownLoadFile/BaePo/ver (more info ...) | trojan-activity | URL | |||
| 16921 | MALWARE-CNC URI request for known malicious URI - /s1/launcher/update/Update/data/ (more info ...) | trojan-activity | URL | |||
| 16928 | MALWARE-CNC URI request for known malicious URI - /stat.html?0dPg0uXTraCSqrOdlrKpmpyorePbz (more info ...) | trojan-activity | URL | |||
| 16930 | MALWARE-CNC URI request for known malicious URI - count.asp?mac= (more info ...) | trojan-activity | URL | |||
| 16932 | MALWARE-CNC URI request for known malicious URI - /qqnongchang/qqkj. (more info ...) | trojan-activity | URL | |||
| 16933 | MALWARE-CNC URI request for known malicious URI - /root/9 frt.rar (more info ...) | trojan-activity | URL | |||
| 16934 | POLICY-SPAM pku-edp.cn known spam email attempt (more info ...) | policy-violation | ||||
| 16935 | POLICY-SPAM sjtu-edp.cn known spam email attempt (more info ...) | policy-violation | ||||
| 16936 | POLICY-SPAM xoposuhop.cn xoposuhop.cn known spam email attempt (more info ...) | policy-violation | ||||
| 16937 | POLICY-SPAM bestdrug-store.com known spam email attempt (more info ...) | policy-violation | ||||
| 16938 | POLICY-SPAM pharmrik66y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16939 | POLICY-SPAM refillleonardo59y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16940 | POLICY-SPAM medfreddie55a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16941 | POLICY-SPAM drugshershel38w.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16942 | POLICY-SPAM drugshayyim77n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16943 | POLICY-SPAM erectguthry99c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16944 | POLICY-SPAM pilldory92n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16945 | POLICY-SPAM tabwinn77t.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16946 | POLICY-SPAM pillrenault15j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16947 | POLICY-SPAM pharmrolland95h.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16948 | POLICY-SPAM onlineheindrick60i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16949 | POLICY-SPAM erectnormie71a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16951 | POLICY-SPAM drugsjudd45f.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16952 | POLICY-SPAM pharmharman55y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16953 | POLICY-SPAM medgaultiero11e.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16954 | POLICY-SPAM pillgaylor21n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16955 | POLICY-SPAM drugspenn84f.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16956 | POLICY-SPAM medebeneser68c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16957 | POLICY-SPAM tabmario94r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16958 | POLICY-SPAM tablennard88q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16959 | POLICY-SPAM medforster79j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16960 | POLICY-SPAM erectvincent21v.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16961 | POLICY-SPAM drugsdemott21o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16962 | POLICY-SPAM onlinelovell30p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16963 | POLICY-SPAM erecttaylor49i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16964 | POLICY-SPAM smellexact.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16965 | POLICY-SPAM givehome.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16966 | POLICY-SPAM thingpath.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16967 | POLICY-SPAM wereif.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16968 | POLICY-SPAM bassmax.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16969 | POLICY-SPAM steadfig.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16970 | POLICY-SPAM drugsmayne5a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16971 | POLICY-SPAM mystick.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16972 | POLICY-SPAM drugsrey95a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16973 | POLICY-SPAM milklowly.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16974 | POLICY-SPAM numberenough.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16975 | POLICY-SPAM oldsheer.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16976 | POLICY-SPAM logzest.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16977 | POLICY-SPAM energypotent.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16978 | POLICY-SPAM outhave.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16979 | POLICY-SPAM solvecalm.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16980 | POLICY-SPAM stillvisit.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16981 | POLICY-SPAM livelycall.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16982 | POLICY-SPAM 64.com1.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16983 | POLICY-SPAM heatsettle.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16984 | POLICY-SPAM freshmuch.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16985 | POLICY-SPAM extoleye.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16987 | POLICY-SPAM tabemmerich86b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16988 | POLICY-SPAM moderneight.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16989 | POLICY-SPAM tabferd49a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16990 | POLICY-SPAM nextmail.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16991 | POLICY-SPAM fruitone.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16992 | POLICY-SPAM liquideat.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16993 | POLICY-SPAM tabwinn2a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16994 | POLICY-SPAM abletool.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16995 | POLICY-SPAM miltyrefil.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16996 | POLICY-SPAM quincytab.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16997 | POLICY-SPAM giacoporx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16998 | POLICY-SPAM drugsnevile.ru known spam email attempt (more info ...) | policy-violation | ||||
| 16999 | POLICY-SPAM jasemed.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17000 | POLICY-SPAM ximenezdrug.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17001 | POLICY-SPAM dillonline.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17002 | POLICY-SPAM swellliquid.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17003 | POLICY-SPAM younglaugh.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17004 | POLICY-SPAM 2047757.kaskad-travel.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17005 | POLICY-SPAM paintwater.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17006 | POLICY-SPAM lovingover.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17007 | POLICY-SPAM pharmerastus.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17008 | POLICY-SPAM hisoffer.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17009 | POLICY-SPAM butleft.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17010 | POLICY-SPAM starknow.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17011 | POLICY-SPAM beginwisdom.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17012 | POLICY-SPAM oneus.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17013 | POLICY-SPAM reapcomfy.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17014 | POLICY-SPAM rowsay.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17015 | POLICY-SPAM pamperletter.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17016 | POLICY-SPAM boxdouble.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17017 | POLICY-SPAM beatmoon.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17018 | POLICY-SPAM ensureequate.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17020 | POLICY-SPAM sheerwheel.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17021 | POLICY-SPAM nearpass.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17022 | POLICY-SPAM thatmile.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17023 | POLICY-SPAM hillfoot.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17024 | POLICY-SPAM writeobject.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17025 | POLICY-SPAM thoughthese.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17026 | POLICY-SPAM redlead.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17029 | POLICY-SPAM tenderpower.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17030 | POLICY-SPAM fewvalley.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17031 | POLICY-SPAM burnshy.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17032 | POLICY-SPAM centtry.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17033 | POLICY-SPAM signpearl.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17041 | SERVER-OTHER ISA Server OTP-based Forms-authorization fallback policy bypass attempt (more info ...) | attempted-user | 2009-1135 | URL | ||
| 17050 | SERVER-WEBAPP Oracle Secure Backup Administration Server authentication bypass attempt (more info ...) | attempted-admin | 2010-0904 | 41596 | ||
| 17055 | SERVER-ORACLE Oracle Database DBMS TNS Listener denial of service attempt (more info ...) | attempted-dos | 2009-0991 | 34461 | URL | |
| 17104 | FILE-OTHER FeedDemon OPML file handling buffer overflow attempt (more info ...) | attempted-user | 2009-0546 | 33630 | ||
| 17105 | FILE-OTHER FeedDemon unicode OPML file handling buffer overflow attempt (more info ...) | attempted-user | 2009-0546 | 33630 | ||
| 17106 | FILE-IDENTIFY download of RMF file - potentially malicious (more info ...) | misc-activity | 2010-0842 | 39077 | ||
| 17110 | APP-DETECT VxWorks remote debugging agent login attempt (more info ...) | protocol-command-decode | 2010-2965 | URL | ||
| 17137 | SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (more info ...) | misc-attack | 40298 | URL | ||
| 17138 | SERVER-OTHER iSCSI target multiple implementations iSNS stack buffer overflow attempt (more info ...) | attempted-admin | 2010-2221 | 41327 | ||
| 17139 | SERVER-OTHER Symantec Alert Management System HNDLRSVC arbitrary command execution attempt (more info ...) | attempted-admin | 2010-0110 | 41959 | ||
| 17140 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 17148 | FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 1 (more info ...) | attempted-user | 40428 | |||
| 17149 | FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 2 (more info ...) | attempted-user | 40428 | |||
| 17150 | FILE-MULTIMEDIA VideoLAN VLC renamed zip file handling code execution attempt - 3 (more info ...) | attempted-user | 40428 | |||
| 17152 | SERVER-SAMBA Samba smbd flags2 header parsing denial of service attempt (more info ...) | attempted-dos | 2010-1635 | 40097 | ||
| 17155 | SERVER-OTHER Multiple vendors OPIE off-by-one stack buffer overflow attempt (more info ...) | attempted-admin | 2010-1938 | 40403 | ||
| 17157 | SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 1 (more info ...) | attempted-user | 40298 | URL | ||
| 17158 | SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 2 (more info ...) | attempted-user | 40298 | URL | ||
| 17159 | SERVER-WEBAPP HP Intelligent Management Center database credentials information disclosure attempt - 3 (more info ...) | attempted-user | 40298 | URL | ||
| 17207 | SERVER-OTHER IBM Cognos Server backdoor account remote code execution attempt (more info ...) | attempted-admin | 2010-0557 | 38084 | ||
| 17208 | SERVER-OTHER Squid Proxy HTCP packet processing denial of service attempt (more info ...) | attempted-dos | 2010-0639 | 38212 | ||
| 17225 | SERVER-OTHER Alt-N MDaemon WorldClient invalid user attempt (more info ...) | attempted-dos | 2008-2631 | |||
| 17234 | MALWARE-CNC VBMania mass mailing worm activity (more info ...) | trojan-activity | URL | |||
| 17235 | MALWARE-CNC VBMania mass mailing worm download (more info ...) | trojan-activity | URL | |||
| 17238 | FILE-OTHER ACD Systems ACDSee Products XBM file handling buffer overflow attempt (more info ...) | attempted-user | 37685 | |||
| 17244 | FILE-OTHER Antivirus ACE file handling buffer overflow attempt (more info ...) | attempted-user | 2005-2720 | |||
| 17264 | SERVER-ORACLE Permission declaration exploit attempt (more info ...) | attempted-admin | 2010-0866 | 38115 | ||
| 17266 | FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (more info ...) | attempted-user | 12793 | URL | ||
| 17267 | FILE-OTHER Multiple vendor malformed ZIP archive Antivirus detection bypass attempt (more info ...) | attempted-user | 12793 | URL | ||
| 17269 | PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (more info ...) | attempted-dos | 2005-0468 | 12919 | ||
| 17275 | SERVER-MAIL Symantec Brightmail AntiSpam nested Zip handling denial of service attempt (more info ...) | attempted-dos | 14757 | URL | ||
| 17277 | FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (more info ...) | attempted-user | 2005-3382 | |||
| 17278 | FILE-OTHER Multiple vendor Antivirus magic byte detection evasion attempt (more info ...) | attempted-user | 2005-3382 | |||
| 17279 | SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (more info ...) | attempted-user | 2005-1939 | 15291 | ||
| 17280 | SERVER-WEBAPP Ipswitch WhatsUp Small Business directory traversal attempt (more info ...) | attempted-user | 2005-1939 | 15291 | ||
| 17281 | FILE-OTHER Panda Antivirus ZOO archive decompression buffer overflow attempt (more info ...) | attempted-user | 2005-3922 | |||
| 17282 | SERVER-OTHER Multiple products RAR archive decompression buffer overflow attempt (more info ...) | attempted-user | 2005-4438 | |||
| 17283 | SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (more info ...) | attempted-user | 2005-4411 | 16396 | ||
| 17289 | FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (more info ...) | attempted-user | 2006-4335 | URL | ||
| 17291 | INDICATOR-OBFUSCATION base64-encoded uri data object found (more info ...) | policy-violation | URL | |||
| 17293 | SERVER-ORACLE sdo_lrs.convert_to_lrs_layer buffer overflow attempt (more info ...) | attempted-user | 2006-5340 | 20588 | ||
| 17298 | SERVER-OTHER IBM Tivoli Monitoring Express Universal Agent Buffer Overflow (more info ...) | attempted-admin | 2007-2137 | 23558 | ||
| 17299 | SERVER-OTHER ISC BIND RRSIG query denial of service attempt (more info ...) | attempted-dos | 2007-2241 | 23738 | ||
| 17309 | FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 17313 | SERVER-ORACLE database server crafted view privelege escalation attempt (more info ...) | attempted-admin | 2006-1705 | 17246 | ||
| 17326 | SERVER-OTHER Citrix Program Neighborhood Client buffer overflow attempt (more info ...) | attempted-user | 2005-3652 | 15907 | ||
| 17327 | SERVER-MAIL Qualcomm WorldMail Server Response (more info ...) | protocol-command-decode | ||||
| 17331 | SERVER-MAIL IBM Lotus Notes HTML Speed Reader Long URL buffer overflow attempt (more info ...) | attempted-user | 2005-2618 | 16576 | ||
| 17335 | INDICATOR-SHELLCODE x86 OS agnostic fnstenv geteip byte xor decoder (more info ...) | shellcode-detect | ||||
| 17336 | INDICATOR-SHELLCODE x86 OS agnostic call geteip byte xor decoder (more info ...) | shellcode-detect | ||||
| 17341 | INDICATOR-SHELLCODE x86 OS agnostic alpha UTF8 tolower avoidance decoder (more info ...) | shellcode-detect | ||||
| 17342 | INDICATOR-SHELLCODE x86 OS agnostic unicode mixed case decoder (more info ...) | shellcode-detect | ||||
| 17343 | INDICATOR-SHELLCODE x86 OS agnostic unicode upper case decoder (more info ...) | shellcode-detect | ||||
| 17346 | SERVER-OTHER IBM Lotus Notes Cross Site Scripting attempt (more info ...) | string-detect | 2005-2175 | 14164 | ||
| 17350 | SERVER-ORACLE Oracle Application Server forms arbitrary system command execution attempt (more info ...) | attempted-user | 2005-2372 | 14319 | ||
| 17352 | FILE-OTHER ClamAV CHM File Handling Integer Overflow attempt (more info ...) | attempted-user | 2005-2450 | 14359 | ||
| 17356 | FILE-OTHER NOD32 Anti-Virus ARJ Archive Handling Buffer Overflow attempt (more info ...) | attempted-admin | 2005-2903 | 14773 | ||
| 17357 | PUA-OTHER AOL GAIM AIM-ICQ Protocol Handling buffer overflow attempt (more info ...) | attempted-user | 2005-2103 | 14531 | ||
| 17358 | FILE-EXECUTABLE ClamAV UPX File Handling Buffer Overflow attempt (more info ...) | attempted-user | 2005-2920 | 14866 | ||
| 17359 | FILE-IDENTIFY XBM image file download request (more info ...) | misc-activity | URL | |||
| 17363 | FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (more info ...) | attempted-user | 2007-0197 | |||
| 17369 | SERVER-MAIL MailEnable service APPEND command handling buffer overflow attempt (more info ...) | attempted-admin | 2007-1301 | 22792 | ||
| 17370 | SERVER-WEBAPP Squid authentication headers handling denial of service attempt (more info ...) | protocol-command-decode | 2005-2917 | 14977 | ||
| 17371 | SERVER-WEBAPP Squid authentication headers handling denial of service attempt (more info ...) | attempted-dos | 2005-2917 | 14977 | ||
| 17376 | SERVER-WEBAPP IBM Lotus Expeditor cai URI handler command execution attempt (more info ...) | attempted-user | 2008-1965 | URL | ||
| 17390 | FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (more info ...) | attempted-dos | 2008-5314 | 32555 | ||
| 17416 | SERVER-ORACLE Database Intermedia Denial of Service Attempt (more info ...) | denial-of-service | 13239 | |||
| 17417 | SERVER-ORACLE Database Intermedia Denial of Service Attempt (more info ...) | denial-of-service | 13239 | |||
| 17418 | SERVER-ORACLE Oracle connection established (more info ...) | attempted-user | ||||
| 17420 | SERVER-WEBAPP Citrix Program Neighborhood Agent Arbitrary Shortcut Creation attempt (more info ...) | attempted-user | 2004-1077 | 13379 | ||
| 17423 | SERVER-WEBAPP Citrix Program Neighborhood Agent Buffer Overflow attempt (more info ...) | attempted-user | 2004-1078 | 13373 | ||
| 17427 | SERVER-ORACLE Oracle database DBMS_Scheduler privilege escalation attempt (more info ...) | attempted-user | 2005-1496 | 13509 | ||
| 17430 | FILE-PDF BitDefender Antivirus PDF processing memory corruption attempt (more info ...) | attempted-user | 2008-5409 | 32396 | ||
| 17432 | SERVER-WEBAPP Squid Gopher protocol handling buffer overflow attempt (more info ...) | attempted-dos | 2005-0094 | 12276 | ||
| 17450 | SERVER-WEBAPP CommuniGate Systems CommuniGate Pro LDAP Server buffer overflow attempt (more info ...) | attempted-user | 2006-0468 | 16407 | URL | |
| 17458 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 17459 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 17460 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 17469 | FILE-MULTIMEDIA Mplayer Real Demuxer stream_read heap overflow attempt (more info ...) | attempted-user | 2008-3827 | 31473 | ||
| 17473 | SERVER-ORACLE DBMS_CDC_SUBSCRIBE.EXTEND_WINDOW arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17474 | SERVER-ORACLE DBMS_CDC_SUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17475 | SERVER-ORACLE DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17476 | SERVER-ORACLE DBMS_CDC_SUBSCRIBE.PURGE_WINDOW arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17477 | SERVER-ORACLE DBMS_CDC_SUBSCRIBE.DROP_SUBSCRIPTION arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17478 | SERVER-ORACLE DBMS_CDC_SUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17479 | SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.SUBSCRIBE arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17480 | SERVER-ORACLE DBMS_CDC_ISUBSCRIBE.CREATE_SUBSCRIPTION arbitrary command execution attempt (more info ...) | misc-attack | 2005-1197 | 13236 | ||
| 17486 | SERVER-WEBAPP Trend Micro Control Manager Chunked overflow attempt (more info ...) | attempted-admin | 2005-1929 | 15865 | ||
| 17493 | FILE-OTHER ClamAV UPX FileHandling Heap overflow attempt (more info ...) | attempted-user | 2006-4018 | 19381 | ||
| 17524 | SERVER-OTHER Fujitsu SystemcastWizard Lite PXEService UDP Handling Buffer Overflow (more info ...) | attempted-admin | 2009-0270 | 33342 | ||
| 17527 | FILE-MULTIMEDIA VideoLAN VLC Media Player MP4_BoxDumpStructure Buffer Overflow (more info ...) | attempted-user | 2009-1122 | 35232 | ||
| 17528 | SERVER-WEBAPP nginx URI parsing buffer overflow attempt (more info ...) | attempted-admin | 2009-2629 | 36384 | ||
| 17534 | SERVER-OTHER IPP Application Content (more info ...) | protocol-command-decode | ||||
| 17535 | SERVER-OTHER Apple CUPS Text to PostScript Filter Integer Overflow attempt (more info ...) | attempted-user | 2008-3640 | 31690 | ||
| 17541 | FILE-OTHER Avast Antivirus Engine Remote LHA buffer overflow attempt (more info ...) | attempted-admin | 2006-4626 | 19903 | ||
| 17544 | SERVER-OTHER Wireshark LWRES Dissector getaddrsbyname buffer overflow attempt (more info ...) | attempted-dos | 2010-0304 | 37985 | ||
| 17547 | FILE-IDENTIFY SMIL file download request (more info ...) | misc-activity | URL | |||
| 17556 | SERVER-OTHER Firebird database invalid state integer overflow attempt (more info ...) | attempted-dos | 2008-0387 | 27403 | ||
| 17558 | FILE-IMAGE CUPS Gif Decoding Routine Buffer Overflow attempt (more info ...) | attempted-user | 2008-1373 | 28544 | ||
| 17559 | FILE-OTHER IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (more info ...) | attempted-admin | 2007-5405 | 28454 | ||
| 17567 | SERVER-OTHER LANDesk Management Suite Alerting Service buffer overflow attempt (more info ...) | attempted-admin | 2007-1674 | 23483 | ||
| 17569 | SERVER-OTHER BEA Weblogic Admin Console Cross Site Scripting Vulnerability attempt (more info ...) | web-application-attack | 2005-1747 | 13793 | ||
| 17573 | FILE-MULTIMEDIA ffdshow codec URL parsing buffer overflow attempt (more info ...) | attempted-user | 2008-5381 | 32438 | ||
| 17584 | SERVER-ORACLE UTL_FILE directory traversal attempt (more info ...) | misc-attack | 2005-0701 | 12749 | ||
| 17598 | SERVER-OTHER IBM DB2 Universal Database accsec command without rdbnam (more info ...) | attempted-dos | 2006-4257 | 19586 | ||
| 17599 | SERVER-OTHER IBM DB2 Universal Database rdbname denial of service attempt (more info ...) | attempted-dos | 2006-4257 | 19586 | ||
| 17600 | FILE-IDENTIFY XUL file download request (more info ...) | misc-activity | URL | |||
| 17602 | FILE-OTHER ClamAV antivirus CHM file handling DOS (more info ...) | attempted-dos | 2008-1389 | 30994 | URL | |
| 17607 | SERVER-OTHER Xi Software Net Transport eDonkey Protocol Buffer Overflow attempt (more info ...) | attempted-user | 40617 | |||
| 17619 | SERVER-ORACLE database server crafted view privelege escalation attempt (more info ...) | attempted-admin | 2006-1705 | 17246 | ||
| 17639 | SERVER-SAMBA Samba Root File System access bypass attempt (more info ...) | attempted-recon | 2009-0022 | 33118 | ||
| 17641 | FILE-PDF CUPS and Xpdf JBIG2 symbol dictionary buffer overflow attempt (more info ...) | attempted-user | 2009-0195 | URL | ||
| 17651 | FILE-OTHER Multiple AV vendor invalid archive checksum bypass attempt (more info ...) | attempted-user | 12771 | URL | ||
| 17657 | SERVER-OTHER Symantec NetBackup BPCD Daemon exploit attempt (more info ...) | attempted-admin | 2006-6222 | 21565 | ||
| 17659 | SERVER-ORACLE xdb.dbms_xmlschema buffer overflow attempt (more info ...) | string-detect | 2006-0272 | 16287 | ||
| 17661 | SERVER-SAMBA Samba send_mailslot buffer overflow attempt (more info ...) | attempted-admin | 2007-6015 | 26791 | ||
| 17662 | SERVER-OTHER VMware Workstation DHCP service integer overflow attempt (more info ...) | attempted-admin | 2007-0064 | 14687 | ||
| 17663 | SERVER-OTHER Apple CUPS SGI image decoding buffer overflow attempt (more info ...) | attempted-user | 2008-3639 | 31690 | ||
| 17669 | SERVER-ORACLE Oracle Application Server 10g OPMN service format string vulnerability exploit attempt (more info ...) | attempted-admin | 2009-0993 | 34461 | URL | |
| 17679 | FILE-IDENTIFY Apple disk image file download request (more info ...) | misc-activity | URL | |||
| 17681 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100166 (more info ...) | unknown | ||||
| 17683 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100167 (more info ...) | unknown | ||||
| 17699 | PROTOCOL-SNMP Multiple vendor SNMPv3 HMAC handling authentication bypass attempt (more info ...) | attempted-admin | 2008-0960 | 29623 | ||
| 17704 | FILE-OTHER McAfee LHA file parsing buffer overflow attempt (more info ...) | attempted-user | 2005-0643 | 10243 | ||
| 17716 | SERVER-MAIL IBM Lotus Notes DOC attachment viewer buffer overflow (more info ...) | attempted-user | 2007-5544 | 26146 | ||
| 17717 | SERVER-MAIL IBM Lotus Notes HTML input tag buffer overflow attempt (more info ...) | attempted-user | 2007-4222 | 26200 | URL | |
| 17718 | SERVER-ORACLE Oracle MDSYS drop table trigger injection attempt (more info ...) | attempted-admin | 2008-3979 | 33177 | ||
| 17722 | SERVER-ORACLE XDB.XDB_PITRIG_PKG buffer overflow attempt (more info ...) | attempted-admin | 2008-0339 | 27229 | URL | |
| 17727 | FILE-OTHER Oracle JDK image parsing library ICC buffer overflow attempt (more info ...) | attempted-user | 2007-2788 | 24004 | URL | |
| 17736 | SERVER-OTHER McAfee LHA Type-2 file handling overflow attempt (more info ...) | attempted-user | 2005-0644 | 12832 | ||
| 17765 | OS-WINDOWS OpenType Font file parsing buffer overflow attempt (more info ...) | attempted-user | 2010-2740 | URL | ||
| 17775 | INDICATOR-SHELLCODE Shikata Ga Nai x86 polymorphic shellcode decoder detected (more info ...) | shellcode-detect | ||||
| 17777 | SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (more info ...) | attempted-admin | 2008-4564 | 34086 | ||
| 17778 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 17805 | MALWARE-CNC Worm.Win32.Neeris.BF variant outbound connection (more info ...) | trojan-activity | URL | |||
| 17810 | INDICATOR-COMPROMISE potential malware - download of server32.exe (more info ...) | suspicious-filename-detect | URL | |||
| 17811 | INDICATOR-COMPROMISE potential malware - download of svchost.exe (more info ...) | suspicious-filename-detect | ||||
| 17812 | INDICATOR-COMPROMISE potential malware - download of iexplore.exe (more info ...) | suspicious-filename-detect | ||||
| 17813 | INDICATOR-COMPROMISE potential malware - download of iprinp.dll (more info ...) | suspicious-filename-detect | ||||
| 17814 | INDICATOR-COMPROMISE potential malware - download of winzf32.dll (more info ...) | suspicious-filename-detect | ||||
| 17815 | MALWARE-CNC Thinkpoint fake antivirus - user display (more info ...) | trojan-activity | URL | |||
| 17816 | MALWARE-CNC Thinkpoint fake antivirus - credit card submission (more info ...) | trojan-activity | URL | |||
| 17817 | SERVER-OTHER Thinkpoint fake antivirus binary download (more info ...) | trojan-activity | URL | |||
| 17899 | MALWARE-CNC URI request for known malicious URI - /reques0.asp?kind=006&mac= (more info ...) | trojan-activity | URL | |||
| 17900 | MALWARE-CNC URI request for known malicious URI - /basic/cn3c2/c.*dll (more info ...) | trojan-activity | URL | |||
| 17901 | MALWARE-CNC URI request for known malicious URI - /mybackup21.rar (more info ...) | trojan-activity | URL | |||
| 17902 | MALWARE-CNC URI request for known malicious URI - /?getexe=loader.exe (more info ...) | trojan-activity | URL | |||
| 17903 | MALWARE-CNC URI request for known malicious URI - stid= (more info ...) | trojan-activity | URL | |||
| 17907 | MALWARE-CNC URI request for known malicious URI - /MNG/Download/?File=AZF DATADIR Download (more info ...) | trojan-activity | URL | |||
| 17908 | MALWARE-CNC URI request for known malicious URI - /images/crypt_22.exe (more info ...) | trojan-activity | URL | |||
| 17909 | MALWARE-CNC URI request for known malicious URI - /images/css/1.exe (more info ...) | trojan-activity | URL | |||
| 17910 | MALWARE-CNC URI request for known malicious URI - /7xdown.exe (more info ...) | trojan-activity | URL | |||
| 17911 | MALWARE-CNC URI request for known malicious URI - /winhelper.exe (more info ...) | trojan-activity | URL | |||
| 17912 | MALWARE-CNC URI request for known malicious URI - /upopwin/count.asp?mac= (more info ...) | trojan-activity | URL | |||
| 17913 | MALWARE-CNC URI request for known malicious URI - /ok.exe (more info ...) | trojan-activity | URL | |||
| 17914 | MALWARE-CNC URI request for known malicious URI - /LjBin/Bin.Dll (more info ...) | trojan-activity | URL | |||
| 17915 | MALWARE-CNC URI request for known malicious URI - /1001ns/cfg3n.bin (more info ...) | trojan-activity | URL | |||
| 17916 | MALWARE-CNC URI request for known malicious URI - /dh/stats.bin (more info ...) | trojan-activity | URL | |||
| 17917 | MALWARE-CNC URI request for known malicious URI - /zeus/config.bin (more info ...) | trojan-activity | URL | |||
| 17918 | POLICY-SPAM aaof.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17919 | POLICY-SPAM akiq.onlinetommie54y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17920 | POLICY-SPAM aobuii.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17921 | POLICY-SPAM argue.medrayner44c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17922 | POLICY-SPAM ava.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17923 | POLICY-SPAM axoseb.medicdrugsxck.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17924 | POLICY-SPAM azo.onlinetommie54y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17925 | POLICY-SPAM back.pharmroyce83b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17926 | POLICY-SPAM by.pharmroyce83b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17927 | POLICY-SPAM cardinals.refilldud86o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17928 | POLICY-SPAM chemist.onlineruggiero33q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17929 | POLICY-SPAM chula.pharmroyce83b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17930 | POLICY-SPAM classification.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17931 | POLICY-SPAM compensate.refilldud86o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17932 | POLICY-SPAM cswjlxey.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17933 | POLICY-SPAM current.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17934 | POLICY-SPAM cyacaz.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17935 | POLICY-SPAM deepcenter.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17936 | POLICY-SPAM delegate.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17937 | POLICY-SPAM diet.medrayner44c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17938 | POLICY-SPAM direct.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17939 | POLICY-SPAM divyo.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17940 | POLICY-SPAM drugsgeorge65g.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17941 | POLICY-SPAM dux.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17942 | POLICY-SPAM dypoh.erectjefferey85n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17943 | POLICY-SPAM eaihar.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17944 | POLICY-SPAM eeez.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17945 | POLICY-SPAM egi.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17946 | POLICY-SPAM ehyw.cumedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17947 | POLICY-SPAM eka.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17948 | POLICY-SPAM election.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17949 | POLICY-SPAM elik.drugslevy46b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17950 | POLICY-SPAM epeno.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17951 | POLICY-SPAM erectgodart30s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17952 | POLICY-SPAM erol.camedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17953 | POLICY-SPAM exa.drugslevy46b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17954 | POLICY-SPAM eyu.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17955 | POLICY-SPAM fashionchannel.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17956 | POLICY-SPAM fauxy.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17957 | POLICY-SPAM food.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17958 | POLICY-SPAM generality.onlinehill21q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17959 | POLICY-SPAM goyry.ramedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17960 | POLICY-SPAM gueepa.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17961 | POLICY-SPAM has.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17962 | POLICY-SPAM have.medrayner44c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17963 | POLICY-SPAM headtest.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17964 | POLICY-SPAM huhuh.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17965 | POLICY-SPAM hyem.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17966 | POLICY-SPAM icysa.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17967 | POLICY-SPAM iiy.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17968 | POLICY-SPAM iki.onlinetommie54y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17969 | POLICY-SPAM iner.medicdrugsxdl.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17970 | POLICY-SPAM in.onlinehill21q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17971 | POLICY-SPAM intelpost.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17972 | POLICY-SPAM inunuw.medicdrugsxpo.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17973 | POLICY-SPAM ipiig.drugslevy46b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17974 | POLICY-SPAM iqor.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17975 | POLICY-SPAM is.medrayner44c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17976 | POLICY-SPAM itaca.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17977 | POLICY-SPAM ive.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17978 | POLICY-SPAM iweqyz.erectjefferey85n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17979 | POLICY-SPAM iycyde.medicdrugsxco.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17980 | POLICY-SPAM iyw.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17981 | POLICY-SPAM jaecoh.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17982 | POLICY-SPAM jael.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17983 | POLICY-SPAM jex.remedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17984 | POLICY-SPAM john.onlinehill21q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17985 | POLICY-SPAM joseph.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17986 | POLICY-SPAM jyn.medicdrugsxdl.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17987 | POLICY-SPAM jyzyv.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17988 | POLICY-SPAM koosaf.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17989 | POLICY-SPAM lybah.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17990 | POLICY-SPAM manila.onlinephilbert42f.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17991 | POLICY-SPAM masa.erectjefferey85n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17992 | POLICY-SPAM medpenny17j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17993 | POLICY-SPAM minionspre.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17994 | POLICY-SPAM nazuwu.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17995 | POLICY-SPAM negotiations.refilldud86o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17996 | POLICY-SPAM niqiv.erectjefferey85n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17997 | POLICY-SPAM odimys.medicdrugsxlb.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17998 | POLICY-SPAM odoog.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 17999 | POLICY-SPAM oekaka.aimedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18000 | POLICY-SPAM oeqio.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18001 | POLICY-SPAM of.onlinephilbert42f.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18002 | POLICY-SPAM of.refilldud86o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18003 | POLICY-SPAM of.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18004 | POLICY-SPAM oipek.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18005 | POLICY-SPAM oji.medicdrugsxto.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18006 | POLICY-SPAM onotye.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18007 | POLICY-SPAM opy.erectjefferey85n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18008 | POLICY-SPAM orderbuzz.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18009 | POLICY-SPAM ouu.almedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18010 | POLICY-SPAM oxuc.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18011 | POLICY-SPAM pillrolfe64l.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18012 | POLICY-SPAM recently.refilldud86o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18013 | POLICY-SPAM records.onlinephilbert42f.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18014 | POLICY-SPAM reobaj.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18015 | POLICY-SPAM research.onlinehill21q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18016 | POLICY-SPAM returning.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18017 | POLICY-SPAM right.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18018 | POLICY-SPAM riwaro.erectjefferey85n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18019 | POLICY-SPAM ruuav.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18020 | POLICY-SPAM ryhux.medicdrugsxpa.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18021 | POLICY-SPAM software-buyshop-7.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18022 | POLICY-SPAM specialyou.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18023 | POLICY-SPAM starring.pharmroyce83b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18024 | POLICY-SPAM store-softwarebuy-7.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18025 | POLICY-SPAM sya.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18026 | POLICY-SPAM tabdarin80s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18027 | POLICY-SPAM tabgordan13n.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18028 | POLICY-SPAM tablangston19a.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18029 | POLICY-SPAM tabwebster77c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18030 | POLICY-SPAM tanuen.dimedicdrugsx.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18031 | POLICY-SPAM the.onlinehill21q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18032 | POLICY-SPAM the.onlineruggiero33q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18033 | POLICY-SPAM to.medrayner44c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18034 | POLICY-SPAM trails.pharmroyce83b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18035 | POLICY-SPAM trusting-me.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18036 | POLICY-SPAM twodays.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18037 | POLICY-SPAM tyqaja.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18038 | POLICY-SPAM uboi.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18039 | POLICY-SPAM uf.drugslevy46b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18040 | POLICY-SPAM uielij.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18041 | POLICY-SPAM unasu.medicdrugsxto.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18042 | POLICY-SPAM upazo.pilltodd73p.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18043 | POLICY-SPAM utuqaj.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18044 | POLICY-SPAM uuji.refilleldredge89r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18045 | POLICY-SPAM variation.refilldud86o.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18046 | POLICY-SPAM via.refillreade47j.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18047 | POLICY-SPAM voiceless.pharmroyce83b.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18048 | POLICY-SPAM was.medrayner44c.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18050 | POLICY-SPAM world.onlinehill21q.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18051 | POLICY-SPAM www.buhni.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18052 | POLICY-SPAM www.visitcover.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18053 | POLICY-SPAM xob.erectnoll24k.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18054 | POLICY-SPAM ygy.onlinetommie54y.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18055 | POLICY-SPAM yit.medicdrugsxor.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18056 | POLICY-SPAM ylum.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18057 | POLICY-SPAM ymyuto.onlinelewiss22r.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18058 | POLICY-SPAM yomy.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18059 | POLICY-SPAM yzugez.pillking74s.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18060 | POLICY-SPAM zeroprices.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18061 | POLICY-SPAM zueuz.onlinehamel83i.ru known spam email attempt (more info ...) | policy-violation | ||||
| 18098 | MALWARE-CNC URI request for known malicious URI - Carberp (more info ...) | trojan-activity | URL | |||
| 18099 | MALWARE-CNC URI request for known malicious URI - Carberp (more info ...) | trojan-activity | URL | |||
| 18100 | MALWARE-CNC Tidserv malware command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 18101 | SERVER-OTHER Sun Directory Server LDAP denial of service attempt (more info ...) | attempted-dos | 2006-0647 | URL | ||
| 18171 | OS-WINDOWS Multiple product mailto uri handling code execution attempt (more info ...) | attempted-user | 2007-5020 | 25945 | URL | |
| 18172 | OS-WINDOWS Multiple product mailto uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 18173 | OS-WINDOWS Multiple product mailto uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 18179 | INDICATOR-SCAN Proxyfire.net anonymous proxy scan (more info ...) | network-scan | URL | |||
| 18188 | BROWSER-FIREFOX Multiple browser marquee tag denial of service attempt (more info ...) | attempted-dos | 2006-2723 | 18165 | ||
| 18247 | MALWARE-CNC User-Agent known malicious User-Agent ErrCode - W32/Fujacks.htm (more info ...) | trojan-activity | URL | |||
| 18273 | FILE-IDENTIFY BAT file download request (more info ...) | misc-activity | ||||
| 18279 | MALWARE-CNC Win.Trojan.Karagany.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18281 | MALWARE-CNC Win.Trojan.VB.njz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18312 | SERVER-OTHER Subversion 1.0.2 get-dated-rev buffer overflow attempt (more info ...) | attempted-user | 2004-0397 | 10386 | ||
| 18317 | SERVER-MAIL Ipswitch IMail RCPT TO proxy overflow attempt (more info ...) | attempted-admin | 2006-4379 | 19885 | URL | |
| 18336 | MALWARE-CNC User-Agent known malicious user-agent string gbot/2.3 (more info ...) | trojan-activity | URL | |||
| 18337 | MALWARE-CNC User-Agent known malicious user-agent string iamx/3.11 (more info ...) | trojan-activity | URL | |||
| 18338 | MALWARE-CNC User-Agent known malicious user-agent string NSISDL/1.2 (more info ...) | trojan-activity | URL | |||
| 18340 | MALWARE-CNC User-Agent known malicious user-agent string ClickAdsByIE 0.7.5 (more info ...) | trojan-activity | URL | |||
| 18341 | MALWARE-CNC User-Agent known malicious user-agent string UtilMind HTTPGet (more info ...) | trojan-activity | URL | |||
| 18342 | MALWARE-CNC User-Agent known malicious user-agent string NSIS_DOWNLOAD (more info ...) | trojan-activity | URL | |||
| 18343 | MALWARE-CNC User-Agent known malicious user-agent string WSEnrichment (more info ...) | trojan-activity | URL | |||
| 18346 | MALWARE-CNC User-Agent known malicious user-agent string GPRecover (more info ...) | trojan-activity | URL | |||
| 18347 | MALWARE-CNC User-Agent known malicious user-agent string AutoIt (more info ...) | trojan-activity | URL | |||
| 18349 | MALWARE-CNC User-Agent known malicious user-agent string Flipopia (more info ...) | trojan-activity | URL | |||
| 18350 | MALWARE-CNC User-Agent known malicious user-agent string GabPath (more info ...) | trojan-activity | URL | |||
| 18351 | MALWARE-CNC User-Agent known malicious user-agent string GPUpdater (more info ...) | trojan-activity | URL | |||
| 18352 | MALWARE-CNC User-Agent known malicious user-agent string PinballCorp-BSAI/VER_STR_COMMA (more info ...) | trojan-activity | URL | |||
| 18353 | MALWARE-CNC User-Agent request for known PUA user agent - SelectRebates (more info ...) | trojan-activity | URL | |||
| 18355 | MALWARE-CNC User-Agent known malicious user-agent string Se2011 (more info ...) | trojan-activity | URL | |||
| 18356 | MALWARE-CNC User-Agent known malicious user-agent string random (more info ...) | trojan-activity | URL | |||
| 18357 | MALWARE-CNC User-Agent known malicious user-agent string Setup Factory (more info ...) | trojan-activity | URL | |||
| 18358 | MALWARE-CNC User-Agent known malicious user-agent string NSIS_INETLOAD (more info ...) | trojan-activity | URL | |||
| 18359 | MALWARE-CNC User-Agent known malicious user-agent string Shareaza (more info ...) | trojan-activity | URL | |||
| 18360 | MALWARE-CNC User-Agent known malicious user-agent string Oncues (more info ...) | trojan-activity | URL | |||
| 18361 | MALWARE-CNC User-Agent known malicious user-agent string Downloader1.1 (more info ...) | trojan-activity | URL | |||
| 18362 | MALWARE-CNC User-Agent known malicious user-agent string Search Toolbar 1.1 (more info ...) | trojan-activity | URL | |||
| 18363 | MALWARE-CNC User-Agent known malicious user-agent string GPRecover (more info ...) | trojan-activity | URL | |||
| 18364 | MALWARE-CNC User-Agent known malicious user-agent string msndown (more info ...) | trojan-activity | URL | |||
| 18365 | MALWARE-CNC User-Agent known malicious user-agent string Agentcc (more info ...) | trojan-activity | URL | |||
| 18366 | MALWARE-CNC User-Agent known malicious user-agent string OCInstaller (more info ...) | trojan-activity | URL | |||
| 18367 | MALWARE-CNC User-Agent known malicious user-agent string FPRecover (more info ...) | trojan-activity | URL | |||
| 18368 | MALWARE-CNC User-Agent known malicious user-agent string Our_Agent (more info ...) | trojan-activity | URL | |||
| 18369 | MALWARE-CNC User-Agent known malicious user-agent string iexp-get (more info ...) | trojan-activity | URL | |||
| 18371 | MALWARE-CNC User-Agent known malicious user-agent string QvodDown (more info ...) | trojan-activity | URL | |||
| 18373 | MALWARE-CNC User-Agent known malicious user-agent string Installer (more info ...) | trojan-activity | URL | |||
| 18374 | MALWARE-CNC User-Agent known malicious user-agent string SurfBear (more info ...) | trojan-activity | URL | |||
| 18375 | MALWARE-CNC User-Agent known malicious user-agent string HTTP Wininet (more info ...) | trojan-activity | URL | |||
| 18376 | MALWARE-CNC User-Agent known malicious user-agent string Trololo (more info ...) | trojan-activity | URL | |||
| 18377 | MALWARE-CNC User-Agent known malicious user-agent string malware (more info ...) | trojan-activity | URL | |||
| 18378 | MALWARE-CNC User-Agent known malicious user-agent string AutoHotkey (more info ...) | trojan-activity | URL | |||
| 18379 | MALWARE-CNC User-Agent known malicious user-agent string AskInstallChecker (more info ...) | trojan-activity | URL | |||
| 18380 | MALWARE-CNC User-Agent known malicious user-agent string FPUpdater (more info ...) | trojan-activity | URL | |||
| 18381 | MALWARE-CNC User-Agent known malicious user-agent string Travel Update (more info ...) | trojan-activity | URL | |||
| 18382 | MALWARE-CNC User-Agent known malicious user-agent string WMUpdate (more info ...) | trojan-activity | URL | |||
| 18383 | MALWARE-CNC User-Agent known malicious user-agent string GPInstaller (more info ...) | trojan-activity | URL | |||
| 18386 | MALWARE-CNC User-Agent known malicious user-agent string AHTTPConnection (more info ...) | trojan-activity | URL | |||
| 18387 | MALWARE-CNC User-Agent known malicious user-agent string dwplayer (more info ...) | trojan-activity | URL | |||
| 18388 | MALWARE-CNC User-Agent known malicious user-agent string RookIE/1.0 (more info ...) | trojan-activity | URL | |||
| 18389 | MALWARE-CNC User-Agent known malicious user-agent string 3653Client (more info ...) | trojan-activity | URL | |||
| 18390 | MALWARE-CNC User-Agent known malicious user-agent string Delphi 5.x (more info ...) | trojan-activity | URL | |||
| 18391 | MALWARE-CNC User-Agent known malicious user-agent string MyLove (more info ...) | trojan-activity | URL | |||
| 18392 | MALWARE-CNC User-Agent known malicious user-agent string qixi (more info ...) | trojan-activity | URL | |||
| 18393 | MALWARE-CNC User-Agent known malicious user-agent string vyre32 (more info ...) | trojan-activity | URL | |||
| 18394 | MALWARE-CNC User-Agent known malicious user-agent string OCRecover (more info ...) | trojan-activity | URL | |||
| 18395 | MALWARE-CNC User-Agent known malicious user-agent string Duckling/1.0 (more info ...) | trojan-activity | URL | |||
| 18397 | SERVER-OTHER HP DDMI Agent spoofing - command execution (more info ...) | attempted-admin | 2009-1419 | 35250 | ||
| 18458 | MALWARE-CNC Night Dragon initial beacon (more info ...) | trojan-activity | ||||
| 18459 | MALWARE-CNC Night Dragon keepalive message (more info ...) | trojan-activity | ||||
| 18460 | SERVER-WEBAPP Symantec Alert Management System pin number buffer overflow attempt (more info ...) | attempted-user | 2010-0110 | URL | ||
| 18465 | SERVER-WEBAPP FreePBX recording interface file upload code execution attempt (more info ...) | attempted-admin | 2010-3490 | 43454 | ||
| 18466 | SERVER-WEBAPP raSMP User-Agent XSS injection attempt (more info ...) | attempted-admin | 2006-0084 | 16138 | ||
| 18467 | SERVER-WEBAPP raSMP User-Agent XSS injection attempt (more info ...) | attempted-admin | 2006-0084 | 16138 | ||
| 18477 | SERVER-MAIL Lotus Notes MIF viewer statement data overflow 2 (more info ...) | attempted-user | 2007-5910 | 26175 | ||
| 18487 | SERVER-OTHER Ingres Database iidbms heap overflow attempt (more info ...) | attempted-user | 38001 | |||
| 18509 | SERVER-OTHER PeerCast format string exploit attempt (more info ...) | attempted-admin | 2005-1806 | 13808 | ||
| 18511 | SERVER-OTHER Sourcefire Snort packet fragmentation reassembly denial of service attempt (more info ...) | attempted-dos | 2007-1398 | 22872 | ||
| 18524 | SERVER-OTHER Multiple vendor anti-virus extended ASCII filename scan bypass attempt (more info ...) | misc-attack | ||||
| 18528 | SERVER-ORACLE Oracle TimesTen In-Memory Database HTTP request denial of service attempt (more info ...) | attempted-dos | 38019 | |||
| 18532 | OS-WINDOWS Multiple Vendors request for iacenc.dll over SMB attempt (more info ...) | attempted-user | 2010-3150 | 42730 | URL | |
| 18559 | SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (more info ...) | attempted-admin | 2011-0276 | 46079 | ||
| 18560 | SERVER-WEBAPP HP OpenView Performance Insight Server backdoor account code execution attempt (more info ...) | attempted-admin | 2011-0276 | 46079 | ||
| 18562 | MALWARE-CNC RogueSoftware.Win32.LivePcCare variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18563 | MALWARE-CNC Win.Trojan.Gaboc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18564 | MALWARE-CNC RussKill botnet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18565 | INDICATOR-COMPROMISE fraudulent digital certificate for mail.google.com detected (more info ...) | misc-attack | URL | |||
| 18566 | INDICATOR-COMPROMISE fraudulent digital certificate for www.google.com detected (more info ...) | misc-attack | URL | |||
| 18567 | INDICATOR-COMPROMISE fraudulent digital certificate for login.yahoo.com detected (more info ...) | misc-attack | URL | |||
| 18568 | INDICATOR-COMPROMISE fraudulent digital certificate for login.yahoo.com detected (more info ...) | misc-attack | URL | |||
| 18569 | INDICATOR-COMPROMISE fraudulent digital certificate for login.yahoo.com detected (more info ...) | misc-attack | URL | |||
| 18572 | INDICATOR-COMPROMISE fraudulent digital certificate for login.live.com detected (more info ...) | misc-attack | URL | |||
| 18573 | INDICATOR-COMPROMISE fraudulent digital certificate for global trustee detected (more info ...) | misc-attack | URL | |||
| 18574 | SERVER-MAIL RCPT TO overflow (more info ...) | attempted-admin | 2009-0410 | 9696 | ||
| 18576 | INDICATOR-COMPROMISE fraudulent digital certificate from usertrust.com detected (more info ...) | misc-attack | URL | |||
| 18577 | MALWARE-CNC Win.Trojan.Banker.agum variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18591 | FILE-OTHER CoolPlayer Playlist File Handling Buffer Overflow (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 18603 | SERVER-MAIL IBM Lotus Notes Applix Graphics Parsing Buffer Overflow (more info ...) | attempted-admin | 2007-5405 | 28454 | ||
| 18604 | MALWARE-OTHER lizamoon script injection (more info ...) | misc-activity | URL | |||
| 18605 | PROTOCOL-SCADA Tecnomatix FactoryLink CSService path overflow attempt (more info ...) | attempted-admin | 46934 | |||
| 18606 | PROTOCOL-SCADA Tecnomatix FactoryLink CSService file access attempt (more info ...) | attempted-user | 46934 | |||
| 18607 | PROTOCOL-SCADA Tecnomatix FactoryLink CSService file information access attempt (more info ...) | attempted-user | 46934 | |||
| 18608 | APP-DETECT Dropbox desktop software in use (more info ...) | policy-violation | ||||
| 18609 | APP-DETECT Dropbox desktop software in use (more info ...) | policy-violation | ||||
| 18610 | PROTOCOL-SCADA Tecnomatix FactoryLink vrn.exe opcode 9 or 10 string parsing overflow attempt (more info ...) | attempted-user | 46934 | |||
| 18614 | PROTOCOL-SCADA Tecnomatix FactoryLink vrn.exe file access attempt (more info ...) | attempted-user | 46934 | |||
| 18617 | SERVER-OTHER Tecnomatix FactoryLink CSService null pointer attempt (more info ...) | attempted-dos | 46934 | |||
| 18618 | MALWARE-CNC Win.Trojan.Scar.dpvy/Parkchicers.A/Delf checkin (more info ...) | trojan-activity | URL | |||
| 18658 | PROTOCOL-SCADA RealWin 2.1 FC_CONNECT_FCS_LOGIN overflow attempt (more info ...) | attempted-admin | URL | |||
| 18682 | FILE-PDF transfer of a PDF with OpenAction object attempt (more info ...) | policy-violation | 2014-8450 | URL | ||
| 18684 | FILE-PDF PDF file with embedded PDF object (more info ...) | policy-violation | URL | |||
| 18700 | MALWARE-CNC Win.Trojan.BHO.argt checkin (more info ...) | trojan-activity | URL | |||
| 18707 | MALWARE-CNC RogueSoftware.Win32.ControlCenter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18708 | MALWARE-CNC RogueSoftware.Win32.AntivirusSoft variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18709 | MALWARE-CNC Win.Trojan.Banker.aufm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18711 | MALWARE-CNC RogueSoftware.Win32.SecurityCentral variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18712 | MALWARE-CNC RogueSoftware.Win32.XJRAntivirus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18713 | SERVER-OTHER OpenSSL TLS connection record handling denial of service attempt (more info ...) | attempted-dos | 2010-0740 | 39013 | ||
| 18714 | SERVER-OTHER OpenSSL TLS connection record handling denial of service attempt (more info ...) | attempted-dos | 2010-0740 | 39013 | ||
| 18715 | MALWARE-CNC Ozdok botnet communication with C&C server (more info ...) | trojan-activity | URL | |||
| 18716 | MALWARE-CNC Win.Trojan.Banker.H variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18717 | MALWARE-CNC Win.Trojan.Banker.QO variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18718 | MALWARE-CNC RogueSoftware.Win32.AdvancedDefender variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18719 | MALWARE-CNC Win.Trojan.IRCBot.CBY variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18720 | MALWARE-CNC Win.Trojan.Terzib.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18721 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1C84 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18722 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1C84 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18723 | MALWARE-CNC RogueSoftware.Win32.CleanV variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18724 | MALWARE-CNC RogueSoftware.Win32.ZeroClean variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18725 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 18726 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B2 heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 18727 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B5 heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 18728 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0DAE heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 18729 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1BBC heap overflow attempt (more info ...) | attempted-admin | URL | |||
| 18730 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x089A integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18731 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0453 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18732 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18733 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18734 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18735 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18736 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18737 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18738 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B2 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18739 | MALWARE-CNC Worm.Win32.Koobface.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18742 | SERVER-WEBAPP IBM WebSphere Expect header cross-site scripting (more info ...) | web-application-attack | 2007-5944 | 26457 | ||
| 18743 | SERVER-WEBAPP VLC player web interface format string attack (more info ...) | attempted-admin | 2007-6682 | 27015 | ||
| 18744 | FILE-MULTIMEDIA VideoLAN vlc player subtitle buffer overflow attempt (more info ...) | attempted-admin | 2007-6681 | 27015 | ||
| 18746 | PROTOCOL-SCADA RealWin 2.1 FC_CTAGLIST_FCS_XTAG overflow attempt (more info ...) | attempted-admin | URL | |||
| 18747 | PROTOCOL-SCADA RealWin 2.1 FC_BINFILE_FCS_xFILE overflow attempt (more info ...) | attempted-admin | URL | |||
| 18748 | PROTOCOL-SCADA RealWin 2.1 FC_MISC_FCS_MSGx overflow attempt (more info ...) | attempted-admin | URL | |||
| 18749 | PROTOCOL-SCADA RealWin 2.1 FC_CTAGLIST_FCS_XTAG overflow attempt (more info ...) | attempted-admin | URL | |||
| 18750 | PROTOCOL-SCADA RealWin 2.1 FC_SCRIPT_FCS_STARTPROG overflow attempt (more info ...) | attempted-admin | URL | |||
| 18752 | PROTOCOL-SCADA RealWin 2.1 FC_INFOTAG_SET_CONTROL overflow attempt (more info ...) | attempted-admin | URL | |||
| 18761 | SERVER-WEBAPP Majordomo2 http directory traversal attempt (more info ...) | web-application-attack | 2011-0049 | 46127 | ||
| 18762 | MALWARE-CNC URI request for known malicious URI /blog.updata?v= - Win32-Agent-GRW (more info ...) | trojan-activity | ||||
| 18763 | SERVER-OTHER ActFax Server LPD/LPR Remote Buffer Overflow (more info ...) | attempted-admin | URL | |||
| 18766 | SERVER-OTHER OpenSSL CMS structure OriginatorInfo memory corruption attempt (more info ...) | attempted-user | 2010-0742 | 40502 | ||
| 18774 | MALWARE-CNC URI request for known malicious URI (more info ...) | trojan-activity | ||||
| 18775 | MALWARE-CNC URI request for known malicious URI - /gpdcount (more info ...) | trojan-activity | ||||
| 18777 | SERVER-OTHER HP data protector OmniInet service NULL dereference denial of service attempt (more info ...) | denial-of-service | URL | |||
| 18778 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B5 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18779 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x04B5 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18780 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x07D0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18781 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x07D0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18782 | MALWARE-CNC URI Request for known malicious URI - Chinese Rootkit.Win32.Fisp.a (more info ...) | trojan-activity | URL | |||
| 18783 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0DAE integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18784 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0DB0 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18785 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0FA4 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18786 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x0FA7 integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18787 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1BBC integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18788 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x1BBD integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18789 | PROTOCOL-SCADA Iconics Genesis 32/64 GenBroker opcode 0x26AC integer overflow attempt (more info ...) | attempted-admin | URL | |||
| 18804 | SERVER-WEBAPP OpenLDAP Modrdn utf-8 string code execution attempt (more info ...) | attempted-admin | 2010-0211 | 41770 | ||
| 18807 | SERVER-OTHER OpenLDAP Modrdn RDN NULL string denial of service attempt (more info ...) | attempted-dos | 2010-0212 | 41770 | ||
| 18808 | SERVER-MAIL Ipswitch IMail Server List Mailer Reply-To address buffer overflow attempt (more info ...) | attempted-admin | 41717 | |||
| 18900 | MALWARE-CNC URI request for known malicious URI -- W32.Swizzor (more info ...) | trojan-activity | URL | |||
| 18905 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18906 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18907 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18908 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18909 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18910 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18911 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18912 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18913 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18914 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18915 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18916 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18917 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18918 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18919 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18920 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18921 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18922 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18923 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18924 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18925 | SERVER-WEBAPP OpenView Network Node Manager cookie buffer overflow attempt (more info ...) | attempted-user | 2010-2709 | 42154 | ||
| 18929 | SERVER-ORACLE Oracle Secure Backup Administration objectname variable command injection attempt (more info ...) | web-application-attack | 2010-0906 | 41597 | ||
| 18932 | SERVER-WEBAPP Jboss default configuration unauthorized application add attempt (more info ...) | web-application-attack | URL | |||
| 18934 | MALWARE-CNC known command and control channel traffic -- Coreflood (more info ...) | trojan-activity | URL | |||
| 18935 | SERVER-OTHER ISC DHCP server zero length client ID denial of service attempt (more info ...) | attempted-dos | 2010-2156 | 40775 | ||
| 18936 | MALWARE-CNC URI request for known malicious URI - Win.Trojan.FakeAV (more info ...) | trojan-activity | URL | |||
| 18937 | MALWARE-CNC URI request for known malicious URI - Win.Trojan.Krap (more info ...) | trojan-activity | URL | |||
| 18939 | MALWARE-CNC known command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 18940 | MALWARE-CNC URI request for known malicious URI - Sality (more info ...) | trojan-activity | URL | |||
| 18941 | MALWARE-CNC URI request for known malicious URI - FakeAV (more info ...) | trojan-activity | URL | |||
| 18942 | MALWARE-CNC URI request for known malicious URI - MacProtector (more info ...) | trojan-activity | URL | |||
| 18943 | MALWARE-CNC URI request for known malicious URI - MacDefender (more info ...) | trojan-activity | URL | |||
| 18945 | MALWARE-CNC Virus.Win32.Feberr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18946 | MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18947 | MALWARE-CNC Win.Trojan.IRCBot.FC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18953 | FILE-OTHER rich text format unexpected field type memory corruption attempt (more info ...) | attempted-user | 2010-1901 | URL | ||
| 18954 | FILE-OTHER rich text format unexpected field type memory corruption attempt (more info ...) | attempted-user | 2010-1901 | URL | ||
| 18959 | SERVER-WEBAPP VMware SpringSource Spring Framework class.classloader remote code execution attempt (more info ...) | attempted-admin | 2010-1622 | 40954 | ||
| 18972 | SERVER-ORACLE Oracle Secure Backup Administration selector variable command injection attempt (more info ...) | web-application-attack | 2010-0906 | 41597 | ||
| 18976 | MALWARE-CNC Rogue-Software.AVCare variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18977 | MALWARE-CNC Win.Trojan.Proxy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18978 | MALWARE-CNC Win.Trojan.Pasta.aoq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18979 | MALWARE-CNC Worm.Win32.AutoRun.fmo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 18984 | MALWARE-CNC URI request for known malicious URI - Win32/Trojanclicker (more info ...) | trojan-activity | URL | |||
| 18993 | SERVER-WEBAPP HP OpenView Network Node Manager server name exploit attempt (more info ...) | attempted-admin | 2011-0263 | 45762 | URL | |
| 19006 | SERVER-OTHER HP Data Protector Express DtbClsLogin buffer overflow attempt (more info ...) | attempted-user | 2010-3007 | 43105 | ||
| 19007 | SERVER-SAMBA Samba SID parsing overflow attempt (more info ...) | attempted-admin | 2010-3069 | 43212 | ||
| 19016 | MALWARE-CNC MacBack Win.Trojan.variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19017 | MALWARE-CNC MacBack Win.Trojan.variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19018 | MALWARE-CNC MacBack Win.Trojan.variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19019 | MALWARE-CNC MacBack Win.Trojan.variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19021 | MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19022 | MALWARE-CNC Win.Trojan-Downloader.Win32.FraudLoad.dzm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19023 | MALWARE-CNC IRC.Zapchast.zwrc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19024 | MALWARE-CNC Win.Trojan.StartPage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19025 | MALWARE-CNC Win.Trojan-Banker.Win32.Bancos.etf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19026 | PUA-ADWARE Smart Protector outbound connection (more info ...) | successful-recon-limited | URL | |||
| 19027 | MALWARE-CNC BrowserModifier.Win32.Kerlofost variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19028 | MALWARE-CNC Win.Trojan.Mailbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19029 | MALWARE-CNC Win.Trojan.PcClient.AI variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19030 | MALWARE-CNC Win.Trojan.Uloadis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19031 | MALWARE-CNC iPRIVACY variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19032 | MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19033 | MALWARE-CNC Win.Trojan.Cornfemo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19034 | MALWARE-CNC Win.Trojan.Kbot.qd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19035 | MALWARE-CNC Win.Trojan.Vilsel.baqb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19036 | MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19037 | MALWARE-CNC Win.Trojan.IRCBrute.I variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19038 | MALWARE-CNC Win.Trojan.Jzzer.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19039 | MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19040 | MALWARE-CNC Win.Trojan.Linkbot.alr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19041 | MALWARE-CNC Win.Trojan.Carberp.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19042 | MALWARE-CNC Win.Trojan.Banker.ACQE variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19043 | PUA-ADWARE RogueSoftware.Win32.BestBoan outbound connection (more info ...) | trojan-activity | URL | |||
| 19044 | PUA-ADWARE RogueSoftware.Win32.ThinkPoint outbound connection (more info ...) | trojan-activity | URL | |||
| 19045 | MALWARE-CNC Win.Trojan.Bancos.XQ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19046 | PUA-ADWARE RogueSoftware.Win32.Winwebsec outbound connection (more info ...) | trojan-activity | URL | |||
| 19047 | MALWARE-CNC User-Agent known malicious user agent - RCleanT (more info ...) | trojan-activity | URL | |||
| 19048 | MALWARE-CNC Win.Trojan.Darkness variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19049 | MALWARE-CNC Win.Trojan.Gigade variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19050 | MALWARE-CNC Win.Trojan.Banbra.fxe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19052 | MALWARE-CNC Win.Trojan.Httpbot.qdc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19053 | MALWARE-CNC Worm.Win32.Nusump.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19054 | MALWARE-CNC Win.Trojan.Sisron.nelo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19055 | MALWARE-CNC Win.Trojan.Gosik.A registration (more info ...) | trojan-activity | URL | |||
| 19056 | MALWARE-CNC Win.Trojan.QQFish variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19057 | MALWARE-CNC Win.Trojan.QQFish variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19058 | MALWARE-CNC Worm.Win32.Faketube update request (more info ...) | trojan-activity | URL | |||
| 19059 | PUA-ADWARE RogueSoftware.Win32.SystemDefragmenter outbound connection (more info ...) | trojan-activity | URL | |||
| 19060 | MALWARE-CNC Win.Trojan.Ponmocup.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19061 | PUA-ADWARE Adware.Win32.Cashtitan contact to server attempt (more info ...) | trojan-activity | URL | |||
| 19062 | MALWARE-CNC Win.Trojan.FakePlus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19072 | SERVER-OTHER RealNetworks Helix Server NTLM authentication heap overflow attempt (more info ...) | attempted-admin | 2010-1317 | 39490 | ||
| 19073 | SERVER-OTHER Squid Proxy Expect header null pointer denial of service attempt (more info ...) | attempted-dos | 2010-3072 | 42982 | ||
| 19081 | INDICATOR-OBFUSCATION known suspicious decryption routine (more info ...) | misc-activity | URL | |||
| 19106 | MALWARE-OTHER Keylogger Ardamax keylogger runtime detection - http (more info ...) | trojan-activity | URL | |||
| 19110 | SERVER-WEBAPP IBM Rational Quality Manager and Test Lab Manager policy bypass attempt (more info ...) | default-login-attempt | 2010-4094 | 44172 | ||
| 19116 | SERVER-OTHER IBM Tivoli Storage Manager FastBack mount service code execution attempt (more info ...) | attempted-admin | 2010-3058 | 42549 | ||
| 19120 | SERVER-OTHER IBM Informix DBINFO stack buffer overflow (more info ...) | attempted-admin | 2010-4069 | 44190 | ||
| 19121 | SERVER-OTHER IBM Informix EXPLAIN stack buffer overflow attempt (more info ...) | attempted-admin | 2010-4053 | 44192 | ||
| 19122 | POLICY-SPAM appledownload.com known spam email attempt (more info ...) | policy-violation | URL | |||
| 19123 | MALWARE-CNC Dropper Win.Trojan.Cefyns.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19135 | MALWARE-BACKDOOR Win.Trojan.Buterat Checkin (more info ...) | trojan-activity | URL | |||
| 19159 | SERVER-OTHER HP Data Protector Manager RDS attempt (more info ...) | denial-of-service | 2011-0514 | 45725 | ||
| 19160 | SERVER-OTHER NetSupport Manager client buffer overflow attempt (more info ...) | attempted-admin | 2011-0404 | 45728 | ||
| 19161 | SERVER-OTHER NetSupport Manager client buffer overflow attempt (more info ...) | attempted-admin | 2011-0404 | 45728 | ||
| 19162 | SERVER-ORACLE get_domain_index_metadata privilege escalation attempt (more info ...) | attempted-admin | 2006-2081 | 17590 | ||
| 19163 | SERVER-ORACLE get_v2_domain_index_tables privilege escalation attempt (more info ...) | attempted-admin | 2006-2081 | 17590 | ||
| 19164 | MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19167 | PROTOCOL-VOIP Digium Asterisk UDPTL processing overflow attempt (more info ...) | attempted-admin | 2011-1147 | 46474 | ||
| 19168 | SERVER-WEBAPP Oracle GoldenGate Veridata Server soap request overflow attempt (more info ...) | attempted-admin | 2010-4416 | 45868 | ||
| 19175 | MALWARE-CNC User-Agent known malicious User-Agent wget 3.0 (more info ...) | trojan-activity | URL | |||
| 19176 | SERVER-WEBAPP cookiejacking attempt (more info ...) | attempted-recon | URL | |||
| 19177 | SERVER-WEBAPP cookiejacking attempt (more info ...) | attempted-recon | URL | |||
| 19199 | OS-WINDOWS Smb2Create_Finalize malformed EndOfFile field exploit attempt (more info ...) | attempted-admin | 2011-1268 | URL | ||
| 19206 | SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (more info ...) | attempted-admin | 2011-0731 | 46052 | ||
| 19207 | SERVER-OTHER Symantec Alert Management System AMSSendAlertAck stack buffer overflow attempt (more info ...) | attempted-admin | 2010-0110 | |||
| 19209 | SERVER-WEBAPP Symantec Alert Management System modem string buffer overflow attempt (more info ...) | attempted-user | 2010-0110 | URL | ||
| 19210 | SERVER-OTHER IBM Informix Dynamic Server set environment buffer overflow attempt (more info ...) | attempted-admin | 2011-1033 | |||
| 19213 | SERVER-MAIL Ipswitch IMail Server Mailing List Message Subject buffer overflow (more info ...) | attempted-admin | URL | |||
| 19223 | SERVER-OTHER SAP Crystal Reports 2008 directory traversal attempt (more info ...) | web-application-attack | 45980 | |||
| 19228 | SERVER-WEBAPP Oracle Secure Backup Administration preauth variable command injection attempt (more info ...) | attempted-admin | 2010-0906 | 41597 | ||
| 19252 | FILE-IDENTIFY language.engtesselate.ln file download request (more info ...) | misc-activity | ||||
| 19256 | MALWARE-CNC URI request for known malicious URI - greenherbalteagirlholdingcup (more info ...) | trojan-activity | ||||
| 19281 | INDICATOR-SHELLCODE x86 OS agnostic single-byte xor countodwn encoder (more info ...) | shellcode-detect | ||||
| 19282 | INDICATOR-SHELLCODE x86 OS agnostic cpuid-based context keyed encoder (more info ...) | shellcode-detect | ||||
| 19283 | INDICATOR-SHELLCODE x86 OS agnostic stat-based context keyed encoder (more info ...) | shellcode-detect | ||||
| 19284 | INDICATOR-SHELLCODE x86 OS agnostic time-based context keyed encoder (more info ...) | shellcode-detect | ||||
| 19285 | INDICATOR-SHELLCODE x86 OS agnostic non-alpha/non-upper encoder (more info ...) | shellcode-detect | ||||
| 19286 | INDICATOR-SHELLCODE x86 OS agnostic unicode uppercase encoder (more info ...) | shellcode-detect | ||||
| 19287 | INDICATOR-SHELLCODE x86 OS agnostic unicode mixed encoder (more info ...) | shellcode-detect | ||||
| 19288 | INDICATOR-SHELLCODE x86 OS agnostic unicode tolower encoder (more info ...) | shellcode-detect | ||||
| 19297 | SERVER-OTHER sidename.js script injection (more info ...) | attempted-user | URL | |||
| 19298 | SERVER-OTHER cssminibar.js script injection (more info ...) | attempted-user | URL | |||
| 19299 | SERVER-OTHER banner.txt access - possible compromised multi-mesh injection server (more info ...) | misc-activity | URL | |||
| 19300 | FILE-OTHER probable multi-mesh injection attack (more info ...) | attempted-user | URL | |||
| 19301 | PROTOCOL-VOIP Expires header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 19302 | PROTOCOL-VOIP Max-Forwards header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 19309 | PUA-ADWARE hijacker starware videos outbound connection (more info ...) | trojan-activity | URL | |||
| 19310 | MALWARE-CNC Win.Trojan.Gen3 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19311 | PUA-ADWARE Keylogger aspy v2.12 runtime detection (more info ...) | successful-recon-limited | URL | |||
| 19312 | MALWARE-CNC Win.Trojan.Agent.aah variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19313 | SERVER-OTHER Symantec Antivirus Intel Service DoS Attempt (more info ...) | attempted-dos | 2010-0111 | 45935 | ||
| 19318 | MALWARE-OTHER Dos.Tool.LOIC UDP default U dun goofed attack (more info ...) | attempted-dos | URL | |||
| 19319 | MALWARE-OTHER Dos.Tool.LOIC TCP default U dun goofed attack (more info ...) | attempted-dos | URL | |||
| 19324 | MALWARE-OTHER Keylogger WL-Keylogger inbound connection (more info ...) | trojan-activity | URL | |||
| 19325 | MALWARE-OTHER Keylogger WL-Keylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 19326 | PUA-ADWARE Classroom Spy Professional outbound connection - initial connection (more info ...) | trojan-activity | URL | |||
| 19327 | PUA-ADWARE Classroom Spy Professional outbound connection - initial connection (more info ...) | trojan-activity | URL | |||
| 19328 | MALWARE-CNC PointGuide variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19329 | MALWARE-CNC Faceback.exe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19330 | MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19331 | MALWARE-CNC Adclicker Win.Trojan.Zlob.dnz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19332 | MALWARE-CNC Win.Trojan.Clampi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19333 | PROTOCOL-VOIP Content-Type header invalid format too many slashes (more info ...) | attempted-dos | URL | |||
| 19334 | PROTOCOL-VOIP Content-Type header invalid format too many slashes (more info ...) | attempted-dos | URL | |||
| 19335 | PROTOCOL-VOIP Content-Type header invalid format missing slash (more info ...) | attempted-dos | URL | |||
| 19336 | PROTOCOL-VOIP Content-Type header invalid format missing slash (more info ...) | attempted-dos | URL | |||
| 19337 | PROTOCOL-VOIP invalid SIP-Version field (more info ...) | attempted-dos | URL | |||
| 19338 | PROTOCOL-VOIP invalid SIP-Version field (more info ...) | attempted-dos | URL | |||
| 19339 | MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Agent.alda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19340 | MALWARE-CNC Win.Trojan.Fakeav TREAntivirus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19341 | MALWARE-CNC Worm MSIL.AiO.a variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19342 | MALWARE-CNC Adware Professional variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19343 | MALWARE-CNC Adware Pro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19344 | MALWARE-CNC AntiMalware Pro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19345 | MALWARE-CNC REAnti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19346 | MALWARE-CNC Additional Guard variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19347 | MALWARE-CNC Win.Trojan.Poison.banr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19348 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.FraudLoad.emq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19349 | MALWARE-CNC Fakeav Vaccineclear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19351 | MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Hatigh.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19352 | MALWARE-CNC Win.Trojan.Small.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19353 | MALWARE-CNC Win.Trojan.Banker.bkhu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19354 | MALWARE-BACKDOOR Win.Trojan.Agent.bhxn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19356 | MALWARE-CNC Win.Trojan.Fibbit.ax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19357 | MALWARE-CNC Win.Worm.Sohanad.ila variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19358 | MALWARE-CNC Win.Trojan.XYTvn.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19359 | MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19360 | MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19361 | MALWARE-CNC Win.Trojan.Dcbavict.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19362 | MALWARE-OTHER generic IRC botnet connection (more info ...) | trojan-activity | URL | |||
| 19363 | MALWARE-CNC Win.Trojan.Dorkbot.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19365 | PROTOCOL-VOIP Time Stop Header invalid value (more info ...) | attempted-dos | URL | |||
| 19366 | MALWARE-CNC Win.Trojan.HXWAN.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19367 | MALWARE-CNC Win.Worm.Vaubeg.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19368 | MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19369 | MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19370 | MALWARE-CNC Win.Trojan.Carberp.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19371 | MALWARE-CNC Win.Trojan.Banker.IC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19373 | PROTOCOL-VOIP Origin header overflow attempt (more info ...) | attempted-dos | URL | |||
| 19374 | PROTOCOL-VOIP Origin header overflow attempt (more info ...) | attempted-dos | URL | |||
| 19375 | PROTOCOL-VOIP Origin header format string attempt (more info ...) | attempted-dos | URL | |||
| 19376 | PROTOCOL-VOIP Origin header format string attempt (more info ...) | attempted-dos | URL | |||
| 19377 | PROTOCOL-VOIP Origin invalid header (more info ...) | attempted-dos | URL | |||
| 19378 | PROTOCOL-VOIP Origin invalid header (more info ...) | attempted-dos | URL | |||
| 19379 | PROTOCOL-VOIP Session Name header overflow attempt (more info ...) | attempted-dos | URL | |||
| 19380 | PROTOCOL-VOIP Session Name header overflow attempt (more info ...) | attempted-dos | URL | |||
| 19381 | PROTOCOL-VOIP Session Name header format string attempt (more info ...) | attempted-dos | URL | |||
| 19382 | PROTOCOL-VOIP Session Name header format string attempt (more info ...) | attempted-dos | URL | |||
| 19383 | PROTOCOL-VOIP Session Name invalid header attempt (more info ...) | attempted-dos | URL | |||
| 19384 | PROTOCOL-VOIP Session Name invalid header attempt (more info ...) | attempted-dos | URL | |||
| 19385 | PROTOCOL-VOIP Media header description field overflow attempt (more info ...) | attempted-dos | URL | |||
| 19386 | PROTOCOL-VOIP Media header description field overflow attempt (more info ...) | attempted-dos | URL | |||
| 19387 | PROTOCOL-VOIP Media header description field format string attempt (more info ...) | attempted-dos | URL | |||
| 19388 | PROTOCOL-VOIP Media header description field format string attempt (more info ...) | attempted-dos | URL | |||
| 19391 | PUA-ADWARE Lost Door v3.0 (more info ...) | trojan-activity | URL | |||
| 19392 | MALWARE-OTHER Keylogger Monitor.win32.perflogger (more info ...) | trojan-activity | URL | |||
| 19393 | MALWARE-OTHER Keylogger Monitor.win32.perflogger (more info ...) | trojan-activity | URL | |||
| 19394 | MALWARE-CNC Win.Trojan.Tidserv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19395 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Monkif.J inbound connection - dest ip infected (more info ...) | trojan-activity | URL | |||
| 19396 | MALWARE-CNC Win.Trojan.Beastdoor.b variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19397 | MALWARE-CNC Win.Trojan.UltimateDefender.xv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19398 | MALWARE-CNC Win.Trojan.BAT.Shutdown.ef variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19399 | MALWARE-CNC Email Worm Win32.Zhelatin.ch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19400 | MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19401 | MALWARE-CNC Win.Worm.Sddrop.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19402 | MALWARE-CNC P2P Worm.Win32.Malas.r variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19404 | MALWARE-CNC Win.Trojan.Ozdok variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19416 | OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (more info ...) | attempted-admin | URL | |||
| 19417 | OS-MOBILE Apple iOS 4.3.3 jailbreak for iPad download attempt (more info ...) | attempted-admin | URL | |||
| 19418 | OS-MOBILE Apple iOS 4.3.3 jailbreak for iPhone download attempt (more info ...) | attempted-admin | URL | |||
| 19419 | OS-MOBILE Apple iOS 4.3.3 jailbreak for iPod download attempt (more info ...) | attempted-admin | URL | |||
| 19420 | FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (more info ...) | attempted-user | 2011-0522 | 46008 | ||
| 19421 | FILE-MULTIMEDIA VideoLAN VLC Media Player Subtitle StripTags Heap Buffer Overflow (more info ...) | attempted-user | 2011-0522 | 46008 | ||
| 19422 | FILE-IDENTIFY matroska file magic detected (more info ...) | misc-activity | ||||
| 19423 | FILE-IDENTIFY MKV file download request (more info ...) | misc-activity | URL | |||
| 19424 | FILE-IDENTIFY MKA file download request (more info ...) | misc-activity | URL | |||
| 19425 | FILE-IDENTIFY MKS file download request (more info ...) | misc-activity | URL | |||
| 19426 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Crypter.i variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19427 | MALWARE-CNC Win.Trojan.Agent.amjz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19428 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Adload.BG variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19429 | MALWARE-CNC Win.Trojan.Proxy Win.Trojan.Dosenjo.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19433 | MALWARE-CNC Win.Trojan.Fujacks.aw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19434 | MALWARE-CNC User-Agent known malicious user-agent string ErrCode (more info ...) | trojan-activity | URL | |||
| 19435 | MALWARE-CNC Win.Trojan.Litmus.203 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19441 | SERVER-WEBAPP Oracle Virtual Server Agent command injection attempt (more info ...) | attempted-admin | 2010-3585 | 44031 | URL | |
| 19451 | SERVER-OTHER Oracle VM server agent command injection (more info ...) | attempted-user | 2010-3582 | |||
| 19452 | SERVER-OTHER Oracle VM server agent command injection (more info ...) | attempted-user | 2010-3582 | |||
| 19453 | PUA-ADWARE Sus.BancDI-B trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 19454 | MALWARE-CNC Win.Trojan.PWS.Win32.QQPass.IK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19455 | MALWARE-CNC Worm.Win32.AutoRun.aw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19456 | MALWARE-CNC Packed.Win32.Klone.bj variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19457 | MALWARE-CNC Trojan-Clicker.Win32.Vesloruki.ajb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19477 | MALWARE-CNC Win.Trojan.Krap.af variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19478 | MALWARE-CNC Worm.Win32.Taterf.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19479 | MALWARE-CNC Net-Worm.Win32.Piloyd.m variant outbound connection - request html (more info ...) | trojan-activity | URL | |||
| 19480 | MALWARE-CNC User-Agent known malicious user-agent string STORMDDOS - Backdoor.Win32.Inject.ctt (more info ...) | trojan-activity | URL | |||
| 19481 | MALWARE-CNC Email-Worm.Win32.Agent.bx variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19482 | MALWARE-CNC User-Agent known malicious user-agent string ErrorFix (more info ...) | trojan-activity | URL | |||
| 19483 | MALWARE-CNC Win.Trojan.Reload.fy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19484 | MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19485 | MALWARE-CNC User-Agent known malicious user agent - RAV1 (more info ...) | trojan-activity | URL | |||
| 19486 | PUA-ADWARE W32.Fiala.A outbound connection (more info ...) | trojan-activity | URL | |||
| 19487 | MALWARE-CNC Win.Trojan.Agent.kih variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19488 | MALWARE-CNC Worm.Win32.Failnum.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19489 | MALWARE-CNC Win.Trojan.DeAlfa.fa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19490 | MALWARE-CNC Win.Trojan.Koceg.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19491 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Genome.vau variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19492 | MALWARE-CNC Windows System Defender variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19493 | MALWARE-CNC URI request for known malicious uri config.ini on 3322.org domain (more info ...) | trojan-activity | URL | |||
| 19494 | MALWARE-CNC Win.Trojan.Licum variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19495 | MALWARE-CNC Win.Worm.Pilleuz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19551 | MALWARE-OTHER self-signed SSL certificate with default Internet Widgits Pty Ltd organization name (more info ...) | policy-violation | URL | |||
| 19554 | MALWARE-CNC Win.Trojan.Fakeav Antivirus Xp Pro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19555 | MALWARE-CNC Win.Trojan.Small variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19556 | MALWARE-CNC Win.Trojan.Homa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19557 | MALWARE-CNC Win.Trojan.Shark.ag variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19558 | SERVER-WEBAPP JBoss expression language actionOutcome remote code execution (more info ...) | attempted-admin | 2010-1871 | 41994 | ||
| 19566 | PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (more info ...) | trojan-activity | URL | |||
| 19567 | PUA-ADWARE W32.Ackantta.C.mm mass-mailer outbound connection (more info ...) | trojan-activity | URL | |||
| 19568 | MALWARE-CNC Trojan-Spy.Win32.PerfectKeylogger variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19569 | MALWARE-CNC Win.Trojan.Perkesh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19570 | MALWARE-CNC User-Agent known malicious user agent - ie 11.0 sp6 (more info ...) | trojan-activity | URL | |||
| 19571 | PUA-ADWARE Antivirus Agent Pro outbound connection (more info ...) | trojan-activity | URL | |||
| 19572 | MALWARE-CNC Win.Trojan.FFSearch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19573 | MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19574 | MALWARE-CNC Win.Worm.Chiviper.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19575 | MALWARE-CNC Win.Worm.Emold.U variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19576 | PUA-ADWARE Antivirus Pro 2010 outbound connection (more info ...) | trojan-activity | URL | |||
| 19577 | MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Dogrobot.E variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19578 | PUA-ADWARE Personal Guard 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 19579 | MALWARE-CNC Win.Trojan.Potao.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19580 | MALWARE-CNC Win.Worm.Basun.wsc inbound connection (more info ...) | trojan-activity | URL | |||
| 19581 | MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19582 | MALWARE-CNC Win.Trojan.Downloader.Win32.Apher.gpd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19583 | MALWARE-CNC Win.Trojan.Bumat.rts variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19584 | MALWARE-CNC Win.Worm.Dref.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19585 | MALWARE-CNC Win.Worm.Dref.C variant outbound connection - notification (more info ...) | trojan-activity | URL | |||
| 19586 | MALWARE-CNC Win.Trojan.Clicker Win.Trojan.Agent.dlg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19587 | MALWARE-CNC Win.Trojan.Sereki.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19588 | MALWARE-CNC Win.Trojan.Sereki.B successful connection (more info ...) | trojan-activity | URL | |||
| 19589 | MALWARE-CNC User-Agent known malicious User-Agent string MacProtector (more info ...) | trojan-activity | URL | |||
| 19590 | MALWARE-CNC Win.Trojan.Savnut.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19591 | MALWARE-CNC Win.Trojan.Powp.pyv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19592 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | misc-activity | URL | |||
| 19594 | PUA-ADWARE Win32.Fruspam outbound connection (more info ...) | misc-activity | URL | |||
| 19595 | MALWARE-OTHER known malicious email string - You have received a Hallmark E-Card (more info ...) | misc-activity | URL | |||
| 19596 | MALWARE-CNC Poison Ivy variant outbound connection (more info ...) | misc-activity | URL | |||
| 19597 | MALWARE-CNC Win.Trojan.Agent.cws variant outbound connection (more info ...) | misc-activity | URL | |||
| 19598 | PUA-ADWARE Infostealer.Gampass outbound connection (more info ...) | misc-activity | URL | |||
| 19605 | SERVER-ORACLE Glass Fish Server malformed username cross site scripting attempt (more info ...) | attempted-user | 2011-2260 | |||
| 19608 | MALWARE-CNC Win.Trojan.Wisscmd.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19611 | MALWARE-CNC User-Agent known malicious User-Agent string INet - Win32.Virus.Jusabli.A (more info ...) | trojan-activity | URL | |||
| 19612 | MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.bvk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19613 | MALWARE-CNC Rogue Software Registry Cleaner Pro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19614 | MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19615 | MALWARE-CNC Win.Trojan.IRCBot.kkr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19616 | MALWARE-CNC Win.Trojan.Banker.Win32.Banbra.mcq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19618 | FILE-OTHER Multiple products request for dwmapi.dll over SMB attempt (more info ...) | attempted-user | 2017-17069 | 62836 | URL | |
| 19621 | FILE-MULTIMEDIA MultiMedia Soft Components AdjMmsEng.dll PLS file processing buffer overflow attempt (more info ...) | attempted-user | 2009-5109 | 33589 | ||
| 19622 | MALWARE-CNC URI request for known malicious URI - pte.aspx?ver= (more info ...) | trojan-activity | URL | |||
| 19623 | MALWARE-CNC URI request for known malicious URI - vic.aspx?ver= (more info ...) | trojan-activity | URL | |||
| 19626 | MALWARE-CNC URI request for known malicious URI - /setup_b.asp?prj= (more info ...) | trojan-activity | URL | |||
| 19627 | MALWARE-CNC URI request for known malicious URI - /r_autoidcnt.asp?mer_seq= (more info ...) | trojan-activity | URL | |||
| 19631 | MALWARE-CNC URI request for known malicious URI - AnSSip= (more info ...) | trojan-activity | URL | |||
| 19635 | MALWARE-CNC URI request for known malicious URI - /app/?prj= (more info ...) | trojan-activity | URL | |||
| 19636 | MALWARE-CNC URI request for known malicious URI - /blog/images/3521.jpg?v (more info ...) | trojan-activity | URL | |||
| 19637 | MALWARE-CNC URI request for known malicious URI - /install.asp?mac= (more info ...) | trojan-activity | URL | |||
| 19638 | MALWARE-CNC URI request for known malicious URI - /kx4.txt (more info ...) | trojan-activity | URL | |||
| 19645 | SERVER-WEBAPP cross-site scripting attempt via form data attempt (more info ...) | attempted-user | 2013-2618 | |||
| 19646 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 19647 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 19648 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 19652 | MALWARE-CNC Teevsock C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19654 | MALWARE-CNC Trojan-Spy.Win32.Zbot.wti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19655 | MALWARE-CNC Trojan-Dropper.Agent.IK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19656 | MALWARE-CNC Trojan-Dropper.Win32.Peace.lh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19657 | MALWARE-CNC Win.Trojan.FakeAV variant traffic (more info ...) | trojan-activity | URL | |||
| 19658 | MALWARE-CNC Win.Trojan.MCnovogic.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19659 | MALWARE-CNC Win.Trojan.Soleseq.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19660 | MALWARE-CNC Win.Trojan.Riern.K variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19695 | MALWARE-CNC Win.Trojan.Downloader.Win32.VB.nec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19696 | MALWARE-CNC Win.Trojan.SdBot.nng inbound connection (more info ...) | trojan-activity | URL | |||
| 19697 | MALWARE-CNC Win.Trojan.Spy.Win32.VB.btm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19698 | MALWARE-CNC Win.Trojan.Prosti.AG variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19699 | MALWARE-CNC TrojanDownloader.Win32.Korklic.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19700 | MALWARE-CNC Win.Trojan.Agent.tnr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19701 | MALWARE-CNC Win.Trojan.Hassar.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19702 | MALWARE-CNC Win.Trojan.Zboter.E variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19703 | MALWARE-CNC Win.Worm.Dusta.br outbound connnection (more info ...) | trojan-activity | URL | |||
| 19704 | MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19705 | MALWARE-CNC Win.Trojan.Agent.grdm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19706 | MALWARE-CNC Win.Trojan.Agent.cer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19711 | MALWARE-CNC Win.Trojan.Jorik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19712 | MALWARE-CNC Win.Trojan.Downloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19715 | MALWARE-CNC Win.Trojan.URLZone variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19716 | MALWARE-CNC TrojanSpy.Win32.Banker.OO variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19717 | PUA-ADWARE Virus.Win32.Virut.ce outbound connection (more info ...) | trojan-activity | URL | |||
| 19718 | MALWARE-CNC Trojan-Downloader.Win32.Agent.bkap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19719 | MALWARE-CNC Email-Worm.Win32.Bagle.of variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19720 | MALWARE-CNC Trojan-Downloader.Win32.Onestage.ws variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19721 | MALWARE-CNC Win.Trojan.IRCBot.mlh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19722 | MALWARE-CNC Win.Trojan.Poshtroper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19723 | MALWARE-CNC Win.Trojan.Pherbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19724 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19725 | MALWARE-CNC Win.Trojan.Poison variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19726 | MALWARE-CNC Win.Trojan.Poison variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19727 | MALWARE-CNC Win.Trojan.Bancos.DI variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19728 | MALWARE-CNC Win.Trojan.Yayih variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19729 | MALWARE-CNC Win.Trojan.Yayih variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19730 | MALWARE-CNC Win.Trojan.KukuBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19731 | MALWARE-CNC Win.Trojan.Darkwebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19732 | MALWARE-CNC Win.Trojan.Idicaf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19733 | MALWARE-CNC Win.Trojan.Jorik.BRU variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19739 | MALWARE-CNC Win.Trojan.Apptom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19740 | MALWARE-CNC Worm.Win32.AutoRun.aczu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19742 | MALWARE-CNC Win.Trojan.Agent.atff variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19743 | MALWARE-CNC Win.Trojan.Hupigon.eqlo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19744 | MALWARE-CNC Worm.Win32.Deecee.a variant outbound connection (more info ...) | misc-activity | URL | |||
| 19745 | MALWARE-CNC Win.Trojan.FraudLoad.dyl variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19746 | MALWARE-CNC Win.Trojan.Agent.biiw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19748 | MALWARE-CNC Win.Trojan.Crypt.ULPM.Gen IRC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19749 | MALWARE-CNC Win.Trojan.Agent.chgp variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19750 | MALWARE-CNC PWS.Win32.Zbot.PJ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19751 | MALWARE-CNC Worm.Win32.Sohanad.bm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19752 | MALWARE-CNC Win.Trojan.Downloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19753 | MALWARE-CNC Win.Trojan.TrojanSpy.Win32.Zbot.gen.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19754 | MALWARE-CNC Win.Trojan.Downloader.Delf.RGL variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19755 | MALWARE-CNC Win.Trojan.Alphabet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19757 | MALWARE-CNC Win.Trojan.Agent.bqlu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19758 | MALWARE-CNC Win.Trojan.Small.yw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19759 | MALWARE-CNC Trojan-PSW.Win32.FireThief.h variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19760 | MALWARE-CNC Win.Trojan.Arsinfoder variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19762 | MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19763 | MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19764 | MALWARE-CNC Win.Trojan.RDPdoor.AE variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19765 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19766 | MALWARE-CNC Win.Worm.Autorun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19767 | MALWARE-CNC Win.Trojan.Msposer.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19769 | MALWARE-CNC Win.Trojan.Yoddos outbound indicator (more info ...) | trojan-activity | URL | |||
| 19770 | MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19771 | MALWARE-CNC Win.Trojan.Yoddos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19772 | MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19773 | MALWARE-CNC Virus.Win32.Parite.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19774 | MALWARE-CNC Gen-Trojan.Heur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19775 | PUA-ADWARE PWS.Win32.Ldpinch.gen outbound connection (more info ...) | trojan-activity | URL | |||
| 19776 | MALWARE-CNC Win.Trojan.Agent2.guy dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19777 | PUA-ADWARE Fast Antivirus 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 19781 | MALWARE-CNC Trojan-Dropper.Win32.Agent.aqpn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19782 | MALWARE-CNC Win.Trojan.AVKill.bc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19783 | MALWARE-CNC Win.Trojan.Banload.agcw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19784 | MALWARE-CNC Worm.Win32.AutoRun.sde variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19785 | MALWARE-CNC Win.Trojan.Downloader.Win32.Malushka.T variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19787 | MALWARE-CNC Exploit-PDF.t variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19788 | MALWARE-CNC Win.Trojan.Downloader.Win32.VB.pnc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19789 | MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19790 | MALWARE-CNC P2P Worm Win.Trojan.SpyBot.pgh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19791 | MALWARE-CNC Trojan-Dropper.Win32.Small.awa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19792 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Caxnet.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19793 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.SillyFDC-DS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19794 | MALWARE-CNC Win.Trojan.Fnumbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19795 | MALWARE-CNC Win.Trojan.FakeAV NoAdware variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19796 | MALWARE-CNC Win.Trojan.DL.CashnJoy.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19797 | MALWARE-CNC Safety Center variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19798 | MALWARE-CNC Win.Trojan.Agent2.kxu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19799 | MALWARE-CNC PWS.Win32.Zbot.gen.Q variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19800 | MALWARE-CNC Win.Trojan.Pher.ij variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19801 | MALWARE-CNC Win.Trojan.Tracur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19802 | MALWARE-CNC Win.Trojan.Wixud.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19803 | MALWARE-CNC Win.Trojan.Renos.FH variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19804 | MALWARE-CNC Win.Trojan.VB.ktq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19805 | MALWARE-CNC Win.Trojan.Smser.cx variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19819 | MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19820 | MALWARE-CNC Win.Trojan.Ertfor.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19821 | MALWARE-CNC Worm.Win32.Bagle.gen.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19822 | MALWARE-CNC Win.Trojan.Banload.HH variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19823 | PUA-ADWARE Downloader.Banload.AKBB outbound connection (more info ...) | trojan-activity | URL | |||
| 19824 | MALWARE-CNC Gen-Trojan.Heur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19827 | PUA-ADWARE PWS-QQGame outbound connection (more info ...) | trojan-activity | URL | |||
| 19828 | MALWARE-CNC Win.Trojan.SpyAgent.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19829 | MALWARE-CNC Win.Trojan.Rbot.gen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19830 | MALWARE-CNC Win.Trojan.Poebot.BP variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19831 | MALWARE-CNC Win.Trojan.Zbot.SO variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19832 | MALWARE-CNC Win.Trojan.Veslorn.gen.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19833 | MALWARE-CNC Win.Trojan.Banload.bda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19834 | MALWARE-CNC Win.Trojan.ZBot.RD variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19835 | PUA-ADWARE Delphi-Piette Windows (more info ...) | misc-activity | URL | |||
| 19836 | MALWARE-CNC Spy-Net 0.7 runtime (more info ...) | trojan-activity | URL | |||
| 19837 | PUA-ADWARE Spyware Guard 2008 outbound connection (more info ...) | misc-activity | URL | |||
| 19838 | PUA-ADWARE Spyware Guard 2008 outbound connection (more info ...) | misc-activity | URL | |||
| 19839 | PUA-ADWARE Antivirus XP 2008 runtime detection (more info ...) | misc-activity | URL | |||
| 19840 | PUA-ADWARE XP Antispyware 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 19842 | PUA-ADWARE Windows Antivirus 2008 (more info ...) | trojan-activity | URL | |||
| 19843 | PUA-ADWARE Windows Antivirus 2008 (more info ...) | trojan-activity | URL | |||
| 19848 | PUA-ADWARE Adware.Virtumonde runtime detection (more info ...) | trojan-activity | URL | |||
| 19849 | PUA-ADWARE Adware.Virtumonde runtime detection (more info ...) | trojan-activity | URL | |||
| 19850 | MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19851 | MALWARE-CNC Worm.Win32.AutoRun.qgg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19852 | MALWARE-CNC Win.Trojan.Downloader.Win32.Delf.tbv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19853 | PUA-ADWARE Wowpa KI outbound connection (more info ...) | trojan-activity | URL | |||
| 19856 | MALWARE-CNC Packed.Win32.Krap.i variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19857 | MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - Windows (more info ...) | trojan-activity | URL | |||
| 19858 | MALWARE-CNC Win.Trojan.Hupigon.hhbd variant outbound connection - non-Windows (more info ...) | trojan-activity | URL | |||
| 19859 | PUA-ADWARE XP Deluxe Protector outbound connection (more info ...) | trojan-activity | URL | |||
| 19860 | PUA-ADWARE Trust Warrior outbound connection (more info ...) | trojan-activity | URL | |||
| 19861 | MALWARE-CNC Win.Trojan.Agent.cqcv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19862 | MALWARE-CNC Win.Trojan.Scar.iej variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19863 | MALWARE-CNC Win.Trojan.Httpbot.yi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19864 | MALWARE-CNC Win.Trojan.Nvbpass variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19865 | MALWARE-CNC Win.Trojan.Arhost.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19868 | INDICATOR-OBFUSCATION hidden 1x1 div tag - potential malware obfuscation (more info ...) | misc-activity | URL | |||
| 19870 | MALWARE-TOOLS Anonymous Perl RefRef DoS tool (more info ...) | attempted-dos | URL | |||
| 19882 | MALWARE-CNC URI request for known malicious URI - /160.rar - Win32/Morto.A (more info ...) | trojan-activity | URL | |||
| 19883 | FILE-MULTIMEDIA VideoLAN VLC Media Player libdirectx_plugin.dll AMV parsing buffer overflow attempt (more info ...) | attempted-user | 2010-3275 | |||
| 19884 | INDICATOR-OBFUSCATION String.fromCharCode with multiple encoding types detected (more info ...) | policy-violation | URL | |||
| 19889 | INDICATOR-OBFUSCATION base64-encoded data object found (more info ...) | policy-violation | URL | |||
| 19895 | MALWARE-CNC Win.Trojan.Delf.jwh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19896 | PUA-ADWARE Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Install Detection (more info ...) | misc-activity | URL | |||
| 19897 | PUA-TOOLBARS Adware.Win32.Frosty Goes Skiing Screen Saver 2.2 Runtime Detection (more info ...) | misc-activity | URL | |||
| 19898 | MALWARE-CNC Cinmus Variant variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19899 | MALWARE-OTHER Tong Keylogger outbound connectiooutbound connection (more info ...) | trojan-activity | URL | |||
| 19900 | MALWARE-OTHER Tong Keylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 19901 | MALWARE-OTHER Tong Keylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 19902 | PUA-ADWARE Targetedbanner.biz Adrotator outbound connection (more info ...) | misc-activity | URL | |||
| 19903 | PUA-ADWARE Win32.Agent.vvm outbound connection (more info ...) | misc-activity | URL | |||
| 19904 | PUA-ADWARE WinReanimator outbound connection (more info ...) | misc-activity | URL | |||
| 19905 | MALWARE-CNC Win.Trojan.Small.jog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19906 | PUA-TOOLBARS 6SQ Toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 19912 | MALWARE-CNC Win.Trojan.DelfInject.gen!X variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19914 | MALWARE-CNC Win.Trojan.Quivoe.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19915 | MALWARE-CNC Win.Trojan.Gnutler.apd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19916 | MALWARE-CNC Win.Trojan.Bancos.ACB variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19917 | MALWARE-CNC Win.Trojan.Sogu.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19918 | MALWARE-CNC Win.Worm.Ganelp.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19919 | MALWARE-CNC Win.Trojan.Murcy.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19920 | MALWARE-CNC Win.Trojan.Reppserv.A outbond connection (more info ...) | trojan-activity | URL | |||
| 19921 | MALWARE-CNC Win.Trojan.Puprlehzae.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19922 | MALWARE-CNC Win.Trojan.Shiz.ivr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19923 | MALWARE-CNC Win.Trojan.Venik.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19924 | MALWARE-CNC Win.Trojan.Spidern.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19927 | MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (more info ...) | trojan-activity | URL | |||
| 19928 | MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (more info ...) | trojan-activity | URL | |||
| 19929 | MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (more info ...) | trojan-activity | URL | |||
| 19930 | MALWARE-BACKDOOR BRX Rat 0.02 inbound connection (more info ...) | trojan-activity | URL | |||
| 19931 | MALWARE-CNC Win.Trojan.Lineage.Gen.Pac.3 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19933 | INDICATOR-SCAN DirBuster brute forcing tool detected (more info ...) | web-application-attack | URL | |||
| 19934 | MALWARE-CNC User-Agent known malicious user-agent string MYURL (more info ...) | trojan-activity | URL | |||
| 19935 | MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19936 | MALWARE-CNC Win.Trojan.Dropper Win.Trojan.Delf.aba variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19939 | PUA-ADWARE WeatherStudio outbound connection (more info ...) | misc-activity | URL | |||
| 19940 | MALWARE-CNC Trojan-Dropper.IRC.TKB variant outbound connection - dir4you (more info ...) | trojan-activity | URL | |||
| 19941 | MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19942 | MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Gen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19944 | MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.ykl variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19945 | MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19946 | MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.amwd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19947 | MALWARE-CNC Win.Trojan.Agent.amwd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19948 | MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19949 | MALWARE-CNC Win.Trojan.Agent.asjk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19950 | MALWARE-CNC Win.Trojan.Defsel inbound connection (more info ...) | trojan-activity | URL | |||
| 19951 | MALWARE-CNC Win.Trojan.Defsel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19952 | MALWARE-CNC Biodox inbound connection (more info ...) | trojan-activity | URL | |||
| 19953 | MALWARE-CNC Biodox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19954 | MALWARE-CNC Hack Style RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19955 | MALWARE-CNC PaiN RAT 0.1 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19957 | MALWARE-CNC Arabian-Attacker 1.1.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19958 | MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19959 | MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19960 | MALWARE-CNC Win.Trojan.Agent.aulk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19961 | MALWARE-CNC Fouad 1.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19962 | MALWARE-CNC Email-Worm.CryptBox-A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19963 | MALWARE-CNC Win.Trojan.Downloader.Win32.Banload.aajs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19964 | MALWARE-CNC Win.Trojan.Sality variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19965 | MALWARE-CNC Win.Trojan.Downloader.Win32.Agent.avzz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19966 | MALWARE-CNC Octopus 0.1 inbound connection (more info ...) | trojan-activity | URL | |||
| 19967 | MALWARE-CNC Trojan-PSW.Win32.Papras.dm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19968 | MALWARE-CNC Win.Trojan.PSW.QQPass.amx variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19969 | MALWARE-CNC Win.Trojan.Crypt.CY variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19970 | MALWARE-CNC Win.Trojan.Smalltroj.MHYR variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19971 | MALWARE-CNC Win.Trojan.Mudrop.lj variant outbound connection (more info ...) | misc-activity | URL | |||
| 19973 | MALWARE-CNC Worm.Win.Trojan.Nebuler.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19974 | MALWARE-CNC Win.Trojan.Small.bwj variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19975 | MALWARE-CNC Win.Trojan.Crypt.vb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19977 | MALWARE-CNC Win.Trojan.LooksLike.Zaplot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19978 | MALWARE-CNC Viking.JB Worm runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19979 | MALWARE-CNC IRCBot runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19980 | MALWARE-CNC IRCBot runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19981 | MALWARE-CNC Win.Trojan.Micstus.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19982 | MALWARE-CNC Win.Trojan.Agent.wwe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19983 | MALWARE-CNC Win.Trojan.Kolabc.fic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19984 | PUA-ADWARE Antivirus 2010 outbound connection (more info ...) | trojan-activity | URL | |||
| 19985 | PUA-ADWARE AntivirusPC2009 runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19986 | PUA-ADWARE AntivirusPC2009 install-time traffic detected (more info ...) | trojan-activity | URL | |||
| 19987 | PUA-ADWARE PCLiveGuard outbound connection (more info ...) | trojan-activity | URL | |||
| 19988 | MALWARE-CNC Asprox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19989 | PUA-ADWARE Total Protect 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 19990 | PUA-ADWARE Total Protect 2009 outbound connection (more info ...) | trojan-activity | URL | |||
| 19991 | MALWARE-CNC Win.Trojan.Zbot.PG runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19992 | MALWARE-CNC Trojan-Dropper.Win32.Farfli.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19993 | MALWARE-CNC Win32 Poebot runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 19994 | PUA-ADWARE Antivirus 360 outbound connection (more info ...) | trojan-activity | URL | |||
| 19995 | MALWARE-CNC Waledac variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19996 | MALWARE-CNC Worm Brontok.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19997 | MALWARE-CNC Win.Trojan.PSW.Win32.QQPass.gam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 19999 | PUA-ADWARE ThreatNuker outbound connection (more info ...) | trojan-activity | URL | |||
| 20001 | MALWARE-CNC Allaple.e variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20002 | MALWARE-CNC Allaple.e variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20003 | MALWARE-CNC Win.Trojan.Spy Pilonoc runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20004 | MALWARE-CNC Win.Trojan.Spy Pilonoc install-time traffic detected (more info ...) | trojan-activity | URL | |||
| 20005 | MALWARE-CNC Win32 Lecna.cr runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20006 | MALWARE-CNC Worm Plurp.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20007 | PUA-ADWARE Cinmus.asaq outbound connection (more info ...) | trojan-activity | URL | |||
| 20008 | MALWARE-CNC Malware PDFMarca.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20009 | MALWARE-CNC User-Agent known malicious User-Agent string Baby Remote - Win32/Babmote.A (more info ...) | trojan-activity | URL | |||
| 20010 | MALWARE-CNC Win32/Babmote.A runtime TCP traffic detected (more info ...) | trojan-activity | URL | |||
| 20011 | MALWARE-CNC Briewots.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20012 | MALWARE-CNC User-Agent known malicious user-agent string feranet/0.4 - Win32/Ferabsa.A (more info ...) | trojan-activity | URL | |||
| 20013 | SERVER-WEBAPP HP OpenView Network Node Manager webappmon.exe host header buffer overflow attempt (more info ...) | attempted-admin | 2009-4177 | 37341 | URL | |
| 20014 | MALWARE-CNC Kaju variant outbound connection - confirmation (more info ...) | trojan-activity | URL | |||
| 20015 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20016 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20017 | MALWARE-CNC Win.Worm.Koobface.dq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20018 | MALWARE-CNC Win.Worm.Autorun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20019 | MALWARE-CNC User-Agent known malicious user agent - test (more info ...) | trojan-activity | URL | |||
| 20020 | MALWARE-CNC Win.Trojan.MalwareDoctor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20021 | MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (more info ...) | trojan-activity | URL | |||
| 20022 | MALWARE-CNC Win.Worm.Padobot.z variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20023 | MALWARE-CNC Advanced Virus Remover variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20024 | MALWARE-CNC Win.Trojan.Dreamy.bc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20025 | PUA-ADWARE VirusBye outbound connection (more info ...) | trojan-activity | URL | |||
| 20026 | MALWARE-CNC Win.Trojan.Downloader.Win32.Banker.abg.b variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20028 | MALWARE-CNC Windows Antivirus Pro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20032 | FILE-IDENTIFY MIME file type file download request (more info ...) | misc-activity | ||||
| 20034 | FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (more info ...) | attempted-user | 2011-1336 | |||
| 20035 | MALWARE-CNC Win.Trojan.Win32 Coinbit.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20036 | MALWARE-CNC Win.Trojan.Win32 Agent.ndau runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20037 | MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20038 | MALWARE-CNC Win.Trojan.Agent.cve runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20039 | MALWARE-CNC User-Agent known malicious user-agent string Hardcore Software (more info ...) | trojan-activity | URL | |||
| 20040 | MALWARE-CNC Win.Trojan.KSpyPro.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20041 | PUA-ADWARE Adware.BB outbound connection (more info ...) | trojan-activity | URL | |||
| 20042 | MALWARE-CNC Win.Trojan.Sinowal outbond connection (more info ...) | trojan-activity | URL | |||
| 20043 | MALWARE-CNC Adware Kraddare.AZ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20044 | BROWSER-PLUGINS F-Secure Anti-Virus fsresh.dll clsid access (more info ...) | attempted-user | URL | |||
| 20048 | SERVER-OTHER Trend Micro Control Manager CasLogDirectInsertHandler.cs cross site request forgery attempt (more info ...) | attempted-user | URL | |||
| 20051 | SERVER-OTHER SAP MaxDB malformed handshake request buffer overflow attempt (more info ...) | attempted-admin | 2010-1185 | 38769 | ||
| 20054 | SERVER-OTHER HP OpenView Network Node Manager denial of service attempt (more info ...) | denial-of-service | 2009-3840 | |||
| 20057 | MALWARE-CNC BitCoin Miner IP query (more info ...) | trojan-activity | URL | |||
| 20058 | SERVER-OTHER VMWare authorization service user credential parsing DoS attempt (more info ...) | attempted-dos | 2009-3707 | 36630 | ||
| 20063 | PUA-ADWARE SecurityTool outbound connection (more info ...) | trojan-activity | URL | |||
| 20064 | MALWARE-CNC Malware Win.Trojan.Clemag.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20066 | MALWARE-CNC Win.Trojan.Win32 SensLiceld.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20067 | MALWARE-CNC Win.Trojan.Win32 Zatvex.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20068 | MALWARE-CNC Win.Trojan.Jetilms.A runtime activity detected (more info ...) | trojan-activity | URL | |||
| 20069 | MALWARE-CNC Win.Trojan.VB.alhq runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20074 | MALWARE-CNC Win.Trojan.IRCBot.iseee variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20075 | MALWARE-CNC Win.Trojan.Ruskill.abl variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20076 | MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20077 | MALWARE-CNC Win.Trojan.Agobot.ast variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20078 | MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20079 | MALWARE-CNC Win.Trojan.Russkill.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20080 | MALWARE-CNC Win.Trojan.Derusbi.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20081 | MALWARE-CNC Win.Trojan.Downloader.Win32.Yakes.cbi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20082 | MALWARE-CNC Win.Trojan.Inject.raw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20083 | MALWARE-CNC Win.Trojan.Fucobha.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20084 | SERVER-OTHER ALTAP Salamander PE Viewer PDB Filename Buffer Overflow (more info ...) | attempted-user | 2007-3314 | URL | ||
| 20085 | MALWARE-CNC Win.Trojan.Veebuu.BX variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20086 | MALWARE-CNC Win.Trojan.Banload.ABY variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20087 | MALWARE-CNC Win.Trojan.Banker.FGU variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20088 | MALWARE-CNC Win.Trojan.Emudbot.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20089 | INDICATOR-COMPROMISE IRC nick change on non-standard port (more info ...) | trojan-activity | ||||
| 20090 | INDICATOR-COMPROMISE IRC DCC file transfer request on non-standard port (more info ...) | trojan-activity | ||||
| 20091 | INDICATOR-COMPROMISE IRC DCC chat request on non-standard port (more info ...) | trojan-activity | ||||
| 20092 | INDICATOR-COMPROMISE IRC channel join on non-standard port (more info ...) | trojan-activity | ||||
| 20093 | INDICATOR-COMPROMISE IRC channel notice on non-standard port (more info ...) | trojan-activity | ||||
| 20094 | INDICATOR-COMPROMISE IRC message on non-standard port (more info ...) | trojan-activity | ||||
| 20096 | MALWARE-CNC Win.Trojan.Agent.dcir variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20097 | MALWARE-CNC Win.Trojan.Agent.dcir infected host at destination ip (more info ...) | trojan-activity | URL | |||
| 20098 | MALWARE-CNC Win.Trojan.KeyLogger.wav variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20099 | MALWARE-CNC Win.Trojan.Xtrat.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20100 | PUA-ADWARE Adware Arcade Web - installation/update (more info ...) | misc-activity | ||||
| 20101 | PUA-ADWARE Adware Arcade Web - User-Agent (more info ...) | misc-activity | URL | |||
| 20102 | PUA-ADWARE Adware Arcade Web - X-Arcadeweb header (more info ...) | misc-activity | URL | |||
| 20103 | PUA-ADWARE Adware playsushi - User-Agent (more info ...) | misc-activity | URL | |||
| 20104 | MALWARE-CNC User-Agent known malicious user-agent string - InfoBot (more info ...) | trojan-activity | URL | |||
| 20105 | MALWARE-CNC User-Agent known malicious user-agent string - IPHONE (more info ...) | trojan-activity | URL | |||
| 20106 | MALWARE-CNC User-Agent known malicious user-agent string - darkness (more info ...) | trojan-activity | URL | |||
| 20107 | MALWARE-CNC Win.Trojan.Downloader.Win32.Small.Cns variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20108 | MALWARE-CNC Win.Trojan.Banker.Pher variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20109 | MALWARE-CNC Win.Trojan.Zombie.sm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20133 | FILE-OTHER MHTML XSS attempt (more info ...) | attempted-user | 2014-1747 | URL | ||
| 20138 | SERVER-OTHER Nortel Networks Multiple UNIStim VoIP Products Remote Eavesdrop Attempt (more info ...) | attempted-recon | 2007-5637 | 26120 | ||
| 20143 | PUA-ADWARE Adware mightymagoo/playpickle/livingplay - User-Agent (more info ...) | misc-activity | ||||
| 20146 | FILE-PDF attempted download of a PDF with embedded PICT image (more info ...) | policy-violation | ||||
| 20151 | FILE-PDF attempted download of a PDF with embedded PCX image (more info ...) | policy-violation | ||||
| 20157 | SERVER-ORACLE Oracle GlassFish Server war file upload attempt (more info ...) | attempted-admin | 2011-0807 | 47438 | ||
| 20158 | SERVER-WEBAPP Oracle GlassFish Server default credentials login attempt (more info ...) | attempted-admin | 2012-0551 | 53136 | URL | |
| 20159 | SERVER-WEBAPP Oracle GlassFish Server authentication bypass attempt (more info ...) | attempted-admin | 2011-0807 | 47438 | ||
| 20160 | SERVER-WEBAPP Oracle GlassFish Server successful authentication bypass attempt (more info ...) | attempted-admin | 2011-0807 | 47438 | ||
| 20172 | FILE-IDENTIFY Metastock mwl file magic detected (more info ...) | misc-activity | URL | |||
| 20173 | PROTOCOL-SCADA Cogent DataHub server-side information disclosure (more info ...) | web-application-attack | 2011-3502 | |||
| 20174 | PROTOCOL-SCADA Cogent DataHub server-side information disclosure (more info ...) | web-application-attack | 2011-3502 | |||
| 20178 | PROTOCOL-SCADA RSLogix rna protocol denial of service attempt (more info ...) | attempted-dos | 2011-3489 | URL | ||
| 20185 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_fs_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20186 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_sys_process_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20187 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_sys_eventlog_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20188 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_sys_config_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20189 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_ui_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20190 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_registry_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20191 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_net_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20192 | INDICATOR-SHELLCODE Metasploit meterpreter incognito_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20193 | INDICATOR-SHELLCODE Metasploit meterpreter webcam_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20194 | INDICATOR-SHELLCODE Metasploit meterpreter sniffer_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20195 | INDICATOR-SHELLCODE Metasploit meterpreter priv_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20196 | INDICATOR-SHELLCODE Metasploit meterpreter lanattacks_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20197 | INDICATOR-SHELLCODE Metasploit meterpreter espia_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20198 | INDICATOR-SHELLCODE Metasploit meterpreter networkpug_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20199 | INDICATOR-SHELLCODE Metasploit meterpreter stdapi_railgun_method request/response attempt (more info ...) | shellcode-detect | URL | |||
| 20201 | MALWARE-CNC User-Agent known malicious user-agent string - meterpreter (more info ...) | trojan-activity | URL | |||
| 20202 | MALWARE-CNC Apple OSX.Revir-1 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20204 | MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (more info ...) | trojan-activity | 2011-0611 | URL | ||
| 20205 | MALWARE-CNC Win32/Poison beaconing request (more info ...) | trojan-activity | URL | |||
| 20207 | PROTOCOL-SCADA Cogent unicode buffer overflow attempt (more info ...) | attempted-admin | 2011-3493 | |||
| 20208 | PROTOCOL-SCADA Cogent unicode buffer overflow attempt (more info ...) | attempted-admin | 2011-3493 | |||
| 20209 | PROTOCOL-SCADA Cogent unicode buffer overflow attempt (more info ...) | attempted-admin | 2011-3493 | |||
| 20210 | PROTOCOL-SCADA Cogent unicode buffer overflow attempt (more info ...) | attempted-admin | 2011-3493 | |||
| 20212 | SERVER-OTHER SSL CBC encryption mode weakness brute force attempt (more info ...) | attempted-recon | 2011-3389 | URL | ||
| 20213 | MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20216 | PROTOCOL-SCADA Beckhoff TwinCAT DoS (more info ...) | attempted-dos | 2011-3486 | |||
| 20217 | MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20218 | MALWARE-CNC Win.Trojan.Ramagedos.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20219 | MALWARE-CNC Win.Trojan.ToriaSpy.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20220 | PUA-ADWARE Adware.Wizpop outbound connection (more info ...) | trojan-activity | URL | |||
| 20221 | MALWARE-CNC Win.Trojan.Injector variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20222 | MALWARE-CNC Win.Trojan.Payazol.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20223 | FILE-IDENTIFY SMI file download request (more info ...) | misc-activity | 49149 | URL | ||
| 20224 | FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (more info ...) | attempted-user | 49149 | |||
| 20225 | FILE-OTHER SMI file download request (more info ...) | misc-activity | 49149 | |||
| 20226 | FILE-OTHER MPlayer SMI file buffer overflow attempt (more info ...) | attempted-user | 49149 | |||
| 20227 | FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (more info ...) | attempted-user | 2011-0531 | 46060 | URL | |
| 20228 | MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20229 | MALWARE-CNC Win.Trojan.Jinchodz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20230 | MALWARE-CNC User-Agent known malicious user-agent string 0pera 10 (more info ...) | trojan-activity | URL | |||
| 20232 | MALWARE-CNC Win.Trojan.Cycbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20233 | MALWARE-CNC Win.Trojan.Virut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20234 | MALWARE-CNC Win.Trojan.Ceckno.cmz runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20250 | SERVER-OTHER IBM Tivoli Storage Manager Client Remote Heap Buffer Overflow (more info ...) | attempted-admin | 2008-4801 | |||
| 20251 | SERVER-OTHER PointBase 4.6 database DoS (more info ...) | attempted-dos | 2003-1573 | |||
| 20252 | MALWARE-CNC DroidKungFu check-in (more info ...) | trojan-activity | URL | |||
| 20269 | FILE-IDENTIFY FON font file download request (more info ...) | misc-activity | 2011-2003 | URL | ||
| 20276 | INDICATOR-OBFUSCATION standard ASCII encoded with UTF-8 possible evasion detected (more info ...) | policy-violation | URL | |||
| 20280 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20281 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20282 | FILE-IDENTIFY S3M file download request (more info ...) | misc-activity | URL | |||
| 20287 | FILE-IDENTIFY QCP file download request (more info ...) | misc-activity | URL | |||
| 20289 | MALWARE-CNC Win.Trojan.Doschald.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20290 | MALWARE-CNC Win.Trojan.Doschald.A inbound connection (more info ...) | trojan-activity | URL | |||
| 20291 | MALWARE-CNC Win.Trojan.Mybios.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20292 | MALWARE-CNC Win.Trojan.FresctSpy.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20293 | MALWARE-CNC User-Agent known malicious user-agent string MBVDFRESCT (more info ...) | trojan-activity | URL | |||
| 20295 | FILE-IMAGE Public LibTiff Exploit (more info ...) | attempted-user | 2006-3459 | |||
| 20300 | PROTOCOL-VOIP SIP URI type overflow attempt (more info ...) | attempted-user | URL | |||
| 20301 | PROTOCOL-VOIP TEL URI type overflow attempt (more info ...) | attempted-user | URL | |||
| 20302 | PROTOCOL-VOIP SIP URI multiple at signs in message (more info ...) | misc-activity | URL | |||
| 20305 | PROTOCOL-VOIP CSeq header format string attempt (more info ...) | attempted-dos | URL | |||
| 20306 | PROTOCOL-VOIP CSeq header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20308 | PROTOCOL-VOIP CSeq header method mismatch attempt (more info ...) | attempted-dos | URL | |||
| 20311 | PROTOCOL-VOIP Max-Forwards value over 70 (more info ...) | misc-activity | URL | |||
| 20312 | PROTOCOL-VOIP Max-Forwards header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20313 | PROTOCOL-VOIP Via header missing SIP field (more info ...) | misc-activity | URL | |||
| 20314 | PROTOCOL-VOIP Via header format string attempt (more info ...) | attempted-dos | URL | |||
| 20315 | PROTOCOL-VOIP Via header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20316 | PROTOCOL-VOIP Via header invalid separators (more info ...) | attempted-dos | URL | |||
| 20317 | PROTOCOL-VOIP Via header invalid seperators (more info ...) | attempted-dos | URL | |||
| 20318 | PROTOCOL-VOIP From header format string attempt (more info ...) | attempted-dos | URL | |||
| 20319 | PROTOCOL-VOIP From header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20320 | PROTOCOL-VOIP From header XSS injection attempt (more info ...) | misc-attack | ||||
| 20321 | PROTOCOL-VOIP From header XSS injection attempt (more info ...) | misc-attack | ||||
| 20323 | PROTOCOL-VOIP From header format string attempt (more info ...) | attempted-dos | URL | |||
| 20324 | PROTOCOL-VOIP From header whitespace in field attempt (more info ...) | attempted-dos | URL | |||
| 20325 | PROTOCOL-VOIP From header whitespace in field attempt (more info ...) | attempted-dos | URL | |||
| 20326 | PROTOCOL-VOIP From header unquoted tokens in field attempt (more info ...) | attempted-dos | URL | |||
| 20327 | PROTOCOL-VOIP From header unquoted tokens in field attempt (more info ...) | attempted-dos | URL | |||
| 20328 | PROTOCOL-VOIP From header missing terminating quote (more info ...) | attempted-dos | URL | |||
| 20329 | PROTOCOL-VOIP From header missing terminating quote (more info ...) | attempted-dos | URL | |||
| 20332 | PROTOCOL-VOIP To header contains recursive URL-encoded data (more info ...) | attempted-dos | URL | |||
| 20333 | PROTOCOL-VOIP To header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20334 | PROTOCOL-VOIP To header XSS injection attempt (more info ...) | misc-attack | ||||
| 20335 | PROTOCOL-VOIP To header XSS injection attempt (more info ...) | misc-attack | ||||
| 20336 | PROTOCOL-VOIP To header format string attempt (more info ...) | attempted-dos | URL | |||
| 20337 | PROTOCOL-VOIP To header format string attempt (more info ...) | attempted-dos | URL | |||
| 20338 | PROTOCOL-VOIP To header whitespace in field attempt (more info ...) | attempted-dos | URL | |||
| 20339 | PROTOCOL-VOIP To header whitespace in field attempt (more info ...) | attempted-dos | URL | |||
| 20340 | PROTOCOL-VOIP To header unquoted tokens in field attempt (more info ...) | attempted-dos | URL | |||
| 20341 | PROTOCOL-VOIP To header unquoted tokens in field attempt (more info ...) | attempted-dos | URL | |||
| 20342 | PROTOCOL-VOIP To header invalid seperators (more info ...) | attempted-dos | URL | |||
| 20343 | PROTOCOL-VOIP To header invalid seperators (more info ...) | attempted-dos | URL | |||
| 20344 | PROTOCOL-VOIP To header missing terminating quote (more info ...) | attempted-dos | URL | |||
| 20345 | PROTOCOL-VOIP To header missing terminating quote (more info ...) | attempted-dos | URL | |||
| 20348 | PROTOCOL-VOIP Subject header XSS injection attempt (more info ...) | misc-attack | ||||
| 20349 | PROTOCOL-VOIP Subject header XSS injection attempt (more info ...) | misc-attack | ||||
| 20350 | PROTOCOL-VOIP Subject header format string attempt (more info ...) | attempted-dos | URL | |||
| 20351 | PROTOCOL-VOIP Subject header format string attempt (more info ...) | attempted-dos | URL | |||
| 20352 | PROTOCOL-VOIP Expires header overflow attempt (more info ...) | attempted-user | URL | |||
| 20353 | PROTOCOL-VOIP Expires header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20354 | PROTOCOL-VOIP Call-ID header format string attempt (more info ...) | attempted-dos | URL | |||
| 20355 | PROTOCOL-VOIP Call-ID header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20356 | PROTOCOL-VOIP Call-ID header XSS injection attempt (more info ...) | misc-attack | ||||
| 20357 | PROTOCOL-VOIP Call-ID header XSS injection attempt (more info ...) | misc-attack | ||||
| 20358 | PROTOCOL-VOIP Call-ID header format string attempt (more info ...) | attempted-dos | URL | |||
| 20359 | PROTOCOL-VOIP Call-ID header format string attempt (more info ...) | attempted-dos | URL | |||
| 20360 | PROTOCOL-VOIP Call-ID header invalid seperators (more info ...) | attempted-dos | URL | |||
| 20361 | PROTOCOL-VOIP Call-ID header invalid seperators (more info ...) | attempted-dos | URL | |||
| 20364 | PROTOCOL-VOIP Contact header format string attempt (more info ...) | attempted-dos | URL | |||
| 20365 | PROTOCOL-VOIP Contact header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20366 | PROTOCOL-VOIP Contact header XSS injection attempt (more info ...) | misc-attack | ||||
| 20367 | PROTOCOL-VOIP Contact header XSS injection attempt (more info ...) | misc-attack | ||||
| 20370 | PROTOCOL-VOIP Contact header whitespace in field attempt (more info ...) | attempted-dos | URL | |||
| 20371 | PROTOCOL-VOIP Contact header whitespace in field attempt (more info ...) | attempted-dos | URL | |||
| 20373 | PROTOCOL-VOIP Contact header unquoted tokens in field attempt (more info ...) | attempted-dos | URL | |||
| 20374 | PROTOCOL-VOIP Contact header missing terminating quote (more info ...) | attempted-dos | URL | |||
| 20375 | PROTOCOL-VOIP Contact header missing terminating quote (more info ...) | attempted-dos | URL | |||
| 20376 | PROTOCOL-VOIP Content-Type header format string attempt (more info ...) | attempted-dos | URL | |||
| 20377 | PROTOCOL-VOIP Content-Type header invalid characters detected (more info ...) | attempted-dos | URL | |||
| 20378 | PROTOCOL-VOIP Date header invalid characters detected (more info ...) | misc-activity | URL | |||
| 20379 | PROTOCOL-VOIP Date header invalid characters detected (more info ...) | misc-activity | URL | |||
| 20380 | PROTOCOL-VOIP Authorization header invalid characters in response parameter (more info ...) | attempted-user | URL | |||
| 20381 | PROTOCOL-VOIP Remote-Party-ID header hexadecimal characters in IP address field (more info ...) | attempted-admin | 2007-1542 | 23047 | URL | |
| 20382 | PROTOCOL-VOIP Media header port field invalid value (more info ...) | attempted-user | URL | |||
| 20383 | PROTOCOL-VOIP Time header contains negative value (more info ...) | attempted-user | URL | |||
| 20384 | PROTOCOL-VOIP Time header contains long value (more info ...) | attempted-user | URL | |||
| 20385 | PROTOCOL-VOIP Version header overflow attempt (more info ...) | attempted-dos | URL | |||
| 20386 | PROTOCOL-VOIP Connection header invalid value (more info ...) | attempted-dos | URL | |||
| 20387 | PROTOCOL-VOIP T.38 fax rate management attribute buffer overflow attempt (more info ...) | attempted-admin | 2007-2293 | 23648 | ||
| 20388 | PROTOCOL-VOIP T.38 fax EC attribute buffer overflow attempt (more info ...) | attempted-admin | 2007-2293 | 23648 | ||
| 20389 | PROTOCOL-VOIP Attribute header buffer overflow attempt (more info ...) | attempted-user | 2006-0189 | 16213 | URL | |
| 20390 | PROTOCOL-VOIP Attribute header rtpmap field invalid payload type (more info ...) | attempted-user | 2008-1289 | 28308 | URL | |
| 20424 | PROTOCOL-VOIP Sivus scanner detected (more info ...) | network-scan | URL | |||
| 20428 | MALWARE-CNC Win.Trojan.Zewit.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20431 | FILE-OTHER Wireshark DECT packet dissector overflow attempt (more info ...) | attempted-user | 2011-1591 | 47392 | ||
| 20432 | MALWARE-CNC Win.Trojan.Hiloti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20433 | PUA-ADWARE XP Guardian 2010 anutayadokalug host outbound connection (more info ...) | trojan-activity | URL | |||
| 20434 | PUA-ADWARE XP Guardian 2010 proantivirus21 host runtime traffic detection (more info ...) | trojan-activity | URL | |||
| 20435 | MALWARE-CNC TrojanSpy Win.Trojan.Zbot.Svr runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20436 | MALWARE-TOOLS THC SSL renegotiation DOS attempt (more info ...) | attempted-dos | 2011-5094 | URL | ||
| 20437 | MALWARE-TOOLS THC SSL renegotiation DOS attempt (more info ...) | attempted-dos | 2011-5094 | URL | ||
| 20438 | MALWARE-TOOLS THC SSL renegotiation DOS attempt (more info ...) | attempted-dos | 2011-5094 | URL | ||
| 20439 | MALWARE-TOOLS THC SSL renegotiation DOS attempt (more info ...) | attempted-dos | 2011-5094 | URL | ||
| 20440 | SERVER-OTHER CA BrightStor cheyenneds mailslot overflow (more info ...) | attempted-admin | 2006-5142 | 20364 | ||
| 20441 | SERVER-OTHER CA BrightStor cheyenneds mailslot overflow (more info ...) | attempted-admin | 2006-5142 | 20364 | ||
| 20442 | SERVER-OTHER CA BrightStor cheyenneds mailslot overflow (more info ...) | attempted-admin | 2006-5142 | 20364 | ||
| 20443 | APP-DETECT Apple OSX Remote Mouse usage (more info ...) | policy-violation | URL | |||
| 20445 | FILE-PDF Foxit Reader title overflow attempt (more info ...) | attempted-user | 43785 | |||
| 20446 | SERVER-WEBAPP DiskPulseServer GetServerInfo request buffer overflow (more info ...) | attempted-user | 43919 | |||
| 20447 | MALWARE-CNC Win.Trojan.Agent.JAAK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20448 | MALWARE-CNC Win.Trojan.Meciv.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20449 | MALWARE-CNC Win.Worm.Busifom.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20456 | FILE-IDENTIFY RealNetworks Real Media file magic detected (more info ...) | misc-activity | ||||
| 20460 | FILE-IDENTIFY MP3 file magic detected (more info ...) | misc-activity | ||||
| 20475 | FILE-IDENTIFY ARJ file magic detected (more info ...) | misc-activity | ||||
| 20481 | FILE-IDENTIFY MP3 file magic detected (more info ...) | misc-activity | ||||
| 20514 | FILE-IDENTIFY dmg file magic detected (more info ...) | misc-activity | ||||
| 20518 | FILE-IDENTIFY rmf file download request (more info ...) | misc-activity | ||||
| 20521 | FILE-IDENTIFY Flac file magic detected (more info ...) | misc-activity | URL | |||
| 20522 | FILE-IDENTIFY VideoLAN VLC file magic detected (more info ...) | misc-activity | URL | |||
| 20525 | MALWARE-CNC Win.Trojan.Duqu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20527 | MALWARE-CNC Sirefef initial C&C connection variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20530 | SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (more info ...) | attempted-recon | 2011-1736 | |||
| 20531 | SERVER-WEBAPP HP OpenView Storage Data Protector directory traversal attempt (more info ...) | attempted-recon | 2011-1736 | |||
| 20546 | SERVER-OTHER BakBone NetVault client heap overflow attempt (more info ...) | attempted-admin | 2005-1009 | 12967 | ||
| 20552 | SERVER-MAIL Mercury Mail Transport System buffer overflow attempt (more info ...) | attempted-user | 2005-4411 | 16396 | ||
| 20553 | FILE-MULTIMEDIA Un4seen Developments XMPlay crafted ASX file buffer overflow attempt (more info ...) | attempted-user | 2006-6063 | 21206 | ||
| 20561 | MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20562 | MALWARE-CNC Win.Trojan.PWSBanker.SHE variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20563 | FILE-IDENTIFY amf file download request (more info ...) | misc-activity | ||||
| 20564 | FILE-IDENTIFY amf file magic detected (more info ...) | misc-activity | ||||
| 20569 | MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20570 | MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20571 | MALWARE-CNC Win.Trojan.Small.kb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20578 | SERVER-MAIL Qualcomm Eudora url buffer overflow attempt (more info ...) | attempted-user | 2002-1770 | 10298 | ||
| 20587 | MALWARE-CNC Win.Trojan.Larchik.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20588 | FILE-IDENTIFY CDR file download request (more info ...) | misc-activity | URL | |||
| 20589 | FILE-IDENTIFY CDR file magic detected (more info ...) | misc-activity | URL | |||
| 20594 | SERVER-ORACLE Outside In CorelDRAW file parser integer overflow attempt (more info ...) | attempted-admin | 2011-3541 | URL | ||
| 20595 | MALWARE-CNC Win.Trojan.Ixeshe.F variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20596 | MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20597 | MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20598 | MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20599 | MALWARE-CNC Win.Trojan.Smoaler.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20601 | PROTOCOL-SERVICES rlogin nobody (more info ...) | attempted-user | ||||
| 20602 | PROTOCOL-SERVICES rlogin guest (more info ...) | attempted-user | ||||
| 20604 | MALWARE-CNC Win.Trojan.Buzus.isqy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20605 | MALWARE-CNC Win.Trojan.R2d2.A contact to cnc server (more info ...) | trojan-activity | URL | |||
| 20606 | MALWARE-CNC Win.Trojan.Domsingx.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20609 | SERVER-OTHER Sunway ForceControl SNMP NetDBServer stack buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 20616 | SERVER-OTHER Peercast Basic HTTP authentication buffer overflow attempt (more info ...) | attempted-user | 2008-2040 | URL | ||
| 20617 | SERVER-WEBAPP Sage SalesLogix admin authentication bypass attempt (more info ...) | attempted-admin | 2004-1612 | 11450 | ||
| 20618 | SERVER-OTHER Sage SalesLogix database credential disclosure attempt (more info ...) | attempted-admin | 2004-1612 | 11450 | URL | |
| 20619 | SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (more info ...) | attempted-user | 2007-4060 | 25120 | URL | |
| 20620 | SERVER-WEBAPP CoreHTTP Long buffer overflow attempt (more info ...) | attempted-user | 2007-4060 | 25120 | URL | |
| 20626 | MALWARE-CNC Win.Trojan.Shylock.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20627 | MALWARE-CNC Win.Trojan.Shylock.A C&C server response (more info ...) | trojan-activity | URL | |||
| 20630 | MALWARE-CNC Win.Trojan.Winnti.A contact to cnc server (more info ...) | trojan-activity | URL | |||
| 20638 | PROTOCOL-SCADA Progea Movicon/PowerHMI EIDP over HTTP memory corruption attempt (more info ...) | attempted-admin | 2011-3499 | 49605 | ||
| 20639 | MALWARE-CNC Malware Win.Trojan.Higest.N variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20655 | PUA-OTHER Yahoo Messenger iframe injection status change attempt (more info ...) | web-application-activity | URL | |||
| 20661 | MALWARE-CNC Simbda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20662 | SERVER-OTHER Dameware Mini Remote Control username buffer overflow (more info ...) | attempted-admin | 2005-2842 | 14707 | ||
| 20668 | EXPLOIT-KIT URI request for known malicious URI - /content/v1.jar (more info ...) | trojan-activity | URL | |||
| 20670 | PROTOCOL-VOIP Digium Asterisk data length field overflow attempt (more info ...) | attempted-user | 2006-5444 | 20617 | URL | |
| 20673 | FILE-MULTIMEDIA invalid VLC media player SMB URI download attempt (more info ...) | misc-attack | URL | |||
| 20674 | SERVER-WEBAPP Sourceforge Gallery search engine cross-site scripting attempt (more info ...) | attempted-admin | 2003-0614 | URL | ||
| 20676 | MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20677 | MALWARE-CNC Win.Trojan.EggDrop.acn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20678 | MALWARE-CNC Trojan-Downloader.Win32.Genome.aior variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20679 | MALWARE-CNC Win.Trojan.Syrutrk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20681 | MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20682 | MALWARE-CNC Trojan-Downloader.Win32.Agent.NMS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20683 | MALWARE-CNC Cleanvaccine variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20684 | MALWARE-CNC Cleanvaccine variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20685 | MALWARE-CNC Win.Trojan.Heloag.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20686 | MALWARE-CNC Win.Trojan.Virut.BM connect to client (more info ...) | trojan-activity | URL | |||
| 20687 | MALWARE-CNC Trojan-Downloader.Win32.Genome.akhg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20688 | MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20689 | MALWARE-CNC Trojan-Spy.Win32.Zbot.Jeib variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20690 | SERVER-OTHER Quest NetVault SmartDisk libnvbasics.dll denial of service attempt (more info ...) | denial-of-service | 48029 | URL | ||
| 20693 | MALWARE-CNC Win.Trojan.Blackcontrol.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20694 | MALWARE-CNC Win.Trojan.SSonce.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20695 | MALWARE-CNC Win.Trojan.Banker.GZW connect to cnc server (more info ...) | trojan-activity | URL | |||
| 20696 | MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (more info ...) | trojan-activity | URL | |||
| 20697 | MALWARE-CNC Win.Trojan.Ransom.CK connect to cnc server (more info ...) | trojan-activity | URL | |||
| 20698 | FILE-OTHER Telnet protocol specifier command injection attempt (more info ...) | attempted-user | 2004-0473 | 10358 | ||
| 20726 | SERVER-WEBAPP F-Secure web console username overflow attempt (more info ...) | attempted-admin | 2006-2838 | 18201 | ||
| 20737 | SERVER-WEBAPP 427BB cookie-based authentication bypass attempt (more info ...) | attempted-admin | 2006-0153 | |||
| 20738 | SERVER-OTHER Check Point vpn-1 ISAKMP buffer overflow attempt (more info ...) | attempted-user | 2004-0040 | |||
| 20743 | BROWSER-OTHER Multiple web browser window injection attempt (more info ...) | misc-attack | 2004-1155 | |||
| 20745 | SERVER-OTHER Ethereal Netflow dissector buffer overflow attempt (more info ...) | attempted-admin | 2004-0176 | 9952 | URL | |
| 20748 | SERVER-OTHER Yahoo Messenger possible file transfer spoofing (more info ...) | attempted-user | 2005-0243 | |||
| 20749 | SERVER-OTHER EMC Retrospect client crafted packet buffer overflow attempt (more info ...) | attempted-admin | 2006-2391 | 17948 | ||
| 20750 | FILE-IDENTIFY webm file magic detected (more info ...) | misc-activity | ||||
| 20751 | FILE-IDENTIFY webm file download request (more info ...) | misc-activity | ||||
| 20752 | PUA-ADWARE Win32.GameVance outbound connection (more info ...) | trojan-activity | URL | |||
| 20753 | PUA-ADWARE Win32.GamePlayLabs outbound connection (more info ...) | trojan-activity | URL | |||
| 20754 | MALWARE-CNC Win.Trojan.Virut-3 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20755 | MALWARE-CNC Win.Trojan.Krap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20758 | POLICY-OTHER Progrea Movicon TCPUploadServer.exe unauthenticated access attempt (more info ...) | attempted-admin | 2011-2963 | 46907 | ||
| 20759 | MALWARE-CNC Win.Trojan.Gbot.oce variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20763 | MALWARE-CNC Win.Trojan.Spyeye-206 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20764 | SERVER-WEBAPP SyBase MBusiness xml closing tag overflow attempt (more info ...) | attempted-user | 47775 | |||
| 20800 | FILE-IDENTIFY MIME file type file attachment detected (more info ...) | misc-activity | ||||
| 20801 | FILE-IDENTIFY MIME file type file attachment detected (more info ...) | misc-activity | ||||
| 20819 | SERVER-WEBAPP ACal Calendar Project cookie based authentication bypass attempt (more info ...) | attempted-user | 2006-0182 | |||
| 20824 | OS-WINDOWS generic web server hashing collision attack (more info ...) | attempted-dos | 2011-3414 | URL | ||
| 20825 | SERVER-WEBAPP generic web server hashing collision attack (more info ...) | attempted-dos | 2011-5037 | URL | ||
| 20826 | SERVER-WEBAPP OABoard forum script remote file injection attempt (more info ...) | attempted-user | 2006-0076 | 16105 | ||
| 20830 | MALWARE-CNC Win.Trojan.Banbra.amdu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20836 | MALWARE-CNC Win.Trojan.Zusy.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20837 | MALWARE-CNC Win.Trojan.Mecklow.C runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20838 | MALWARE-CNC Win.Trojan.Smokebot.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20844 | MALWARE-CNC Win.Trojan.Banker.smxy runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20845 | SERVER-WEBAPP HP Network Node Manager cross site scripting attempt (more info ...) | web-application-attack | 2011-4155 | URL | ||
| 20848 | FILE-IDENTIFY MAKI file attachment detected (more info ...) | misc-activity | ||||
| 20849 | FILE-IDENTIFY MAKI file attachment detected (more info ...) | misc-activity | ||||
| 20852 | FILE-IDENTIFY DAZ Studio script download request (more info ...) | misc-activity | ||||
| 20853 | FILE-OTHER DAZ Studio dangerous scripting method attempt (more info ...) | attempted-user | 2009-4148 | 37176 | ||
| 20859 | FILE-IDENTIFY Autodesk Maya embedded language script download request (more info ...) | misc-activity | ||||
| 20860 | FILE-IDENTIFY Autodesk Maya file magic detected (more info ...) | misc-activity | ||||
| 20861 | FILE-OTHER Autodesk Maya dangerous scripting method attempt (more info ...) | attempted-user | 2009-3578 | 36636 | ||
| 20862 | SERVER-WEBAPP Jive Software Openfire logviewer.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20863 | SERVER-WEBAPP Jive Software Openfire log.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20864 | SERVER-WEBAPP Jive Software Openfire group-summary.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20865 | SERVER-WEBAPP Jive Software Openfire user-properties.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20866 | SERVER-WEBAPP Jive Software Openfire audit-policy.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20867 | SERVER-WEBAPP Jive Software Openfire server-properties.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20868 | SERVER-WEBAPP Jive Software Openfire muc-room-edit-form.jsp XSS attempt (more info ...) | web-application-attack | 2009-0496 | 32935 | ||
| 20869 | FILE-IDENTIFY Autodesk 3D Studio Maxscript download request (more info ...) | misc-activity | ||||
| 20870 | FILE-OTHER Autodesk 3D Studio Maxscript dangerous scripting method attempt (more info ...) | attempted-user | 2009-3577 | 36634 | ||
| 20871 | SERVER-WEBAPP Worldweaver DX Studio Player shell.execute command execution attempt (more info ...) | attempted-user | 2009-2011 | 35273 | ||
| 20872 | SERVER-WEBAPP Worldweaver DX Studio Player shell.execute command execution attempt (more info ...) | attempted-user | 2009-2011 | 35273 | ||
| 20873 | POLICY-OTHER TRACE attempt (more info ...) | web-application-attack | 2011-1511 | 47818 | ||
| 20876 | SERVER-OTHER IBM solidDB solid.exe authentication bypass attempt (more info ...) | attempted-user | 47137 | URL | ||
| 20877 | MALWARE-CNC RunTime Worm.Win32.Warezov.gs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20888 | FILE-IDENTIFY Video Spirit visprj download attempt (more info ...) | misc-activity | ||||
| 20889 | FILE-OTHER Video Spirit visprj buffer overflow (more info ...) | attempted-user | 2011-0499 | |||
| 20890 | MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20891 | MALWARE-CNC Win.Trojan.VB.adbp runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20892 | MALWARE-CNC Worm.Win32.Skopvel.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 20893 | FILE-IDENTIFY Video Spirit file attachment detected (more info ...) | misc-activity | ||||
| 20894 | FILE-IDENTIFY Video Spirit file attachment detected (more info ...) | misc-activity | ||||
| 20895 | FILE-IDENTIFY AutoDesk 3D Studio Maxscript file attachment detected (more info ...) | misc-activity | ||||
| 20896 | FILE-IDENTIFY AutoDesk 3D Studio Maxscript file attachment detected (more info ...) | misc-activity | ||||
| 20905 | FILE-IDENTIFY X PixMap file attachment detected (more info ...) | misc-activity | ||||
| 20906 | FILE-IDENTIFY X PixMap file attachment detected (more info ...) | misc-activity | ||||
| 20913 | FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (more info ...) | misc-activity | ||||
| 20914 | FILE-IDENTIFY XML Shareable Playlist Format file attachment detected (more info ...) | misc-activity | ||||
| 20917 | FILE-IDENTIFY BAK file attachment detected (more info ...) | misc-activity | ||||
| 20918 | FILE-IDENTIFY BAK file attachment detected (more info ...) | misc-activity | ||||
| 20924 | FILE-IDENTIFY PLS file magic detected (more info ...) | misc-activity | ||||
| 20927 | MALWARE-CNC Win.Trojan.Spyeye-207 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 20928 | FILE-IDENTIFY SMIL file magic detected (more info ...) | misc-activity | URL | |||
| 20929 | FILE-IDENTIFY MKV file attachment detected (more info ...) | misc-activity | ||||
| 20930 | FILE-IDENTIFY MKV file attachment detected (more info ...) | misc-activity | ||||
| 20931 | FILE-IDENTIFY MKS file attachment detected (more info ...) | misc-activity | ||||
| 20932 | FILE-IDENTIFY MKS file attachment detected (more info ...) | misc-activity | ||||
| 20933 | FILE-IDENTIFY MKA file attachment detected (more info ...) | misc-activity | ||||
| 20934 | FILE-IDENTIFY MKA file attachment detected (more info ...) | misc-activity | ||||
| 20935 | FILE-IDENTIFY QCP file attachment detected (more info ...) | misc-activity | ||||
| 20936 | FILE-IDENTIFY QCP file attachment detected (more info ...) | misc-activity | ||||
| 20960 | FILE-IDENTIFY Flac file download request (more info ...) | misc-activity | URL | |||
| 20964 | FILE-IDENTIFY SAMI file download request (more info ...) | misc-activity | URL | |||
| 20968 | FILE-IDENTIFY Apple disk image file download request (more info ...) | misc-activity | URL | |||
| 20988 | MALWARE-CNC User-Agent known malicious user-agent string ZmEu - vulnerability scanner (more info ...) | network-scan | URL | |||
| 20989 | INDICATOR-SHELLCODE x86 OS agnostic single_static_bit encoder (more info ...) | shellcode-detect | ||||
| 20990 | INDICATOR-SHELLCODE x86 OS agnostic avoid_utf8_tolower encoder (more info ...) | shellcode-detect | ||||
| 20992 | FILE-IDENTIFY SAMI file magic detected (more info ...) | misc-activity | ||||
| 20997 | BROWSER-WEBKIT Apple Webkit Display box rendering corruption attempt (more info ...) | attempted-user | 2011-2818 | 48960 | ||
| 21003 | MALWARE-CNC Cute Pack cute-ie.html request (more info ...) | trojan-activity | 2010-0806 | URL | ||
| 21004 | MALWARE-CNC Cute Pack cute-ie.html landing page (more info ...) | trojan-activity | 2010-0806 | URL | ||
| 21005 | MALWARE-CNC Yang Pack yg.htm download request (more info ...) | trojan-activity | URL | |||
| 21006 | MALWARE-CNC Yang Pack yg.htm landing page (more info ...) | trojan-activity | 2011-3544 | URL | ||
| 21012 | FILE-IDENTIFY Cytel Studio cy3 file download request (more info ...) | misc-activity | ||||
| 21013 | FILE-IDENTIFY Cytel Studio cy3 file attachment detected (more info ...) | misc-activity | ||||
| 21014 | FILE-IDENTIFY Cytel Studio cy3 file attachment detected (more info ...) | misc-activity | ||||
| 21015 | FILE-IDENTIFY cy3 Cytel Studio file magic detected (more info ...) | misc-activity | ||||
| 21016 | FILE-IDENTIFY Cytel Studio cyb file attachment detected (more info ...) | misc-activity | ||||
| 21017 | FILE-IDENTIFY cyb Cytel Studio file attachment detected (more info ...) | misc-activity | ||||
| 21018 | FILE-IDENTIFY cyb Cytel Studio file download request (more info ...) | misc-activity | ||||
| 21019 | FILE-OTHER Cytel Studio string stack overflow attempt (more info ...) | attempted-user | 49924 | URL | ||
| 21020 | FILE-OTHER Cytel Studio row overflow attempt (more info ...) | attempted-user | 49924 | URL | ||
| 21021 | FILE-OTHER Cytel Studio USE command overflow attempt (more info ...) | attempted-user | 49924 | URL | ||
| 21028 | MALWARE-CNC Win.Trojan.Usinec connect to server (more info ...) | trojan-activity | URL | |||
| 21038 | INDICATOR-OBFUSCATION String.fromCharCode with multiple encoding types detected (more info ...) | policy-violation | URL | |||
| 21047 | MALWARE-CNC known malicious SSL certificate - Sykipot C&C (more info ...) | trojan-activity | URL | |||
| 21050 | SERVER-OTHER HP Diagnostics Server magentservice.exe stack overflow attempt (more info ...) | attempted-admin | 2011-4789 | 51398 | ||
| 21051 | SERVER-WEBAPP Apple OSX software update command execution attempt (more info ...) | attempted-admin | 2007-5863 | |||
| 21052 | FILE-IDENTIFY UltraISO CUE file download request (more info ...) | misc-activity | ||||
| 21053 | FILE-IDENTIFY UltraISO CUE file attachment detected (more info ...) | misc-activity | ||||
| 21054 | FILE-IDENTIFY UltraISO CUE file attachment detected (more info ...) | misc-activity | ||||
| 21055 | MALWARE-CNC Win.Trojan.Utka.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21058 | MALWARE-CNC Win.Trojan.AutoIt.pm runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21060 | SERVER-WEBAPP Symantec IM Manager Administrator console site injection attempt (more info ...) | attempted-user | 2011-0554 | |||
| 21061 | FILE-IDENTIFY AVI file attachment detected (more info ...) | misc-activity | ||||
| 21062 | FILE-IDENTIFY AVI file attachment detected (more info ...) | misc-activity | ||||
| 21065 | SERVER-WEBAPP Symantec IM Manager Edituser cross site scripting attempt (more info ...) | attempted-user | 2011-0552 | 49739 | ||
| 21066 | SERVER-WEBAPP Symantec IM Manager Systemdashboard cross site scripting attempt (more info ...) | attempted-user | 2011-0552 | 49739 | ||
| 21067 | SERVER-WEBAPP Symantec IM Manager TOC_simple cross site scripting attempt (more info ...) | attempted-user | 2011-0552 | 49739 | ||
| 21079 | PROTOCOL-SCADA Siemens SIMATIC HMI Administrator cookie detected (more info ...) | policy-violation | 2011-4508 | URL | ||
| 21087 | MALWARE-CNC Bindow.Worm runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21093 | FILE-MULTIMEDIA A-PDF Wav to mp3 converter buffer overfow (more info ...) | attempted-user | ||||
| 21095 | FILE-PDF Foxit Reader malicious pdf file write access (more info ...) | attempted-user | URL | |||
| 21105 | SERVER-OTHER Avaya WinPDM Unite host router buffer overflow attempt (more info ...) | attempted-user | 47947 | |||
| 21107 | FILE-MULTIMEDIA MJM Quickplayer s3m buffer overflow (more info ...) | attempted-user | ||||
| 21117 | INDICATOR-COMPROMISE WSO web shell (more info ...) | trojan-activity | URL | |||
| 21118 | INDICATOR-COMPROMISE WSO web shell security information display (more info ...) | trojan-activity | URL | |||
| 21119 | INDICATOR-COMPROMISE WSO web shell interactive file system information display (more info ...) | trojan-activity | URL | |||
| 21120 | INDICATOR-COMPROMISE WSO web shell interactive console display (more info ...) | trojan-activity | URL | |||
| 21122 | MALWARE-CNC Win.Trojan.Bandok.zp runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21123 | MALWARE-CNC Win.Trojan.Flymux.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21124 | MALWARE-CNC Win.Trojan.Opachki.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21125 | MALWARE-CNC Win.Trojan.Alureon.DG runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21126 | MALWARE-CNC Win.Trojan.Koutodoor.C runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21127 | MALWARE-CNC Win.Trojan.Setfic.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21128 | MALWARE-CNC Win.Trojan.Dromedan.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21129 | INDICATOR-COMPROMISE Mulcishell web shell (more info ...) | trojan-activity | URL | |||
| 21130 | INDICATOR-COMPROMISE Mulcishell web shell enumeration page (more info ...) | trojan-activity | URL | |||
| 21131 | INDICATOR-COMPROMISE Mulcishell web shell domain lookup page (more info ...) | trojan-activity | URL | |||
| 21133 | INDICATOR-COMPROMISE Mulcishell web shell encoder page (more info ...) | trojan-activity | URL | |||
| 21134 | INDICATOR-COMPROMISE Mulcishell web shell security information page (more info ...) | trojan-activity | URL | |||
| 21136 | INDICATOR-COMPROMISE Mulcishell web shell security bypass page (more info ...) | trojan-activity | URL | |||
| 21137 | INDICATOR-COMPROMISE Mulcishell web shell tools page (more info ...) | trojan-activity | URL | |||
| 21138 | INDICATOR-COMPROMISE Mulcishell web shell database parsing page (more info ...) | trojan-activity | URL | |||
| 21139 | INDICATOR-COMPROMISE Mulcishell web shell spread shell page (more info ...) | trojan-activity | URL | |||
| 21140 | INDICATOR-COMPROMISE Mulcishell web shell kill shell page (more info ...) | trojan-activity | URL | |||
| 21142 | MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21143 | MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21144 | MALWARE-CNC Win.Trojan.Zbot.PKJ runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21145 | MALWARE-CNC Win.Trojan.Neraweq.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21146 | PROTOCOL-SCADA Sunway ForceControl SNMP NetDBServer integer signedness buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 21147 | PROTOCOL-SCADA Sunway ForceControl SNMP NetDBServer integer signedness buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 21148 | PROTOCOL-SCADA Sunway ForceControl SNMP NetDBServer integer signedness buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 21149 | PROTOCOL-SCADA Sunway ForceControl SNMP NetDBServer integer signedness buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 21150 | PROTOCOL-VOIP Grandstream networks denial of service (more info ...) | attempted-dos | 2007-4498 | 25399 | ||
| 21151 | MALWARE-CNC Win.Trojan.Stegae.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21152 | FILE-IDENTIFY S3M file attachment detected (more info ...) | misc-activity | ||||
| 21153 | FILE-IDENTIFY S3M file attachment detected (more info ...) | misc-activity | ||||
| 21164 | SERVER-SAMBA Samba username map script command injection attempt (more info ...) | attempted-admin | 2007-2447 | URL | ||
| 21169 | PUA-ADWARE Apperhand SDK advertising data request - Counterclank (more info ...) | misc-activity | URL | |||
| 21171 | APP-DETECT Thunder p2p application activity detection (more info ...) | policy-violation | URL | |||
| 21172 | APP-DETECT Thunder p2p application activity detection (more info ...) | policy-violation | URL | |||
| 21173 | FILE-EXECUTABLE APP-CONTROL Thunder p2p application download detection (more info ...) | policy-violation | URL | |||
| 21175 | MALWARE-CNC User-Agent known malicious user-agent string Win32 Amti (more info ...) | trojan-activity | URL | |||
| 21176 | PUA-ADWARE Win32.WindowsOptimizationAndSecurity outbound connection (more info ...) | trojan-activity | URL | |||
| 21177 | MALWARE-CNC Win.Trojan.Ganipin.A inbound connection (more info ...) | trojan-activity | URL | |||
| 21178 | MALWARE-CNC Win.Trojan.Downloader Win.Trojan.Chekafe.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21179 | MALWARE-CNC Win.Trojan.Coofus.RFM variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21180 | MALWARE-CNC Worm.Win32.Magania.clfv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21181 | MALWARE-CNC Win.Trojan.Agent.czgu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21182 | MALWARE-CNC Win.Trojan.MeSub.ac variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21183 | MALWARE-CNC Win.Trojan.Agent.alfu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21184 | PUA-ADWARE Internet Security 2010 outbound connection (more info ...) | trojan-activity | URL | |||
| 21185 | MALWARE-CNC Worm.Win32.Kufgal.A inbound connection (more info ...) | trojan-activity | URL | |||
| 21186 | SERVER-ORACLE MDSYS drop table trigger injection attempt (more info ...) | attempted-admin | 2008-3979 | 33177 | ||
| 21187 | MALWARE-CNC Win.Trojan.Xlahlah.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21188 | MALWARE-CNC User-Agent known malicious user-agent string API Guide test program (more info ...) | trojan-activity | URL | |||
| 21192 | MALWARE-CNC Win.Trojan.Syswrt.dvd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21193 | MALWARE-CNC Win.Trojan.Dalbot.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21194 | MALWARE-CNC Win.Trojan.Wealwedst.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21195 | MALWARE-CNC Win.Trojan.Protux.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21196 | MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21197 | MALWARE-CNC Win.Trojan.Caphaw.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21198 | MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21199 | MALWARE-CNC Win.Trojan.Qinubot.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21200 | MALWARE-CNC Win.Trojan.Yakes.cmu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21201 | MALWARE-CNC Win.Trojan.Yakes.cmu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21202 | MALWARE-CNC Win.Trojan.Scapzilla.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21203 | MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21204 | MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21205 | MALWARE-CNC Virus Win.Trojan.Induc.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21206 | MALWARE-CNC User-Agent known malicious user-agent string Aldi Bot (more info ...) | trojan-activity | URL | |||
| 21207 | MALWARE-CNC Win.Trojan.Dekara.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21208 | MALWARE-CNC Win.Trojan.RShot.brw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21209 | MALWARE-CNC Win.Trojan.Enviserv.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21210 | MALWARE-CNC Win.Trojan.Rallovs.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21211 | MALWARE-CNC Win.Trojan.Banker.slrj variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21212 | MALWARE-CNC Win.Trojan.Hupigon.nkor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21213 | MALWARE-CNC Worm.Win32.Cridex.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21215 | MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21216 | MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21217 | MALWARE-CNC Win.Trojan.Banker.Am variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21218 | MALWARE-CNC Win.Trojan.Sodager.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21219 | MALWARE-CNC Win.Trojan.Sysckbc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21220 | MALWARE-CNC Win.Trojan.Susnatache.A inbound connection (more info ...) | trojan-activity | URL | |||
| 21221 | MALWARE-CNC Win.Trojan.Susnatache.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21222 | MALWARE-CNC Win.Trojan.Kcahneila.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21223 | MALWARE-CNC Win.Trojan.Gyplit.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21224 | MALWARE-CNC Win.Trojan.MacOS.DevilRobber.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21225 | MALWARE-CNC User-Agent known malicious user-agent string Flag (more info ...) | trojan-activity | URL | |||
| 21226 | MALWARE-CNC Win.Trojan.Louisdreyfu.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21227 | MALWARE-CNC Win.Trojan.Bulknet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21228 | MALWARE-CNC Win.Trojan.Cerberat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21229 | MALWARE-CNC Win.Trojan.Synljdos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21230 | MALWARE-CNC Win.Trojan.Betad variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21231 | MALWARE-CNC Win.Trojan.Bedobot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21232 | SERVER-OTHER Remote Desktop Protocol brute force attempt (more info ...) | misc-activity | 2015-0079 | URL | ||
| 21235 | SERVER-WEBAPP LOCK WebDAV Stack Buffer Overflow attempt (more info ...) | attempted-admin | 2003-0109 | 7116 | URL | |
| 21239 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21240 | MALWARE-CNC Win.Trojan.MsUpdater variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21241 | MALWARE-CNC Win.Trojan.MsUpdater initial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21242 | MALWARE-CNC Win.Trojan.MsUpdater variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21246 | MALWARE-CNC User-Agent known malicious user-agent string DataCha0s (more info ...) | network-scan | URL | |||
| 21248 | SERVER-OTHER multiple vendors host buffer overflow attempt (more info ...) | web-application-attack | 2013-4115 | 6870 | ||
| 21249 | MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21250 | MALWARE-CNC Win.Trojan.VBasddsa.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21251 | MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21252 | MALWARE-CNC Win.Trojan.Sirefef.P variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21254 | FILE-PDF Foxit Reader createDataObject file write attempt (more info ...) | attempted-user | URL | |||
| 21257 | MALWARE-CNC URI - known scanner tool muieblackcat (more info ...) | network-scan | URL | |||
| 21258 | INDICATOR-SHELLCODE Feng-Shui heap grooming using Oleaut32 (more info ...) | shellcode-detect | URL | |||
| 21261 | SERVER-OTHER Xitami if-modified-since header buffer overflow attempt (more info ...) | attempted-user | 2007-5067 | 25772 | ||
| 21263 | SERVER-OTHER Embarcadero Interbase connect request buffer overflow attempt (more info ...) | misc-attack | URL | |||
| 21265 | INDICATOR-SHELLCODE Piecemeal exploit and shellcode construction (more info ...) | shellcode-detect | URL | |||
| 21266 | MALWARE-CNC User-Agent known malicious user-agent string Morfeus Scanner (more info ...) | network-scan | ||||
| 21267 | POLICY-OTHER TRENDnet IP Camera anonymous access attempt (more info ...) | policy-violation | URL | |||
| 21269 | MALWARE-CNC Win.Trojan.Cycbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21270 | SERVER-WEBAPP Devellion CubeCart multiple parameter XSS vulnerability (more info ...) | web-application-attack | URL | |||
| 21273 | MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21274 | MALWARE-CNC Win.Trojan.Tusha variant runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21275 | MALWARE-CNC Hupigon.hddn runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21276 | MALWARE-CNC Hupigon.hddn install time traffic detected (more info ...) | trojan-activity | URL | |||
| 21277 | MALWARE-CNC Win.Trojan.Shexie.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21278 | MALWARE-CNC User-Agent known malicious user-agent string Google Bot (more info ...) | trojan-activity | URL | |||
| 21279 | MALWARE-CNC Win.Trojan.Kbot.s runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21280 | MALWARE-CNC Win32 Turkojan.C runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21294 | MALWARE-CNC Win.Trojan.Bancodor.be runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21295 | FILE-IDENTIFY FON file attachment detected (more info ...) | misc-activity | ||||
| 21296 | FILE-IDENTIFY FON file attachment detected (more info ...) | misc-activity | ||||
| 21303 | MALWARE-CNC Win32 Initor.ag runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21306 | MALWARE-CNC Win.Trojan.Spyeye variant outbound connectivity check (more info ...) | trojan-activity | URL | |||
| 21311 | MALWARE-CNC Win.Trojan.Dofoil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21313 | MALWARE-CNC Win.Trojan.Dofoil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21314 | SERVER-WEBAPP HP Insight Diagnostics XSS attempt (more info ...) | web-application-attack | 2010-3003 | |||
| 21315 | SERVER-OTHER Quest NetVault SmartDisk libnvbasics.dll DOS attempt (more info ...) | denial-of-service | URL | |||
| 21317 | FILE-OTHER BACnet OPC client csv file buffer overflow attempt (more info ...) | attempted-user | 2010-4740 | 43289 | ||
| 21318 | MALWARE-CNC Win.Trojan.FakeAV TDSS/PurpleHaze variant outbound connection - base64 encoded (more info ...) | trojan-activity | URL | |||
| 21319 | FILE-OTHER Multiple products request for version.dll over SMB attempt (more info ...) | attempted-user | 2016-6804 | URL | ||
| 21322 | FILE-OTHER Multiple products version.dll dll-load exploit attempt (more info ...) | attempted-user | 2016-6804 | URL | ||
| 21327 | MALWARE-CNC User-Agent ASafaWeb Scan (more info ...) | network-scan | URL | |||
| 21328 | SERVER-OTHER Synergy clipboard format server integer overflow attempt (more info ...) | attempted-user | ||||
| 21329 | SERVER-OTHER Synergy clipboard format client integer overflow attempt (more info ...) | attempted-user | ||||
| 21330 | SERVER-OTHER Synergy clipboard format server integer overflow attempt (more info ...) | attempted-user | ||||
| 21331 | SERVER-OTHER Synergy clipboard format client integer overflow attempt (more info ...) | attempted-user | ||||
| 21332 | APP-DETECT Synergy network kvm usage detected (more info ...) | attempted-admin | URL | |||
| 21333 | SERVER-WEBAPP Openswan/Strongswan Pluto IKE daemon ISAKMP DPD malformed packet DOS attempt (more info ...) | attempted-dos | 2009-0790 | 34296 | ||
| 21334 | SERVER-WEBAPP Openswan/Strongswan Pluto IKE daemon ISAKMP DPD malformed packet DOS attempt (more info ...) | attempted-dos | 2009-0790 | 34296 | ||
| 21351 | SERVER-OTHER IBM Tivoli kuddb2 denial of service attempt (more info ...) | attempted-dos | 2010-0472 | |||
| 21359 | MALWARE-CNC Win.Trojan.VB.jju runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21360 | MALWARE-CNC Win32 Agent.dbzx runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21361 | MALWARE-CNC Worm.Win32.TDownland.ca runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21362 | MALWARE-CNC Win.Trojan.TDSS.aa runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21364 | MALWARE-CNC DOQ.gen.y RUNTIME traffic detected (more info ...) | trojan-activity | URL | |||
| 21365 | MALWARE-CNC DOQ.gen.y RUNTIME traffic detected (more info ...) | trojan-activity | URL | |||
| 21366 | MALWARE-CNC DOQ.gen.y INSTALL traffic detected (more info ...) | trojan-activity | URL | |||
| 21367 | MALWARE-CNC Win32 VB.abcl runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21368 | MALWARE-CNC Win.Trojan.Wallop.de runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21369 | MALWARE-CNC Win.Trojan.Wallop.de runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21370 | SERVER-SAMBA Samba name mangling buffer overflow attempt (more info ...) | attempted-admin | 2004-0686 | 10781 | ||
| 21372 | MALWARE-CNC Malware Defense runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21373 | MALWARE-CNC Malware Defense runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21374 | MALWARE-CNC Win.Trojan.Bifrose.EF runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21375 | SERVER-WEBAPP Remote Execution Backdoor Attempt Against Horde (more info ...) | web-application-attack | 2012-0209 | URL | ||
| 21376 | MALWARE-CNC Win.Trojan.Microjoin activity detected (more info ...) | trojan-activity | URL | |||
| 21379 | MALWARE-CNC Win.Trojan.Genome.Amqj runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21380 | MALWARE-CNC User-Agent known malicious user-agent string - QvodDown (more info ...) | trojan-activity | URL | |||
| 21381 | MALWARE-CNC Win.Trojan.Dialer.ngb runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21382 | MALWARE-CNC Win.Trojan.Nuqel.Q host setting3.yeahost.com runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21383 | MALWARE-CNC Win.Trojan.Nuqel.Q host 9999mb.com runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21384 | MALWARE-CNC Win.Trojan.Nuqel.Q host freewebs.com runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21386 | MALWARE-CNC Win.Trojan.Wadolin.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21390 | MALWARE-CNC Win.Trojan.Agobot.dl runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21391 | MALWARE-CNC Win.Trojan.Agent.dcac runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21393 | FILE-MULTIMEDIA Magix Musik Maker 16 buffer overflow attempt (more info ...) | attempted-user | ||||
| 21397 | FILE-MULTIMEDIA MicroP mppl stack buffer overflow (more info ...) | trojan-activity | ||||
| 21398 | FILE-IDENTIFY MPPL file download request (more info ...) | misc-activity | ||||
| 21400 | MALWARE-CNC Win.Trojan.Kenzor.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21401 | MALWARE-CNC Win.Trojan.Kenzor.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21402 | MALWARE-CNC Win.Trojan.Ponfoy.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21403 | MALWARE-CNC Worm.Win32.Vobfus.DL variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21404 | MALWARE-CNC Worm.Win32.Vobfus.DL variant outbound connection cont (more info ...) | trojan-activity | URL | |||
| 21413 | FILE-OTHER PeaZip command injection attempt (more info ...) | attempted-user | 2009-2261 | |||
| 21416 | MALWARE-CNC Win.Trojan.Bankpatch authentication string detected (more info ...) | trojan-activity | URL | |||
| 21417 | FILE-PDF hostile PDF associated with Laik exploit kit (more info ...) | trojan-activity | ||||
| 21418 | MALWARE-CNC Win.Trojan.FareIt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21424 | MALWARE-CNC Win.Trojan.Ghodow.A connect to cnc (more info ...) | trojan-activity | URL | |||
| 21425 | MALWARE-CNC Win.Trojan.Ghodow.A exe file download (more info ...) | trojan-activity | URL | |||
| 21426 | MALWARE-CNC Win.Trojan.Scar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21427 | MALWARE-CNC Win.Trojan.Delf variant outbound connection (more info ...) | trojan-activity | ||||
| 21428 | MALWARE-CNC Win.Trojan.Generic-24 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21430 | MALWARE-CNC Win.Trojan.BeeOne runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21431 | FILE-PDF Possible malicious pdf - new pdf exploit (more info ...) | attempted-user | ||||
| 21432 | FILE-IDENTIFY MPPL file attachment detected (more info ...) | misc-activity | ||||
| 21433 | FILE-IDENTIFY MPPL file attachment detected (more info ...) | misc-activity | ||||
| 21434 | MALWARE-CNC Win.Trojan.Mentor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21435 | MALWARE-CNC Win.Trojan.Mentor inbound connection - post infection (more info ...) | trojan-activity | URL | |||
| 21436 | MALWARE-CNC Win.Trojan.Startpage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21440 | MALWARE-CNC Win.Trojan.Murofet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21441 | MALWARE-CNC Win.Trojan.Delf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21442 | MALWARE-CNC URI request for known malicious URI - base64 encoded (more info ...) | trojan-activity | URL | |||
| 21444 | MALWARE-CNC Win.Trojan.TDSS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21448 | MALWARE-CNC Win.Trojan.Webmoner.zu connect to server (more info ...) | trojan-activity | URL | |||
| 21449 | MALWARE-CNC Trojan-Downloader.Win32.Obitel install (more info ...) | trojan-activity | URL | |||
| 21450 | MALWARE-CNC Trojan-Downloader.Win32.Obitel connect to cnc server (more info ...) | trojan-activity | URL | |||
| 21451 | MALWARE-CNC Win.Trojan.Agent.djvk malicious hosts file download (more info ...) | trojan-activity | URL | |||
| 21452 | MALWARE-CNC Win.Trojan.Agent.djvk connect to server (more info ...) | trojan-activity | URL | |||
| 21454 | MALWARE-CNC Win.Trojan.Banbra.vec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21455 | MALWARE-CNC User-Agent known malicious user-agent string psi (more info ...) | trojan-activity | URL | |||
| 21463 | MALWARE-CNC Win.Trojan.Bibei variant inbound connection (more info ...) | trojan-activity | URL | |||
| 21464 | MALWARE-CNC Downloader-CEW.b runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21465 | SERVER-WEBAPP HTTP response splitting attempt (more info ...) | attempted-user | ||||
| 21466 | MALWARE-CNC Autorun.BDS runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 21467 | MALWARE-CNC Win.Trojan.IRCBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21468 | MALWARE-CNC Win.Trojan.Dama variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21469 | MALWARE-CNC User-Agent known malicious user-agent string 1234567890 (more info ...) | trojan-activity | URL | |||
| 21470 | MALWARE-CNC Win.Trojan.Krap.Gy connect to server (more info ...) | trojan-activity | URL | |||
| 21471 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21472 | MALWARE-CNC Win.Trojan.Delf.tzp download (more info ...) | trojan-activity | URL | |||
| 21473 | MALWARE-CNC Win.Trojan.GameThief variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21474 | MALWARE-CNC Win.Trojan.Lancafdo.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21475 | MALWARE-CNC User-Agent known malicious user-agent string core-project (more info ...) | misc-activity | ||||
| 21476 | MALWARE-CNC User-Agent known malicious user agent YZF (more info ...) | trojan-activity | URL | |||
| 21477 | MALWARE-CNC Win.Trojan.Noobot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21478 | FILE-IDENTIFY CHM file attachment detected (more info ...) | misc-activity | URL | |||
| 21479 | FILE-IDENTIFY CHM file attachment detected (more info ...) | misc-activity | URL | |||
| 21483 | PROTOCOL-SCADA Moxa Device Manager buffer overflow attempt (more info ...) | attempted-user | 2010-4741 | URL | ||
| 21485 | SERVER-OTHER EMC RepliStor denial of service attempt (more info ...) | attempted-dos | 2009-3744 | |||
| 21486 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21487 | MALWARE-CNC Win.Trojan.Palevo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21490 | PROTOCOL-SCADA General Electric d20me configuration retrieval attempt (more info ...) | attempted-recon | URL | |||
| 21491 | PROTOCOL-SCADA Sielco Sistemi Winlog Pro stack buffer overflow attempt (more info ...) | attempted-admin | 2011-0517 | 45813 | ||
| 21494 | PROTOCOL-SCADA General Electric D20ME backdoor attempt (more info ...) | attempted-admin | URL | |||
| 21495 | MALWARE-CNC Win.Trojan.Vilsel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21496 | MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21497 | MALWARE-CNC Win.Trojan.Saeeka variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21502 | MALWARE-CNC Win.Trojan.VBbot.V connect to server (more info ...) | trojan-activity | URL | |||
| 21511 | MALWARE-CNC Win.Trojan.Vaxpy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21512 | MALWARE-BACKDOOR Win.Backdoor.Zegost.B runtime detection (more info ...) | trojan-activity | URL | |||
| 21514 | MALWARE-CNC Win.Trojan.Banbra connect to server (more info ...) | trojan-activity | URL | |||
| 21516 | SERVER-WEBAPP JBoss JMX console access attempt (more info ...) | attempted-recon | 2013-2185 | URL | ||
| 21518 | MALWARE-CNC Win.Trojan.Agent-59544 connect to server (more info ...) | trojan-activity | URL | |||
| 21520 | MALWARE-CNC Win.Trojan.Bayrob variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21521 | MALWARE-CNC Win.Trojan.Bayrob update connection (more info ...) | trojan-activity | URL | |||
| 21523 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21525 | MALWARE-CNC Win.Trojan.Downloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21526 | MALWARE-CNC User-Agent known malicious user agent TCYWinHTTPDownload (more info ...) | trojan-activity | URL | |||
| 21527 | MALWARE-CNC Win.Trojan.Downloader registration connection detection (more info ...) | trojan-activity | URL | |||
| 21528 | MALWARE-CNC Win.Trojan.Downloader keep-alive connection detection (more info ...) | trojan-activity | URL | |||
| 21538 | MALWARE-CNC Win.Trojan.Dofoil variant outbound payload request (more info ...) | trojan-activity | URL | |||
| 21540 | MALWARE-CNC Win.Trojan.Buzus application download (more info ...) | trojan-activity | URL | |||
| 21541 | MALWARE-CNC Win.Trojan.Buzus connect to server (more info ...) | trojan-activity | URL | |||
| 21542 | MALWARE-CNC Win.Trojan.Buzus firefox extension download (more info ...) | trojan-activity | URL | |||
| 21543 | MALWARE-CNC Win.Trojan.Buzus html page download (more info ...) | trojan-activity | URL | |||
| 21547 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21548 | MALWARE-CNC Cutwail landing page connection (more info ...) | trojan-activity | URL | |||
| 21551 | MALWARE-CNC Win.Trojan.Kahn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21552 | MALWARE-CNC Win.Trojan.Kahn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21553 | MALWARE-CNC Win.Trojan.Agent.cpze connect to server (more info ...) | trojan-activity | URL | |||
| 21557 | FILE-OTHER Apple OSX ZIP archive shell script execution attempt (more info ...) | attempted-user | 2006-0848 | 16736 | URL | |
| 21562 | MALWARE-CNC Win.Trojan.Bredolab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21563 | MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21564 | MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21565 | MALWARE-CNC Win.Trojan.Kelihos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21582 | FILE-PDF PDF obfuscation attempt (more info ...) | attempted-user | URL | |||
| 21583 | FILE-PDF Possible malicious pdf detection - qwe123 (more info ...) | trojan-activity | ||||
| 21591 | MALWARE-CNC User-Agent known Adware user agent Gamevance tl_v (more info ...) | trojan-activity | URL | |||
| 21593 | MALWARE-CNC Win.Trojan.Dropper variant outbound connection (more info ...) | misc-activity | URL | |||
| 21594 | SERVER-WEBAPP Gravity GTD objectname parameter injection attempt (more info ...) | attempted-admin | 2008-5962 | |||
| 21595 | OS-MOBILE Android/Nickispy.D initialization request detection (more info ...) | trojan-activity | URL | |||
| 21596 | OS-MOBILE Android/Nickispy.D initialization response detection (more info ...) | trojan-activity | URL | |||
| 21597 | OS-MOBILE Android/Nickispy.D sms logging request detection (more info ...) | trojan-activity | URL | |||
| 21598 | OS-MOBILE Android/Nickispy.D sms logging response detection (more info ...) | trojan-activity | URL | |||
| 21607 | FILE-OTHER IBM Installation Manager iim uri code execution attempt (more info ...) | attempted-user | 2009-3518 | 36549 | ||
| 21608 | PROTOCOL-VOIP Digium Asterisk IAX2 call number denial of service (more info ...) | attempted-dos | 2009-2346 | |||
| 21609 | SERVER-WEBAPP SurgeMail webmail.exe page format string exploit attempt (more info ...) | web-application-attack | 2008-1055 | 27990 | URL | |
| 21610 | MALWARE-CNC Win.Trojan.Refroso.azyg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21615 | FILE-IDENTIFY WMF file attachment detected (more info ...) | misc-activity | ||||
| 21616 | FILE-IDENTIFY WMF file attachment detected (more info ...) | misc-activity | ||||
| 21617 | FILE-IDENTIFY RT file attachment detected (more info ...) | misc-activity | ||||
| 21618 | FILE-IDENTIFY RT file attachment detected (more info ...) | misc-activity | ||||
| 21621 | FILE-IDENTIFY AVI file magic detected (more info ...) | misc-activity | ||||
| 21622 | MALWARE-CNC Win.Trojan.Georbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21629 | FILE-OTHER ELF file parsing in different antivirus evasion attempt (more info ...) | bad-unknown | 2012-1431 | URL | ||
| 21630 | FILE-OTHER ELF file parsing in different antivirus evasion attempt (more info ...) | bad-unknown | 2012-1430 | URL | ||
| 21632 | MALWARE-CNC Win.Trojan.Ransom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21635 | MALWARE-CNC Win.Trojan.Phdet.gen.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21636 | MALWARE-CNC User-Agent known Adware user agent gbot (more info ...) | trojan-activity | URL | |||
| 21637 | POLICY-SPAM local user attempted to fill out paypal phishing form (more info ...) | suspicious-login | URL | |||
| 21638 | MALWARE-CNC Win.Trojan.Aluereon TDSS infection variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21639 | MALWARE-CNC User-Agent known Adware user agent mus - TDSS related (more info ...) | trojan-activity | URL | |||
| 21641 | MALWARE-OTHER Possible banking trojan with known banking strings (more info ...) | trojan-activity | ||||
| 21642 | MALWARE-OTHER Possible malicious jar file download page (more info ...) | attempted-user | ||||
| 21643 | MALWARE-CNC Win.Trojan.Bredolab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21644 | PUA-ADWARE Adware.MediaGetInstaller inbound connection - destination ip infected (more info ...) | misc-activity | URL | |||
| 21645 | PUA-ADWARE Adware.MediaGetInstaller outbound connection - source ip infected (more info ...) | misc-activity | URL | |||
| 21662 | SERVER-OTHER Blue Coat Systems WinProxy telnet denial of service attempt (more info ...) | attempted-dos | 2005-3654 | |||
| 21669 | PROTOCOL-VOIP Digium Asterisk missing SIP version denial of service attempt (more info ...) | attempted-dos | 2014-2154 | 20835 | ||
| 21671 | SERVER-WEBAPP PECL zip URL wrapper buffer overflow attempt (more info ...) | attempted-user | 2007-1399 | 22883 | URL | |
| 21672 | PROTOCOL-VOIP Digium Asterisk SCCP capabilities response message capabilities count overflow attempt (more info ...) | attempted-dos | 2007-4280 | |||
| 21673 | PROTOCOL-VOIP Digium Asterisk SCCP overly large mem copy attempt (more info ...) | attempted-user | 2007-3764 | 24950 | ||
| 21687 | FILE-IDENTIFY PLS file attachment detected (more info ...) | misc-activity | ||||
| 21688 | FILE-IDENTIFY PLS file attachment detected (more info ...) | misc-activity | ||||
| 21691 | FILE-IDENTIFY SMIL file attachment detected (more info ...) | misc-activity | ||||
| 21692 | FILE-IDENTIFY SMIL file attachment detected (more info ...) | misc-activity | ||||
| 21693 | FILE-IDENTIFY FLAC file attachment detected (more info ...) | misc-activity | ||||
| 21694 | FILE-IDENTIFY FLAC file attachment detected (more info ...) | misc-activity | ||||
| 21695 | FILE-IDENTIFY SMI file attachment detected (more info ...) | misc-activity | ||||
| 21696 | FILE-IDENTIFY SMI file attachment detected (more info ...) | misc-activity | ||||
| 21697 | FILE-IDENTIFY SAMI file attachment detected (more info ...) | misc-activity | ||||
| 21698 | FILE-IDENTIFY SAMI file attachment detected (more info ...) | misc-activity | ||||
| 21703 | FILE-IDENTIFY 4XM file attachment detected (more info ...) | misc-activity | ||||
| 21704 | FILE-IDENTIFY 4XM file attachment detected (more info ...) | misc-activity | ||||
| 21705 | FILE-IDENTIFY BitTorrent torrent file attachment detected (more info ...) | misc-activity | ||||
| 21706 | FILE-IDENTIFY BitTorrent torrent file attachment detected (more info ...) | misc-activity | ||||
| 21724 | FILE-IDENTIFY ANI file download request (more info ...) | misc-activity | ||||
| 21725 | FILE-IDENTIFY ANI file attachment detected (more info ...) | misc-activity | ||||
| 21726 | FILE-IDENTIFY ANI file attachment detected (more info ...) | misc-activity | ||||
| 21727 | FILE-IDENTIFY ANI file magic detection (more info ...) | misc-activity | ||||
| 21742 | FILE-IDENTIFY Embedded Open Type Font file attachment detected (more info ...) | misc-activity | ||||
| 21743 | FILE-IDENTIFY Embedded Open Type Font file attachment detected (more info ...) | misc-activity | ||||
| 21748 | FILE-IDENTIFY HPJ file download request (more info ...) | misc-activity | ||||
| 21749 | FILE-IDENTIFY HPJ file attachment detected (more info ...) | misc-activity | ||||
| 21750 | FILE-IDENTIFY HPJ file attachment detected (more info ...) | misc-activity | ||||
| 21751 | FILE-IDENTIFY HPJ file magic detected (more info ...) | misc-activity | ||||
| 21753 | PROTOCOL-VOIP Digium Asterisk Management Interface HTTP digest authentication stack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 21760 | MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21761 | MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21762 | SERVER-WEBAPP Youngzsoft CMailServer CMailCOM buffer overflow attempt (more info ...) | attempted-admin | 2008-6922 | 30098 | ||
| 21767 | PROTOCOL-VOIP Digium Asterisk IAX2 Channel Driver DoS attempt (more info ...) | denial-of-service | 2007-3763 | |||
| 21768 | PROTOCOL-VOIP Digium Asterisk IAX2 Channel Driver DoS attempt (more info ...) | denial-of-service | 2007-3763 | |||
| 21769 | MALWARE-CNC Win.Trojan.LogonInvader.a variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21782 | INDICATOR-OBFUSCATION script tag in POST parameters - likely cross-site scripting (more info ...) | web-application-attack | 2015-1653 | URL | ||
| 21783 | INDICATOR-OBFUSCATION encoded script tag in POST parameters - likely cross-site scripting (more info ...) | web-application-attack | URL | |||
| 21784 | INDICATOR-OBFUSCATION encoded script tag in POST parameters - likely cross-site scripting (more info ...) | web-application-attack | URL | |||
| 21802 | FILE-IDENTIFY HT-MP3Player file download request (more info ...) | misc-activity | ||||
| 21803 | FILE-IDENTIFY HT-MP3Player file attachment detected (more info ...) | misc-activity | ||||
| 21804 | FILE-IDENTIFY HT-MP3Player file attachment detected (more info ...) | misc-activity | ||||
| 21805 | FILE-MULTIMEDIA HT-MP3Player file parsing boundary buffer overflow attempt (more info ...) | attempted-user | 2009-2485 | 43811 | ||
| 21818 | SERVER-WEBAPP System variable directory traversal attempt - %ALLUSERSPROFILE% (more info ...) | attempted-recon | ||||
| 21819 | SERVER-WEBAPP System variable directory traversal attempt - %PROGRAMDATA% (more info ...) | attempted-recon | ||||
| 21820 | SERVER-WEBAPP System variable directory traversal attempt - %APPDATA% (more info ...) | attempted-recon | ||||
| 21821 | SERVER-WEBAPP System variable directory traversal attempt - %COMMONPROGRAMFILES% (more info ...) | attempted-recon | ||||
| 21822 | SERVER-WEBAPP System variable directory traversal attempt - %COMMONPROGRAMFILES - x86% (more info ...) | attempted-recon | ||||
| 21823 | SERVER-WEBAPP System variable directory traversal attempt - %COMSPEC% (more info ...) | attempted-recon | ||||
| 21824 | SERVER-WEBAPP System variable directory traversal attempt - %HOMEDRIVE% (more info ...) | attempted-recon | ||||
| 21825 | SERVER-WEBAPP System variable directory traversal attempt - %HOMEPATH% (more info ...) | attempted-recon | ||||
| 21826 | SERVER-WEBAPP System variable directory traversal attempt - %LOCALAPPDATA% (more info ...) | attempted-recon | ||||
| 21827 | SERVER-WEBAPP System variable directory traversal attempt - %PROGRAMFILES% (more info ...) | attempted-recon | ||||
| 21828 | SERVER-WEBAPP System variable directory traversal attempt - %PROGRAMFILES - X86% (more info ...) | attempted-recon | ||||
| 21829 | SERVER-WEBAPP System variable directory traversal attempt - %SystemDrive% (more info ...) | attempted-recon | ||||
| 21830 | SERVER-WEBAPP System variable directory traversal attempt - %SystemRoot% (more info ...) | attempted-recon | ||||
| 21831 | SERVER-WEBAPP System variable directory traversal attempt - %TEMP% (more info ...) | attempted-recon | ||||
| 21832 | SERVER-WEBAPP System variable directory traversal attempt - %TMP% (more info ...) | attempted-recon | ||||
| 21833 | SERVER-WEBAPP System variable directory traversal attempt - %USERDATA% (more info ...) | attempted-recon | ||||
| 21834 | SERVER-WEBAPP System variable directory traversal attempt - %USERNAME% (more info ...) | attempted-recon | ||||
| 21835 | SERVER-WEBAPP System variable directory traversal attempt - %USERPROFILE% (more info ...) | attempted-recon | ||||
| 21836 | SERVER-WEBAPP System variable directory traversal attempt - %WINDIR% (more info ...) | attempted-recon | ||||
| 21837 | SERVER-WEBAPP System variable directory traversal attempt - %PUBLIC% (more info ...) | attempted-recon | ||||
| 21838 | SERVER-WEBAPP System variable directory traversal attempt - %PSModulePath% (more info ...) | attempted-recon | ||||
| 21839 | SERVER-WEBAPP System variable in URI attempt - %COMPUTERNAME% (more info ...) | attempted-recon | ||||
| 21840 | SERVER-WEBAPP System variable in URI attempt - %LOGONSERVER% (more info ...) | attempted-recon | ||||
| 21841 | SERVER-WEBAPP System variable in URI attempt - %PATH% (more info ...) | attempted-recon | ||||
| 21842 | SERVER-WEBAPP System variable in URI attempt - %PATHEXT% (more info ...) | attempted-recon | ||||
| 21843 | SERVER-WEBAPP System variable in URI attempt - %PROMPT% (more info ...) | attempted-recon | ||||
| 21844 | SERVER-WEBAPP System variable in URI attempt - %USERDOMAIN% (more info ...) | attempted-recon | ||||
| 21848 | MALWARE-OTHER TDS Sutra - page redirecting to a SutraTDS (more info ...) | trojan-activity | URL | |||
| 21849 | MALWARE-OTHER TDS Sutra - HTTP header redirecting to a SutraTDS (more info ...) | trojan-activity | URL | |||
| 21852 | MALWARE-CNC Win.Trojan.Orsam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21860 | MALWARE-CNC Phoenix exploit kit post-compromise behavior (more info ...) | successful-user | 2012-0779 | URL | ||
| 21870 | FILE-IDENTIFY CNT file attachment detected (more info ...) | misc-activity | ||||
| 21871 | FILE-IDENTIFY CNT file attachment detected (more info ...) | misc-activity | ||||
| 21877 | MALWARE-CNC Apple OSX.Sabpub variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21911 | MALWARE-CNC Aldi variant outbound connection C&C checkin (more info ...) | trojan-activity | URL | |||
| 21912 | MALWARE-CNC Aldi bot variant outbound connection user-agent (more info ...) | trojan-activity | URL | |||
| 21913 | SERVER-OTHER EMC data protection advisor DOS attempt (more info ...) | attempted-dos | URL | |||
| 21920 | SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (more info ...) | attempted-user | 2011-2264 | URL | ||
| 21921 | SERVER-ORACLE Oracle Outside In CorelDRAW file parser buffer overflow attempt (more info ...) | attempted-user | 2011-2264 | URL | ||
| 21922 | FILE-OTHER VLC mms hostname buffer overflow attempt (more info ...) | attempted-user | 2012-1775 | URL | ||
| 21924 | PUA-ADWARE Adware.Downware variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 21925 | MALWARE-CNC User-Agent known malicious user agent BOT/0.1 (more info ...) | trojan-activity | URL | |||
| 21934 | PUA-ADWARE 888Poker install outbound connection attempt (more info ...) | trojan-activity | ||||
| 21936 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100168 (more info ...) | unknown | ||||
| 21944 | SERVER-OTHER IBM Tivoli Endpoint Manager Web Reports xss attempt (more info ...) | attempted-user | 2012-0719 | URL | ||
| 21945 | MALWARE-CNC Win.Trojan.Litmpuca.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21946 | MALWARE-CNC Win.Trojan.Litmpuca.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21947 | MALWARE-CNC Win.Trojan.VicSpy.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21958 | MALWARE-CNC QDIGIT protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21959 | MALWARE-CNC UPDATE communication protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21960 | MALWARE-CNC LURK communication protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21961 | MALWARE-CNC IP2B communication protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21962 | MALWARE-CNC BB communication protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21963 | MALWARE-CNC X-Shell 601 communication protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21964 | MALWARE-CNC Murcy protocol connection to server (more info ...) | trojan-activity | URL | |||
| 21965 | MALWARE-CNC User-Agent known malicious user agent VB WININET (more info ...) | trojan-activity | URL | |||
| 21966 | MALWARE-CNC Win.Trojan.Pasmu connect to server (more info ...) | trojan-activity | URL | |||
| 21967 | MALWARE-BACKDOOR Rebhip.A runtime detection (more info ...) | trojan-activity | URL | |||
| 21968 | MALWARE-BACKDOOR Win.Backdoor.Rebhip.A variant outbound connection type A (more info ...) | trojan-activity | ||||
| 21969 | MALWARE-BACKDOOR Win.Backdoor.Rebhip.A variant outbound connection type B (more info ...) | trojan-activity | ||||
| 21970 | MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21971 | MALWARE-BACKDOOR Win.Backdoor.Zlob.P variant inbound connection (more info ...) | trojan-activity | URL | |||
| 21972 | MALWARE-BACKDOOR Win.Backdoor.ZZSlash variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21973 | MALWARE-BACKDOOR Win.Backdoor.ZZSlash runtime detection (more info ...) | trojan-activity | URL | |||
| 21974 | MALWARE-CNC Worm.Expichu variant inbound connection (more info ...) | trojan-activity | URL | |||
| 21975 | MALWARE-CNC Worm.Expichu variant inbound connection (more info ...) | trojan-activity | URL | |||
| 21976 | MALWARE-CNC Trojan-Downloader.Win32.Lapurd.D variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21977 | MALWARE-BACKDOOR Win.Backdoor.Pinit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21978 | MALWARE-BACKDOOR Win.Backdoor.Nervos variant outbound connection (more info ...) | trojan-activity | ||||
| 21979 | MALWARE-BACKDOOR Win.Backdoor.Nervos variant inbound connection (more info ...) | trojan-activity | ||||
| 21980 | MALWARE-CNC Win.Trojan.Winac variant outbound connection (more info ...) | trojan-activity | ||||
| 21981 | MALWARE-CNC Win.Trojan.Selvice variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21982 | MALWARE-CNC Win.Trojan.Insain variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21983 | MALWARE-CNC Win.Trojan.BamCompiled variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21984 | MALWARE-CNC Win.Trojan.BamCompiled variant inbound updates (more info ...) | trojan-activity | URL | |||
| 21995 | MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21996 | MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21997 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 21998 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22000 | MALWARE-CNC Win.Worm.amna variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22001 | MALWARE-CNC Win.Worm.amna variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22029 | FILE-OTHER Visual Studio DBP file handling buffer overflow attempt (more info ...) | attempted-user | 2006-1043 | URL | ||
| 22030 | FILE-OTHER Visual Studio PKP file handling buffer overflow attempt (more info ...) | attempted-user | 2006-1043 | URL | ||
| 22031 | FILE-OTHER Visual Studio SLN file handling buffer overflow attempt (more info ...) | attempted-user | 2006-1043 | URL | ||
| 22032 | FILE-OTHER Visual Studio VAP file handling buffer overflow attempt (more info ...) | attempted-user | 2006-1043 | URL | ||
| 22043 | FILE-IDENTIFY XM file download request (more info ...) | misc-activity | ||||
| 22044 | FILE-IDENTIFY XM file attachment detected (more info ...) | misc-activity | ||||
| 22045 | FILE-IDENTIFY XM file attachment detected (more info ...) | misc-activity | ||||
| 22046 | FILE-IDENTIFY XM file magic detected (more info ...) | misc-activity | ||||
| 22047 | MALWARE-CNC Win.Trojan.Jokbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22048 | MALWARE-CNC Win.Trojan.Zeus P2P outbound connection (more info ...) | trojan-activity | URL | |||
| 22053 | MALWARE-CNC Win.Trojan.Insomnia variant inbound connection - post infection (more info ...) | trojan-activity | URL | |||
| 22054 | MALWARE-CNC Win.Trojan.Prorat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22056 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22058 | MALWARE-CNC Win.Trojan.Kbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22059 | MALWARE-CNC Win.Trojan.Downloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22060 | MALWARE-CNC Win.Trojan.Fepgul variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22062 | MALWARE-CNC Win.Trojan.Winpawr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22065 | MALWARE-CNC Win.Trojan.Zeprox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22098 | INDICATOR-COMPROMISE hex-encoded create_function detected (more info ...) | attempted-user | ||||
| 22099 | MALWARE-CNC Win.Trojan.Piroxcc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22100 | MALWARE-CNC Win.Trojan.Midhos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22103 | MALWARE-CNC Win.Trojan.Coswid.klk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22104 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 22105 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 22106 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 22107 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 22108 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 22109 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 22110 | SERVER-MAIL Metamail format string exploit attempt (more info ...) | attempted-admin | 2004-0104 | 9692 | ||
| 22111 | SERVER-MAIL Metamail format string exploit attempt (more info ...) | attempted-admin | 2004-0104 | 9692 | ||
| 22112 | SERVER-MAIL Metamail format string exploit attempt (more info ...) | attempted-admin | 2004-0104 | 9692 | ||
| 22113 | SERVER-MAIL Metamail header length exploit attempt (more info ...) | attempted-admin | 2004-0104 | 9692 | ||
| 22114 | SERVER-MAIL Metamail header length exploit attempt (more info ...) | attempted-admin | 2004-0104 | 9692 | ||
| 22115 | SERVER-MAIL Metamail header length exploit attempt (more info ...) | attempted-admin | 2004-0104 | 9692 | ||
| 22937 | MALWARE-CNC Win.Trojan.Proxyier variant outbound connection (more info ...) | trojan-activity | URL | |||
| 22939 | MALWARE-CNC User-Agent known malicious user agent RAbcLib (more info ...) | trojan-activity | URL | |||
| 22940 | INDICATOR-COMPROMISE Win32.Virut web propagation detection (more info ...) | trojan-activity | URL | |||
| 22941 | FILE-PDF Possible malicious PDF detection - qweqwe= (more info ...) | trojan-activity | ||||
| 22943 | FILE-IDENTIFY NAB file download request (more info ...) | misc-activity | ||||
| 22944 | FILE-IDENTIFY NAB file attachment detected (more info ...) | misc-activity | ||||
| 22945 | FILE-IDENTIFY NAB file attachment detected (more info ...) | misc-activity | ||||
| 22946 | FILE-IDENTIFY NAB file magic detected (more info ...) | misc-activity | ||||
| 22948 | PROTOCOL-VOIP Avaya WinPDM header buffer overflow attempt (more info ...) | attempted-admin | 47947 | |||
| 22950 | SERVER-WEBAPP EXIF header parsing integer overflow attempt big endian (more info ...) | web-application-attack | 2011-4566 | |||
| 22951 | SERVER-WEBAPP EXIF header parsing integer overflow attempt little endian (more info ...) | web-application-attack | 2011-4566 | |||
| 22953 | MALWARE-TOOLS Hulk denial of service attempt (more info ...) | attempted-dos | URL | |||
| 22955 | FILE-IDENTIFY AMF file attachment detected (more info ...) | misc-activity | ||||
| 22956 | FILE-IDENTIFY AMF file attachment detected (more info ...) | misc-activity | ||||
| 22969 | FILE-IDENTIFY remote desktop configuration file attachment detected (more info ...) | misc-activity | URL | |||
| 22970 | FILE-IDENTIFY remote desktop configuration file attachment detected (more info ...) | misc-activity | URL | |||
| 23004 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 23005 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 23006 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 23007 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 23011 | FILE-IDENTIFY Collada file download request (more info ...) | misc-activity | ||||
| 23012 | FILE-IDENTIFY Collada file attachment detected (more info ...) | misc-activity | ||||
| 23013 | FILE-IDENTIFY Collada file attachment detected (more info ...) | misc-activity | ||||
| 23016 | INDICATOR-COMPROMISE base64-encoded c99shell download (more info ...) | trojan-activity | URL | |||
| 23017 | INDICATOR-COMPROMISE c99shell comment (more info ...) | trojan-activity | ||||
| 23018 | INDICATOR-OBFUSCATION eval of base64-encoded data (more info ...) | trojan-activity | URL | |||
| 23019 | MALWARE-CNC User-Agent known malicious user agent - Flame malware (more info ...) | trojan-activity | URL | |||
| 23043 | FILE-PDF Unknown malicious PDF - CreationDate (more info ...) | trojan-activity | ||||
| 23044 | FILE-PDF Unknown malicious PDF - CreationDate (more info ...) | trojan-activity | ||||
| 23045 | FILE-PDF Unknown malicious PDF - Title (more info ...) | trojan-activity | ||||
| 23046 | SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | URL | ||
| 23047 | SERVER-WEBAPP Oracle GlassFish Enterprise server cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | URL | ||
| 23051 | MALWARE-CNC Dybalom.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 23052 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt (more info ...) | unknown | ||||
| 23053 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt (more info ...) | unknown | ||||
| 23097 | SERVER-OTHER IBM solidDB SELECT statement denial of service attempt (more info ...) | denial-of-service | 2011-4890 | 51629 | URL | |
| 23099 | SERVER-OTHER SAP NetWeaver Dispatcher DiagTraceHex denial of service attempt (more info ...) | attempted-dos | 2012-2612 | 53424 | ||
| 23103 | MALWARE-CNC Win.Trojan.Bublik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23104 | MALWARE-CNC Win.Trojan.Scar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23109 | MALWARE-CNC Win.Trojan.Lolbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23112 | SERVER-OTHER SAP NetWeaver Dispatcher denial of service attempt (more info ...) | attempted-dos | 2012-2514 | URL | ||
| 23113 | INDICATOR-OBFUSCATION eval gzinflate base64_decode call - likely malicious (more info ...) | misc-activity | URL | |||
| 23140 | FILE-PDF Unknown Malicious PDF - CreationDate (more info ...) | attempted-user | ||||
| 23152 | FILE-OTHER OpenType Font file integer overflow attempt (more info ...) | attempted-user | 2010-2741 | URL | ||
| 23153 | FILE-OTHER OpenType Font file integer overflow attempt (more info ...) | attempted-user | 2010-2741 | URL | ||
| 23154 | FILE-OTHER OpenType Font file integer overflow attempt (more info ...) | attempted-user | 2010-2741 | URL | ||
| 23155 | FILE-OTHER OpenType Font file integer overflow attempt (more info ...) | attempted-user | 2010-2741 | URL | ||
| 23173 | OS-MOBILE Android Zitmo trojan command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 23176 | MALWARE-CNC Donbot.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 23179 | INDICATOR-COMPROMISE script before DOCTYPE possible malicious redirect attempt (more info ...) | web-application-attack | ||||
| 23208 | PROTOCOL-VOIP Digium Asterisk Manager Interface initial banner (more info ...) | misc-activity | ||||
| 23209 | PROTOCOL-VOIP Digium Asterisk Manager command shell execution attempt (more info ...) | policy-violation | 2012-2414 | 53206 | URL | |
| 23210 | PROTOCOL-VOIP Digium Asterisk Manager command shell execution attempt (more info ...) | policy-violation | 2012-2414 | 53206 | URL | |
| 23214 | MALWARE-CNC Win.Trojan.Waprox.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23215 | MALWARE-CNC Win.Trojan.Waprox.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23234 | MALWARE-CNC Frethog.MK runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 23235 | MALWARE-CNC PBin.A runtime traffic detected (more info ...) | trojan-activity | URL | |||
| 23242 | MALWARE-CNC Win.Trojan.Banker.boxg connect to cnc server (more info ...) | trojan-activity | URL | |||
| 23244 | MALWARE-CNC Win.Trojan.Kuluoz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23246 | PUA-ADWARE Wajam Monitizer url outbound connection - post install (more info ...) | trojan-activity | URL | |||
| 23247 | PUA-ADWARE Wajam Monitizer outbound connection - post install (more info ...) | trojan-activity | URL | |||
| 23251 | MALWARE-CNC Win.Trojan.Spyeye variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23252 | MALWARE-CNC MacOS.MacKontrol variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23254 | MALWARE-CNC Win.Trojan.Delf.CL variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23255 | MALWARE-CNC Win.Trojan.Duojeen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23257 | MALWARE-CNC Win.Trojan.Duojeen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23258 | SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (more info ...) | attempted-user | 2012-1196 | 52023 | ||
| 23259 | SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (more info ...) | attempted-user | 2012-1195 | 52023 | ||
| 23260 | SERVER-WEBAPP SAP NetWeaver cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 23261 | MALWARE-CNC known command and control traffic - Pushbot (more info ...) | trojan-activity | URL | |||
| 23262 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23306 | MALWARE-CNC Win.Trojan.Stealer connect to server (more info ...) | trojan-activity | URL | |||
| 23307 | MALWARE-CNC Win.Trojan.Dropper connect to server (more info ...) | trojan-activity | URL | |||
| 23308 | MALWARE-CNC Win.Trojan.Downloader.Bucriv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23309 | FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1436 | |||
| 23310 | FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1435 | |||
| 23311 | FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1434 | |||
| 23312 | FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1433 | |||
| 23313 | FILE-EXECUTABLE Portable Executable multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1432 | |||
| 23317 | MALWARE-CNC Win.Trojan.Dropper initial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23318 | FILE-OTHER ELF multiple antivirus evasion attempts (more info ...) | attempted-user | 2012-1429 | |||
| 23323 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1420 | |||
| 23324 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1426 | |||
| 23325 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1425 | |||
| 23326 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1424 | |||
| 23327 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1423 | |||
| 23328 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1422 | |||
| 23329 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1421 | |||
| 23331 | MALWARE-CNC Win.Trojan.Mybot variant outbound connection (more info ...) | trojan-activity | ||||
| 23332 | MALWARE-CNC Win.Trojan.Dishigy variant outbound connection (more info ...) | trojan-activity | ||||
| 23333 | MALWARE-CNC Win.Trojan.Banker initial C&C checkin (more info ...) | trojan-activity | URL | |||
| 23334 | MALWARE-CNC Win.Trojan.Downloader initial C&C checkin (more info ...) | trojan-activity | URL | |||
| 23335 | MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23336 | MALWARE-CNC Linfo.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23337 | MALWARE-CNC Bluenet.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23338 | MALWARE-BACKDOOR Spindest.A runtime detection - initial connection (more info ...) | trojan-activity | URL | |||
| 23339 | MALWARE-CNC Prier.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23340 | MALWARE-CNC Win.Trojan.Nitol.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23342 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23343 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23344 | MALWARE-CNC Win.Trojan.Harvso.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23345 | MALWARE-CNC RunTime Win.Trojan.tchfro.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23346 | FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (more info ...) | attempted-user | 2012-0110 | URL | ||
| 23347 | FILE-IDENTIFY Lotus file download request (more info ...) | misc-activity | ||||
| 23348 | FILE-IDENTIFY Lotus file attachment detected (more info ...) | misc-activity | ||||
| 23349 | FILE-IDENTIFY Lotus file attachment detected (more info ...) | misc-activity | ||||
| 23350 | MALWARE-OTHER potential clickjacking via css pointer-events attempt (more info ...) | policy-violation | URL | |||
| 23351 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1419 | |||
| 23357 | FILE-OTHER ELF multiple antivirus evasion attempts (more info ...) | attempted-user | 2012-1430 | |||
| 23358 | FILE-OTHER TAR multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1428 | |||
| 23369 | PUA-ADWARE Adware.Phono post infection download attempt (more info ...) | trojan-activity | URL | |||
| 23377 | MALWARE-CNC Win.Trojan.Sasfis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23378 | MALWARE-CNC Win.Trojan.Sasfis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23379 | MALWARE-CNC Win.Trojan.Leepload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23380 | MALWARE-CNC Win.Trojan.Ventana initial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23381 | MALWARE-BACKDOOR Win.Trojan.Thoper.C runtime detection (more info ...) | trojan-activity | URL | |||
| 23382 | MALWARE-CNC Win.Trojan.SpyEye variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23383 | MALWARE-CNC Win.Trojan.Chaori.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23387 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23388 | MALWARE-CNC Win.Trojan.FakeMSN.I variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23391 | MALWARE-CNC Win.Trojan.Hioles.C variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23392 | SERVER-OTHER IBM SolidDB redundant where clause DoS attempt (more info ...) | attempted-dos | 2012-0200 | URL | ||
| 23394 | MALWARE-CNC Win.Trojan.Vbvoleur.a variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23399 | MALWARE-CNC Win.Trojan.Govdi.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23401 | SERVER-WEBAPP Oracle GlassFish server REST interface cross site request forgery attempt (more info ...) | attempted-user | 2012-0550 | |||
| 23407 | SERVER-WEBAPP Apple iChat url format string exploit attempt (more info ...) | attempted-user | 2007-0021 | 22146 | ||
| 23435 | SERVER-MAIL Alt-N MDaemon file attachment directory traversal attempt (more info ...) | misc-attack | 14400 | |||
| 23444 | SERVER-OTHER Flexera FlexNet License Server buffer overflow attempt (more info ...) | attempted-admin | 52718 | URL | ||
| 23446 | MALWARE-CNC Win.Trojan.Sojax.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23447 | MALWARE-CNC Win.Trojan.Sojax.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23448 | MALWARE-CNC Win.Worm.Psyokym variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23449 | MALWARE-CNC Win.Trojan.Servstart.ax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23450 | MALWARE-CNC Win.Trojan.McRat connect to server (more info ...) | trojan-activity | URL | |||
| 23451 | MALWARE-CNC Win.Trojan.RedSip.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23456 | SERVER-OTHER IBM Tivoli name overflow attempt (more info ...) | attempted-user | 2009-3853 | |||
| 23460 | MALWARE-CNC Win.Trojan.Belesak.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23466 | SERVER-WEBAPP IBM System Storage DS storage manager profiler XSS attempt (more info ...) | web-application-attack | 2012-2172 | 54112 | URL | |
| 23467 | MALWARE-CNC Win.Trojan.Mazben file download (more info ...) | trojan-activity | URL | |||
| 23468 | MALWARE-CNC Win.Trojan.Dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23469 | MALWARE-CNC Win.Trojan.Dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23472 | PUA-ADWARE FakeAV landing page request (more info ...) | trojan-activity | URL | |||
| 23473 | MALWARE-CNC URI request for runforestrun - JS.Runfore (more info ...) | trojan-activity | URL | |||
| 23474 | FILE-IDENTIFY PLP file download request (more info ...) | misc-activity | ||||
| 23475 | FILE-IDENTIFY PLP file attachment detected (more info ...) | misc-activity | ||||
| 23476 | FILE-IDENTIFY PLP file attachment detected (more info ...) | misc-activity | ||||
| 23477 | FILE-IDENTIFY PLP file magic detected (more info ...) | misc-activity | ||||
| 23478 | FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (more info ...) | attempted-user | 2011-2595 | 49558 | ||
| 23479 | FILE-OTHER ACDSee FotoSlate PLP file buffer overflow attempt (more info ...) | attempted-user | 2011-2595 | 49558 | ||
| 23481 | INDICATOR-OBFUSCATION hex escaped characters in setTimeout call (more info ...) | bad-unknown | URL | |||
| 23482 | INDICATOR-OBFUSCATION hex escaped characters in addEventListener call (more info ...) | bad-unknown | URL | |||
| 23483 | MALWARE-BACKDOOR Win.Backdoor.Georbot file download (more info ...) | trojan-activity | URL | |||
| 23491 | MALWARE-CNC Win.Trojan.Kura variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23492 | MALWARE-CNC Win.Trojan.ZeroAccess outbound connection (more info ...) | trojan-activity | URL | |||
| 23493 | MALWARE-CNC Win.Trojan.ZeroAccess outbound connection (more info ...) | trojan-activity | URL | |||
| 23494 | MALWARE-CNC Win.Trojan.Onitab.A outbound connection (more info ...) | trojan-activity | URL | |||
| 23495 | MALWARE-CNC Win.Trojan.Kugdifod.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23496 | FILE-IDENTIFY CUR file download request (more info ...) | misc-activity | ||||
| 23497 | FILE-IDENTIFY CUR file attachment detected (more info ...) | misc-activity | ||||
| 23498 | FILE-IDENTIFY CUR file attachment detected (more info ...) | misc-activity | ||||
| 23513 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 23514 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 23515 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 23516 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 23593 | MALWARE-CNC Win.Trojan.Smoaler variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23594 | MALWARE-CNC Win.Trojan.Papras variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23595 | MALWARE-CNC Win.Trojan.Papras variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23596 | INDICATOR-COMPROMISE iframe before DOCTYPE possible malicious redirect attempt (more info ...) | web-application-attack | ||||
| 23597 | MALWARE-CNC Win.Trojan.VB.DHD variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23598 | MALWARE-CNC Win.Trojan.Slagent outgoing connection (more info ...) | trojan-activity | URL | |||
| 23599 | MALWARE-CNC Win.Trojan.Slagent outgoing connection (more info ...) | trojan-activity | URL | |||
| 23600 | MALWARE-CNC Win.Trojan.Gamarue outbound connection (more info ...) | trojan-activity | URL | |||
| 23601 | INDICATOR-SCAN Skipfish scan default agent string (more info ...) | network-scan | URL | |||
| 23602 | INDICATOR-SCAN Skipfish scan Firefox agent string (more info ...) | network-scan | URL | |||
| 23603 | INDICATOR-SCAN Skipfish scan MSIE agent string (more info ...) | network-scan | URL | |||
| 23604 | INDICATOR-SCAN Skipfish scan iPhone agent string (more info ...) | network-scan | URL | |||
| 23606 | MALWARE-CNC Win.Trojan.Sofacy.A outbound connection (more info ...) | trojan-activity | URL | |||
| 23607 | MALWARE-CNC Win.Trojan.Sofacy.A outbound connection (more info ...) | trojan-activity | URL | |||
| 23610 | MALWARE-CNC Worm.Crass.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23613 | SERVER-WEBAPP Arbitrary file location upload attempt (more info ...) | web-application-activity | 2004-0959 | 11190 | ||
| 23615 | MALWARE-CNC ACAD.Medre.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23616 | APP-DETECT Amazon Kindle 3.0 User-Agent string requested (more info ...) | misc-activity | ||||
| 23621 | INDICATOR-OBFUSCATION known packer routine with secondary obfuscation (more info ...) | misc-activity | URL | |||
| 23627 | MALWARE-CNC User-Agent known malicious user agent - PoisonIvy RAT (more info ...) | trojan-activity | URL | |||
| 23628 | MALWARE-CNC Win.Trojan.Pincav variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23630 | MALWARE-CNC Win.Trojan.YMrelay variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23633 | MALWARE-CNC Win.Trojan.Kegotip variant report to cnc-server (more info ...) | trojan-activity | URL | |||
| 23634 | MALWARE-CNC Win.Trojan.Kegotip variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23635 | MALWARE-CNC Gozi trojan checkin (more info ...) | trojan-activity | URL | |||
| 23645 | FILE-IDENTIFY RealNetworks Real Media file magic detected (more info ...) | misc-activity | ||||
| 23648 | FILE-IDENTIFY MP3 file magic detected (more info ...) | misc-activity | ||||
| 23661 | FILE-IDENTIFY ARJ file magic detected (more info ...) | misc-activity | ||||
| 23666 | FILE-IDENTIFY MP3 file magic detected (more info ...) | misc-activity | ||||
| 23691 | FILE-IDENTIFY dmg file magic detected (more info ...) | misc-activity | ||||
| 23695 | FILE-IDENTIFY Flac file magic detected (more info ...) | misc-activity | URL | |||
| 23696 | FILE-IDENTIFY VideoLAN VLC file magic detected (more info ...) | misc-activity | URL | |||
| 23704 | FILE-IDENTIFY Ultimate Packer for Executables/UPX v0.51-v0.61 packed file magic detected (more info ...) | misc-activity | URL | |||
| 23706 | FILE-IDENTIFY Ultimate Packer for Executables/UPX v2.90 v2.93-v3.00 packed file magic detected (more info ...) | misc-activity | URL | |||
| 23713 | FILE-IDENTIFY Metastock mwl file magic detected (more info ...) | misc-activity | URL | |||
| 23726 | FILE-IDENTIFY Portable Executable compact binary file magic detected (more info ...) | misc-activity | ||||
| 23728 | FILE-IDENTIFY matroska file magic detected (more info ...) | misc-activity | ||||
| 23730 | FILE-IDENTIFY amf file magic detected (more info ...) | misc-activity | ||||
| 23731 | FILE-IDENTIFY CDR file magic detected (more info ...) | misc-activity | URL | |||
| 23733 | FILE-IDENTIFY webm file magic detected (more info ...) | misc-activity | ||||
| 23734 | FILE-IDENTIFY Autodesk Maya file magic detected (more info ...) | misc-activity | ||||
| 23736 | FILE-IDENTIFY PLS file magic detected (more info ...) | misc-activity | ||||
| 23737 | FILE-IDENTIFY SMIL file magic detected (more info ...) | misc-activity | URL | |||
| 23749 | FILE-IDENTIFY SAMI file magic detected (more info ...) | misc-activity | ||||
| 23752 | FILE-IDENTIFY cy3 Cytel Studio file magic detected (more info ...) | misc-activity | ||||
| 23756 | FILE-IDENTIFY New Executable binary file magic detected (more info ...) | misc-activity | URL | |||
| 23761 | FILE-IDENTIFY AVI file magic detected (more info ...) | misc-activity | ||||
| 23763 | FILE-IDENTIFY HPJ file magic detected (more info ...) | misc-activity | ||||
| 23773 | FILE-IDENTIFY XM file magic detected (more info ...) | misc-activity | ||||
| 23774 | FILE-IDENTIFY NAB file magic detected (more info ...) | misc-activity | ||||
| 23776 | FILE-IDENTIFY PLP file magic detected (more info ...) | misc-activity | ||||
| 23778 | MALWARE-CNC Win.Trojan.Bublik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23780 | MALWARE-CNC Win.Trojan.Begfanit.A outbound connection (more info ...) | trojan-activity | URL | |||
| 23782 | MALWARE-CNC Win.Trojan.Buzus.kych variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23787 | MALWARE-CNC Win.Trojan.Locotout variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23788 | MALWARE-CNC Win.Trojan.Locotout variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23793 | SERVER-WEBAPP use-after-free in substr_replace attempt (more info ...) | misc-activity | 2011-1148 | |||
| 23794 | MALWARE-CNC known command and control traffic (more info ...) | trojan-activity | URL | |||
| 23796 | SERVER-WEBAPP exif invalid tag data buffer overflow attempt (more info ...) | denial-of-service | 2011-0708 | 46365 | ||
| 23806 | FILE-OTHER Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt (more info ...) | attempted-admin | 2012-1769 | 54500 | ||
| 23824 | MALWARE-CNC Gauss malware check-in (more info ...) | trojan-activity | URL | |||
| 23825 | MALWARE-CNC FinFisher initial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23826 | MALWARE-CNC FinFisher variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23827 | SERVER-WEBAPP Joomla Remote File Include upload attempt (more info ...) | attempted-user | URL | |||
| 23828 | SERVER-WEBAPP Joomla Remote File Include upload attempt (more info ...) | attempted-user | URL | |||
| 23829 | INDICATOR-COMPROMISE Loaderz Web Shell (more info ...) | trojan-activity | URL | |||
| 23830 | INDICATOR-COMPROMISE Alsa3ek Web Shell (more info ...) | trojan-activity | URL | |||
| 23851 | FILE-PDF Blackhole exploit kit related malicious file detection (more info ...) | trojan-activity | ||||
| 23852 | FILE-PDF Blackhole exploit kit related malicious file detection (more info ...) | trojan-activity | ||||
| 23857 | INDICATOR-SHELLCODE heapspray characters detected - ASCII (more info ...) | attempted-user | ||||
| 23858 | FILE-OTHER heapspray characters detected - binary (more info ...) | attempted-user | ||||
| 23859 | INDICATOR-SHELLCODE heapspray characters detected - hexadecimal encoding (more info ...) | attempted-user | ||||
| 23860 | INDICATOR-SHELLCODE heapspray characters detected - ASCII (more info ...) | attempted-user | ||||
| 23862 | INDICATOR-SHELLCODE heapspray characters detected - hexadecimal encoding (more info ...) | attempted-user | ||||
| 23863 | PUA-ADWARE LiveSecurityPlatinum.A outbound connection - initial connection (more info ...) | trojan-activity | URL | |||
| 23876 | MALWARE-CNC Win.Trojan.Scirib variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23877 | MALWARE-CNC Win.Trojan.Dtfanri variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23893 | MALWARE-CNC Win.Trojan.DistTrack command and control traffic (more info ...) | trojan-activity | ||||
| 23894 | SERVER-WEBAPP truncated crypt function attempt (more info ...) | attempted-admin | 2012-2143 | |||
| 23903 | MALWARE-CNC User-Agent known malicious user agent - you (more info ...) | trojan-activity | ||||
| 23905 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23906 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23907 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23908 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23909 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23910 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23911 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23912 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23913 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23914 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23915 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23916 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23917 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23918 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23919 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23920 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23921 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23922 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23923 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23924 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23925 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23926 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23927 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23928 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23929 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23930 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23931 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23932 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23933 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - execute dropped file (more info ...) | trojan-activity | URL | |||
| 23935 | MALWARE-CNC Win.Trojan.Zakahic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23936 | MALWARE-CNC Win.Trojan.Zakahic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23937 | SERVER-WEBAPP Invalid global flag attachment attempt (more info ...) | denial-of-service | 2011-1471 | 49252 | ||
| 23938 | MALWARE-CNC Win.Trojan.Ibabyfa.dldr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23941 | MALWARE-CNC OSX.Trojan.Aharm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23942 | MALWARE-CNC Win.Trojan.C0D0SO0 variant outbound traffic (more info ...) | trojan-activity | URL | |||
| 23945 | MALWARE-CNC Win.Trojan.Backdoor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23946 | MALWARE-CNC Win.Trojan.Backdoor file download (more info ...) | trojan-activity | URL | |||
| 23948 | MALWARE-CNC Win.Trojan.Sicisono variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23949 | MALWARE-CNC Win.Trojan.TKcik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23952 | MALWARE-TOOLS Tors Hammer slow post flood attempt (more info ...) | denial-of-service | ||||
| 23953 | MALWARE-CNC Win.Trojan.Comfoo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23954 | OS-MOBILE Android SMSZombie APK file download attempt (more info ...) | trojan-activity | URL | |||
| 23955 | MALWARE-CNC Xhuna.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23963 | MALWARE-CNC Win.Trojan.Runagry variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23968 | MALWARE-CNC Win.Trojan.Crisis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23969 | OS-MOBILE Android SMSZombie APK file download (more info ...) | trojan-activity | URL | |||
| 23971 | MALWARE-CNC Win.Trojan.Kabwak variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23972 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23973 | MALWARE-CNC Win.Trojan.Vampols variant inbound connection (more info ...) | trojan-activity | URL | |||
| 23974 | SERVER-WEBAPP calendar conversion remote integer overflow attempt (more info ...) | attempted-user | 2011-1466 | 46967 | ||
| 23975 | SERVER-WEBAPP calendar conversion remote integer overflow attempt (more info ...) | attempted-user | 2011-1466 | 46967 | ||
| 23976 | MALWARE-CNC Win.Trojan.Genome initial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23977 | MALWARE-CNC Win.Trojan.Genome runtime update to cnc-server (more info ...) | trojan-activity | URL | |||
| 23978 | MALWARE-CNC Win.Trojan.Hostposer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23984 | SERVER-WEBAPP LongTail Video JW Player XSS attempt link param (more info ...) | web-application-attack | 2012-3351 | 54101 | ||
| 23987 | MALWARE-CNC Win.Trojan.Kryptik.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 23988 | SERVER-WEBAPP ocPortal cms cross site request forgery attempt (more info ...) | attempted-admin | URL | |||
| 23990 | POLICY-SOCIAL Apple Messages client side certificate request attempt (more info ...) | policy-violation | URL | |||
| 23991 | POLICY-SOCIAL Apple Messages service server request attempt (more info ...) | policy-violation | URL | |||
| 23993 | SERVER-OTHER Dhcpcd packet size buffer overflow attempt (more info ...) | attempted-admin | 2012-2152 | 53354 | ||
| 23994 | SERVER-WEBAPP zend_strndup null pointer dereference attempt (more info ...) | attempted-dos | 2011-4153 | |||
| 23995 | SERVER-WEBAPP libtidy null pointer dereference attempt (more info ...) | attempted-dos | 2011-4153 | |||
| 24008 | POLICY-OTHER use of psexec remote administration tool (more info ...) | policy-violation | URL | |||
| 24010 | MALWARE-CNC runtime Trojan.Radil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24011 | MALWARE-CNC Win.Trojan.Ransomer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24012 | MALWARE-CNC Win.Trojan.Cbot variant outbound connection - inital contact (more info ...) | trojan-activity | URL | |||
| 24013 | MALWARE-CNC Win.Trojan.Cbot variant outbound connection - inital contact (more info ...) | trojan-activity | URL | |||
| 24014 | MALWARE-CNC Win.Trojan.Cbot variant outbound connection - inital contact (more info ...) | trojan-activity | URL | |||
| 24015 | MALWARE-CNC Win.Trojan.Magania variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24016 | MALWARE-CNC Win.Trojan.Madon variant outbound connection - variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24018 | MALWARE-CNC URI request for known malicious URI - hello.icon.pk (more info ...) | trojan-activity | URL | |||
| 24019 | MALWARE-CNC URI request for known malicious URI - ok.XXX4.net/meeting/hi.exe (more info ...) | trojan-activity | URL | |||
| 24029 | FILE-OTHER Oracle outside in Lotus 1-2-3 heap overflow attempt (more info ...) | attempted-user | 2012-0110 | URL | ||
| 24035 | MALWARE-CNC Downloader.Inject variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24059 | SERVER-WEBAPP 5.3.3 mt_rand integer overflow attempt (more info ...) | misc-activity | 2011-0755 | |||
| 24062 | MALWARE-CNC Win.Trojan.Hufysk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24067 | FILE-OTHER Expat xml UTF-8 buffer over-read attempt (more info ...) | denial-of-service | 2009-3720 | 36097 | ||
| 24068 | FILE-OTHER Expat xml UTF-8 bufer over-read attempt (more info ...) | denial-of-service | 2009-3720 | 36097 | ||
| 24069 | FILE-OTHER Expat xml UTF-8 buffer over-read attempt (more info ...) | denial-of-service | 2009-3720 | 36097 | ||
| 24070 | FILE-OTHER Expat xml UTF-8 buffer over-read attempt (more info ...) | denial-of-service | 2009-3720 | 36097 | ||
| 24074 | FILE-IDENTIFY MP3 file download request (more info ...) | misc-activity | ||||
| 24075 | FILE-IDENTIFY MP3 file attachment detected (more info ...) | misc-activity | ||||
| 24076 | FILE-IDENTIFY MP3 file attachment detected (more info ...) | misc-activity | ||||
| 24077 | MALWARE-CNC Win.Trojan.Upof variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24078 | FILE-IDENTIFY RMF file attachment detected (more info ...) | misc-activity | ||||
| 24079 | FILE-IDENTIFY RMF file attachment detected (more info ...) | misc-activity | ||||
| 24082 | MALWARE-CNC Win.Trojan.Banbra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24083 | FILE-OTHER ESTsoft ALZip MIM file buffer overflow attempt (more info ...) | attempted-user | 2011-1336 | |||
| 24086 | PUA-ADWARE Adware.AdultAds outbound connection (more info ...) | trojan-activity | URL | |||
| 24087 | MALWARE-CNC Win.Trojan.Bledoor TCP tunnel in UDP (more info ...) | trojan-activity | URL | |||
| 24091 | SERVER-WEBAPP SAP NetWeaver SOAP interface command injection attempt (more info ...) | attempted-admin | URL | |||
| 24092 | MALWARE-CNC Win.Trojan.Clisbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24093 | SERVER-WEBAPP RFC1867 file-upload implementation denial of service attempt (more info ...) | attempted-dos | 2012-1172 | |||
| 24095 | APP-DETECT Teamviewer installer download attempt (more info ...) | policy-violation | URL | |||
| 24100 | FILE-IDENTIFY PLF file attachment detected (more info ...) | misc-activity | ||||
| 24101 | FILE-IDENTIFY PLF file attachment detected (more info ...) | misc-activity | ||||
| 24103 | MALWARE-OTHER HTTP POST request to a JPG file (more info ...) | non-standard-protocol | URL | |||
| 24104 | MALWARE-OTHER HTTP POST request to a JPEG file (more info ...) | non-standard-protocol | URL | |||
| 24105 | MALWARE-OTHER HTTP POST request to a GIF file (more info ...) | non-standard-protocol | URL | |||
| 24106 | MALWARE-OTHER HTTP POST request to a PNG file (more info ...) | non-standard-protocol | URL | |||
| 24107 | MALWARE-OTHER HTTP POST request to a BMP file (more info ...) | non-standard-protocol | URL | |||
| 24108 | MALWARE-OTHER HTTP POST request to a RAR file (more info ...) | non-standard-protocol | URL | |||
| 24109 | MALWARE-OTHER HTTP POST request to a ZIP file (more info ...) | non-standard-protocol | URL | |||
| 24110 | MALWARE-OTHER HTTP POST request to an MP3 file (more info ...) | non-standard-protocol | URL | |||
| 24111 | MALWARE-CNC User-Agent known malicious user agent - Post (more info ...) | trojan-activity | URL | |||
| 24123 | MALWARE-BACKDOOR Virus.Win32.Xpaj.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24127 | INDICATOR-COMPROMISE Win.Trojan.DistTrack propagation - QUERY_PATH_INFO csrss.exe (more info ...) | trojan-activity | URL | |||
| 24131 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24132 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24133 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24134 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24135 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24136 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24137 | OS-WINDOWS Visual Studio Team Web Access console cross site scripting attempt (more info ...) | web-application-attack | 2012-1892 | URL | ||
| 24156 | FILE-IDENTIFY .rtx file download request (more info ...) | misc-activity | ||||
| 24157 | FILE-IDENTIFY .rtx file attachment detected (more info ...) | misc-activity | ||||
| 24158 | FILE-IDENTIFY .rtx file attachment detected (more info ...) | misc-activity | ||||
| 24159 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24160 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24161 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24162 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24163 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24164 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24165 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24166 | FILE-OTHER AOL Desktop RTX file parsing buffer overflow attempt (more info ...) | attempted-user | 46129 | URL | ||
| 24167 | INDICATOR-OBFUSCATION document write of unescaped value with remote script (more info ...) | trojan-activity | URL | |||
| 24168 | INDICATOR-OBFUSCATION hidden iframe - potential include of malicious content (more info ...) | bad-unknown | URL | |||
| 24169 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24173 | MALWARE-BACKDOOR Trojan-Downloader.Win32.Doneltart.A runtime detection (more info ...) | trojan-activity | URL | |||
| 24174 | MALWARE-CNC Win.Trojan.Lataa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24175 | MALWARE-CNC Win.Trojan.Lataa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24176 | FILE-OTHER eZip Wizard stack overflow attempt (more info ...) | attempted-user | 2009-1028 | 34044 | ||
| 24177 | FILE-OTHER eZip Wizard stack overflow attempt (more info ...) | attempted-user | 2009-1028 | 34044 | ||
| 24178 | FILE-OTHER eZip Wizard stack overflow attempt (more info ...) | attempted-user | 2009-1028 | 34044 | ||
| 24179 | FILE-OTHER eZip Wizard stack overflow attempt (more info ...) | attempted-user | 2009-1028 | 34044 | ||
| 24180 | FILE-OTHER eZip Wizard stack overflow attempt (more info ...) | attempted-user | 2009-1028 | 34044 | ||
| 24181 | FILE-OTHER eZip Wizard stack overflow attempt (more info ...) | attempted-user | 2009-1028 | 34044 | ||
| 24182 | MALWARE-CNC Win.Worm.Helompy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24184 | MALWARE-CNC Win.Worm.Rokiwobi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24185 | MALWARE-CNC Win.Work.Rokiwobi inbound command from C&C (more info ...) | trojan-activity | URL | |||
| 24189 | FILE-IMAGE XPM file format overflow attempt (more info ...) | attempted-user | 2007-2193 | 23620 | ||
| 24190 | FILE-IDENTIFY X PixMap file magic detected (more info ...) | misc-activity | ||||
| 24191 | MALWARE-CNC Win.Trojan.Raven variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24192 | SERVER-WEBAPP socket_connect buffer overflow attempt (more info ...) | attempted-user | 2011-1938 | 49241 | ||
| 24193 | SERVER-WEBAPP socket_connect buffer overflow attempt (more info ...) | attempted-user | 2011-1938 | 49241 | ||
| 24194 | SERVER-WEBAPP socket_connect buffer overflow attempt (more info ...) | attempted-user | 2011-1938 | 49241 | ||
| 24195 | SERVER-WEBAPP socket_connect buffer overflow attempt (more info ...) | attempted-user | 2011-1938 | 49241 | ||
| 24207 | FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (more info ...) | attempted-user | 2011-1213 | 48018 | ||
| 24208 | FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (more info ...) | attempted-user | 2011-1213 | 48018 | ||
| 24209 | FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow (more info ...) | attempted-user | 2011-1213 | 48018 | ||
| 24211 | MALWARE-CNC Win.Trojan.Xamtrav update protocol connection (more info ...) | trojan-activity | URL | |||
| 24214 | MALWARE-CNC Win.Trojan.Seveto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24215 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24216 | MALWARE-CNC Win.Trojan.Biloky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24217 | MALWARE-CNC Win.Trojan.Spy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24218 | FILE-IDENTIFY SMIL file magic detected (more info ...) | misc-activity | URL | |||
| 24219 | FILE-IDENTIFY SMIL file magic detected (more info ...) | misc-activity | URL | |||
| 24224 | MALWARE-CNC Win.Trojan.Zeroaccess variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24230 | FILE-OTHER RealNetworks Netzip Classic zip archive long filename buffer overflow attempt (more info ...) | attempted-user | 46059 | |||
| 24235 | MALWARE-CNC Win.Trojan.Wuwo initial infection variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24236 | MALWARE-CNC Win.Trojan.Wuwo post infection variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24237 | FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (more info ...) | attempted-user | 2006-4018 | 19381 | ||
| 24238 | FILE-EXECUTABLE ClamAV UPX File Handling Heap overflow attempt (more info ...) | attempted-user | 2006-4018 | 19381 | ||
| 24243 | MALWARE-CNC URI request for known malicious URI - base64 encoded (more info ...) | trojan-activity | URL | |||
| 24250 | SERVER-OTHER telephone URI to USSD code for factory reset (more info ...) | attempted-dos | URL | |||
| 24251 | OS-MOBILE Android/Fakelash.A!tr.spy trojan command and control channel traffic (more info ...) | trojan-activity | URL | |||
| 24253 | INDICATOR-COMPROMISE IP only webpage redirect attempt (more info ...) | bad-unknown | ||||
| 24263 | FILE-PDF Overly large CreationDate within a pdf - likely malicious (more info ...) | misc-activity | ||||
| 24264 | FILE-PDF Overly large CreationDate within a pdf - likely malicious (more info ...) | misc-activity | ||||
| 24266 | FILE-PDF xpdf ObjectStream integer overflow (more info ...) | attempted-user | 2009-3608 | 37167 | ||
| 24270 | PROTOCOL-VOIP Digium Asterisk RTP comfort noise denial of service attempt (more info ...) | denial-of-service | 2009-4055 | 37153 | ||
| 24271 | MALWARE-CNC Win.Trojan.Spy.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24283 | FILE-MULTIMEDIA VideoLAN VLC webm memory corruption attempt (more info ...) | attempted-user | 2011-0531 | 46060 | URL | |
| 24285 | MALWARE-CNC Win.Trojan.Nomno variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24286 | MALWARE-CNC Win.Trojan.Lurk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24288 | MALWARE-CNC Win.Trojan.Flexty variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24289 | SERVER-WEBAPP Fortinet FortiOS appliedTags field cross site scripting attempt (more info ...) | web-application-attack | 51708 | |||
| 24290 | SERVER-OTHER Fortinet FortiOS appliedTags field cross site scripting attempt (more info ...) | attempted-user | 51708 | |||
| 24307 | MALWARE-CNC Win.Trojan.Workir variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24308 | MALWARE-CNC Win.Trojan.Workir variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24321 | SERVER-OTHER HP StorageWorks File Migration Agent buffer overflow attempt (more info ...) | attempted-admin | ||||
| 24324 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24325 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24326 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24327 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24328 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24329 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24330 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24331 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24332 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24333 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24334 | MALWARE-CNC Win.Trojan.Spy.Agent variant connect to cnc-server (more info ...) | trojan-activity | URL | |||
| 24335 | BROWSER-PLUGINS Citrix Access Gateway plug-in buffer overflow attempt (more info ...) | attempted-user | 2011-2592 | 54754 | URL | |
| 24339 | SERVER-WEBAPP XML entity parsing information disclosure attempt (more info ...) | attempted-recon | 2017-5644 | 65051 | ||
| 24340 | MALWARE-CNC Win.Trojan.Bredolab initial CNC connection (more info ...) | trojan-activity | URL | |||
| 24341 | MALWARE-CNC Win.Trojan.Spy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24345 | MALWARE-CNC Win.Trojan.Drexonin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24346 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24347 | MALWARE-CNC Win.Trojan.Downloader.Bloropac variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24349 | MALWARE-CNC Win.Trojan.Spy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24350 | MALWARE-CNC Win.Trojan.Spy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24361 | MALWARE-CNC Win.Trojan.Gozi.Prinimalka variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24373 | MALWARE-CNC Win.Trojan.Dropper.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24374 | MALWARE-CNC Win.Trojan.Dropper.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24375 | MALWARE-CNC Win.Trojan.VB variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24376 | MALWARE-BACKDOOR Trojan.Delf.KDV runtime detection (more info ...) | trojan-activity | URL | |||
| 24377 | MALWARE-BACKDOOR Trojan.FakeAV.FakeAlert runtime detection (more info ...) | trojan-activity | URL | |||
| 24381 | MALWARE-CNC Win.Trojan.XBlocker outbound connection (more info ...) | trojan-activity | URL | |||
| 24382 | MALWARE-CNC Win.Trojan.XBlocker outbound connection (more info ...) | trojan-activity | URL | |||
| 24383 | MALWARE-CNC Win.Trojan.Dipwit outbound connection (more info ...) | trojan-activity | URL | |||
| 24384 | MALWARE-CNC Win.Trojan.Tracur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24385 | MALWARE-CNC Win.Trojan.Tracur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24388 | INDICATOR-COMPROMISE itsoknoproblembro file upload (more info ...) | policy-violation | URL | |||
| 24389 | INDICATOR-COMPROMISE itsoknoproblembro status check (more info ...) | policy-violation | URL | |||
| 24390 | INDICATOR-COMPROMISE itsoknoproblembro start perl (more info ...) | policy-violation | URL | |||
| 24392 | INDICATOR-COMPROMISE itsoknoproblembro write file (more info ...) | policy-violation | URL | |||
| 24393 | INDICATOR-COMPROMISE itsoknoproblembro stop attack (more info ...) | policy-violation | URL | |||
| 24394 | INDICATOR-COMPROMISE itsoknoproblembro start attack (more info ...) | policy-violation | URL | |||
| 24395 | MALWARE-OTHER itsoknoproblembro TCP flood (more info ...) | attempted-dos | URL | |||
| 24396 | MALWARE-OTHER itsoknoproblembro UDP flood (more info ...) | attempted-dos | URL | |||
| 24398 | MALWARE-CNC Win.Trojan.Mooochq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24399 | MALWARE-CNC Win.Trojan.Mooochq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24400 | MALWARE-BACKDOOR Backdoor.Win32.Protos.A runtime detection (more info ...) | trojan-activity | URL | |||
| 24401 | OS-WINDOWS PCT Client_Hello overflow attempt (more info ...) | attempted-admin | 2003-0719 | 10116 | 12205 | URL |
| 24402 | MALWARE-BACKDOOR Trojan.KDV.QLO install time detection (more info ...) | trojan-activity | URL | |||
| 24403 | MALWARE-BACKDOOR Trojan.KDV.QLO runtime detection (more info ...) | trojan-activity | URL | |||
| 24404 | MALWARE-BACKDOOR Trojan.KDV.QLO runtime detection (more info ...) | trojan-activity | URL | |||
| 24405 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24406 | MALWARE-CNC Win.Trojan.MiniFlame variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24407 | MALWARE-CNC Win.Trojan.MiniFlame variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24416 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24417 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24418 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24419 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24420 | MALWARE-CNC Win.Trojan.Misun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24432 | BROWSER-OTHER HTML5 canvas element heap spray attempt (more info ...) | shellcode-detect | URL | |||
| 24433 | BROWSER-OTHER HTML5 canvas element heap spray attempt (more info ...) | shellcode-detect | URL | |||
| 24437 | MALWARE-CNC Win.Trojan.Mirage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24438 | MALWARE-CNC Win.Trojan.Mirage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24439 | MALWARE-CNC Win.Trojan.Encriyoko variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24440 | MALWARE-CNC Win.Trojan.Chiviper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24441 | MALWARE-CNC User-Agent known malicious user agent - Testing (more info ...) | trojan-activity | URL | |||
| 24442 | MALWARE-CNC User-Agent known malicious user agent - Alerter COM (more info ...) | trojan-activity | URL | |||
| 24443 | MALWARE-CNC Win.Trojan.Medfos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24444 | MALWARE-CNC Win.Trojan.Medfos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24445 | MALWARE-CNC Win.Trojan.Medfos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24450 | MALWARE-CNC Win.Trojan.Tibeli variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24451 | MALWARE-CNC Win.Trojan.Quervar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24453 | FILE-IDENTIFY Webm file attachment detected (more info ...) | misc-activity | ||||
| 24454 | FILE-IDENTIFY Webm file attachment detected (more info ...) | misc-activity | ||||
| 24474 | BROWSER-OTHER Puffin Browser usage detected (more info ...) | policy-violation | URL | |||
| 24476 | PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (more info ...) | attempted-user | 2011-1563 | |||
| 24477 | PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (more info ...) | attempted-user | 2011-1563 | |||
| 24478 | PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (more info ...) | attempted-user | 2011-1563 | |||
| 24479 | PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (more info ...) | attempted-user | 2011-1563 | |||
| 24481 | PROTOCOL-SCADA DATAC RealWin System buffer overflow attempt (more info ...) | attempted-user | 2011-1563 | |||
| 24482 | MALWARE-CNC Win.Trojan.Chif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24483 | FILE-IDENTIFY Embedded Open Type Font file magic detected (more info ...) | misc-activity | URL | |||
| 24484 | FILE-IDENTIFY Embedded Open Type Font file magic detected (more info ...) | misc-activity | URL | |||
| 24491 | MALWARE-CNC Win.Trojan.Vundo redirection landing page pre-infection (more info ...) | trojan-activity | URL | |||
| 24492 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | bad-unknown | ||||
| 24493 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | ||||
| 24494 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | ||||
| 24495 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | ||||
| 24496 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | ||||
| 24497 | MALWARE-CNC Win.Trojan.Vundo variant outbound connection (more info ...) | trojan-activity | ||||
| 24504 | MALWARE-CNC Win.Trojan.VB variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24505 | MALWARE-CNC Win.Trojan.BanSpy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24509 | FILE-IDENTIFY rmf file download request (more info ...) | attempted-user | 2010-0842 | 39077 | ||
| 24514 | MALWARE-CNC Win.Trojan.Lucuis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24521 | SERVER-WEBAPP OpenStack Compute directory traversal attempt (more info ...) | attempted-admin | 2012-3361 | |||
| 24523 | MALWARE-CNC Win.Backdoor.MautoitRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24525 | BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (more info ...) | attempted-user | 2012-3807 | |||
| 24526 | BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (more info ...) | attempted-user | 2012-3810 | |||
| 24527 | BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (more info ...) | attempted-user | 2012-3806 | |||
| 24528 | BROWSER-PLUGINS Samsung Kies arbitrary file execution attempt (more info ...) | attempted-user | 2012-3810 | |||
| 24529 | MALWARE-CNC Win.Trojan.Begman variant connection to cnc-server (more info ...) | trojan-activity | URL | |||
| 24533 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24534 | MALWARE-CNC Win.Trojan.Banbra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24539 | MALWARE-CNC Win.Trojan.Ransom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24540 | MALWARE-BACKDOOR Win.Trojan.Spy.Heur variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 24541 | MALWARE-CNC Win.Trojan.Unebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24542 | MALWARE-CNC Win.Trojan.Beystreet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24545 | MALWARE-BACKDOOR am remote client runtime detection - client response (more info ...) | trojan-activity | URL | |||
| 24562 | MALWARE-CNC Win.Trojan.VB variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24563 | MALWARE-CNC Win.Trojan.Veli variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24564 | MALWARE-CNC Win.Trojan.Helai variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24565 | MALWARE-CNC Win.Trojan.Msposer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24566 | MALWARE-CNC Win.Trojan.Jorik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24567 | MALWARE-CNC Win.Trojan.Olmarik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24569 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24576 | MALWARE-CNC Win.Trojan.Spy.Barus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24586 | MALWARE-CNC Win.Trojan.Barkiofork variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24598 | POLICY-SPAM 1.usa.gov URL in email, possible spam redirect (more info ...) | bad-unknown | URL | |||
| 24623 | MALWARE-CNC Win.Trojan.Jorik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24625 | FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (more info ...) | attempted-user | URL | |||
| 24626 | FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (more info ...) | attempted-user | URL | |||
| 24627 | SERVER-OTHER Quest NetVault SmartDisk libnvbasics.dll denial of service attempt (more info ...) | denial-of-service | 48029 | URL | ||
| 24630 | MALWARE-CNC Win.Trojan.Klovbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24631 | MALWARE-CNC User-Agent known malicious user agent - Lizard/1.0 (more info ...) | trojan-activity | URL | |||
| 24632 | MALWARE-CNC Win.Trojan.VaccinePC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24633 | MALWARE-CNC User-Agent known malicious user agent - test_hInternet (more info ...) | trojan-activity | URL | |||
| 24634 | MALWARE-CNC User-Agent known malicious user agent - vaccinepc (more info ...) | trojan-activity | URL | |||
| 24635 | MALWARE-CNC Win.Trojan.Dropper.Dycler variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24648 | MALWARE-OTHER HTML.Exploit.C99 suspicious file download (more info ...) | trojan-activity | URL | |||
| 24686 | SERVER-OTHER HP StorageWorks file migration agent buffer overflow attempt (more info ...) | attempted-admin | ||||
| 24706 | SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (more info ...) | attempted-user | 47631 | |||
| 24707 | SERVER-WEBAPP Netop Remote Control dws file buffer overflow attempt (more info ...) | attempted-user | 47631 | |||
| 24708 | FILE-IDENTIFY Netop Remote Control file download request (more info ...) | misc-activity | ||||
| 24709 | FILE-IDENTIFY Netop Remote Control file attachment detected (more info ...) | misc-activity | ||||
| 24710 | FILE-IDENTIFY Netop Remote Control file attachment detected (more info ...) | misc-activity | ||||
| 24711 | FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24712 | FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24713 | FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24714 | FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24715 | FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24716 | FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24717 | FILE-IMAGE Oracle Outside In JPEG COD parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24718 | FILE-IMAGE Oracle Outside In JPEG COC parameter buffer overflow attempt (more info ...) | attempted-user | 2011-4516 | |||
| 24719 | PROTOCOL-VOIP Digium Asterisk SCCP call state message offhook (more info ...) | attempted-dos | 2012-2415 | |||
| 24720 | PROTOCOL-VOIP Digium Asterisk SCCP keypad button message denial of service attempt (more info ...) | attempted-dos | 2012-2415 | |||
| 24728 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24729 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24730 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24731 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24732 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24733 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24734 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24735 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24736 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24737 | SERVER-WEBAPP Oracle GlassFish cross site scripting attempt (more info ...) | web-application-attack | 2012-0551 | 53136 | ||
| 24738 | SERVER-OTHER EMC AutoStart ftAgent.exe integer overflow attempt (more info ...) | attempted-admin | 2012-0409 | |||
| 24739 | SERVER-OTHER Gimp Script-Fu server buffer overflow attempt (more info ...) | attempted-admin | 2012-2763 | 53741 | URL | |
| 24763 | FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (more info ...) | attempted-user | URL | |||
| 24764 | FILE-PDF Sophos Antivirus PDF parsing stack overflow attempt (more info ...) | attempted-user | URL | |||
| 24792 | MALWARE-CNC User-Agent known malicious user-agent - Google page (more info ...) | trojan-activity | URL | |||
| 24803 | PROTOCOL-SCADA GE Proficy Real-Time Information Portal directory traversal attempt (more info ...) | attempted-admin | 2012-0232 | 52439 | URL | |
| 24805 | SERVER-OTHER lighthttpd connection header denial of service attempt (more info ...) | denial-of-service | 2012-5533 | |||
| 24814 | PROTOCOL-SNMP Samsung printer default community string (more info ...) | attempted-admin | URL | |||
| 24818 | FILE-IDENTIFY M4V file magic detected (more info ...) | misc-activity | ||||
| 24819 | FILE-IDENTIFY M4V file magic detected (more info ...) | misc-activity | ||||
| 24857 | MALWARE-CNC Win.Trojan.Spy.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24858 | MALWARE-CNC Win.Trojan.Quarian variant outbound connection - proxy connection (more info ...) | trojan-activity | URL | |||
| 24873 | MALWARE-CNC Win.Trojan.Gnutler variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24885 | MALWARE-CNC Potential Banking Trojan Config File Download (more info ...) | trojan-activity | URL | |||
| 24886 | MALWARE-CNC Win.Trojan.Dorkbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24916 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24917 | MALWARE-CNC Win.Trojan.Spy.Turspy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24918 | MALWARE-CNC Win.Trojan.Spy.Turspy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24955 | FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (more info ...) | attempted-user | 2011-3834 | URL | ||
| 24976 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 24988 | MALWARE-OTHER itsoknoproblembro v2 UDP flood attempt (more info ...) | attempted-dos | URL | |||
| 24995 | SERVER-OTHER Free Software Foundation GnuTLS record application integer overflow attempt (more info ...) | attempted-admin | 2012-1573 | |||
| 24996 | SERVER-OTHER Free Software Foundation GnuTLS record application integer overflow attempt (more info ...) | attempted-admin | 2012-1573 | |||
| 25007 | MALWARE-CNC Win.Trojan.Wealwedst variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25008 | SERVER-WEBAPP PmWiki pagelist injection attempt (more info ...) | web-application-attack | 2011-4453 | 50776 | ||
| 25009 | MALWARE-CNC User-Agent known malicious user agent - User-Agent User-Agent (more info ...) | trojan-activity | URL | |||
| 25010 | MALWARE-CNC Win.Trojan.Perflog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25011 | MALWARE-CNC Win.Trojan.Perflog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25016 | MALWARE-CNC Win.Trojan.IRCBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25017 | SERVER-WEBAPP httpdx tolog function format string code execution attempt (more info ...) | attempted-admin | 2009-4769 | |||
| 25021 | MALWARE-CNC Win.Trojan.Azbreg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25022 | MALWARE-CNC Win.Trojan.Dapato variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25023 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25024 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25025 | MALWARE-CNC Win.Trojan.Downloader.Recslurp variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25026 | MALWARE-CNC Win.Trojan.Juasek variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25027 | MALWARE-CNC Win.Trojan.Opachki variant connect to cnc-server (more info ...) | trojan-activity | URL | |||
| 25028 | MALWARE-CNC Win.Trojan.Peed variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25029 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25030 | MALWARE-CNC Win.Trojan.Nevsyn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25049 | MALWARE-CNC Win.Trojan.Jorik.Kolilks variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25050 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | ||||
| 25054 | MALWARE-CNC ZeroAccess Clickserver callback (more info ...) | trojan-activity | ||||
| 25057 | PROTOCOL-SCADA Tridium Niagara directory traversal config.bog access attempt (more info ...) | attempted-admin | 2012-4027 | |||
| 25058 | SERVER-OTHER IBM Director CIM server alert indication request dll injection attempt (more info ...) | attempted-admin | 2009-0880 | 34065 | ||
| 25065 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 25066 | FILE-IMAGE libpng chunk decompression integer overflow attempt (more info ...) | attempted-admin | 2011-3045 | 52453 | ||
| 25067 | MALWARE-CNC Win.Trojan.Riler variant outbound connection (more info ...) | trojan-activity | 2010-3333 | URL | ||
| 25068 | MALWARE-CNC Win.Trojan.Riler inbound connection (more info ...) | trojan-activity | 2010-3333 | URL | ||
| 25070 | MALWARE-CNC Win.Trojan.Injector variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25071 | MALWARE-CNC Win.Trojan.Macnsed variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25072 | MALWARE-CNC Win.Trojan.Dulom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25073 | MALWARE-CNC Win.Trojan.Lowzone variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25074 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25075 | MALWARE-CNC Win.Trojan.Spy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25076 | MALWARE-CNC Win.Worm.Joanap variant variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25077 | MALWARE-CNC Win.Trojan.Halnine variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25082 | APP-DETECT Apple Messages client side certificate request attempt (more info ...) | policy-violation | URL | |||
| 25083 | APP-DETECT Apple Messages service server request attempt (more info ...) | policy-violation | URL | |||
| 25093 | MALWARE-CNC Win.Trojan.Hacktool variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25098 | MALWARE-CNC Win.Trojan.Dropper.Daws variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25099 | MALWARE-CNC Win.Trojan.Dropper.Daws variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25100 | MALWARE-CNC Win.Trojan.Njrat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25102 | SERVER-OTHER Zabbix Agent net.tcp.listen command injection attempt (more info ...) | attempted-admin | 2009-4502 | |||
| 25103 | SERVER-OTHER Zabbix Server arbitrary command execution attempt (more info ...) | attempted-admin | 2009-4498 | 37989 | ||
| 25104 | SERVER-WEBAPP Symantec Messaging Gateway directory traversal attempt (more info ...) | attempted-admin | 2012-4347 | URL | ||
| 25105 | SERVER-WEBAPP Symantec Messaging Gateway directory traversal attempt (more info ...) | attempted-admin | 2012-4347 | URL | ||
| 25106 | MALWARE-BACKDOOR UnrealIRCd backdoor command execution attempt (more info ...) | attempted-admin | 2010-2075 | 40820 | URL | |
| 25107 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25108 | MALWARE-CNC Win.Trojan.Proxy.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25109 | MALWARE-CNC Autoit.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25119 | MALWARE-CNC User-Agent known malicious user agent - NewBrandTest (more info ...) | trojan-activity | URL | |||
| 25124 | BROWSER-OTHER suspicious named empty form detected (more info ...) | attempted-user | ||||
| 25224 | MALWARE-CNC Win.Trojan.ZeroAccess URI and Referer (more info ...) | trojan-activity | ||||
| 25229 | MALWARE-CNC Win.Trojan.Darkkomet variant inbound connection (more info ...) | trojan-activity | URL | |||
| 25230 | MALWARE-CNC Win.Trojan.Darkkomet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25231 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25232 | BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (more info ...) | attempted-user | 2011-2378 | |||
| 25233 | BROWSER-FIREFOX appendChild multiple parent nodes stack corruption attempt (more info ...) | attempted-user | 2011-2378 | |||
| 25237 | MALWARE-CNC Win.Trojan.Firelog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25239 | MALWARE-CNC Win.Trojan.IRCBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25240 | MALWARE-CNC Win.Trojan.Menti variant inbound connection (more info ...) | trojan-activity | URL | |||
| 25241 | MALWARE-CNC Win.Trojan.NetTrash variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25242 | MALWARE-CNC Win.Trojan.Duapz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25243 | MALWARE-CNC User-Agent known malicious user agent - 04/XP (more info ...) | trojan-activity | URL | |||
| 25244 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25245 | MALWARE-CNC User-Agent known malicious user agent - me0hoi (more info ...) | trojan-activity | URL | |||
| 25247 | FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (more info ...) | attempted-user | 2012-2915 | |||
| 25248 | FILE-OTHER Lattice PAC Designer symbol value buffer overflow attempt (more info ...) | attempted-user | 2012-2915 | |||
| 25249 | MALWARE-CNC Win.Trojan.Basutra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25256 | MALWARE-CNC Win.Worm.Gamarue variant outbound connection (more info ...) | trojan-activity | ||||
| 25257 | MALWARE-CNC Win.Trojan.Skintrim variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25258 | MALWARE-CNC Win.Trojan.Rombrast variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25259 | MALWARE-CNC Win.Trojan.BancosBanload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25260 | MALWARE-CNC User-Agent known malicious user-agent string Mozila (more info ...) | trojan-activity | URL | |||
| 25261 | MALWARE-CNC User-Agent known malicious user-agent string MSIE (more info ...) | trojan-activity | URL | |||
| 25262 | MALWARE-CNC User-Agent known malicious user-agent string IEToolbar (more info ...) | trojan-activity | URL | |||
| 25263 | SERVER-WEBAPP fraudulent digital certificate for google.com detected (more info ...) | misc-attack | URL | |||
| 25264 | SERVER-WEBAPP revoked subsidiary CA certificate for e-islem.kktcmerkezbankasi.org detected (more info ...) | misc-attack | URL | |||
| 25265 | SERVER-WEBAPP revoked subsidiary CA certificate for ego.gov.tr detected (more info ...) | misc-attack | URL | |||
| 25268 | MALWARE-CNC Win.Trojan.IRCBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25269 | MALWARE-CNC Win.Trojan.Buterat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25271 | MALWARE-CNC Win.Trojan.Buzus variant outbound connection (more info ...) | trojan-activity | ||||
| 25276 | SERVER-OTHER Multiple products oversized Content-Length memory corruption attempt (more info ...) | attempted-admin | 2013-2686 | URL | ||
| 25286 | SERVER-WEBAPP MoinMoin arbitrary file upload attempt (more info ...) | attempted-admin | 2012-6081 | 57082 | ||
| 25287 | SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (more info ...) | attempted-admin | 2013-0156 | |||
| 25288 | SERVER-OTHER Rails XML parameter parsing vulnerability exploitation attempt (more info ...) | attempted-admin | 2013-0156 | |||
| 25315 | SERVER-ORACLE Oracle TNS listener service registration (more info ...) | policy-violation | 2012-1675 | 53308 | ||
| 25316 | BROWSER-PLUGINS InduSoft ISSymbol InternationalSeparator heap overflow attempt (more info ...) | attempted-user | 2011-0340 | |||
| 25321 | SERVER-ORACLE Oracle Database tablefunc_asown buffer overflow attempt (more info ...) | attempted-admin | 2011-2301 | URL | ||
| 25342 | SERVER-OTHER ISC dhcpd bootp request missing options field DOS attempt (more info ...) | attempted-dos | 2011-2749 | 49120 | URL | |
| 25345 | SERVER-WEBAPP Symantec IM Manager Web interface arbitrary command execution attempt (more info ...) | attempted-user | 2011-0554 | 49742 | ||
| 25352 | SERVER-OTHER HP HP Intelligent Management Center syslog remote code execution attempt (more info ...) | attempted-admin | 2011-1854 | |||
| 25356 | SERVER-OTHER Squid Gopher response processing buffer overflow attempt (more info ...) | attempted-user | 2011-3205 | 49356 | URL | |
| 25358 | APP-DETECT Acunetix web vulnerability scan attempt (more info ...) | web-application-attack | URL | |||
| 25359 | APP-DETECT Acunetix web vulnerability scanner probe attempt (more info ...) | web-application-attack | URL | |||
| 25360 | APP-DETECT Acunetix web vulnerability scanner authentication attempt (more info ...) | web-application-attack | URL | |||
| 25361 | APP-DETECT Acunetix web vulnerability scanner RFI attempt (more info ...) | web-application-attack | URL | |||
| 25362 | APP-DETECT Acunetix web vulnerability scanner base64 XSS attempt (more info ...) | web-application-attack | URL | |||
| 25363 | APP-DETECT Acunetix web vulnerability scanner URI injection attempt (more info ...) | web-application-attack | URL | |||
| 25364 | APP-DETECT Acunetix web vulnerability scanner prompt XSS attempt (more info ...) | web-application-attack | URL | |||
| 25365 | APP-DETECT Acunetix web vulnerability scanner XSS attempt (more info ...) | web-application-attack | URL | |||
| 25369 | OS-WINDOWS NVIDIA graphics driver nvsr named pipe buffer overflow attempt (more info ...) | attempted-user | ||||
| 25371 | MALWARE-CNC Win.Trojan.Ruskill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25372 | MALWARE-CNC User-Agent known malicious user agent - wh (more info ...) | trojan-activity | URL | |||
| 25380 | SERVER-OTHER EMC AutoStart domain name logging stack buffer overflow attempt (more info ...) | attempted-user | 2011-2735 | 49238 | ||
| 25448 | MALWARE-CNC Win.Trojan.Downloader.Jinch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25465 | MALWARE-CNC Win.Trojan.Downloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25470 | MALWARE-CNC Win.Trojan.LoDo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25471 | MALWARE-CNC Pushdo Spiral Traffic (more info ...) | trojan-activity | URL | |||
| 25474 | SERVER-OTHER Citrix Access Gateway legacy authentication attempt (more info ...) | attempted-admin | 2010-4566 | URL | ||
| 25477 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25478 | POLICY-SOCIAL IRC G-line active (more info ...) | policy-violation | URL | |||
| 25479 | POLICY-SOCIAL IRC K-line active (more info ...) | policy-violation | URL | |||
| 25511 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25512 | OS-MOBILE Android ANDR.Trojan.SMSsend variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25518 | OS-MOBILE Apple iPod User-Agent detected (more info ...) | policy-violation | ||||
| 25519 | OS-MOBILE Apple iPad User-Agent detected (more info ...) | policy-violation | ||||
| 25520 | OS-MOBILE Apple iPhone User-Agent detected (more info ...) | policy-violation | ||||
| 25521 | OS-MOBILE Android User-Agent detected (more info ...) | policy-violation | ||||
| 25522 | OS-MOBILE Nokia User-Agent detected (more info ...) | policy-violation | ||||
| 25523 | OS-MOBILE Samsung User-Agent detected (more info ...) | policy-violation | ||||
| 25524 | OS-MOBILE Kindle User-Agent detected (more info ...) | policy-violation | ||||
| 25525 | OS-OTHER Nintendo User-Agent detected (more info ...) | policy-violation | ||||
| 25528 | SERVER-WEBAPP Moveable Type unauthenticated remote command execution attempt (more info ...) | attempted-admin | 2013-0209 | URL | ||
| 25529 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25530 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25531 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25532 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25533 | MALWARE-CNC User-Agent known malicious user-agent - al (more info ...) | trojan-activity | URL | |||
| 25541 | MALWARE-CNC Win.Trojan.Sigly variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25543 | MALWARE-CNC Win.Trojan.Downloader.VB variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25544 | MALWARE-CNC User-Agent known malicious user agent - ctwopop (more info ...) | trojan-activity | URL | |||
| 25545 | MALWARE-CNC Win.Trojan.Printlove variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25546 | MALWARE-CNC Win.Trojan.Proxy.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25547 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25548 | MALWARE-CNC Win.Trojan.Perflog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25551 | MALWARE-CNC Win.Worm.Dipasik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25552 | SERVER-OTHER Rails JSON to YAML parsing deserialization attempt (more info ...) | attempted-user | 2013-0333 | |||
| 25553 | MALWARE-CNC Win.Trojan.Dexter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25556 | SERVER-OTHER RaySharp CCTV derivative user credential retrieval attempt (more info ...) | attempted-admin | URL | |||
| 25557 | SERVER-OTHER RaySharp CCTV derivative command injection attempt (more info ...) | attempted-admin | URL | |||
| 25570 | MALWARE-CNC Win.Trojan.Medialabs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25571 | MALWARE-CNC Win.Trojan.Medialabs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25572 | MALWARE-CNC Win.Trojan.Virut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25577 | MALWARE-CNC Win.Rootkit.Necurs possible URI with encrypted POST (more info ...) | trojan-activity | URL | |||
| 25586 | SERVER-WEBAPP Nagios Core get_history buffer overflow attempt (more info ...) | attempted-admin | 2012-6096 | 56879 | ||
| 25599 | MALWARE-CNC Win.Trojan.Gupboot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25600 | MALWARE-CNC Win.Trojan.Dilavtor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25602 | SERVER-OTHER Sybase Open Server TDS login request (more info ...) | protocol-command-decode | URL | |||
| 25603 | SERVER-OTHER Sybase Open Server TDS login packet stack memory corruption attempt (more info ...) | attempted-admin | URL | |||
| 25604 | FILE-IDENTIFY cSounds.com Csound audio file file download request (more info ...) | misc-activity | ||||
| 25605 | FILE-IDENTIFY cSounds.com Csound audio file file attachment detected (more info ...) | misc-activity | ||||
| 25606 | FILE-IDENTIFY cSounds.com Csound audio file file attachment detected (more info ...) | misc-activity | ||||
| 25607 | FILE-OTHER cSounds.com Csound hetro audio file buffer overflow attempt (more info ...) | attempted-user | 2012-0270 | |||
| 25608 | FILE-OTHER cSounds.com Csound hetro audio file buffer overflow attempt (more info ...) | attempted-user | 2012-0270 | |||
| 25609 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25610 | MALWARE-CNC Win.Trojan.Mofsmall variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25615 | OS-MOBILE Apple iOS 6.x jailbreak download attempt (more info ...) | attempted-admin | URL | |||
| 25616 | OS-MOBILE Apple iOS 6.x jailbreak download attempt (more info ...) | attempted-admin | URL | |||
| 25623 | MALWARE-CNC Win.Trojan.Jimpime variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25625 | MALWARE-CNC Win.Trojan.Daws variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25626 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25627 | MALWARE-CNC Win.Trojan.Reventon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25628 | MALWARE-CNC Win.Trojan.Spy.Banker variant connect to cnc-server (more info ...) | trojan-activity | URL | |||
| 25632 | MALWARE-CNC Win.Trojan.Golisy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25633 | FILE-OTHER ELF file parsing in different antivirus evasion attempt (more info ...) | bad-unknown | 2012-1431 | URL | ||
| 25634 | INDICATOR-SHELLCODE unescape encoder shellcode (more info ...) | shellcode-detect | ||||
| 25635 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25636 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25637 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25638 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25639 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25640 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25641 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25642 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25643 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 25652 | MALWARE-CNC Win.Trojan.Kryptic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25659 | MALWARE-CNC User-Agent known malicious user agent - spam_bot (more info ...) | trojan-activity | URL | |||
| 25660 | MALWARE-CNC Win.Trojan.Medfos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25661 | MALWARE-CNC Win.Trojan.Buzus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25662 | MALWARE-CNC Win.Trojan.Chowspy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25663 | MALWARE-CNC Win.Trojan.Rimod variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25664 | SERVER-OTHER MiniUPnPd SSDP request buffer overflow attempt (more info ...) | denial-of-service | 2013-2600 | |||
| 25665 | MALWARE-CNC Win.Trojan.Sycomder variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25666 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25667 | MALWARE-CNC Win.Trojan.Nflog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25668 | MALWARE-CNC Win.Trojan.Nflog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25669 | MALWARE-CNC Win.Trojan.Selasloot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25670 | MALWARE-CNC Win.Trojan.Swisyn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25671 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25672 | MALWARE-CNC Win.Trojan.Matsnu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25673 | MALWARE-CNC Win.Trojan.Spy.QQDragon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25674 | MALWARE-CNC Win.Trojan.Shimwoc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25765 | MALWARE-CNC Trojan Agent YEH variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25766 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25782 | MALWARE-OTHER WIN.Trojan.Nap Malicious executable file download from webroot (more info ...) | bad-unknown | ||||
| 25797 | FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF memory corruption attempt (more info ...) | attempted-user | 2008-4558 | |||
| 25799 | EXPLOIT-KIT Stamp exploit kit pdf request (more info ...) | trojan-activity | 2013-0431 | URL | ||
| 25802 | EXPLOIT-KIT Stamp exploit kit encoded portable executable request (more info ...) | trojan-activity | 2013-0431 | URL | ||
| 25807 | MALWARE-CNC Win.Trojan.Urausy Botnet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25810 | FILE-OTHER VMWare OVF Tool format string exploit attempt (more info ...) | attempted-user | 2012-3569 | 56468 | URL | |
| 25811 | FILE-OTHER VMWare OVF Tool format string exploit attempt (more info ...) | attempted-user | 2012-3569 | 56468 | URL | |
| 25812 | FILE-OTHER VMWare OVF Tool format string exploit attempt (more info ...) | attempted-user | 2012-3569 | 56468 | URL | |
| 25813 | FILE-OTHER VMWare OVF Tool format string exploit attempt (more info ...) | attempted-user | 2012-3569 | 56468 | URL | |
| 25825 | SERVER-OTHER TLSv1.0 plaintext recovery attempt (more info ...) | attempted-recon | 2013-0169 | |||
| 25826 | SERVER-OTHER TLSv1.1 plaintext recovery attempt (more info ...) | attempted-recon | 2013-0169 | |||
| 25827 | SERVER-OTHER TLSv1.2 plaintext recovery attempt (more info ...) | attempted-recon | 2013-0169 | |||
| 25828 | SERVER-OTHER SSLv3 plaintext recovery attempt (more info ...) | attempted-recon | 2013-0169 | |||
| 25829 | MALWARE-CNC Trojan Banker FTC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25836 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Virtuallythere (more info ...) | trojan-activity | URL | |||
| 25837 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 IBM (more info ...) | trojan-activity | URL | |||
| 25838 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Webmail (more info ...) | trojan-activity | URL | |||
| 25839 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Alpha (more info ...) | trojan-activity | URL | |||
| 25840 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Email (more info ...) | trojan-activity | URL | |||
| 25841 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Lame (more info ...) | trojan-activity | URL | |||
| 25842 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 NS (more info ...) | trojan-activity | URL | |||
| 25843 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Server (more info ...) | trojan-activity | URL | |||
| 25844 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Sur (more info ...) | trojan-activity | URL | |||
| 25845 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 AOL (more info ...) | trojan-activity | URL | |||
| 25846 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Yahoo (more info ...) | trojan-activity | URL | |||
| 25847 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 Moon-Night (more info ...) | trojan-activity | URL | |||
| 25848 | INDICATOR-COMPROMISE known malicious SSL certificate - APT1 No-Name (more info ...) | trojan-activity | URL | |||
| 25850 | PROTOCOL-SCADA Schneider Electric IGSS integer underflow attempt (more info ...) | attempted-user | 2013-0657 | |||
| 25854 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection - MSIE7 No Referer No Cookie (more info ...) | trojan-activity | URL | |||
| 25855 | SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (more info ...) | web-application-attack | ||||
| 25856 | PROTOCOL-TELNET Client env_opt_add Buffer Overflow attempt (more info ...) | attempted-dos | 2005-0468 | 12919 | ||
| 25863 | MALWARE-CNC Win.Trojan.Downloader.QBundle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25864 | OS-MOBILE Android AngryBirdsRioUnlocker initial device info send (more info ...) | trojan-activity | URL | |||
| 25865 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25866 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25867 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25868 | OS-MOBILE Android.Trojan.Rus.SMS outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 25947 | APP-DETECT Ammyy remote access tool (more info ...) | policy-violation | URL | |||
| 25949 | MALWARE-CNC Win.Trojan.Zebrocy outbound data connection (more info ...) | trojan-activity | URL | |||
| 25973 | MALWARE-CNC Win.Trojan.Boolflot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25974 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25978 | MALWARE-CNC Win.Trojan.Lukprofin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25979 | MALWARE-CNC Win.Trojan.Lukprofin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25980 | MALWARE-CNC User-Agent known malicious user agent - Pass (more info ...) | trojan-activity | URL | |||
| 25987 | MALWARE-CNC Win.Trojan.Upof variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25990 | MALWARE-CNC Win.Trojan.Spy.Agent variant connect to cnc-server (more info ...) | trojan-activity | URL | |||
| 25991 | MALWARE-CNC Win.Trojan.Spy.Agent variant connect to cnc-server (more info ...) | trojan-activity | URL | |||
| 25992 | MALWARE-CNC Win.Trojan.Buzus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25993 | MALWARE-CNC Win.Trojan.Buzus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25994 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25995 | MALWARE-CNC Win.Downloader.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25996 | MALWARE-CNC Win.Trojan.Reswor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 25997 | OS-MOBILE Android jSMSHider initial encrypted device info send (more info ...) | trojan-activity | URL | |||
| 25998 | OS-MOBILE Android ADRD encrypted information leak (more info ...) | trojan-activity | URL | |||
| 25999 | OS-MOBILE Android ADRD encrypted information leak (more info ...) | trojan-activity | URL | |||
| 26010 | MALWARE-CNC CNC Dirtjumper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26011 | MALWARE-CNC CNC Dirtjumper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26015 | OS-MOBILE Android Lovetrap initial connection (more info ...) | trojan-activity | URL | |||
| 26016 | OS-MOBILE Android GGTracker server communication (more info ...) | trojan-activity | URL | |||
| 26017 | OS-MOBILE Android GGTracker leak of device phone number (more info ...) | trojan-activity | URL | |||
| 26018 | OS-MOBILE Android GGTracker installation call out (more info ...) | trojan-activity | URL | |||
| 26022 | FILE-PDF EmbeddedFile contained within a PDF (more info ...) | trojan-activity | ||||
| 26024 | MALWARE-CNC Win.Trojan.Wecod variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26026 | OS-MOBILE Android Gmaster device information send (more info ...) | trojan-activity | URL | |||
| 26073 | SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (more info ...) | attempted-admin | 2013-1592 | URL | ||
| 26074 | SERVER-OTHER SAP NetWeaver Message Server buffer overflow attempt (more info ...) | attempted-admin | 2013-1593 | URL | ||
| 26078 | FILE-PDF transfer of a PDF with OpenAction object attempt (more info ...) | policy-violation | 2014-8450 | URL | ||
| 26079 | FILE-PDF PDF file with embedded PDF object (more info ...) | policy-violation | URL | |||
| 26081 | MALWARE-CNC URI request for known malicious URI - Suspected Crimepack (more info ...) | trojan-activity | URL | |||
| 26082 | FILE-PDF Nuance PDF reader launch overflow attempt (more info ...) | attempted-admin | ||||
| 26086 | MALWARE-CNC Win.Trojan.Exicon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26087 | OS-MOBILE Android GoneIn60Seconds data upload (more info ...) | trojan-activity | URL | |||
| 26088 | MALWARE-CNC Win.Trojan.Encriyoko variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26102 | OS-MOBILE Android GoldDream device registration (more info ...) | trojan-activity | URL | |||
| 26104 | OS-MOBILE Android KMin imei imsi leakage (more info ...) | trojan-activity | URL | |||
| 26106 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | ||||
| 26114 | OS-MOBILE Android Zitmo trojan intercepted sms upload (more info ...) | trojan-activity | URL | |||
| 26115 | MALWARE-CNC NSIS.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26116 | MALWARE-CNC NSIS.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26117 | MALWARE-CNC Win.Trojan.Tarctox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26118 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26119 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26120 | MALWARE-CNC AutoIT.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26121 | MALWARE-CNC AutoIT.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26122 | FILE-OTHER Lattice Semiconductor ispXCF version attribute overflow attempt (more info ...) | attempted-user | 53562 | |||
| 26123 | FILE-OTHER Lattice Semiconductor ispXCF version attribute overflow attempt (more info ...) | attempted-user | 53562 | |||
| 26178 | MALWARE-CNC Win.Trojan.Hiloti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26189 | OS-MOBILE Android YZHC device registration (more info ...) | trojan-activity | URL | |||
| 26190 | OS-MOBILE Android YZHC device registration (more info ...) | trojan-activity | URL | |||
| 26192 | OS-MOBILE Android CruseWind imei leakage (more info ...) | trojan-activity | URL | |||
| 26201 | MALWARE-CNC Win.Trojan.Lobparck variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26202 | MALWARE-CNC VBS.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26203 | MALWARE-CNC Win.Trojan.Gupd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26204 | MALWARE-CNC Win.Trojan.Malex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26206 | FILE-IDENTIFY CyberLink Power2Go file download request (more info ...) | misc-activity | ||||
| 26207 | FILE-IDENTIFY CyberLink Power2Go file attachment detected (more info ...) | misc-activity | ||||
| 26208 | FILE-IDENTIFY CyberLink Power2Go file attachment detected (more info ...) | misc-activity | ||||
| 26209 | FILE-OTHER CyberLink Power2Go name parameter overflow attempt (more info ...) | attempted-user | 2011-5171 | 50997 | ||
| 26210 | FILE-OTHER CyberLink Power2Go name parameter overflow attempt (more info ...) | attempted-user | 2011-5171 | 50997 | ||
| 26211 | MALWARE-CNC Win.Trojan.Eldorado variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26212 | MALWARE-CNC Win.Trojan.Proxyier variant outbound connection (more info ...) | trojan-activity | ||||
| 26238 | MALWARE-CNC Win.Trojan.Snopexy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26239 | MALWARE-CNC Win.Trojan.Stehlox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26240 | MALWARE-CNC Win.Trojan.Vkeikooc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26242 | FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (more info ...) | attempted-admin | 2011-5170 | 50859 | ||
| 26243 | FILE-MULTIMEDIA CCMPlayer m3u buffer overflow attempt (more info ...) | attempted-admin | 2011-5170 | 50859 | ||
| 26244 | MALWARE-CNC Win.Trojan.Troll variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26245 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26246 | OS-MOBILE Android ANDR.Trojan.PremiumSMS APK file download attempt (more info ...) | trojan-activity | URL | |||
| 26247 | OS-MOBILE Android ANDR.Trojan.PremiumSMS APK file download attempt (more info ...) | trojan-activity | URL | |||
| 26248 | MALWARE-CNC User-Agent known malicious user agent cibabam (more info ...) | trojan-activity | URL | |||
| 26250 | BROWSER-PLUGINS Google Apps mailto URI argument injection attempt (more info ...) | attempted-user | 36581 | |||
| 26257 | OS-MOBILE Android ANDR-WIN.MSIL variant PC-USB Malicious executable file download (more info ...) | trojan-activity | URL | |||
| 26260 | MALWARE-CNC Win.Trojan.Downloader.Vectmp variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26262 | SERVER-OTHER MongoDB nativeHelper.apply method command injection attempt (more info ...) | attempted-admin | 2013-1892 | 58695 | ||
| 26264 | MALWARE-CNC Dapato banking Trojan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26272 | OS-MOBILE Android ANDR.Trojan.Chuli APK file download attempt (more info ...) | trojan-activity | URL | |||
| 26273 | OS-MOBILE Android ANDR.Trojan.Chuli APK file download attempt (more info ...) | trojan-activity | URL | |||
| 26280 | FILE-PDF Foxit Reader remote query string buffer overflow attempt (more info ...) | attempted-user | 57174 | URL | ||
| 26281 | FILE-PDF Foxit Reader remote query string buffer overflow attempt (more info ...) | attempted-user | 57174 | URL | ||
| 26282 | FILE-PDF Foxit Reader remote query string buffer overflow attempt (more info ...) | attempted-user | 57174 | URL | ||
| 26283 | FILE-PDF Foxit Reader remote query string buffer overflow attempt (more info ...) | attempted-user | 57174 | URL | ||
| 26284 | MALWARE-CNC Win.Trojan.Surok variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26285 | MALWARE-CNC Win.Trojan.Downloader.Garveep variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26288 | MALWARE-CNC Brontok Worm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26289 | MALWARE-CNC Daws Trojan Outbound Plaintext over SSL Port (more info ...) | trojan-activity | URL | |||
| 26290 | OS-MOBILE Android ANDR.Trojan.RootSmart outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 26291 | OS-MOBILE Android Ksapp device registration (more info ...) | trojan-activity | URL | |||
| 26298 | SERVER-WEBAPP Media Wiki script injection attempt (more info ...) | web-application-attack | 2006-2611 | |||
| 26317 | FILE-MULTIMEDIA Cool Player Plus M3U buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 26318 | FILE-MULTIMEDIA Cool Player Plus M3U buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 26319 | MALWARE-CNC file path used as User-Agent - potential Trojan (more info ...) | trojan-activity | URL | |||
| 26320 | SERVER-WEBAPP Redmine SCM rev parameter command injection attempt (more info ...) | attempted-admin | 2011-4929 | URL | ||
| 26325 | MALWARE-CNC Win.Trojan.Scar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26331 | MALWARE-CNC Win.Trojan.Qhost variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26335 | MALWARE-CNC FBI Ransom Trojan variant outbound connection (more info ...) | trojan-activity | ||||
| 26370 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection - ksa.txt (more info ...) | trojan-activity | URL | |||
| 26371 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection - op POST (more info ...) | trojan-activity | URL | |||
| 26372 | FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (more info ...) | attempted-dos | 2008-5314 | 32555 | ||
| 26373 | FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (more info ...) | attempted-dos | 2008-5314 | 32555 | ||
| 26374 | FILE-IMAGE ClamAV Antivirus Function Denial of Service attempt (more info ...) | attempted-dos | 2008-5314 | 32555 | ||
| 26379 | SERVER-OTHER Squid proxy Accept-Language denial of service attempt (more info ...) | denial-of-service | 2013-1839 | 58316 | ||
| 26386 | SERVER-OTHER Polycom HDX authorization bypass attempt (more info ...) | attempted-admin | 58523 | |||
| 26387 | OS-MOBILE Android Stels initial server contact (more info ...) | trojan-activity | URL | |||
| 26388 | OS-MOBILE Android Stels server response (more info ...) | trojan-activity | URL | |||
| 26389 | SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (more info ...) | attempted-admin | 2012-6274 | 57214 | ||
| 26390 | SERVER-OTHER BigAnt Document Service DUPF command arbitrary file upload attempt (more info ...) | attempted-admin | 2012-6274 | 57214 | ||
| 26391 | PROTOCOL-POP libcurl MD5 digest buffer overflow attempt (more info ...) | attempted-user | 2013-0249 | 57842 | ||
| 26395 | APP-DETECT Ufasoft bitcoin miner possible data upload (more info ...) | policy-violation | URL | |||
| 26398 | MALWARE-CNC Win.Trojan.Gamarue variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26410 | INDICATOR-COMPROMISE IP address check to j.maxmind.com detected (more info ...) | misc-activity | ||||
| 26411 | MALWARE-OTHER Win.Worm.Dorkbot folder snkb0ptz creation attempt SMB (more info ...) | trojan-activity | ||||
| 26412 | MALWARE-OTHER Win.Worm.Dorkbot executable snkb0ptz.exe creation attempt SMB (more info ...) | trojan-activity | ||||
| 26413 | MALWARE-OTHER Win.Worm.Dorkbot Desktop.ini snkb0ptz.exe creation attempt SMB (more info ...) | trojan-activity | ||||
| 26418 | SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (more info ...) | attempted-admin | 2013-2362 | URL | ||
| 26428 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26435 | MALWARE-CNC Win.Trojan.Duqu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26436 | SERVER-WEBAPP HP Intelligent Management Center FaultDownloadServlet information disclosure attempt (more info ...) | attempted-recon | 2014-2620 | 68544 | URL | |
| 26437 | PUA-OTHER Bitcoin inbound response attempt (more info ...) | policy-violation | URL | |||
| 26438 | PUA-OTHER Bitcoin outbound request attempt (more info ...) | policy-violation | URL | |||
| 26442 | OS-MOBILE Android MDK encrypted information leak (more info ...) | trojan-activity | URL | |||
| 26443 | OS-MOBILE Android MDK encrypted information leak (more info ...) | trojan-activity | URL | |||
| 26444 | MALWARE-CNC Win.Trojan.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26446 | MALWARE-CNC Win.Trojan.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26447 | MALWARE-CNC Win.Trojan.Smoaler variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26448 | MALWARE-CNC Win.Trojan.Fakesig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26449 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26450 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26452 | MALWARE-CNC Win.Trojan.Buterat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26454 | SERVER-OTHER UltraVNC Listening mode stack buffer overflow attempt (more info ...) | attempted-user | 2008-0610 | |||
| 26455 | SERVER-OTHER UltraVNC Listening mode stack buffer overflow attempt (more info ...) | attempted-user | 2008-0610 | |||
| 26459 | FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (more info ...) | attempted-user | 2009-1645 | 34864 | ||
| 26460 | FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (more info ...) | attempted-user | 2009-1645 | 34864 | ||
| 26461 | FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (more info ...) | attempted-user | 2009-1645 | 34864 | ||
| 26462 | FILE-OTHER Shadow Stream Recorder asx file buffer overflow attempt (more info ...) | attempted-user | 2009-1645 | 34864 | ||
| 26463 | MALWARE-CNC Win.Trojan.Linog.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26464 | MALWARE-CNC Win.Trojan.Linog.A variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26465 | FILE-IDENTIFY XUL file attachment detected (more info ...) | misc-activity | ||||
| 26466 | FILE-IDENTIFY XUL file attachment detected (more info ...) | misc-activity | ||||
| 26467 | MALWARE-CNC Win.Trojan.Magic variant inbound connection (more info ...) | trojan-activity | URL | |||
| 26468 | SERVER-ORACLE Oracle WebCenter FatWire Satellite Server header injection on blobheadername2 attempt (more info ...) | web-application-attack | 2013-1509 | URL | ||
| 26469 | SERVER-ORACLE Oracle WebCenter FatWire Satellite Server header injection on blobheadername2 attempt (more info ...) | web-application-attack | 2013-1509 | URL | ||
| 26473 | FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 26474 | FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 26475 | FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 26476 | FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 26477 | FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 26478 | FILE-OTHER CoolPlayer playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2008-3408 | 30418 | ||
| 26479 | SERVER-OTHER ActFax LPD Server data field buffer overflow attempt (more info ...) | attempted-admin | 57789 | |||
| 26480 | MALWARE-CNC Win.Trojan.Zbot fake PNG config file download without User-Agent (more info ...) | trojan-activity | ||||
| 26482 | MALWARE-CNC Unknown Thinner Encrypted POST botnet C&C (more info ...) | trojan-activity | URL | |||
| 26491 | SERVER-OTHER Nagios NRPE command execution attempt (more info ...) | attempted-admin | 2013-1362 | 58142 | ||
| 26492 | FILE-IDENTIFY KingView KingMessage log file download request (more info ...) | misc-activity | ||||
| 26493 | FILE-IDENTIFY KingView KingMessage log file attachment detected (more info ...) | misc-activity | ||||
| 26494 | FILE-IDENTIFY KingView KingMessage log file attachment detected (more info ...) | misc-activity | ||||
| 26501 | SERVER-OTHER BigAnt Document Service DDNF request stack buffer overflow attempt (more info ...) | attempted-admin | ||||
| 26505 | SERVER-WEBAPP HP Intelligent Management Center IctDownloadServlet information disclosure attempt (more info ...) | attempted-recon | 2014-2621 | 68546 | URL | |
| 26514 | FILE-IDENTIFY maplet file download attempt (more info ...) | misc-activity | ||||
| 26515 | FILE-IDENTIFY maplet file attachment detected (more info ...) | misc-activity | ||||
| 26516 | FILE-IDENTIFY maplet file attachment detected (more info ...) | misc-activity | ||||
| 26517 | FILE-IDENTIFY maplet bin file download attempt (more info ...) | misc-activity | ||||
| 26520 | FILE-OTHER Maple Maplet File Creation and Command Execution attempt (more info ...) | attempted-user | ||||
| 26521 | FILE-OTHER Maple Maplet File Creation and Command Execution attempt (more info ...) | attempted-user | ||||
| 26522 | MALWARE-CNC User-Agent known malicious user agent NOKIAN95/WEB (more info ...) | trojan-activity | URL | |||
| 26523 | SERVER-WEBAPP HP Intelligent Management Center ReportImgServlet information disclosure attempt (more info ...) | attempted-recon | 2012-5203 | 58672 | URL | |
| 26533 | MALWARE-CNC Unknown malware - Incorrect headers - Referer HTTP/1.0 (more info ...) | trojan-activity | ||||
| 26542 | SERVER-OTHER Autonomy Ultraseek cs.html url parameter with url - possible malicious redirection attempt (more info ...) | misc-attack | 2009-0347 | |||
| 26553 | PUA-ADWARE Win.Adware.BProtector browser hijacker dll list download attempt (more info ...) | misc-activity | ||||
| 26558 | MALWARE-CNC User-Agent known Malicious user agent Brutus AET (more info ...) | misc-activity | URL | |||
| 26560 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection - getcomando POST data (more info ...) | trojan-activity | URL | |||
| 26561 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | ||||
| 26562 | EXPLOIT-KIT Nuclear exploit kit Spoofed Host Header .com- requests (more info ...) | trojan-activity | ||||
| 26563 | MALWARE-CNC Harakit botnet traffic (more info ...) | trojan-activity | URL | |||
| 26565 | INDICATOR-OBFUSCATION base64-encoded nop sled detected (more info ...) | trojan-activity | URL | |||
| 26566 | INDICATOR-OBFUSCATION base64-encoded nop sled detected (more info ...) | trojan-activity | URL | |||
| 26567 | INDICATOR-OBFUSCATION base64-encoded nop sled detected (more info ...) | trojan-activity | URL | |||
| 26568 | INDICATOR-OBFUSCATION eval of base64-encoded data (more info ...) | trojan-activity | URL | |||
| 26578 | MALWARE-CNC Win.Trojan.Kazy/FakeAV Checkin with IE6 User-Agent (more info ...) | trojan-activity | URL | |||
| 26579 | MALWARE-CNC Win.Trojan.Kazy/FakeAV Checkin with IE6 User-Agent (more info ...) | trojan-activity | URL | |||
| 26594 | PROTOCOL-VOIP Digium Asterisk Management Interface HTTP digest authentication stack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 26598 | FILE-OTHER .tar multiple antivirus evasion attempt (more info ...) | attempted-user | 2012-1427 | |||
| 26604 | MALWARE-CNC Win.Trojan.Bydra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26605 | MALWARE-CNC Win.Trojan.Bydra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26606 | MALWARE-CNC Win.Trojan.Sosork variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26607 | MALWARE-CNC Win.Trojan.Korlia variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26608 | MALWARE-CNC Win.Trojan.Rocra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26609 | MALWARE-CNC OSX.Trojan.Dockster variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26613 | MALWARE-CNC Medfos Trojan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26619 | INDICATOR-OBFUSCATION multiple comment tags used in embedded RTF object - potentially malicious (more info ...) | misc-attack | URL | |||
| 26620 | INDICATOR-OBFUSCATION multiple comment tags used in embedded RTF object - potentially malicious (more info ...) | misc-attack | URL | |||
| 26644 | SERVER-OTHER SSL TLS DEFLATE compression detected (more info ...) | misc-activity | ||||
| 26645 | SERVER-OTHER SSL TLS deflate compression weakness brute force attempt (more info ...) | attempted-recon | 2012-4929 | 55704 | URL | |
| 26657 | MALWARE-CNC Win.Trojan.Shiz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26662 | FILE-PDF PDF with click-to-launch executable (more info ...) | misc-activity | 2010-1240 | URL | ||
| 26669 | SERVER-WEBAPP HP Intelligent Management Center SyslogDownloadServlet information disclosure attempt (more info ...) | attempted-recon | 2012-5206 | 58385 | URL | |
| 26677 | MALWARE-CNC Win.Trojan.Kuluoz variant inbound run command from cnc (more info ...) | trojan-activity | URL | |||
| 26678 | MALWARE-CNC Win.Trojan.Kuluoz variant inbound run command from cnc (more info ...) | trojan-activity | URL | |||
| 26679 | MALWARE-CNC Win.Trojan.Kuluoz variant inbound run command from cnc (more info ...) | trojan-activity | URL | |||
| 26680 | MALWARE-CNC Win.Trojan.Kuluoz variant inbound run command from cnc (more info ...) | trojan-activity | URL | |||
| 26681 | MALWARE-CNC Win.Trojan.Kuluoz variant inbound run command from cnc (more info ...) | trojan-activity | URL | |||
| 26683 | MALWARE-CNC Win.Trojan.Shyape variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26684 | MALWARE-CNC Win.Trojan.Neshax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26685 | MALWARE-CNC User-Agent known malicious user-agent string J13A (more info ...) | trojan-activity | URL | |||
| 26686 | MALWARE-CNC User-Agent known malicious user agent - Alina (more info ...) | trojan-activity | URL | |||
| 26689 | OS-MOBILE Android Denofow phone information exfiltration (more info ...) | trojan-activity | URL | |||
| 26690 | MALWARE-CNC Miniduke server contact (more info ...) | trojan-activity | URL | |||
| 26691 | MALWARE-CNC Win.Trojan.UFRStealer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26692 | MALWARE-CNC Win.Trojan.Spyremoav variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26693 | OS-MOBILE Android Antammi device information exfiltration (more info ...) | trojan-activity | URL | |||
| 26695 | MALWARE-CNC Win.Trojan.Namihno variant outbound request (more info ...) | trojan-activity | ||||
| 26696 | MALWARE-CNC Cbeplay Ransomware variant outbound connection - Abnormal HTTP Headers (more info ...) | trojan-activity | URL | |||
| 26697 | MALWARE-CNC Cbeplay Ransomware variant outbound connection - POST Body (more info ...) | trojan-activity | URL | |||
| 26702 | MALWARE-CNC User-Agent known malicious user agent - Win (more info ...) | trojan-activity | URL | |||
| 26703 | MALWARE-CNC Win.Trojan.Upero variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26704 | SERVER-WEBAPP LANDesk Thinkmanagement Suite ServerSetup directory traversal attempt (more info ...) | attempted-user | 2012-1196 | 52023 | ||
| 26705 | OS-MOBILE Android Ewalls device information exfiltration (more info ...) | trojan-activity | URL | |||
| 26712 | MALWARE-CNC Kazy Trojan check-in (more info ...) | trojan-activity | URL | |||
| 26713 | MALWARE-CNC Win.Trojan.BlackRev rev 1 outbound traffic (more info ...) | trojan-activity | URL | |||
| 26714 | MALWARE-CNC Win.Trojan.BlackRev rev 2 outbound traffic (more info ...) | trojan-activity | URL | |||
| 26715 | MALWARE-CNC Win.Trojan.BlackRev rev 3 outbound traffic (more info ...) | trojan-activity | URL | |||
| 26719 | MALWARE-CNC Win.Trojan.Kbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26720 | MALWARE-CNC Win.Trojan.Kbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26721 | MALWARE-CNC Pushdo Spiral Traffic (more info ...) | trojan-activity | URL | |||
| 26722 | MALWARE-CNC Bancos fake JPG encrypted config file download (more info ...) | trojan-activity | ||||
| 26723 | MALWARE-CNC Trojan Downloader7 (more info ...) | trojan-activity | URL | |||
| 26725 | MALWARE-CNC Win.Trojan.BlackRev cnc http command (more info ...) | trojan-activity | URL | |||
| 26726 | MALWARE-CNC Win.Trojan.BlackRev cnc stop command (more info ...) | trojan-activity | URL | |||
| 26727 | MALWARE-CNC Win.Trojan.BlackRev cnc die command (more info ...) | trojan-activity | URL | |||
| 26728 | MALWARE-CNC Win.Trojan.BlackRev cnc sleep command (more info ...) | trojan-activity | URL | |||
| 26729 | MALWARE-CNC Win.Trojan.BlackRev cnc simple command (more info ...) | trojan-activity | URL | |||
| 26730 | MALWARE-CNC Win.Trojan.BlackRev cnc loginpost command (more info ...) | trojan-activity | URL | |||
| 26731 | MALWARE-CNC Win.Trojan.BlackRev cnc datapost command (more info ...) | trojan-activity | URL | |||
| 26732 | MALWARE-CNC Win.Trojan.BlackRev cnc syn command (more info ...) | trojan-activity | URL | |||
| 26733 | MALWARE-CNC Win.Trojan.BlackRev cnc udp command (more info ...) | trojan-activity | URL | |||
| 26734 | MALWARE-CNC Win.Trojan.BlackRev cnc udpdata command (more info ...) | trojan-activity | URL | |||
| 26735 | MALWARE-CNC Win.Trojan.BlackRev cnc data command (more info ...) | trojan-activity | URL | |||
| 26737 | MALWARE-CNC Win.Trojan.BlackRev cnc tcpdata command (more info ...) | trojan-activity | URL | |||
| 26738 | MALWARE-CNC Win.Trojan.BlackRev cnc dataget command (more info ...) | trojan-activity | URL | |||
| 26739 | MALWARE-CNC Win.Trojan.BlackRev cnc connect command (more info ...) | trojan-activity | URL | |||
| 26741 | MALWARE-CNC Win.Trojan.BlackRev cnc exec command (more info ...) | trojan-activity | URL | |||
| 26742 | MALWARE-CNC Win.Trojan.BlackRev cnc resolve command (more info ...) | trojan-activity | URL | |||
| 26743 | MALWARE-CNC Win.Trojan.BlackRev cnc antiddos command (more info ...) | trojan-activity | URL | |||
| 26744 | MALWARE-CNC Win.Trojan.BlackRev cnc range command (more info ...) | trojan-activity | URL | |||
| 26746 | MALWARE-CNC Win.Trojan.BlackRev cnc download command (more info ...) | trojan-activity | URL | |||
| 26747 | MALWARE-CNC Win.Trojan.BlackRev cnc fastddos command (more info ...) | trojan-activity | URL | |||
| 26748 | MALWARE-CNC Win.Trojan.BlackRev cnc slowhttp command (more info ...) | trojan-activity | URL | |||
| 26749 | MALWARE-CNC Win.Trojan.BlackRev cnc allhttp command (more info ...) | trojan-activity | URL | |||
| 26750 | MALWARE-CNC Win.Trojan.BlackRev cnc full command (more info ...) | trojan-activity | URL | |||
| 26751 | MALWARE-CNC User-Agent known malicious user agent - msctls_progress32 (more info ...) | trojan-activity | URL | |||
| 26756 | MALWARE-CNC Win.Trojan.Dropper.Datcaen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26757 | MALWARE-CNC Win.Trojan.Dropper.Datcaen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26758 | MALWARE-CNC Win.Trojan.Elefin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26760 | OS-MOBILE Android Fakeinst device information leakage (more info ...) | trojan-activity | URL | |||
| 26761 | OS-MOBILE Android Fakeinst device information leakage (more info ...) | trojan-activity | URL | |||
| 26763 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26768 | OS-MOBILE Android Fakedoc device information leakage (more info ...) | trojan-activity | URL | |||
| 26770 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26771 | MALWARE-CNC Win.Trojan.Spy.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26774 | MALWARE-CNC Win.Worm.Luder variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26775 | MALWARE-CNC Win.Trojan.Blocker variant outbound connection HTTP Header Structure (more info ...) | trojan-activity | URL | |||
| 26776 | MALWARE-CNC Win.Trojan.Blocker variant outbound connection POST (more info ...) | trojan-activity | URL | |||
| 26777 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26779 | MALWARE-CNC Win.Trojan.Cridex encrypted POST check-in (more info ...) | trojan-activity | URL | |||
| 26780 | MALWARE-CNC cridex HTTP Response - default0.js (more info ...) | trojan-activity | URL | |||
| 26783 | OS-MOBILE Android ANDR.Trojan.Opfake APK file download (more info ...) | trojan-activity | URL | |||
| 26784 | MALWARE-CNC Win.Trojan.Nivdort variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26785 | MALWARE-CNC Win.Trojan.Qrmon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26788 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 26789 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 26790 | INDICATOR-SHELLCODE unescape encoded shellcode (more info ...) | shellcode-detect | ||||
| 26792 | MALWARE-CNC Win.Trojan.Vbula variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26793 | MALWARE-CNC Win.Trojan.Vbula variant initial CNC contact (more info ...) | trojan-activity | URL | |||
| 26794 | SERVER-WEBAPP HP Intelligent Management Center UAM acmServletDownload information disclosure attempt (more info ...) | attempted-recon | 2012-5211 | 58385 | URL | |
| 26795 | OS-MOBILE Android ANDR.Trojan.ZertSecurity apk download (more info ...) | trojan-activity | URL | |||
| 26809 | MALWARE-CNC Win.Trojan.Backdoor.Tomvode variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26811 | MALWARE-CNC XP Fake Antivirus Payment Page Request (more info ...) | trojan-activity | URL | |||
| 26812 | MALWARE-CNC XP Fake Antivirus Check-in (more info ...) | trojan-activity | URL | |||
| 26813 | MALWARE-CNC Win.Trojan.Dapato CMS spambot check-in (more info ...) | trojan-activity | URL | |||
| 26814 | EXPLOIT-KIT Blackholev2 exploit kit Initial Gate from Linked-In Mailing Campaign (more info ...) | trojan-activity | ||||
| 26815 | MALWARE-CNC OSX.Trojan.KitM variant outbound connection user-agent (more info ...) | trojan-activity | URL | |||
| 26816 | MALWARE-CNC OSX.Trojan.KitM variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26818 | MALWARE-CNC Win.Trojan.Downloader.Zawat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26819 | MALWARE-CNC Win.Trojan.Datash variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26820 | MALWARE-CNC Win.Trojan.Datash variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26822 | MALWARE-CNC Win.Trojan.Buterat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26826 | OS-MOBILE Android ANDR.Trojan.Opfake credential theft attempt (more info ...) | trojan-activity | URL | |||
| 26827 | OS-MOBILE Android ANDR.Trojan.Opfake device information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 26828 | MALWARE-CNC Win.Trojan.Uperti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26835 | MALWARE-CNC RDN Banker POST variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26836 | MALWARE-CNC RDN Banker Strange Google Traffic (more info ...) | trojan-activity | URL | |||
| 26837 | MALWARE-CNC BitBot Idle C2 response (more info ...) | trojan-activity | ||||
| 26838 | EXPLOIT-KIT Blackholev2 exploit kit Initial Gate from NatPay Mailing Campaign (more info ...) | trojan-activity | ||||
| 26840 | MALWARE-CNC Win.Trojan.Spy.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26841 | MALWARE-CNC Win.Trojan.Spy.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26879 | BROWSER-OTHER local loopback address in html (more info ...) | unknown | URL | |||
| 26880 | MALWARE-CNC Win.Trojan.Zotob.E gc.exe download (more info ...) | trojan-activity | ||||
| 26905 | SERVER-WEBAPP FosWiki and TWiki MAKETEXT macro memory consumption denial of service attempt (more info ...) | attempted-dos | 2012-6330 | 56950 | URL | |
| 26906 | SERVER-OTHER Foswiki/Twiki MAKETEXT command execution attempt (more info ...) | attempted-admin | 2012-6329 | 56950 | ||
| 26907 | SERVER-WEBAPP TWiki search function remote code execution attempt (more info ...) | attempted-user | 2004-1037 | 11674 | ||
| 26908 | SERVER-WEBAPP TWiki search function remote code execution attempt (more info ...) | attempted-user | 2004-1037 | 11674 | ||
| 26910 | MALWARE-CNC ZeroAccess Encrypted 128-byte POST No Accept Headers (more info ...) | trojan-activity | ||||
| 26911 | MALWARE-CNC Win.Trojan.Rombrast Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 26912 | MALWARE-CNC Win.Trojan.Rombrast Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 26924 | MALWARE-CNC Potential Gozi Trojan HTTP Header Structure (more info ...) | trojan-activity | ||||
| 26926 | FILE-OTHER Multiple products ZIP archive virus detection bypass attempt (more info ...) | bad-unknown | 2004-0932 | 11448 | ||
| 26931 | MALWARE-CNC Win.Trojan.Zeroaccess variant outbound connection (more info ...) | trojan-activity | ||||
| 26932 | MALWARE-CNC Win.Trojan.Zeroaccess variant outbound connection (more info ...) | trojan-activity | ||||
| 26938 | OS-MOBILE Android Tetus device information leakage (more info ...) | trojan-activity | URL | |||
| 26939 | OS-MOBILE Android Tetus device information leakage variant (more info ...) | trojan-activity | URL | |||
| 26941 | MALWARE-CNC Win.Trojan.PipCreat RAT dropper download (more info ...) | trojan-activity | URL | |||
| 26944 | MALWARE-CNC Win.Trojan.Post_Show RAT beacon (more info ...) | trojan-activity | ||||
| 26945 | MALWARE-CNC Win.Trojan.Bisonal RAT beacon (more info ...) | trojan-activity | ||||
| 26946 | MALWARE-CNC Win.Trojan.Uptime RAT beacon (more info ...) | trojan-activity | ||||
| 26952 | MALWARE-CNC Win.Trojan.Orcim variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26953 | SERVER-WEBAPP D-Link DIR-300/DIR-600 unauthenticated remote command execution attempt (more info ...) | attempted-admin | 57734 | URL | ||
| 26954 | MALWARE-CNC Win.Backdoor.Talsab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26955 | MALWARE-CNC Win.Backdoor.Talsab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26965 | MALWARE-CNC Win.Trojan.Win32 Facebook Secure Cryptor C2 (more info ...) | trojan-activity | URL | |||
| 26966 | MALWARE-CNC Win32/Autorun.JN variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26967 | MALWARE-CNC Win.Trojan.Kuluoz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26968 | MALWARE-CNC Win.Trojan.Gozi Data Theft POST Data (more info ...) | trojan-activity | URL | |||
| 26969 | MALWARE-CNC Win.Trojan.Gozi Trojan Data Theft POST URL (more info ...) | trojan-activity | URL | |||
| 26970 | MALWARE-CNC Win.Trojan.Pirminay variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26972 | SERVER-OTHER CUPS IPP multi-valued attribute memory corruption attempt (more info ...) | attempted-admin | 2010-2941 | 44530 | URL | |
| 26984 | MALWARE-CNC Win.Trojan.Injector Info Stealer Trojan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26986 | MALWARE-CNC Win.Trojan.Xenil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26987 | MALWARE-CNC Win.Trojan.Cyvadextr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26989 | FILE-OTHER Multiple products ZIP archive virus detection bypass attempt (more info ...) | bad-unknown | 2004-0932 | 11448 | ||
| 26995 | MALWARE-CNC Win.Trojan.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26996 | MALWARE-CNC Win.Trojan.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26997 | MALWARE-CNC OSX.Trojan.Morcut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 26998 | MALWARE-CNC OSX.Trojan.Morcut file download (more info ...) | trojan-activity | URL | |||
| 26999 | MALWARE-CNC Win.Trojan.Chinoxy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27000 | MALWARE-CNC Win.Trojan.Chinoxy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27002 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27003 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27007 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27010 | MALWARE-CNC Win.Trojan.Zbot payment .scr download (more info ...) | trojan-activity | URL | |||
| 27012 | MALWARE-CNC Win.Trojan.Phoenot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27013 | MALWARE-CNC Win.Trojan.Phoenot variant inbound connection (more info ...) | trojan-activity | URL | |||
| 27014 | MALWARE-CNC Win.Trojan.Epipenwa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27015 | MALWARE-CNC User-Agent known malicious user-agent string iexplorer (more info ...) | trojan-activity | URL | |||
| 27016 | OS-MOBILE Android AnserverBot initial contact (more info ...) | trojan-activity | URL | |||
| 27017 | MALWARE-CNC Win.Trojan.Dapato variant inbound response connection (more info ...) | trojan-activity | URL | |||
| 27021 | MALWARE-CNC Win.Trojan.Layvam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27022 | MALWARE-CNC Win.Trojan.Netweird.A outbound connection (more info ...) | trojan-activity | URL | |||
| 27023 | MALWARE-CNC Win.Trojan.Netweird.A outbound connection (more info ...) | trojan-activity | URL | |||
| 27031 | OS-MOBILE Android Satfi device information leakage (more info ...) | trojan-activity | URL | |||
| 27032 | OS-MOBILE Android Walkinwat / Wandt information leakage generic (more info ...) | trojan-activity | URL | |||
| 27033 | MALWARE-CNC Win.Backdoor.Transhell variant outbound connection user-agent (more info ...) | trojan-activity | URL | |||
| 27037 | OS-MOBILE Android Vidro / EClips sms send instructions (more info ...) | trojan-activity | URL | |||
| 27038 | OS-MOBILE Android Vidro / EClips device information leakage (more info ...) | trojan-activity | URL | |||
| 27039 | MALWARE-CNC Win.Trojan.OnlineGameHack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27044 | MALWARE-CNC User-Agent known malicious user-agent string pb - Htbot (more info ...) | trojan-activity | URL | |||
| 27045 | MALWARE-CNC Win.Trojan.Blocker Download (more info ...) | trojan-activity | URL | |||
| 27047 | INDICATOR-COMPROMISE Unknown ?1 redirect (more info ...) | bad-unknown | ||||
| 27049 | MALWARE-CNC Win.Trojan.Dokstormac variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27054 | MALWARE-CNC Win.Trojan.Yakes variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27057 | MALWARE-CNC Win.Trojan.Dalbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27058 | MALWARE-CNC OSX.Trojan.HackBack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27064 | OS-MOBILE Android Spy2Mobile device information leakage (more info ...) | trojan-activity | URL | |||
| 27068 | EXPLOIT-KIT Blackholev2 exploit kit malicious jar file download (more info ...) | trojan-activity | ||||
| 27069 | EXPLOIT-KIT Blackholev2 exploit kit malicious portable executable download (more info ...) | trojan-activity | ||||
| 27091 | MALWARE-CNC Win.Trojan.Weavun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27093 | MALWARE-CNC Win.Trojan.Medfos variant outbound connection (more info ...) | trojan-activity | ||||
| 27094 | OS-MOBILE Android ANDR.Trojan.FakeToken information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 27095 | OS-MOBILE Android ANDR.Trojan.FakeToken APK file download attempt (more info ...) | trojan-activity | URL | |||
| 27096 | FILE-OTHER XML exponential entity expansion attack attempt (more info ...) | attempted-user | 2013-1821 | |||
| 27097 | OS-MOBILE Android ANDR.Trojan.SMSSilence APK file download attempt (more info ...) | trojan-activity | URL | |||
| 27098 | OS-MOBILE Android ANDR.Trojan.SMSSilence unsolicited sms attempt (more info ...) | trojan-activity | URL | |||
| 27099 | OS-MOBILE Android ANDR.Trojan.SMSSilence device information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 27106 | EXPLOIT-KIT Blackholev2 exploit kit malicious jar download (more info ...) | trojan-activity | ||||
| 27107 | EXPLOIT-KIT Blackholev2 exploit kit malicious jar download (more info ...) | trojan-activity | ||||
| 27109 | EXPLOIT-KIT Blackholev2/Cool exploit kit malicious jar download (more info ...) | trojan-activity | ||||
| 27114 | MALWARE-CNC Win.Trojan.Agent.xii variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27116 | OS-MOBILE Android Androrat device information leakage (more info ...) | trojan-activity | URL | |||
| 27117 | OS-MOBILE Android Androrat sms message leakage (more info ...) | trojan-activity | URL | |||
| 27118 | OS-MOBILE Android Androrat contact list leakage (more info ...) | trojan-activity | URL | |||
| 27119 | INDICATOR-OBFUSCATION multiple plugin version detection attempt (more info ...) | attempted-recon | URL | |||
| 27120 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27158 | MALWARE-CNC Win.Trojan.Eliseantry variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27159 | MALWARE-CNC Win.Trojan.Pesut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27160 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27161 | SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (more info ...) | web-application-activity | URL | |||
| 27162 | SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (more info ...) | web-application-activity | URL | |||
| 27163 | SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (more info ...) | web-application-activity | URL | |||
| 27164 | SERVER-WEBAPP Dasdec unauthenticated information disclosure vulnerability (more info ...) | web-application-activity | URL | |||
| 27169 | MALWARE-CNC Win.Trojan.Atezag variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27178 | MALWARE-CNC Win.Trojan.Wergimog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27199 | MALWARE-CNC Win.Trojan.Meredrop variant outbound connection GET Request (more info ...) | trojan-activity | URL | |||
| 27200 | MALWARE-CNC Win.Trojan.Meredrop variant outbound connection POST Request (more info ...) | trojan-activity | URL | |||
| 27201 | MALWARE-CNC Win.Trojan.Neurevt variant outbound connection (more info ...) | trojan-activity | ||||
| 27204 | MALWARE-CNC Potential Bancos Brazilian Banking Trojan Browser Proxy Autoconfig File (more info ...) | trojan-activity | ||||
| 27210 | SERVER-OTHER IPMI RAKP cipher zero remote authentication bypass attempt (more info ...) | attempted-admin | 2013-4784 | URL | ||
| 27240 | SERVER-OTHER multiple vendors IPMI RAKP username brute force attempt (more info ...) | attempted-admin | 2019-1908 | URL | ||
| 27241 | EXPLOIT-KIT Blackholev2 exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 27248 | MALWARE-CNC Win.Trojan.Gamarue - Mozi1la User-Agent (more info ...) | trojan-activity | URL | |||
| 27252 | MALWARE-CNC Win.Trojan.ZeroAccess 111-byte URL variant outbound connection (more info ...) | trojan-activity | ||||
| 27253 | MALWARE-CNC Win.Trojan.Cridex Encrypted POST w/ URL Pattern (more info ...) | trojan-activity | URL | |||
| 27254 | MALWARE-CNC Yakes Trojan HTTP Header Structure (more info ...) | trojan-activity | URL | |||
| 27255 | INDICATOR-COMPROMISE All Numbers .EXE file name from abnormally ordered HTTP headers - Potential Yakes Trojan Download (more info ...) | trojan-activity | URL | |||
| 27256 | MALWARE-CNC Win.Trojan.Kryptik Drive-by Download Malware (more info ...) | trojan-activity | URL | |||
| 27257 | MALWARE-CNC Win.Trojan.Kryptic 7-byte URI Invalid Firefox Headers - no Accept-Language (more info ...) | trojan-activity | URL | |||
| 27258 | INDICATOR-OBFUSCATION eval large block of fromCharCode (more info ...) | attempted-user | URL | |||
| 27259 | INDICATOR-OBFUSCATION eval large block of fromCharCode (more info ...) | attempted-user | URL | |||
| 27263 | MALWARE-CNC User-Agent known malicious user agent - yahoonews (more info ...) | trojan-activity | URL | |||
| 27275 | FILE-IDENTIFY Trimble SketchUp file attachment detected (more info ...) | misc-activity | ||||
| 27276 | FILE-IDENTIFY Trimble SketchUp file attachment detected (more info ...) | misc-activity | ||||
| 27277 | FILE-IDENTIFY Trimble SketchUp file download request (more info ...) | misc-activity | ||||
| 27278 | FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | 60248 | ||
| 27279 | FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | 60248 | ||
| 27280 | FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | 60248 | ||
| 27281 | FILE-OTHER Trimble SketchUp PICT color entries buffer overflow attempt (more info ...) | attempted-user | 2013-3664 | 60248 | ||
| 27525 | FILE-IMAGE Directshow GIF logical width overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 27526 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 27527 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 27528 | FILE-IMAGE Directshow GIF logical width overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 27529 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 27530 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 27532 | SERVER-MAIL Exim and Dovecot mail from remote command execution attempt (more info ...) | attempted-admin | URL | |||
| 27533 | MALWARE-CNC Potential Win.Trojan.Kraziomel Download - 000.jpg (more info ...) | trojan-activity | URL | |||
| 27538 | MALWARE-OTHER self-signed SSL certificate with default MyCompany Ltd organization name (more info ...) | policy-violation | URL | |||
| 27544 | MALWARE-CNC Osx.Trojan.Janicab runtime traffic detected (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 27545 | MALWARE-CNC Osx.Trojan.Janicab outbound connection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 27546 | MALWARE-CNC Osx.Trojan.Janicab outbound connection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 27547 | MALWARE-CNC Osx.Trojan.Janicab outbound connection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 27551 | MALWARE-CNC Win.Trojan.Lorapu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27552 | OS-MOBILE Android Exploit Extra_Field APK file download attempt (more info ...) | trojan-activity | ||||
| 27558 | MALWARE-CNC Win.Trojan.Bezigate variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27567 | MALWARE-CNC Win.Trojan.Rovnix malicious download request (more info ...) | trojan-activity | URL | |||
| 27569 | FILE-IMAGE JPEG parser multipacket heap overflow attempt (more info ...) | attempted-admin | 2017-16392 | 11173 | URL | |
| 27577 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27578 | SERVER-OTHER OpenX POST to known backdoored file (more info ...) | attempted-admin | 2013-4211 | URL | ||
| 27579 | SERVER-OTHER Sybase Open Server function pointer array code execution attempt (more info ...) | attempted-admin | 48934 | URL | ||
| 27580 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27581 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27584 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27585 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27586 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27587 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27588 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27589 | FILE-OTHER BitDefender Internet Security script code execution attempt (more info ...) | attempted-user | 2009-0850 | |||
| 27596 | MALWARE-CNC Win.Trojan.Redyms variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27600 | MALWARE-CNC Win.Trojan.Nawpers variant connection (more info ...) | trojan-activity | URL | |||
| 27601 | MALWARE-CNC Win.Trojan.Noobot variant connection (more info ...) | trojan-activity | URL | |||
| 27602 | EXPLOIT-KIT Blackholev2 exploit kit landing page - specific structure (more info ...) | trojan-activity | ||||
| 27603 | EXPLOIT-KIT Blackholev2 exploit kit landing page (more info ...) | trojan-activity | ||||
| 27604 | POLICY-SPAM FedEX spam campaign outbound connection (more info ...) | trojan-activity | ||||
| 27629 | MALWARE-CNC Win.Backdoor.Aumlib variant outbound connection (more info ...) | trojan-activity | ||||
| 27630 | MALWARE-CNC Win.Backdoor.Aumlib variant outbound connection (more info ...) | trojan-activity | ||||
| 27631 | MALWARE-CNC Win.Backdoor.Aumlib variant outbound connection (more info ...) | trojan-activity | ||||
| 27633 | MALWARE-CNC Worm.Silly variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27636 | MALWARE-CNC Win.Trojan.Likseput variant connection (more info ...) | trojan-activity | URL | |||
| 27637 | MALWARE-CNC Win.Trojan.Syhcmd variant connection (more info ...) | trojan-activity | URL | |||
| 27638 | SERVER-WEBAPP Hedgehog-CMS Directory traversal attempt (more info ...) | web-application-attack | 2008-2898 | 33710 | ||
| 27639 | MALWARE-CNC Win.Trojan.Epipenwa variant connection (more info ...) | trojan-activity | URL | |||
| 27640 | MALWARE-CNC Win.Trojan.Chekafe variant connection (more info ...) | trojan-activity | URL | |||
| 27641 | MALWARE-CNC Win.Trojan.Meilat variant connection (more info ...) | trojan-activity | URL | |||
| 27642 | MALWARE-CNC Win.Trojan.Downbot variant connection (more info ...) | trojan-activity | URL | |||
| 27643 | MALWARE-CNC Win.Trojan.Betabot variant connection (more info ...) | trojan-activity | URL | |||
| 27644 | MALWARE-CNC Win.Trojan.Merong variant connection (more info ...) | trojan-activity | URL | |||
| 27645 | MALWARE-CNC Win.Trojan.Binjo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27647 | MALWARE-CNC Win.Trojan.Nelaja variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27648 | MALWARE-CNC Win.Trojan.SpyBanker.ZSL variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27649 | MALWARE-CNC Brazilian Banking Trojan data theft (more info ...) | trojan-activity | ||||
| 27654 | MALWARE-CNC Win.Backdoor.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27655 | MALWARE-CNC Win.Trojan.Enchanim variant connection (more info ...) | trojan-activity | URL | |||
| 27659 | MALWARE-CNC Win.Trojan.Gapz variant connection (more info ...) | trojan-activity | URL | |||
| 27660 | MALWARE-CNC Win.Trojan.Reabfrus variant connection (more info ...) | trojan-activity | URL | |||
| 27661 | MALWARE-CNC Win.Trojan.Reabfrus variant connection (more info ...) | trojan-activity | URL | |||
| 27662 | MALWARE-CNC Win.Trojan.Galfun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27664 | MALWARE-CNC Win.Trojan.Castov variant connection (more info ...) | trojan-activity | URL | |||
| 27665 | MALWARE-CNC Win.Trojan.Castov variant connection (more info ...) | trojan-activity | URL | |||
| 27668 | APP-DETECT Heyoka initial outbound connection attempt (more info ...) | policy-violation | ||||
| 27669 | APP-DETECT Heyoka outbound communication attempt (more info ...) | policy-violation | ||||
| 27670 | MALWARE-CNC Win.Trojan.Agent.evf variant connection (more info ...) | trojan-activity | URL | |||
| 27678 | MALWARE-CNC Win.Trojan.Goolelo variant connection (more info ...) | trojan-activity | URL | |||
| 27679 | MALWARE-CNC Win.Trojan.Kuluoz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27680 | MALWARE-CNC Win.Trojan.ZeroAccess variant outbound connection (more info ...) | trojan-activity | ||||
| 27688 | SERVER-WEBAPP mxBB MX Faq module_root_path file inclusion attempt (more info ...) | web-application-attack | 2007-2493 | 23758 | ||
| 27690 | FILE-PDF Foxit PDF Reader authentication bypass attempt (more info ...) | attempted-user | 2009-0836 | URL | ||
| 27699 | MALWARE-CNC Win.Trojan.Tartober variant connection (more info ...) | trojan-activity | URL | |||
| 27708 | MALWARE-CNC Win.Ransomware.Urausy outbound connection (more info ...) | trojan-activity | URL | |||
| 27709 | MALWARE-CNC User-Agent known malicious user-agent string umbra (more info ...) | trojan-activity | URL | |||
| 27710 | MALWARE-CNC User-Agent known malicious user-agent string IExplore (more info ...) | trojan-activity | URL | |||
| 27711 | MALWARE-CNC Win.Trojan.FakeAV variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27712 | EXPLOIT-KIT Blackholev2 exploit kit redirection injection (more info ...) | trojan-activity | ||||
| 27713 | EXPLOIT-KIT Blackholev2 exploit kit redirection injection (more info ...) | trojan-activity | ||||
| 27715 | EXPLOIT-KIT Blackholev2 exploit kit redirection page (more info ...) | trojan-activity | ||||
| 27720 | MALWARE-CNC Win.Trojan.Kolok variant connection (more info ...) | trojan-activity | URL | |||
| 27726 | MALWARE-CNC Orbit Downloader denial of service update (more info ...) | trojan-activity | URL | |||
| 27727 | MALWARE-CNC Orbit Downloader denial of service update (more info ...) | trojan-activity | URL | |||
| 27728 | MALWARE-CNC Orbit Downloader denial of service update (more info ...) | trojan-activity | URL | |||
| 27729 | INDICATOR-COMPROMISE request for potential web shell - /Silic.jsp (more info ...) | misc-activity | URL | |||
| 27730 | INDICATOR-COMPROMISE request for potential web shell - /css3.jsp (more info ...) | misc-activity | URL | |||
| 27731 | INDICATOR-COMPROMISE request for potential web shell - /inback.jsp (more info ...) | misc-activity | URL | |||
| 27732 | INDICATOR-COMPROMISE request for potential web shell - /jspspy.jsp (more info ...) | misc-activity | URL | |||
| 27747 | MALWARE-CNC Win.Trojan.Banechant outbound variant connection (more info ...) | trojan-activity | URL | |||
| 27759 | MALWARE-CNC Win.Trojan.Treizt variant connection (more info ...) | trojan-activity | URL | |||
| 27774 | MALWARE-CNC RDN Banker Data Exfiltration (more info ...) | trojan-activity | URL | |||
| 27775 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | ||||
| 27802 | MALWARE-CNC Win.Trojan.PRISM variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27803 | MALWARE-CNC Win.Trojan.PRISM variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27804 | MALWARE-CNC Win.Trojan.PRISM variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27805 | MALWARE-CNC Win.Trojan.Bisonha variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27806 | MALWARE-CNC Win.Trojan.Retruse variant connection (more info ...) | trojan-activity | URL | |||
| 27810 | EXPLOIT-KIT Fiesta exploit kit redirection (more info ...) | trojan-activity | ||||
| 27811 | MALWARE-CNC Win.Trojan.Mindweq variant connection (more info ...) | trojan-activity | URL | |||
| 27817 | MALWARE-CNC Win.Trojan.Tenavt connection (more info ...) | trojan-activity | URL | |||
| 27861 | SERVER-ORACLE Oracle Enterprise Manager Database Control directory traversal attempt (more info ...) | attempted-admin | 2010-3600 | 45883 | URL | |
| 27863 | SERVER-WEBAPP Ektron CMS XSLT transform remote code execution attempt (more info ...) | attempted-admin | 2012-5357 | 56816 | URL | |
| 27864 | MALWARE-CNC Win.Trojan.Sinowal variant connection (more info ...) | trojan-activity | URL | |||
| 27867 | MALWARE-CNC Win.Trojan.Dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 27868 | MALWARE-CNC User-Agent known malicious user agent - dt12012 (more info ...) | trojan-activity | URL | |||
| 27905 | MALWARE-CNC Win.Trojan.Helauto variant connection (more info ...) | trojan-activity | URL | |||
| 27907 | EXPLOIT-KIT Blackholev2/Cool exploit kit payload download attempt (more info ...) | trojan-activity | ||||
| 27913 | PUA-ADWARE Vittalia adware - get ads (more info ...) | trojan-activity | URL | |||
| 27914 | PUA-ADWARE Vittalia adware - post install (more info ...) | trojan-activity | URL | |||
| 27915 | PUA-ADWARE Vittalia adware outbound connection - pre install (more info ...) | trojan-activity | URL | |||
| 27916 | PUA-TOOLBARS Vittalia adware outbound connection - Eazel toolbar install (more info ...) | trojan-activity | URL | |||
| 27917 | PUA-TOOLBARS Vittalia adware outbound connection - offers (more info ...) | trojan-activity | URL | |||
| 27918 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27919 | MALWARE-CNC Win.Trojan.Zeus encrypted POST Data exfiltration (more info ...) | trojan-activity | URL | |||
| 27921 | SERVER-ORACLE Oracle Endeca Server createDataStore remote command injection attempt (more info ...) | attempted-admin | 2013-3763 | 61217 | URL | |
| 27922 | APP-DETECT Splashtop outbound connection attempt (more info ...) | policy-violation | URL | |||
| 27923 | APP-DETECT Splashtop connection negotiation attempt (more info ...) | policy-violation | URL | |||
| 27924 | APP-DETECT Splashtop Streamer download attempt (more info ...) | policy-violation | URL | |||
| 27925 | APP-DETECT Splashtop Personal download attempt (more info ...) | policy-violation | URL | |||
| 27927 | APP-DETECT Splashtop inbound connection negotiation attempt (more info ...) | policy-violation | URL | |||
| 27928 | APP-DETECT Splashtop connection attempt (more info ...) | policy-violation | URL | |||
| 27929 | APP-DETECT Splashtop communication attempt (more info ...) | policy-violation | URL | |||
| 27933 | APP-DETECT Splashtop streamer download attempt (more info ...) | policy-violation | URL | |||
| 27934 | APP-DETECT Splashtop personal download attempt (more info ...) | policy-violation | URL | |||
| 27939 | MALWARE-CNC Win.Trojan.Galock variant connection (more info ...) | trojan-activity | URL | |||
| 27955 | MALWARE-CNC Win.Trojan.Mevade variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27963 | MALWARE-CNC Win.Trojan.Lolbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27964 | MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (more info ...) | trojan-activity | URL | |||
| 27965 | MALWARE-CNC Win.Trojan.Eupuds variant connection (more info ...) | trojan-activity | URL | |||
| 27966 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 27967 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 27968 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 27969 | MALWARE-CNC Win.Trojan.Updays variant connection (more info ...) | trojan-activity | URL | |||
| 27970 | MALWARE-CNC Win.Trojan.Zeus dropper variant connection (more info ...) | trojan-activity | URL | |||
| 28002 | INDICATOR-SCAN UPnP WANPPPConnection (more info ...) | network-scan | URL | |||
| 28003 | INDICATOR-SCAN UPnP WANIPConnection (more info ...) | network-scan | URL | |||
| 28005 | MALWARE-CNC Win.Trojan.Kuluoz outbound command (more info ...) | trojan-activity | URL | |||
| 28007 | MALWARE-CNC BLYPT installer startupkey outbound traffic (more info ...) | trojan-activity | URL | |||
| 28008 | MALWARE-CNC BLYPT installer reuse outbound traffic (more info ...) | trojan-activity | URL | |||
| 28009 | MALWARE-CNC BLYPT installer configkey outbound traffic (more info ...) | trojan-activity | URL | |||
| 28010 | MALWARE-CNC BLYPT installer tserror outbound traffic (more info ...) | trojan-activity | URL | |||
| 28011 | MALWARE-CNC BLYPT installer createproc outbound traffic (more info ...) | trojan-activity | URL | |||
| 28012 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28026 | EXPLOIT-KIT Blackholev2 exploit kit landing page (more info ...) | trojan-activity | ||||
| 28028 | EXPLOIT-KIT Blackholev2/Cool exploit kit exploit download attempt (more info ...) | trojan-activity | ||||
| 28033 | MALWARE-CNC Win.Ransomware.Urausy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28040 | MALWARE-CNC Win.Trojan.Dofoil variant outbound connection (more info ...) | trojan-activity | ||||
| 28042 | MALWARE-CNC Win.Trojan.Caphaw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28044 | MALWARE-CNC Win.Trojan.CryptoLocker variant connection (more info ...) | trojan-activity | URL | |||
| 28045 | MALWARE-CNC Win.Trojan.VBKrypt variant connection (more info ...) | trojan-activity | URL | |||
| 28046 | OS-MOBILE Android fake iMessage app download (more info ...) | trojan-activity | URL | |||
| 28047 | SERVER-WEBAPP RaidSonic Multiple Products arbitrary command injection attempt (more info ...) | attempted-admin | 57958 | |||
| 28055 | OS-MOBILE Android ANDR.Trojan.FakeAV outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 28056 | OS-MOBILE Android ANDR.Trojan.FakeAV APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28057 | OS-MOBILE Android ANDR.Trojan.FakeAV APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28068 | APP-DETECT 360.cn Safeguard runtime outbound communication (more info ...) | misc-activity | URL | |||
| 28071 | APP-DETECT 360.cn SafeGuard local HTTP management console access attempt (more info ...) | trojan-activity | URL | |||
| 28072 | MALWARE-CNC Win.Trojan.Omexo outbound connection (more info ...) | trojan-activity | URL | |||
| 28073 | MALWARE-CNC Win.Trojan.Win32.Kimsuky variant file stealing (more info ...) | trojan-activity | URL | |||
| 28074 | MALWARE-CNC Win.Trojan.ADKR connection (more info ...) | trojan-activity | URL | |||
| 28075 | MALWARE-CNC Win.Trojan.gzfw connection (more info ...) | trojan-activity | URL | |||
| 28076 | SERVER-WEBAPP Drupal Core OpenID information disclosure attempt (more info ...) | web-application-attack | 2012-4554 | |||
| 28079 | MALWARE-CNC Win.Trojan.Napolar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28080 | MALWARE-CNC Win.Trojan.Napolar data theft (more info ...) | trojan-activity | URL | |||
| 28081 | OS-MOBILE Android ANDR.Trojan.Malapp APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28082 | OS-MOBILE Android ANDR.Trojan.Malapp APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28084 | MALWARE-CNC Win.Trojan.Hupigon variant connection (more info ...) | trojan-activity | URL | |||
| 28086 | OS-MOBILE Android ANDR.Trojan.SmsSpy APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28087 | OS-MOBILE Android ANDR.Trojan.SmsSpy APK file download attempt (more info ...) | trojan-activity | URL | |||
| 28088 | POLICY-SOCIAL Pidgin MXIT emoticon integer overflow attempt (more info ...) | attempted-user | 2013-6489 | |||
| 28089 | POLICY-SOCIAL multiple chat protocols link to local file attempt (more info ...) | attempted-user | 2013-6486 | |||
| 28090 | POLICY-SOCIAL multiple chat protocols link to local file attempt (more info ...) | attempted-user | 2013-6486 | |||
| 28094 | MALWARE-CNC Win.Trojan.Liteol variant connection (more info ...) | trojan-activity | URL | |||
| 28095 | MALWARE-CNC Win.Trojan.Liteol variant connection (more info ...) | trojan-activity | URL | |||
| 28096 | MALWARE-CNC Win.Trojan.Spynet variant connection (more info ...) | trojan-activity | URL | |||
| 28097 | MALWARE-CNC Win.Trojan.Ohlat variant connection (more info ...) | trojan-activity | URL | |||
| 28105 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28106 | MALWARE-CNC Win.Trojan.Banload information upload (more info ...) | trojan-activity | URL | |||
| 28107 | MALWARE-CNC Win.Trojan.Banload download (more info ...) | trojan-activity | URL | |||
| 28114 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /default.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28115 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /file.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28116 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /home.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28117 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /install.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28118 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /login.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28119 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /search.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28120 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /start.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28121 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /welcome.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28122 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /index.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28123 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /setup.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28124 | FILE-OTHER PCRE character class heap buffer overflow attempt (more info ...) | attempted-user | 2007-3944 | 25002 | ||
| 28125 | MALWARE-CNC Win.Trojan.Banbra variant connection (more info ...) | trojan-activity | URL | |||
| 28134 | MALWARE-CNC Win.Trojan.Dorkbot variant connection (more info ...) | trojan-activity | URL | |||
| 28139 | SERVER-WEBAPP Python Pickle remote code execution attempt (more info ...) | attempted-user | 2013-5093 | 61894 | ||
| 28140 | PUA-ADWARE Win.Adware.Schmidti outbound communication attempt (more info ...) | misc-activity | URL | |||
| 28141 | MALWARE-CNC Win.Trojan.banker outbound connection (more info ...) | trojan-activity | URL | |||
| 28143 | MALWARE-CNC Win.Trojan.Medfos outbound connection (more info ...) | trojan-activity | URL | |||
| 28144 | MALWARE-CNC Win.Trojan.Win32.Wpbrutebot variant connection (more info ...) | trojan-activity | URL | |||
| 28145 | SERVER-WEBAPP OpenEMR information disclosure attempt (more info ...) | web-application-attack | ||||
| 28146 | MALWARE-CNC Win.Trojan.Salgorea variant connection (more info ...) | trojan-activity | URL | |||
| 28147 | MALWARE-CNC Win.Trojan.Conficker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28148 | MALWARE-CNC Win.Trojan.Mevade variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28149 | SERVER-OTHER Quest Software Big Brother attempted arbitrary file deletion (more info ...) | attempted-user | URL | |||
| 28150 | SERVER-OTHER Quest Software Big Brother attempted arbitrary file upload (more info ...) | attempted-user | ||||
| 28153 | MALWARE-CNC Win.Trojan.Foreign variant outbound connection - /html2/ (more info ...) | trojan-activity | URL | |||
| 28154 | MALWARE-CNC Win.Trojan.Foreign variant outbound connection - MSIE 7.1 (more info ...) | trojan-activity | URL | |||
| 28155 | MALWARE-CNC Win.Trojan.Foreign variant outbound connection - MSIE 7.2 (more info ...) | trojan-activity | URL | |||
| 28156 | PUA-ADWARE Linkury outbound time check (more info ...) | trojan-activity | URL | |||
| 28164 | MALWARE-CNC Win.Trojan.FakeAV attempted file download (more info ...) | trojan-activity | URL | |||
| 28166 | MALWARE-CNC Win.Trojan.Bifrose variant connection (more info ...) | trojan-activity | URL | |||
| 28192 | MALWARE-CNC Win.Trojan.Kuluoz Potential Phishing URL (more info ...) | trojan-activity | URL | |||
| 28209 | MALWARE-CNC Win.Worm.IRCbot outbound connection (more info ...) | trojan-activity | URL | |||
| 28210 | MALWARE-CNC Win.Worm.IRCbot outbound connection (more info ...) | trojan-activity | URL | |||
| 28211 | MALWARE-CNC Win.Worm.IRCbot outbound connection (more info ...) | trojan-activity | URL | |||
| 28212 | MALWARE-CNC Win.Trojan.Bitsto variant connection (more info ...) | trojan-activity | URL | |||
| 28230 | MALWARE-CNC Boot.Bootroot Variant data upload (more info ...) | trojan-activity | URL | |||
| 28233 | EXPLOIT-KIT Blackholev2/Cool exploit kit payload download attempt (more info ...) | trojan-activity | ||||
| 28234 | MALWARE-CNC Win.Trojan.Hdslogger outbound connection (more info ...) | trojan-activity | URL | |||
| 28238 | EXPLOIT-KIT Multiple exploit kits malicious pdf download (more info ...) | trojan-activity | ||||
| 28239 | MALWARE-CNC Win.Trojan.Tuxido outbound connection (more info ...) | trojan-activity | URL | |||
| 28242 | MALWARE-CNC Win.Trojan.KanKan variant connection (more info ...) | trojan-activity | URL | |||
| 28244 | MALWARE-CNC Win.Trojan.Phrovon outbound connection (more info ...) | trojan-activity | URL | |||
| 28245 | APP-DETECT Bizhi Sogou Wallpaper application outbound connection attempt (more info ...) | misc-activity | URL | |||
| 28246 | APP-DETECT Bizhi Sogou Wallpaper application download schema response (more info ...) | misc-activity | URL | |||
| 28247 | MALWARE-CNC Win.Trojan.Dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28250 | MALWARE-CNC Security Cleaner Pro Install Confirmation (more info ...) | trojan-activity | URL | |||
| 28254 | MALWARE-CNC Win.Trojan.Perl.Shellbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28255 | MALWARE-CNC Win.Trojan.Kuluoz Potential phishing URL (more info ...) | trojan-activity | URL | |||
| 28285 | MALWARE-CNC Win.Trojan.hdog connectivity check-in version 2 (more info ...) | trojan-activity | URL | |||
| 28291 | EXPLOIT-KIT Blackholev2/Cool exploit kit exploit download attempt (more info ...) | trojan-activity | ||||
| 28300 | MALWARE-CNC Win.Trojan.Agent variant connection (more info ...) | trojan-activity | URL | |||
| 28301 | INDICATOR-SCAN User-Agent known malicious user-agent Masscan (more info ...) | misc-activity | URL | |||
| 28305 | MALWARE-CNC Win.Trojan.Mecifg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28323 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 28325 | MALWARE-CNC Win.Backdoor.Zuza variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28326 | MALWARE-CNC Win.Backdoor.Zuza variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28328 | MALWARE-CNC Win.Backdoor.Hupigon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28347 | MALWARE-OTHER SimpleTDS - page redirecting to a SimpleTDS (more info ...) | misc-activity | URL | |||
| 28362 | MALWARE-CNC User-Agent known malicious user-agent string SUiCiDE/1.5 (more info ...) | trojan-activity | ||||
| 28366 | MALWARE-CNC Win.Backdoor.Venik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28373 | MALWARE-CNC Win.Trojan.Mutopy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28382 | FILE-IDENTIFY HTML Help Index file download request (more info ...) | misc-activity | ||||
| 28383 | FILE-IDENTIFY HTML Help Index download file attachment detected (more info ...) | misc-activity | ||||
| 28384 | FILE-IDENTIFY HTML Help Index download file attachment detected (more info ...) | misc-activity | ||||
| 28392 | FILE-MULTIMEDIA MultiMedia Soft Components AdjMmsEng.dll PLS file processing buffer overflow attempt (more info ...) | attempted-user | 2009-5109 | 33589 | ||
| 28394 | SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (more info ...) | attempted-admin | 2013-0929 | |||
| 28395 | SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (more info ...) | attempted-admin | 2013-0929 | |||
| 28396 | SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (more info ...) | attempted-admin | 2013-0929 | |||
| 28397 | SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (more info ...) | attempted-admin | 2013-0929 | |||
| 28398 | SERVER-OTHER EMC AlphaStore format string vulnerability exploit attempt (more info ...) | attempted-admin | 2013-0929 | |||
| 28405 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28406 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28410 | MALWARE-CNC Win.Trojan.CoinMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28411 | MALWARE-CNC Win.Trojan.CoinMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28415 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28416 | MALWARE-CNC Win.Trojan.CryptoLocker outbound connection (more info ...) | trojan-activity | URL | |||
| 28417 | MALWARE-CNC Win.Trojan.Molgomsg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28418 | MALWARE-CNC Win.Trojan.Downloader.Dtcontx outbound connection (more info ...) | trojan-activity | URL | |||
| 28419 | MALWARE-CNC Win.Trojan.Tesch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28439 | MALWARE-CNC Win.Trojan.Bspire variant connection (more info ...) | trojan-activity | 2013-0422 | 57246 | URL | |
| 28444 | MALWARE-CNC Win.Backdoor.CBgate variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28448 | SERVER-WEBAPP HP Intelligent Management Center BIMS bimsDownload directory traversal attempt (more info ...) | attempted-recon | 2013-4823 | 62897 | URL | |
| 28482 | MALWARE-CNC Win.Trojan.Terminator RAT variant outbound connection (more info ...) | trojan-activity | 2012-0158 | |||
| 28484 | MALWARE-CNC Win.Trojan.Delpbank variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28485 | MALWARE-CNC Win.Trojan.Khalog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28486 | MALWARE-CNC Win.Trojan.Codiltak variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28493 | MALWARE-CNC DeputyDog diskless method outbound connection (more info ...) | trojan-activity | 2013-3918 | URL | ||
| 28528 | MALWARE-CNC Win.Trojan.Qadars variant outbound connection (more info ...) | misc-activity | URL | |||
| 28529 | MALWARE-CNC Win.Trojan.Qadars variant outbound connection (more info ...) | misc-activity | URL | |||
| 28530 | PUA-TOOLBARS Babylon toolbar outbound connection (more info ...) | misc-activity | URL | |||
| 28531 | PUA-ADWARE FreePDS installer outbound connection (more info ...) | trojan-activity | URL | |||
| 28532 | MALWARE-TOOLS PyLoris http DoS tool (more info ...) | attempted-dos | 2012-5568 | |||
| 28538 | MALWARE-CNC Win.Trojan.Asprox/Kuluoz variant connection (more info ...) | trojan-activity | URL | |||
| 28541 | MALWARE-CNC Win.Trojan.ZeroAccess Download Headers (more info ...) | trojan-activity | URL | |||
| 28542 | MALWARE-CNC Win.Trojan.Conficker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28543 | MALWARE-CNC Win.Trojan.Conficker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28547 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28548 | MALWARE-CNC Win.Trojan.chfx variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28552 | INDICATOR-SCAN inbound probing for IPTUX messenger port (more info ...) | misc-activity | URL | |||
| 28553 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /main.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28554 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection - /online.htm GET Encrypted Payload (more info ...) | trojan-activity | URL | |||
| 28558 | MALWARE-CNC User-Agent known malicious user-agent string getURLdown (more info ...) | trojan-activity | URL | |||
| 28559 | MALWARE-CNC Win.Trojan.Castov variant connection (more info ...) | trojan-activity | URL | |||
| 28561 | MALWARE-CNC Win.Trojan.Plugx outbound connection (more info ...) | trojan-activity | URL | |||
| 28562 | MALWARE-CNC Win.Trojan.Sidopa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28565 | MALWARE-CNC Win.Trojan.Sluegot variant connection (more info ...) | trojan-activity | URL | |||
| 28599 | MALWARE-CNC Win.Backdoor.Lesirt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28604 | MALWARE-CNC Win.Trojan.Kasnam variant connection (more info ...) | trojan-activity | URL | |||
| 28605 | MALWARE-CNC Win.Trojan.Kasnam variant connection (more info ...) | trojan-activity | URL | |||
| 28606 | MALWARE-CNC Win.Trojan.Surtr variant connection (more info ...) | trojan-activity | URL | |||
| 28607 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28613 | EXPLOIT-KIT Angler exploit kit landing page - specific-structure (more info ...) | trojan-activity | 2013-3896 | URL | ||
| 28614 | EXPLOIT-KIT Angler exploit kit landing page (more info ...) | trojan-activity | 2013-3896 | URL | ||
| 28616 | EXPLOIT-KIT Angler exploit kit payload download attempt (more info ...) | trojan-activity | 2013-3896 | URL | ||
| 28630 | INDICATOR-OBFUSCATION obfuscated script encoding detected (more info ...) | misc-activity | URL | |||
| 28724 | MALWARE-CNC Win.Trojan.Agent outbound connection (more info ...) | trojan-activity | URL | |||
| 28746 | SERVER-WEBAPP SAP NetWeaver SXPG_CALL_SYSTEM remote code execution attempt (more info ...) | attempted-user | URL | |||
| 28799 | MALWARE-CNC Win.Trojan.Mxtcycle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28800 | MALWARE-CNC Win.Trojan.Zeus outbound connection (more info ...) | trojan-activity | URL | |||
| 28802 | MALWARE-CNC Win.Trojan.Bancos outbound connection (more info ...) | trojan-activity | URL | |||
| 28803 | MALWARE-CNC Win.Trojan.Injector inbound connection (more info ...) | trojan-activity | URL | |||
| 28804 | MALWARE-CNC Win.Trojan.Injector outbound connection (more info ...) | trojan-activity | URL | |||
| 28805 | MALWARE-CNC Win.Trojan.Palevo outbound connection (more info ...) | trojan-activity | URL | |||
| 28807 | MALWARE-CNC Win.Trojan.Injector variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28808 | MALWARE-CNC Win.Backdoor.Ptiger variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28809 | MALWARE-CNC Win.Trojan.Dofoil inbound connection (more info ...) | trojan-activity | URL | |||
| 28810 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection - MSIE7 No Referer No Cookie (more info ...) | trojan-activity | URL | |||
| 28813 | MALWARE-CNC Win.Trojan.Ufraie variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28814 | MALWARE-CNC Win.Trojan.Gozi/Neverquest variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28815 | MALWARE-CNC Win.Trojan.Gozi/Neverquest variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28816 | MALWARE-CNC Win.Trojan.Siluhdur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28817 | MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28818 | FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (more info ...) | attempted-user | 2005-3051 | 21208 | ||
| 28819 | FILE-OTHER 7-Zip ARJ archive handling buffer overflow attempt (more info ...) | attempted-user | 2005-3051 | 21208 | ||
| 28820 | MALWARE-CNC Win.Trojan.Egamipload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28821 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28822 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28823 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28824 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28825 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28826 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28827 | SERVER-OTHER McAfee ePolicy Orchestrator XSS attempt (more info ...) | attempted-admin | 2013-0141 | 59505 | URL | |
| 28837 | FILE-OTHER Corel PaintShop Pro d2d1.dll dll-load exploit attempt (more info ...) | attempted-user | 2013-0733 | 62836 | URL | |
| 28842 | FILE-OTHER Corel PaintShop Pro wintab32.dll dll-load exploit attempt (more info ...) | attempted-user | 2013-0733 | 62836 | URL | |
| 28853 | MALWARE-CNC Win.Trojan.Dipverdle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28856 | MALWARE-CNC Win.Trojan.Yowdab variant connection (more info ...) | trojan-activity | URL | |||
| 28857 | MALWARE-CNC Adwind UNRECOM connnection back to cnc server (more info ...) | trojan-activity | URL | |||
| 28858 | MALWARE-CNC Adwind UNRECOM connnection back to cnc server (more info ...) | trojan-activity | URL | |||
| 28859 | MALWARE-CNC User-Agent known malicious user-agent z00sAgent - Win.Trojan.Zbot (more info ...) | trojan-activity | URL | |||
| 28860 | MALWARE-CNC User-Agent known malicious user-agent - Win.Trojan.Nitedrem (more info ...) | trojan-activity | URL | |||
| 28861 | MALWARE-CNC Win.Trojan.Roxfora variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28864 | MALWARE-CNC Win.Trojan.Tofsee variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28879 | MALWARE-CNC Win.Backdoor.Tavdig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28886 | MALWARE-CNC Win.Trojan.Scar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28913 | MALWARE-BACKDOOR Zollard variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 28914 | MALWARE-CNC Win.Trojan.Anony variant connection (more info ...) | trojan-activity | URL | |||
| 28917 | PROTOCOL-SCADA Microsys Promotic directory traversal attempt (more info ...) | attempted-user | 2011-4518 | 50133 | URL | |
| 28918 | MALWARE-CNC Win.Trojan.Symmi variant network connectivity check (more info ...) | trojan-activity | URL | |||
| 28919 | MALWARE-CNC Win.Trojan.Symmi variant network connectivity check (more info ...) | trojan-activity | URL | |||
| 28930 | MALWARE-CNC Win.Trojan.Fakeav variant outbound data connection (more info ...) | trojan-activity | ||||
| 28934 | PUA-ADWARE InstallBrain software download attempt (more info ...) | misc-activity | URL | |||
| 28935 | PUA-ADWARE InstallBrain software download attempt (more info ...) | misc-activity | URL | |||
| 28936 | SERVER-WEBAPP Horde groupware webmail edition ingo filter cross-site request forgery attempt (more info ...) | attempted-user | 2013-6275 | |||
| 28940 | MALWARE-CNC Win.Trojan.Rovnix malicious download (more info ...) | trojan-activity | URL | |||
| 28942 | SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (more info ...) | attempted-user | 2008-3167 | 30136 | ||
| 28943 | SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (more info ...) | attempted-user | 2008-3167 | 30136 | ||
| 28944 | SERVER-WEBAPP BoonEx Dolphin 6.1.2 remote file include attempt (more info ...) | attempted-user | 2008-3167 | 30136 | ||
| 28945 | INDICATOR-COMPROMISE exe.exe download (more info ...) | trojan-activity | URL | |||
| 28947 | MALWARE-CNC Win.Trojan.Tapaoux variant connection (more info ...) | trojan-activity | URL | |||
| 28948 | MALWARE-CNC Win.Trojan.Kishlog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28949 | MALWARE-CNC Win.Trojan.Kishlog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28955 | SERVER-OTHER Squid HTTP Host header port parameter denial of service attempt (more info ...) | attempted-user | 2013-4123 | |||
| 28958 | MALWARE-CNC Win.Trojan.Jussuc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28960 | MALWARE-CNC Win.Trojan.Alurewo outbound connection (more info ...) | trojan-activity | URL | |||
| 28967 | EXPLOIT-KIT HiMan exploit kit outbound exploit retrieval connection (more info ...) | trojan-activity | ||||
| 28970 | SERVER-WEBAPP Fortinet FortiAnalyzer cross-site request forgery attempt. (more info ...) | attempted-admin | ||||
| 28971 | SERVER-WEBAPP Fortinet FortiAnalyzer cross-site request forgery attempt. (more info ...) | attempted-admin | ||||
| 28976 | MALWARE-CNC Win.Trojan.Agent.DF - Data Exfiltration (more info ...) | trojan-activity | URL | |||
| 28977 | MALWARE-CNC Win.Trojan.Agent.DF - User-Agent Missing Bracket (more info ...) | trojan-activity | URL | |||
| 28978 | FILE-OTHER CHM LZX compression reset interval anti-virus evasion attempt (more info ...) | trojan-activity | 2012-1458 | URL | ||
| 28979 | FILE-OTHER CHM LZX compression reset interval anti-virus evasion attempt (more info ...) | trojan-activity | 2012-1458 | URL | ||
| 28982 | MALWARE-CNC Win.Worm.Steckt IRCbot requesting URL through IRC (more info ...) | trojan-activity | URL | |||
| 28983 | MALWARE-CNC Win.Trojan.Steckt IRCbot executable download (more info ...) | trojan-activity | URL | |||
| 28984 | MALWARE-CNC Win.Worm.Steckt IRCbot executable download (more info ...) | trojan-activity | URL | |||
| 28985 | MALWARE-CNC Win.Worm.Steckt IRCbot executable download (more info ...) | trojan-activity | URL | |||
| 28986 | MALWARE-CNC Win.Worm.Neeris IRCbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28987 | MALWARE-CNC Win.Worm.Steckt IRCbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28988 | MALWARE-CNC Win.Worm.Steckt IRCbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 28989 | MALWARE-CNC Win.Trojan.Egobot variant outbound connection (more info ...) | trojan-activity | 2011-0609 | URL | ||
| 28990 | MALWARE-CNC Win.Trojan.Qakbot connection to cnc server (more info ...) | trojan-activity | URL | |||
| 28994 | MALWARE-CNC Win.Trojan.Backdoor Remote Shell Server download (more info ...) | trojan-activity | URL | |||
| 28995 | MALWARE-CNC Win.Trojan.Backdoor Remote Shell Server download (more info ...) | trojan-activity | URL | |||
| 28996 | MALWARE-CNC Win.Trojan.Bunitu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29005 | SERVER-WEBAPP IBM Platform Symphony SOAP request processing buffer overflow attempt (more info ...) | attempted-user | 2013-5387 | |||
| 29006 | FILE-IDENTIFY XWD image file attachment detected (more info ...) | misc-activity | ||||
| 29007 | FILE-IDENTIFY XWD image file attachment detected (more info ...) | misc-activity | ||||
| 29008 | FILE-IDENTIFY XWD image file download request (more info ...) | misc-activity | ||||
| 29009 | FILE-OTHER GIMP XWD file heap buffer overflow attempt (more info ...) | attempted-user | 2013-1978 | |||
| 29010 | FILE-OTHER GIMP XWD file heap buffer overflow attempt (more info ...) | attempted-user | 2013-1978 | |||
| 29011 | MALWARE-CNC Win.Trojan.Dotconta variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29016 | MALWARE-CNC Win.Trojan.Cordmix variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29026 | MALWARE-CNC Win.Trojan.Limlspy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29031 | MALWARE-CNC Win.Trojan.Banload variant inbound connection (more info ...) | trojan-activity | URL | |||
| 29038 | MALWARE-CNC Win.Trojan.Shiz variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29039 | MALWARE-CNC Win.Trojan.Shiz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29040 | SERVER-WEBAPP Zimbra remote code execution attempt (more info ...) | attempted-admin | 2013-7091 | 64149 | ||
| 29044 | MALWARE-CNC Win.Trojan.Lorask variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29045 | MALWARE-CNC Win.Trojan.Lorask variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29056 | MALWARE-CNC Win.Trojan.Descrantol variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29057 | MALWARE-CNC Installation Win.Trojan.Umberial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29058 | MALWARE-CNC Win.Trojan.Umberial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29066 | EXPLOIT-KIT Angler exploit kit XORed payload download attempt (more info ...) | trojan-activity | 2013-3896 | URL | ||
| 29068 | MALWARE-CNC Win.Trojan.Tapazom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29071 | MALWARE-CNC Win.Trojan.Wcvalep variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29073 | MALWARE-CNC Win.Trojan.Maetdik variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29074 | MALWARE-CNC Win.Trojan.Maetdik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29075 | MALWARE-CNC Win.Trojan.Firefly outbound communcation (more info ...) | trojan-activity | URL | |||
| 29076 | MALWARE-CNC Win.Trojan.Epixed variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29077 | MALWARE-CNC Win.Trojan.Platidium variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29079 | MALWARE-CNC Win.Trojan.Inftob variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29081 | MALWARE-CNC Win.Trojan.Budir initial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29082 | MALWARE-CNC Win.Trojan.Ldmon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29087 | MALWARE-CNC Win.Trojan.Kboy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29091 | MALWARE-CNC Win.Trojan.Choxy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29103 | MALWARE-CNC Win.Trojan.Korhigh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29104 | MALWARE-CNC Win.Trojan.Iniptad variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29108 | MALWARE-CNC Win.Trojan.SixMuch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29109 | MALWARE-CNC Win.Trojan.Drafukey variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29110 | SERVER-WEBAPP Symantec Messaging Gateway save.do cross site request forgery attempt (more info ...) | attempted-user | 2012-0308 | |||
| 29112 | MALWARE-CNC Win.Trojan.Drafukey variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29113 | MALWARE-CNC Win.Trojan.Conrec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29114 | MALWARE-CNC Win.Trojan.Sotark variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29115 | MALWARE-CNC Win.Trojan.Alset variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29117 | MALWARE-CNC Win.Trojan.Tyaui variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29124 | MALWARE-OTHER Win.Trojan.InstallMonster variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29125 | MALWARE-CNC Win.Trojan.Valden variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29127 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | ||||
| 29133 | MALWARE-CNC Win.Trojan.Goobraz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29135 | MALWARE-CNC Win.Trojan.Bfddos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29136 | MALWARE-CNC Win.Trojan.Neos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29138 | MALWARE-CNC Win.Trojan.Mojap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29139 | MALWARE-CNC User-Agent known malicious User-Agent string HTTP 1.1 - Win.Trojan.Tapslix (more info ...) | trojan-activity | URL | |||
| 29140 | MALWARE-CNC Win.Trojan.Tearspear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29143 | MALWARE-CNC User-Agent known malicious User-Agent - Win.Trojan.Secciv (more info ...) | trojan-activity | URL | |||
| 29146 | MALWARE-CNC Win.Trojan.RansomCrypt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29148 | MALWARE-CNC Win.Trojan.Huxerox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29149 | MALWARE-CNC Win.Trojan.Janicab outbound connection (more info ...) | trojan-activity | URL | |||
| 29150 | MALWARE-CNC User-Agent suspicious user-agent WarpHTTP - Win.Trojan.Yohakest (more info ...) | trojan-activity | URL | |||
| 29152 | MALWARE-CNC Win.Trojan.Yohakest variant initial runtime outbound connection (more info ...) | trojan-activity | URL | |||
| 29153 | MALWARE-CNC Win.Trojan.Yohakest variant file upload outbound connection (more info ...) | trojan-activity | URL | |||
| 29154 | MALWARE-CNC Win.Trojan.Yohakest variant followup outbound connection (more info ...) | trojan-activity | URL | |||
| 29155 | MALWARE-CNC Win.Trojan.Vwealer outbound connection (more info ...) | trojan-activity | URL | |||
| 29163 | EXPLOIT-KIT CritX exploit kit outbound exploit request (more info ...) | trojan-activity | ||||
| 29174 | MALWARE-CNC User-Agent known malicious user-agent string fortis (more info ...) | trojan-activity | URL | |||
| 29175 | MALWARE-CNC Win.Trojan.Sitrof variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29176 | MALWARE-CNC Win.Trojan.Retsaw variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29179 | MALWARE-CNC Win.Trojan.Tenad variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29180 | MALWARE-CNC User-Agent known malicious User-Agent Update1.0 - Win.Trojan.Downbini (more info ...) | trojan-activity | URL | |||
| 29187 | EXPLOIT-KIT Nuclear exploit kit outbound pdf request (more info ...) | trojan-activity | ||||
| 29188 | EXPLOIT-KIT Magnitude exploit kit embedded open type font file request (more info ...) | trojan-activity | ||||
| 29192 | SERVER-WEBAPP Zimbra remote code execution attempt (more info ...) | attempted-admin | 2013-7091 | 64149 | ||
| 29193 | SERVER-WEBAPP Zimbra remote code execution attempt (more info ...) | attempted-admin | 2013-7091 | 64149 | ||
| 29216 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29220 | MALWARE-CNC Win.Trojan.Strictor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29259 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29260 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29261 | MALWARE-CNC Win.Trojan.Dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29274 | FILE-IDENTIFY XFDL file attachment detected (more info ...) | misc-activity | URL | |||
| 29275 | FILE-IDENTIFY XFDL file attachment detected (more info ...) | misc-activity | URL | |||
| 29276 | FILE-IDENTIFY XFDL file download request (more info ...) | misc-activity | URL | |||
| 29277 | FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (more info ...) | attempted-user | 2013-5447 | URL | ||
| 29278 | FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (more info ...) | attempted-user | 2013-5447 | URL | ||
| 29279 | FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (more info ...) | attempted-user | 2013-5447 | URL | ||
| 29280 | FILE-OTHER IBM Forms Viewer XFDL form processing stack buffer overflow attempt (more info ...) | attempted-user | 2013-5447 | URL | ||
| 29289 | MALWARE-CNC Win.Trojan.Kmnokay outbound connection (more info ...) | trojan-activity | URL | |||
| 29291 | MALWARE-CNC Win.Trojan.Stitur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29292 | MALWARE-CNC Win.Trojan.Chulastran variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29293 | MALWARE-CNC Win.Trojan.Chulastran variant initial version check outbound connection (more info ...) | trojan-activity | URL | |||
| 29294 | MALWARE-CNC Win.Trojan.Boda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29295 | MALWARE-CNC Win.Trojan.Boda variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29299 | MALWARE-CNC Win.Trojan.Nineblog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29300 | MALWARE-CNC Win.Trojan.Graftor variant inbound connection (more info ...) | trojan-activity | URL | |||
| 29301 | MALWARE-CNC Win.Trojan.Mizzmo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29302 | MALWARE-CNC Win.Trojan.Diswenshow outbound connection (more info ...) | trojan-activity | URL | |||
| 29304 | MALWARE-CNC Win.Trojan.Verbscut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29306 | MALWARE-CNC Win.Trojan.Popyerd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29307 | MALWARE-CNC Win.Trojan.Fraxytime outbound connection (more info ...) | trojan-activity | URL | |||
| 29308 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1013 attack attempt (more info ...) | trojan-activity | ||||
| 29309 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1013 attack attempt (more info ...) | trojan-activity | ||||
| 29310 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1013 attack attempt (more info ...) | trojan-activity | ||||
| 29311 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1013 attack attempt (more info ...) | trojan-activity | ||||
| 29312 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1013 attack attempt (more info ...) | trojan-activity | ||||
| 29313 | MALWARE-CNC Win.Trojan.Proxydown variant connection (more info ...) | trojan-activity | URL | |||
| 29314 | PROTOCOL-SCADA Modbus function scan (more info ...) | protocol-command-decode | URL | |||
| 29315 | PROTOCOL-SCADA Modbus list scan (more info ...) | protocol-command-decode | URL | |||
| 29316 | PROTOCOL-SCADA Modbus value scan (more info ...) | protocol-command-decode | URL | |||
| 29317 | PROTOCOL-SCADA Modbus invalid exception message (more info ...) | protocol-command-decode | URL | |||
| 29318 | PROTOCOL-SCADA Modbus invalid encapsulated interface response (more info ...) | protocol-command-decode | URL | |||
| 29319 | PROTOCOL-SCADA Modbus invalid encapsulated interface request (more info ...) | protocol-command-decode | URL | |||
| 29320 | APP-DETECT Baidu IME download attempt (more info ...) | policy-violation | URL | |||
| 29321 | APP-DETECT Baidu IME download attempt (more info ...) | policy-violation | URL | |||
| 29322 | APP-DETECT Baidu IME runtime detection - remote sync (more info ...) | attempted-recon | URL | |||
| 29324 | MALWARE-CNC Win.Trojan.Vivia variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29325 | MALWARE-CNC Win.Trojan.Horsamaz outbound connection (more info ...) | trojan-activity | URL | |||
| 29330 | MALWARE-CNC Win.Trojan.Piedacon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29331 | MALWARE-CNC Win.Trojan.Aokaspid outbound connection using modem (more info ...) | trojan-activity | URL | |||
| 29332 | MALWARE-CNC Win.Trojan.Aokaspid outbound connection using lan (more info ...) | trojan-activity | URL | |||
| 29333 | MALWARE-CNC Win.Trojan.Aokaspid outbound connection using proxy server (more info ...) | trojan-activity | URL | |||
| 29334 | MALWARE-CNC Win.Trojan.Aokaspid outbound connection using other (more info ...) | trojan-activity | URL | |||
| 29335 | MALWARE-CNC OSX.Trojan.CallMe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29337 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29339 | MALWARE-CNC Win.Trojan.Kishop variant initial runtime outbound connection (more info ...) | trojan-activity | URL | |||
| 29340 | MALWARE-CNC Win.Trojan.Plusau outbound connection (more info ...) | trojan-activity | URL | |||
| 29341 | MALWARE-CNC User-Agent known malicious User-Agent string CustomSpy - Win.Trojan.Etek (more info ...) | trojan-activity | URL | |||
| 29344 | MALWARE-CNC Win.Trojan.Dondat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29345 | MALWARE-CNC Win.Trojan.Dondat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29348 | MALWARE-CNC Win.Trojan.Chifan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29349 | MALWARE-CNC Win.Trojan.Zusy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29351 | MALWARE-CNC Win.Trojan.Bulilit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29352 | MALWARE-CNC Win.Trojan.Typdec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29353 | MALWARE-CNC Win.Trojan.Zeagle outbound connection (more info ...) | trojan-activity | URL | |||
| 29354 | APP-DETECT Foca file scanning attempt (more info ...) | attempted-recon | URL | |||
| 29356 | MALWARE-CNC Win.Trojan.Cidox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29357 | PUA-P2P Vuze BitTorrent client outbound connection (more info ...) | policy-violation | URL | |||
| 29358 | MALWARE-CNC User-Agent known malicious user-agent - Win.Trojan.Mowfote (more info ...) | trojan-activity | URL | |||
| 29359 | MALWARE-CNC Win.Trojan.Mowfote variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29363 | MALWARE-CNC Win.Trojan.Pacbootini variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29367 | MALWARE-CNC Win.Trojan.Boato variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29368 | MALWARE-CNC Win.Trojan.Boato variant followup outbound connection (more info ...) | trojan-activity | URL | |||
| 29370 | MALWARE-CNC Win.Trojan.Agent.ADJI variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29371 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Dluca (more info ...) | trojan-activity | URL | |||
| 29376 | MALWARE-CNC Win.Trojan.CryptoLocker.B connection test (more info ...) | trojan-activity | URL | |||
| 29378 | MALWARE-CNC Win.Trojan.Dropper inbound encrypted traffic (more info ...) | trojan-activity | URL | |||
| 29379 | MALWARE-CNC Win.Trojan.Dropper outbound encrypted traffic - potential exfiltration (more info ...) | trojan-activity | URL | |||
| 29380 | MALWARE-CNC Win.Trojan.Dropper outbound encrypted traffic (more info ...) | trojan-activity | URL | |||
| 29389 | MALWARE-CNC Win.Trojan.Alusins variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29393 | SERVER-OTHER ntp monlist denial of service attempt (more info ...) | attempted-dos | 2013-5211 | URL | ||
| 29395 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29396 | POLICY-SPAM Potential phishing attack - .zip receipt filename download with .exe name within .zip the same (more info ...) | trojan-activity | URL | |||
| 29397 | POLICY-SPAM Potential phishing attack - .zip shipping filename download with .exe name within .zip the same (more info ...) | trojan-activity | URL | |||
| 29398 | POLICY-SPAM Potential phishing attack - .zip voicemail filename download with .exe name within .zip the same (more info ...) | trojan-activity | URL | |||
| 29399 | POLICY-SPAM Potential phishing attack - .zip statement filename download with .exe name within .zip the same (more info ...) | trojan-activity | URL | |||
| 29400 | SERVER-WEBAPP vTiger CRM AddEmailAttachment directory traversal attempt (more info ...) | attempted-admin | 2013-3214 | 61558 | URL | |
| 29411 | EXPLOIT-KIT Angler exploit kit landing page (more info ...) | trojan-activity | ||||
| 29413 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 29414 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 29416 | MALWARE-CNC Win.Trojan.vSkimmer outbound connection (more info ...) | trojan-activity | URL | |||
| 29417 | MALWARE-CNC Win.Trojan.Solimba download attempt (more info ...) | trojan-activity | URL | |||
| 29418 | OS-MOBILE Android signature validation bypass APK file download attempt (more info ...) | trojan-activity | 2013-6792 | 64529 | URL | |
| 29419 | OS-MOBILE Android signature validation bypass APK file download attempt (more info ...) | trojan-activity | 2013-6792 | 64529 | URL | |
| 29422 | MALWARE-CNC Win.Trojan.Rhubot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29423 | MALWARE-CNC Win.Trojan.MaxerDDos variant connection (more info ...) | trojan-activity | URL | |||
| 29424 | MALWARE-CNC Win.Trojan.Dldr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29426 | MALWARE-CNC Win.Trojan.Etomertg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29428 | MALWARE-CNC Win.Trojan.Zatincel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29430 | MALWARE-CNC Win.Trojan.Icefog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29431 | MALWARE-CNC User-Agent known malicious user-agent - Win.Trojan.Tirips (more info ...) | trojan-activity | URL | |||
| 29437 | OS-MOBILE Android Goodix gt915 touchscreen driver improper bounds-check privileged access attempt (more info ...) | attempted-user | 2013-6122 | 63661 | URL | |
| 29438 | OS-MOBILE Android Goodix gt915 touchscreen driver improper bounds-check privileged access attempt (more info ...) | attempted-user | 2013-6122 | 63661 | URL | |
| 29440 | MALWARE-CNC Win.Trojan.Chewbacca outbound connection (more info ...) | trojan-activity | URL | |||
| 29443 | EXPLOIT-KIT Fiesta exploit kit outbound connection attempt (more info ...) | trojan-activity | ||||
| 29459 | MALWARE-CNC Win.Trojan.Fexel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29460 | MALWARE-CNC Win.Trojan.Pabueri variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29461 | MALWARE-CNC Win.Trojan.Norekab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29464 | MALWARE-CNC Win.Trojan.SniperSpy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29483 | MALWARE-CNC Win.Trojan.Botime variant connection (more info ...) | trojan-activity | URL | |||
| 29484 | MALWARE-CNC Win.Trojan.POSCardStealer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29489 | MALWARE-CNC Win.Trojan.Gaertob variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29495 | MALWARE-CNC Win.Trojan.Kopdel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29496 | MALWARE-CNC Win.Trojan.Bicololo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29497 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29498 | SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (more info ...) | attempted-recon | 2013-4826 | 62898 | URL | |
| 29499 | SERVER-WEBAPP HP Intelligent Management Center sdFileDownload information disclosure attempt (more info ...) | attempted-recon | 2013-4826 | 62898 | URL | |
| 29500 | PUA-ADWARE 4Shared Downloader outbound connection attempt (more info ...) | misc-activity | URL | |||
| 29501 | PUA-ADWARE 4Shared Downloader executable file download attempt (more info ...) | misc-activity | URL | |||
| 29509 | INDICATOR-OBFUSCATION Multiple character encodings detected (more info ...) | attempted-user | URL | |||
| 29547 | SERVER-WEBAPP IBM Rational Focal Point webservice Axis Gateway GET vulnerability attempt (more info ...) | attempted-user | 2013-5398 | URL | ||
| 29548 | SERVER-WEBAPP IBM Rational Focal Point webservice Axis Gateway POST vulnerability attempt (more info ...) | attempted-user | 2013-5398 | URL | ||
| 29550 | MALWARE-CNC Win.Trojan.Doneste variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29555 | MALWARE-CNC Win.Trojan.Spyex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29556 | MALWARE-CNC Win.Trojan.Loxes variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29557 | MALWARE-CNC Win.Trojan.Marten variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29559 | MALWARE-CNC Win.Trojan.Sydigu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29561 | MALWARE-CNC Win.Trojan.Lechiket variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29562 | MALWARE-CNC Win.Trojan.Blobrsa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29563 | MALWARE-CNC Win.Trojan.Blobrsa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29565 | MALWARE-CNC Win.Trojan.Banker.AALV variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29566 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29570 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29571 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29572 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29573 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29574 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29575 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29577 | FILE-OTHER Oracle Outside In OS2 metafile parser stack buffer overflow attempt (more info ...) | attempted-user | 2013-5763 | 63741 | URL | |
| 29582 | SERVER-OTHER Mediawiki DjVu and PDF handling code execution attempt (more info ...) | attempted-admin | 2014-1610 | |||
| 29583 | SERVER-WEBAPP HP Intelligent Management Center information disclosure attempt (more info ...) | web-application-attack | 2012-5208 | |||
| 29593 | SERVER-WEBAPP Airlive IP Camera CSRF attempt (more info ...) | policy-violation | 2013-3540 | 60547 | ||
| 29595 | SERVER-WEBAPP Airlive IP Camera directory traversal attempt (more info ...) | web-application-attack | 2013-3541 | 60549 | ||
| 29615 | MALWARE-CNC Win.Trojan.Keylogger outbound connection (more info ...) | trojan-activity | 2014-0497 | URL | ||
| 29616 | MALWARE-CNC Win.Trojan.Keylogger inbound connection (more info ...) | trojan-activity | 2014-0497 | URL | ||
| 29635 | MALWARE-CNC Win.Trojan.Nursteal variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29636 | MALWARE-CNC Win.Trojan.Blocker.cbuf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29637 | MALWARE-CNC Win.Trojan.Lumbko variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29638 | MALWARE-CNC Win.Trojan.Lumbko variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29644 | MALWARE-CNC Win.Trojan.Sdconsent outbound connection (more info ...) | trojan-activity | 2013-0158 | URL | ||
| 29645 | MALWARE-CNC User-Agent known malicious user-agent - Win.Trojan.Mimunita (more info ...) | trojan-activity | URL | |||
| 29646 | SERVER-WEBAPP SkyBlueCanvas CMS contact page command injection attempt (more info ...) | web-application-attack | 2014-1683 | 65129 | ||
| 29652 | MALWARE-CNC User-Agent known malicious user-agent - Win.Trojan.Truado (more info ...) | trojan-activity | URL | |||
| 29660 | FILE-OTHER Norton Anti-Virus decompression bomb denial of service attempt (more info ...) | attempted-dos | URL | |||
| 29661 | FILE-OTHER Norton Anti-Virus decompression bomb denial of service attempt (more info ...) | attempted-dos | URL | |||
| 29663 | MALWARE-CNC Win.Trojan.Dampt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29664 | MALWARE-CNC Win.Trojan.DomaIQ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29665 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29666 | MALWARE-CNC Win.Trojan.Linkup outbound connection (more info ...) | trojan-activity | URL | |||
| 29670 | MALWARE-CNC Win.Trojan.Caphaw outbound connection (more info ...) | trojan-activity | URL | |||
| 29740 | MALWARE-CNC Win.Trojan.Sarvdap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29745 | INDICATOR-OBFUSCATION Alternating character encodings - JS variable (more info ...) | policy-violation | URL | |||
| 29750 | SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (more info ...) | attempted-user | 2013-4824 | 62902 | URL | |
| 29751 | SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (more info ...) | attempted-user | 2013-4824 | 62902 | URL | |
| 29752 | SERVER-WEBAPP HP Intelligent Management Center SOM authentication bypass attempt (more info ...) | attempted-user | 2013-4824 | 62902 | URL | |
| 29760 | MALWARE-CNC User-Agent known malicious user-agent string MSIE 4.01 - Win.Trojan.Careto (more info ...) | trojan-activity | URL | |||
| 29788 | MALWARE-CNC Win.Trojan.Careto outbound connection (more info ...) | trojan-activity | URL | |||
| 29789 | MALWARE-CNC Win.Trojan.Careto plugin download (more info ...) | trojan-activity | URL | |||
| 29790 | MALWARE-CNC Win.Trojan.Careto plugin download (more info ...) | trojan-activity | URL | |||
| 29791 | MALWARE-CNC Win.Trojan.Careto plugin download (more info ...) | trojan-activity | URL | |||
| 29793 | SERVER-OTHER D-Link IP Cameras execution of commands from administration web interface (more info ...) | attempted-user | 2013-1599 | URL | ||
| 29794 | SERVER-OTHER D-Link IP Cameras access to the video stream via HTTP (more info ...) | attempted-user | 2013-1600 | URL | ||
| 29795 | SERVER-OTHER D-Link IP Cameras access the ASCII video stream via image luminance (more info ...) | attempted-user | 2013-1601 | URL | ||
| 29798 | SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (more info ...) | attempted-admin | URL | |||
| 29799 | SERVER-WEBAPP CuteFlow pre-authenticated admin account creation attempt (more info ...) | attempted-admin | URL | |||
| 29800 | FILE-OTHER XML exponential entity expansion attack attempt (more info ...) | attempted-user | 2015-0677 | URL | ||
| 29807 | INDICATOR-OBFUSCATION Alternating character encodings - JS array (more info ...) | policy-violation | URL | |||
| 29808 | SERVER-WEBAPP Nagios XI alert cloud cross site scripting attempt (more info ...) | attempted-user | ||||
| 29813 | INDICATOR-OBFUSCATION randomized HTML number encodings detected in clsid access attempt (more info ...) | policy-violation | URL | |||
| 29816 | MALWARE-CNC Win.Trojan.Jackpos outbound connection (more info ...) | trojan-activity | URL | |||
| 29817 | MALWARE-CNC Win.Trojan.Jackpos outbound connection (more info ...) | trojan-activity | URL | |||
| 29824 | MALWARE-CNC User-Agent known malicious user agent - TixDll - Win.Trojan.Adload.dyhq (more info ...) | trojan-activity | URL | |||
| 29828 | MALWARE-CNC Win.Trojan.Adload.dyhq variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29861 | MALWARE-CNC Win.Trojan.Brabat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29862 | MALWARE-CNC Win.Trojan.Pirminay variant outbout connection (more info ...) | trojan-activity | URL | |||
| 29863 | MALWARE-CNC Win.Trojan.Pirminay variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29865 | MALWARE-CNC Win.Trojan.Kuluoz outbound connection (more info ...) | trojan-activity | URL | |||
| 29869 | MALWARE-CNC Win.Trojan.Napolar phishing attack (more info ...) | trojan-activity | URL | |||
| 29870 | MALWARE-CNC Win.Trojan.Pony HTTP response connection (more info ...) | trojan-activity | URL | |||
| 29871 | SERVER-ORACLE Oracle Reports server remote code execution attempt (more info ...) | attempted-admin | 2012-3153 | URL | ||
| 29873 | MALWARE-CNC Win.Trojan.Hanove variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29877 | MALWARE-CNC Win.Trojan.Chikdos.A outbound information disclosure (more info ...) | trojan-activity | URL | |||
| 29882 | MALWARE-CNC Win.Trojan.WEC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29883 | MALWARE-CNC Win.Trojan.Tohwen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29884 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | ||||
| 29885 | MALWARE-CNC Win.Trojan.Crypi.A outbound information disclosure (more info ...) | trojan-activity | URL | |||
| 29886 | MALWARE-CNC Win.Trojan.Crypi.A outbound keylogger traffic (more info ...) | trojan-activity | URL | |||
| 29887 | MALWARE-CNC User-Agent known malicious user-agent string Updates downloader - Win.Trojan.Upatre (more info ...) | trojan-activity | URL | |||
| 29893 | MALWARE-CNC Win.Trojan.Pyteconte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29895 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29897 | MALWARE-CNC Win.Trojan.ExplorerHijack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29898 | MALWARE-CNC Win.Trojan.Zygtab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29899 | MALWARE-CNC Win.Trojan.Pmkype variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29901 | MALWARE-CNC Win.Trojan.Comowba variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29907 | MALWARE-CNC Win.Trojan.Madnedos outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 29908 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1015 attack attempt (more info ...) | trojan-activity | ||||
| 29911 | MALWARE-CNC Win.Trojan.Nortusa variant outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 29916 | MALWARE-CNC Win.Trojan.Matsnu system information disclosure (more info ...) | trojan-activity | URL | |||
| 29920 | MALWARE-CNC Win.Trojan.ZhiZhu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29921 | MALWARE-CNC Win.Trojan.ZhiZhu variant inbound connection (more info ...) | trojan-activity | URL | |||
| 29922 | MALWARE-CNC Andr.Trojan.Bazuc initial outbound connection (more info ...) | trojan-activity | URL | |||
| 29923 | MALWARE-CNC Andr.Trojan.Bazuc jobs check outbound connection (more info ...) | trojan-activity | URL | |||
| 29924 | MALWARE-CNC Win.Trojan.Farfli outbound connection (more info ...) | trojan-activity | URL | |||
| 29925 | MALWARE-CNC Win.Trojan.Verxbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29938 | SERVER-OTHER InduSoft Web Studio Remote Agent buffer overflow attempt (more info ...) | attempted-user | 2011-4052 | |||
| 29939 | SERVER-OTHER EMC AlphaStore buffer overflow attempt (more info ...) | attempted-admin | 2013-0946 | |||
| 29940 | SERVER-OTHER EMC AlphaStore buffer overflow attempt (more info ...) | attempted-admin | 2013-0946 | |||
| 29941 | SERVER-OTHER EMC AlphaStore buffer overflow attempt (more info ...) | attempted-admin | 2013-0930 | |||
| 29942 | SERVER-OTHER EMC AlphaStore buffer overflow attempt (more info ...) | attempted-admin | 2013-0930 | |||
| 29946 | SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (more info ...) | attempted-admin | 2011-0731 | 46052 | ||
| 29947 | SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (more info ...) | attempted-admin | 2011-0731 | 46052 | ||
| 29948 | SERVER-OTHER IBM DB2 Universal Database receiveDASMessage buffer overflow attempt (more info ...) | attempted-admin | 2011-0731 | 46052 | ||
| 29950 | SERVER-OTHER TP-Link TL-WR740N wireless router remote denial of service attempt (more info ...) | attempted-dos | 58623 | URL | ||
| 29951 | SERVER-OTHER HylaFAX plus LDAP authentication username buffer overflow attempt (more info ...) | attempted-admin | 2013-5680 | 62729 | ||
| 29952 | SERVER-OTHER HP LoadRunner XDR handling heap buffer overflow (more info ...) | attempted-user | 2013-4799 | URL | ||
| 29953 | SERVER-OTHER Ubiquiti airCam RTSP service buffer overflow attempt (more info ...) | attempted-admin | 2013-1606 | 60487 | URL | |
| 29954 | PROTOCOL-SCADA CODESYS Gateway-Server heap buffer overflow attempt (more info ...) | attempted-admin | 2012-4706 | |||
| 29958 | SERVER-OTHER multiple products HTTP HEAD request buffer overflow attempt (more info ...) | attempted-user | 2012-5876 | |||
| 29959 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 29960 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime DoS attempt (more info ...) | attempted-admin | 2011-4877 | URL | ||
| 29961 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime DoS attempt (more info ...) | attempted-admin | 2011-4877 | URL | ||
| 29962 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime DoS attempt (more info ...) | attempted-admin | 2011-4877 | URL | ||
| 29963 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime DoS attempt (more info ...) | attempted-admin | 2011-4877 | URL | ||
| 29964 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime directory traversal attempt (more info ...) | attempted-admin | 2011-4876 | URL | ||
| 29966 | SERVER-OTHER Ubiquiti airCam RTSP service buffer overflow attempt (more info ...) | attempted-admin | 2013-1606 | 60487 | URL | |
| 29967 | SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (more info ...) | attempted-user | 2014-1912 | 65379 | URL | |
| 29968 | SERVER-OTHER Python socket.recvfrom_into remote buffer overflow attempt (more info ...) | attempted-user | 2014-1912 | 65379 | URL | |
| 29973 | MALWARE-CNC Win.Trojan.Bublik.Zusy runtime detection (more info ...) | trojan-activity | URL | |||
| 29975 | MALWARE-CNC Win.Trojan.Svekifc system information disclosure (more info ...) | trojan-activity | URL | |||
| 29976 | MALWARE-CNC Win.Trojan.Svekifc outbound persistent connection (more info ...) | trojan-activity | URL | |||
| 29978 | MALWARE-CNC ANDR.Trojan.FakeApp outbound connection (more info ...) | trojan-activity | URL | |||
| 29979 | SERVER-WEBAPP Symantec Endpoint Protection Manager Unauthenticated XML External Entity Injection attempt (more info ...) | attempted-user | 2013-5015 | |||
| 29980 | MALWARE-CNC Win.Trojan.Fucom outbound connection (more info ...) | trojan-activity | URL | |||
| 29981 | MALWARE-CNC Win.Trojan.Tiny variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29982 | MALWARE-CNC Win.Trojan.Oshidor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29985 | MALWARE-CNC Win.Trojan.Bicolo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 29987 | MALWARE-CNC Win.Trojan.Meac malware component download request (more info ...) | trojan-activity | URL | |||
| 29990 | MALWARE-CNC Win.Trojan.Seruda system information disclosure (more info ...) | trojan-activity | URL | |||
| 29998 | MALWARE-CNC Win.Trojan.Horsum outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 29999 | MALWARE-CNC User-Agent known malicious user-agent string - MSIE 9.0 in version 10 format (more info ...) | trojan-activity | URL | |||
| 30000 | MALWARE-BACKDOOR FireCrotch exploit kit backdoor attempt (more info ...) | misc-activity | ||||
| 30014 | FILE-IDENTIFY OS/2 Metafile file magic detected (more info ...) | misc-activity | URL | |||
| 30015 | FILE-IDENTIFY OS/2 Metafile file attachment detected (more info ...) | misc-activity | URL | |||
| 30016 | FILE-IDENTIFY OS/2 Metafile file attachment detected (more info ...) | misc-activity | URL | |||
| 30017 | FILE-IDENTIFY OS/2 Metafile file magic detected (more info ...) | misc-activity | URL | |||
| 30018 | FILE-IDENTIFY OS/2 Metafile file download request (more info ...) | misc-activity | URL | |||
| 30019 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30020 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30021 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30022 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30023 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30024 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30025 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30026 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30027 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30028 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30029 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30030 | FILE-OTHER Oracle Outside In OS/2 Metafile parser stack overflow attempt (more info ...) | attempted-user | 2013-5879 | 64825 | ||
| 30032 | SERVER-OTHER Borland VisiBroker Smart Agent heap overflow attempt (more info ...) | attempted-user | 2008-7126 | 28084 | URL | |
| 30034 | MALWARE-CNC Win.Trojan.Donanbot outbound connection (more info ...) | trojan-activity | URL | |||
| 30035 | MALWARE-CNC Win.Trojan.Sylonif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30036 | MALWARE-CNC Win.Trojan.Ovnavart variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30037 | MALWARE-CNC Win.Trojan.Zaleelq variant outbound connection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 30038 | PUA-TOOLBARS Babylon toolbar outbound connection (more info ...) | misc-activity | URL | |||
| 30047 | MALWARE-CNC Win.Trojan.Crowti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30057 | MALWARE-CNC Win.Trojan.Peronspy outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 30060 | MALWARE-CNC Win.Trojan.Coresh outbound identification request (more info ...) | trojan-activity | URL | |||
| 30061 | MALWARE-CNC Win.Trojan.Tyleny variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30063 | MALWARE-CNC Win.Trojan.Zbot outbound connection (more info ...) | trojan-activity | URL | |||
| 30064 | MALWARE-CNC Win.Trojan.Zbot outbound connection (more info ...) | trojan-activity | URL | |||
| 30068 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30073 | MALWARE-CNC Win.Trojan.Kuluoz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30074 | MALWARE-CNC Win.Trojan.Nemim variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30076 | MALWARE-CNC Win.Trojan.Stealzilla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30078 | MALWARE-CNC Win.Trojan.Momibot outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 30087 | MALWARE-CNC Win.Trojan.Gamut configuration download (more info ...) | trojan-activity | URL | |||
| 30088 | MALWARE-CNC Win.Trojan.Hupigon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30090 | MALWARE-CNC Win.Trojan.Nitol variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30091 | MALWARE-CNC Win.Trojan.Necurs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30099 | MALWARE-CNC Win.Trojan.Reedum BlackPoS stolen data transfer to internal staging area (more info ...) | trojan-activity | URL | |||
| 30167 | MALWARE-CNC Russian Bank scam malware GET request to server (more info ...) | trojan-activity | ||||
| 30168 | MALWARE-CNC Russian Bank scam malware POST to server (more info ...) | trojan-activity | ||||
| 30191 | MALWARE-CNC Win.Trojan.Uroburos usermode-centric client request (more info ...) | trojan-activity | URL | |||
| 30192 | MALWARE-CNC Win.Trojan.Uroburos inbound command (more info ...) | trojan-activity | URL | |||
| 30193 | MALWARE-CNC Win.Trojan.Uroburos inbound encrypted data (more info ...) | trojan-activity | URL | |||
| 30195 | APP-DETECT Paros proxy outbound connection attempt (more info ...) | policy-violation | URL | |||
| 30196 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30198 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30202 | SERVER-MAIL Mortal Universe POP Peeper uidl header overflow attempt (more info ...) | attempted-user | 2009-1029 | URL | ||
| 30203 | MALWARE-CNC Win.Trojan.TDSS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30204 | MALWARE-CNC Win.Trojan.TDSS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30208 | MALWARE-CNC Win.Trojan.Nakcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30210 | MALWARE-CNC User-Agent known malicious user-agnet string Win.Trojan.ZeusVM (more info ...) | trojan-activity | URL | |||
| 30211 | MALWARE-CNC Win.Trojan.ZeusVM embedded image config file download (more info ...) | trojan-activity | URL | |||
| 30214 | MALWARE-CNC Win.Trojan.Sharik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30216 | MALWARE-CNC Win.Trojan.ShadyRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30225 | INDICATOR-SHELLCODE possible /bin/sh shellcode transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30226 | INDICATOR-SHELLCODE Metasploit windows/meterpreter stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30227 | INDICATOR-SHELLCODE Metasploit windows/reverse_tcp stager transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30228 | INDICATOR-SHELLCODE Metasploit windows/shell stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 30231 | MALWARE-CNC Win.Trojan.Eybog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30234 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30235 | MALWARE-CNC Win.Trojan.Qadars variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30237 | PUA-ADWARE InstallMonster initial runtime outbound connection (more info ...) | misc-activity | URL | |||
| 30238 | PUA-ADWARE InstallMonster follow-up outbound connection (more info ...) | misc-activity | URL | |||
| 30239 | MALWARE-CNC Win.Trojan.Name variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30250 | MALWARE-CNC User-Agent known malicious user agent - logogo.exe (more info ...) | trojan-activity | URL | |||
| 30251 | MALWARE-CNC Win.Trojan.Mumawow outbound connection (more info ...) | trojan-activity | URL | |||
| 30253 | APP-DETECT Anyplace proxy header detected (more info ...) | web-application-activity | URL | |||
| 30254 | APP-DETECT Anyplace usage attempt (more info ...) | web-application-activity | URL | |||
| 30255 | MALWARE-CNC Win.Trojan.Strictor HTTP Response - Brazil Geolocated Infected User (more info ...) | trojan-activity | URL | |||
| 30256 | MALWARE-CNC Win.Trojan.Strictor HTTP Response - Non-Brazil Geolocated Infected User (more info ...) | trojan-activity | URL | |||
| 30257 | MALWARE-CNC Win.Trojan.ExplorerHijack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30258 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30259 | MALWARE-CNC Win.Trojan.Strictor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30262 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30270 | MALWARE-CNC Win.Trojan.Zbot configuration file download (more info ...) | trojan-activity | URL | |||
| 30271 | MALWARE-CNC Win.Trojan.Zbot drop zone file upload (more info ...) | trojan-activity | URL | |||
| 30276 | MALWARE-CNC Win.Trojan.Sloth variant command and control traffic (more info ...) | trojan-activity | URL | |||
| 30277 | MALWARE-CNC Win.Trojan.Sloth variant command and control traffic (more info ...) | trojan-activity | URL | |||
| 30278 | MALWARE-CNC Win.Trojan.Sloth variant command and control traffic (more info ...) | trojan-activity | URL | |||
| 30279 | MALWARE-CNC Win.Trojan.Sloth variant command and control traffic (more info ...) | trojan-activity | URL | |||
| 30281 | POLICY-OTHER use of psexec remote administration tool SMBv2 (more info ...) | policy-violation | URL | |||
| 30284 | MALWARE-CNC Win.Trojan.Recub variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30288 | MALWARE-CNC Win.Trojan.Glupteba.M initial outbound connection (more info ...) | trojan-activity | URL | |||
| 30290 | MALWARE-CNC Win.Trojan.Bruterdep variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30291 | SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (more info ...) | attempted-dos | 2014-2286 | 66093 | ||
| 30292 | SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (more info ...) | attempted-dos | 2014-2286 | 66093 | ||
| 30293 | SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (more info ...) | attempted-dos | 2014-2286 | 66093 | ||
| 30297 | SERVER-WEBAPP Katello update_roles method privilege escalation attempt (more info ...) | attempted-admin | 2013-2143 | 66434 | ||
| 30298 | MALWARE-CNC Win.Backdoor.Cloudoten variant inbound connection (more info ...) | trojan-activity | URL | |||
| 30299 | MALWARE-CNC Win.Trojan.Projecthook variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30300 | MALWARE-CNC Win.Trojan.Projecthook variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30301 | MALWARE-CNC User-Agent known malicious user agent InetAll - Win.Trojan.Pennonec (more info ...) | trojan-activity | URL | |||
| 30302 | MALWARE-CNC Win.Trojan.Rajdze variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30304 | MALWARE-CNC Win.Trojan.Noctabor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30307 | SERVER-WEBAPP EMC Connectrix Manager FileUploadController directory traversal attempt (more info ...) | attempted-recon | 2014-2276 | 66308 | ||
| 30308 | MALWARE-CNC User-Agent known malicious user agent - Win.Backdoor.Jolob (more info ...) | trojan-activity | URL | |||
| 30309 | MALWARE-CNC User-Agent known malicious user agent - Win.Backdoor.Jolob (more info ...) | trojan-activity | URL | |||
| 30310 | MALWARE-CNC Win.Backdoor.Comdinter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30311 | MALWARE-CNC Win.Backdoor.Comdinter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30314 | MALWARE-CNC User-Agent known malicious User-Agent getcmd - Win.Trojan.Burnwoo (more info ...) | trojan-activity | URL | |||
| 30315 | MALWARE-CNC User-Agent known malicious User-Agent getcmdw23 - Win.Trojan.Burnwoo (more info ...) | trojan-activity | URL | |||
| 30323 | MALWARE-CNC Win.Trojan.Drawnetz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30327 | INDICATOR-OBFUSCATION multiple binary tags in close proximity - potentially malicious (more info ...) | misc-attack | 2012-0158 | URL | ||
| 30328 | INDICATOR-OBFUSCATION multiple binary tags in close proximity - potentially malicious (more info ...) | misc-attack | 2012-0158 | URL | ||
| 30329 | SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (more info ...) | attempted-recon | 2014-2588 | 66302 | ||
| 30330 | SERVER-OTHER McAfee Asset Manager downloadReport information disclosure attempt (more info ...) | attempted-recon | 2014-2588 | 66302 | ||
| 30331 | MALWARE-CNC User-Agent known malicious User-Agent ebot - Win.Trojan.Modulog (more info ...) | trojan-activity | URL | |||
| 30332 | MALWARE-CNC Win.Trojan.ProjectHook configuration file download attempt (more info ...) | trojan-activity | URL | |||
| 30333 | MALWARE-CNC Win.Trojan.ProjectHook information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 30334 | MALWARE-CNC Win.Trojan.ProjectHook initial outbound connection (more info ...) | trojan-activity | URL | |||
| 30344 | MALWARE-CNC User-Agent known malicious User-Agent EyeS_Client_1.0 - Win.Trojan.Seey (more info ...) | trojan-activity | URL | |||
| 30346 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1016 attack attempt (more info ...) | attempted-admin | ||||
| 30354 | INDICATOR-SHELLCODE Metasploit payload android_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30355 | INDICATOR-SHELLCODE Metasploit payload bsd_sparc_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30356 | INDICATOR-SHELLCODE Metasploit payload bsd_sparc_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30357 | INDICATOR-SHELLCODE Metasploit payload bsd_x86_exec (more info ...) | shellcode-detect | ||||
| 30358 | INDICATOR-SHELLCODE Metasploit payload bsd_x86_shell_bind_ipv6_tcp (more info ...) | shellcode-detect | ||||
| 30359 | INDICATOR-SHELLCODE Metasploit payload bsd_x86_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30360 | INDICATOR-SHELLCODE Metasploit payload bsd_x86_shell_find_port (more info ...) | shellcode-detect | ||||
| 30361 | INDICATOR-SHELLCODE Metasploit payload bsd_x86_shell_reverse_ipv6_tcp (more info ...) | shellcode-detect | ||||
| 30362 | INDICATOR-SHELLCODE Metasploit payload bsd_x86_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30363 | INDICATOR-SHELLCODE Metasploit payload bsdi_x86_shell_find_port (more info ...) | shellcode-detect | ||||
| 30386 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_adduser (more info ...) | shellcode-detect | ||||
| 30387 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_bind_perl (more info ...) | shellcode-detect | ||||
| 30388 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_bind_perl_ipv6 (more info ...) | shellcode-detect | ||||
| 30389 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_bind_ruby (more info ...) | shellcode-detect | ||||
| 30390 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_download_exec_vbs (more info ...) | shellcode-detect | ||||
| 30391 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_reverse_perl (more info ...) | shellcode-detect | ||||
| 30392 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_reverse_powershell (more info ...) | shellcode-detect | URL | |||
| 30393 | INDICATOR-SHELLCODE Metasploit payload cmd_windows_reverse_ruby (more info ...) | shellcode-detect | ||||
| 30394 | INDICATOR-SHELLCODE Metasploit payload firefox_exec (more info ...) | shellcode-detect | ||||
| 30395 | INDICATOR-SHELLCODE Metasploit payload firefox_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30432 | INDICATOR-SHELLCODE Metasploit payload netware_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30433 | INDICATOR-SHELLCODE Metasploit payload nodejs_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30434 | INDICATOR-SHELLCODE Metasploit payload osx_armle_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30435 | INDICATOR-SHELLCODE Metasploit payload osx_armle_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30436 | INDICATOR-SHELLCODE Metasploit payload osx_armle_vibrate (more info ...) | shellcode-detect | ||||
| 30437 | INDICATOR-SHELLCODE Metasploit payload osx_ppc_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30438 | INDICATOR-SHELLCODE Metasploit payload osx_ppc_shell_find_tag (more info ...) | shellcode-detect | ||||
| 30439 | INDICATOR-SHELLCODE Metasploit payload osx_ppc_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30440 | INDICATOR-SHELLCODE Metasploit payload osx_x64_dupandexecve_bind_tcp (more info ...) | shellcode-detect | ||||
| 30441 | INDICATOR-SHELLCODE Metasploit payload osx_x64_dupandexecve_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30442 | INDICATOR-SHELLCODE Metasploit payload osx_x64_exec (more info ...) | shellcode-detect | ||||
| 30443 | INDICATOR-SHELLCODE Metasploit payload osx_x64_say (more info ...) | shellcode-detect | ||||
| 30444 | INDICATOR-SHELLCODE Metasploit payload osx_x64_shell_find_tag (more info ...) | shellcode-detect | ||||
| 30445 | INDICATOR-SHELLCODE Metasploit payload osx_x64_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30446 | INDICATOR-SHELLCODE Metasploit payload osx_x86_exec (more info ...) | shellcode-detect | ||||
| 30447 | INDICATOR-SHELLCODE Metasploit payload osx_x86_isight_bind_tcp (more info ...) | shellcode-detect | ||||
| 30448 | INDICATOR-SHELLCODE Metasploit payload osx_x86_isight_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30449 | INDICATOR-SHELLCODE Metasploit payload osx_x86_shell_find_port (more info ...) | shellcode-detect | ||||
| 30450 | INDICATOR-SHELLCODE Metasploit payload osx_x86_vforkshell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30451 | INDICATOR-SHELLCODE Metasploit payload osx_x86_vforkshell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30460 | INDICATOR-SHELLCODE Metasploit payload python_meterpreter_bind_tcp (more info ...) | shellcode-detect | ||||
| 30461 | INDICATOR-SHELLCODE Metasploit payload python_shell_reverse_tcp_ssl (more info ...) | shellcode-detect | ||||
| 30462 | INDICATOR-SHELLCODE Metasploit payload ruby_shell_bind_tcp (more info ...) | shellcode-detect | ||||
| 30463 | INDICATOR-SHELLCODE Metasploit payload ruby_shell_reverse_tcp (more info ...) | shellcode-detect | ||||
| 30464 | INDICATOR-SHELLCODE Metasploit payload ruby_shell_reverse_tcp_ssl (more info ...) | shellcode-detect | ||||
| 30472 | INDICATOR-SHELLCODE Metasploit payload windows_messagebox (more info ...) | shellcode-detect | ||||
| 30473 | INDICATOR-SHELLCODE Metasploit payload windows_meterpreter_bind_nonx_tcp (more info ...) | shellcode-detect | ||||
| 30474 | INDICATOR-SHELLCODE Metasploit payload windows_meterpreter_bind_tcp (more info ...) | shellcode-detect | ||||
| 30475 | INDICATOR-SHELLCODE Metasploit payload windows_meterpreter_find_tag (more info ...) | shellcode-detect | ||||
| 30476 | INDICATOR-SHELLCODE Metasploit payload windows_meterpreter_reverse_ord_tcp (more info ...) | shellcode-detect | ||||
| 30477 | INDICATOR-SHELLCODE Metasploit payload windows_shell_bind_tcp_xpfw (more info ...) | shellcode-detect | ||||
| 30478 | INDICATOR-SHELLCODE Metasploit payload windows_speak_pwned (more info ...) | shellcode-detect | ||||
| 30479 | INDICATOR-SHELLCODE Metasploit payload windows_x64_exec (more info ...) | shellcode-detect | ||||
| 30482 | MALWARE-CNC Win.Trojan.Zbot/Bublik inbound connection (more info ...) | trojan-activity | URL | |||
| 30483 | MALWARE-CNC Win.Trojan.Zbot/Bublik outbound connection (more info ...) | trojan-activity | URL | |||
| 30484 | MALWARE-CNC Win.Trojan.Zbot/Bublik outbound connection (more info ...) | trojan-activity | URL | |||
| 30487 | SERVER-OTHER Zilab Chat and Instant Messaging server heap overflow attempt (more info ...) | attempted-user | 27940 | URL | ||
| 30488 | SERVER-OTHER Zilab Chat and Instant Messaging server channel join heap overflow attempt (more info ...) | attempted-user | 27940 | URL | ||
| 30489 | SERVER-OTHER Zilab Chat and Instant Messaging server connection heap overflow attempt (more info ...) | attempted-user | 27940 | URL | ||
| 30494 | MALWARE-CNC Win.Trojan.Boaxxe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30495 | MALWARE-CNC Win.Trojan.Boaxxe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30518 | MALWARE-CNC User-Agent known malicious User-Agent Neutrino/2.1 - Win.Trojan.Necurs (more info ...) | trojan-activity | URL | |||
| 30519 | MALWARE-CNC Win.Trojan.Necurs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30526 | SERVER-WEBAPP Joomla komento extension cross site scripting attempt (more info ...) | attempted-user | 2014-0793 | 64659 | ||
| 30527 | SERVER-WEBAPP Joomla komento extension cross site scripting attempt (more info ...) | attempted-user | 2014-0793 | 64659 | ||
| 30530 | FILE-MULTIMEDIA CoCSoft Stream Down SEH based buffer overflow attempt (more info ...) | attempted-user | 2011-5052 | 51190 | ||
| 30531 | FILE-MULTIMEDIA CoCSoft Stream Down SEH based buffer overflow attempt (more info ...) | attempted-user | 2011-5052 | 51190 | ||
| 30532 | FILE-MULTIMEDIA CoCSoft Stream Download session (more info ...) | attempted-user | 2011-5052 | 51190 | ||
| 30547 | MALWARE-CNC Win.Trojan.Ramdo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30548 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30551 | MALWARE-CNC Malicious BitCoiner Miner download - Win.Trojan.Minerd (more info ...) | trojan-activity | URL | |||
| 30552 | MALWARE-CNC Malicious BitCoiner Miner download - Win.Trojan.Systema (more info ...) | trojan-activity | URL | |||
| 30559 | MALWARE-CNC Win.Trojan.Uniemv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30560 | MALWARE-CNC Win.Trojan.Megesat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30570 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30571 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100400 (more info ...) | misc-activity | ||||
| 30572 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100401 (more info ...) | misc-activity | ||||
| 30573 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100402 (more info ...) | misc-activity | ||||
| 30574 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100403 (more info ...) | misc-activity | ||||
| 30580 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100170 (more info ...) | misc-activity | ||||
| 30582 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100172 (more info ...) | misc-activity | ||||
| 30597 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100019 (more info ...) | misc-activity | ||||
| 30619 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100050 (more info ...) | misc-activity | ||||
| 30664 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100102 (more info ...) | misc-activity | ||||
| 30686 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100149 (more info ...) | unknown | ||||
| 30695 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100187 (more info ...) | misc-activity | ||||
| 30698 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100191 (more info ...) | misc-activity | ||||
| 30699 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100193 (more info ...) | misc-activity | ||||
| 30701 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1008 attack attempt 100207 (more info ...) | misc-activity | ||||
| 30702 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100217 (more info ...) | misc-activity | ||||
| 30705 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100222 (more info ...) | misc-activity | ||||
| 30706 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100231 (more info ...) | misc-activity | ||||
| 30709 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100302 (more info ...) | misc-activity | ||||
| 30710 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100303 (more info ...) | misc-activity | ||||
| 30743 | MALWARE-CNC Win.Trojan.Chabava outbound connection (more info ...) | trojan-activity | URL | |||
| 30751 | MALWARE-CNC Win.Trojan.Ransom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30752 | MALWARE-CNC Win.Trojan.Tesyong outbound connection (more info ...) | trojan-activity | URL | |||
| 30753 | MALWARE-CNC Win.Trojan.Rehacker outbound connection (more info ...) | trojan-activity | URL | |||
| 30756 | FILE-IDENTIFY ABC Music Notation file attachment detected (more info ...) | misc-activity | URL | |||
| 30757 | FILE-IDENTIFY ABC Music Notation file attachment detected (more info ...) | misc-activity | URL | |||
| 30758 | FILE-IDENTIFY ABC Music Notation file attachment detected (more info ...) | misc-activity | URL | |||
| 30759 | FILE-IDENTIFY ABC Music Notation file attachment detected (more info ...) | misc-activity | URL | |||
| 30760 | FILE-IDENTIFY ABC Music Notation file download request (more info ...) | misc-activity | URL | |||
| 30761 | FILE-MULTIMEDIA VideoLAN VLC Media Player abc file parts heap integer overflow attempt (more info ...) | attempted-user | 2013-4233 | |||
| 30762 | FILE-MULTIMEDIA VideoLAN VLC Media Player abc file parts heap integer overflow attempt (more info ...) | attempted-user | 2013-4233 | |||
| 30763 | FILE-MULTIMEDIA VideoLAN VLC Media Player abc file parts heap integer overflow attempt (more info ...) | attempted-user | 2013-4233 | |||
| 30764 | FILE-MULTIMEDIA VideoLAN VLC Media Player abc file parts heap integer overflow attempt (more info ...) | attempted-user | 2013-4233 | |||
| 30770 | FILE-PDF Foxit Reader CFF CharStrings buffer overflow attempt (more info ...) | attempted-user | 2010-1797 | URL | ||
| 30771 | FILE-PDF Foxit Reader CFF CharStrings buffer overflow attempt (more info ...) | attempted-user | 2010-1797 | URL | ||
| 30773 | MALWARE-CNC Win.Trojan.Kuluoz variant download request (more info ...) | trojan-activity | URL | |||
| 30776 | MALWARE-CNC Win.Trojan.Targnik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30789 | SERVER-WEBAPP Acunetix web vulnerability scanner fake URL exploit attempt (more info ...) | attempted-admin | URL | |||
| 30804 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30805 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30806 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30807 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30808 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30809 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30810 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30811 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30812 | MALWARE-CNC Win.Trojan.Hulpob outbound connection (more info ...) | trojan-activity | URL | |||
| 30815 | MALWARE-CNC Andr.Trojan.Oldboot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30882 | MALWARE-CNC Win.Trojan.Rbrute inbound connection (more info ...) | trojan-activity | URL | |||
| 30883 | MALWARE-CNC Win.Trojan.Rbrute inbound connection (more info ...) | trojan-activity | URL | |||
| 30889 | PROTOCOL-VOIP Content-Type media type overflow denial of service attempt (more info ...) | attempted-dos | 2014-2163 | URL | ||
| 30890 | PROTOCOL-VOIP Content-Type media type overflow denial of service attempt (more info ...) | attempted-dos | 2014-2163 | URL | ||
| 30896 | MALWARE-CNC Win.Backdoor.DarkKomet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30897 | MALWARE-CNC Win.Backdoor.DarkKomet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30900 | MALWARE-CNC Win.Trojan.Tuhao variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30904 | FILE-OTHER RARLAB WinRAR ZIP format filename spoof attempt (more info ...) | attempted-user | 66383 | URL | ||
| 30906 | FILE-OTHER RARLAB WinRAR ZIP format filename spoof attempt (more info ...) | attempted-user | 66383 | URL | ||
| 30907 | FILE-OTHER RARLAB WinRAR ZIP format filename spoof attempt (more info ...) | attempted-user | 66383 | URL | ||
| 30909 | FILE-OTHER RARLAB WinRAR ZIP format filename spoof attempt (more info ...) | attempted-user | 66383 | URL | ||
| 30910 | SERVER-WEBAPP Drupal VideoWhisper Webcam plugin XSS attempt (more info ...) | web-application-attack | 2014-2715 | URL | ||
| 30911 | SERVER-WEBAPP Drupal VideoWhisper Webcam plugin XSS attempt (more info ...) | web-application-attack | 2014-2715 | URL | ||
| 30914 | MALWARE-CNC Win.Trojan.SpySmall variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30915 | MALWARE-CNC Win.Trojan.SpySmall variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30917 | MALWARE-CNC Win.Worm.Phelshap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30919 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30923 | MALWARE-CNC Win.Trojan.Sefnit outbound connection (more info ...) | trojan-activity | URL | |||
| 30924 | MALWARE-CNC Win.Trojan.Hd backdoor inbound connection (more info ...) | trojan-activity | URL | |||
| 30925 | MALWARE-CNC Win.Trojan.Hd backdoor outbound connection (more info ...) | trojan-activity | URL | |||
| 30926 | MALWARE-CNC Win.Trojan.Hd backdoor outbound secure-connection (more info ...) | trojan-activity | URL | |||
| 30930 | PUA-ADWARE Win.Adware.FakeAV variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30936 | EXPLOIT-KIT Goon/Infinity/Rig exploit kit outbound uri structure (more info ...) | trojan-activity | ||||
| 30937 | EXPLOIT-KIT Nuclear exploit kit outbound PDF request (more info ...) | trojan-activity | ||||
| 30947 | MALWARE-CNC Win.Backdoor.Botintin outbound connection (more info ...) | trojan-activity | URL | |||
| 30950 | SERVER-MAIL BitDefender Antivirus logging function format string remote code execution attempt (more info ...) | attempted-user | 2005-3154 | 14968 | ||
| 30953 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30954 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30955 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30958 | BROWSER-OTHER suspicious srcElement child element removal - possible use after free attempt (more info ...) | attempted-user | ||||
| 30960 | EXPLOIT-KIT Sweet Orange exploit kit outbound jnlp request (more info ...) | trojan-activity | ||||
| 30977 | MALWARE-CNC Win.Trojan.Jaik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30978 | MALWARE-CNC Win.Trojan.Rbrute inbound connection (more info ...) | trojan-activity | URL | |||
| 30979 | MALWARE-CNC Win.Trojan.Gisetik information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 30982 | MALWARE-CNC Win.Trojan.Karnos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30983 | MALWARE-CNC Win.Trojan.Karnos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 30984 | MALWARE-CNC Win.Trojan.Vonriamt outbound connection (more info ...) | trojan-activity | URL | |||
| 30986 | MALWARE-CNC Win.Trojan.Tenexmed inbound shell command attempt (more info ...) | trojan-activity | URL | |||
| 30987 | MALWARE-CNC Win.Trojan.Vondola configuration file download attempt (more info ...) | trojan-activity | URL | |||
| 30988 | MALWARE-CNC Win.Trojan.Vondola information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 30990 | MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 30991 | MALWARE-CNC Shiqiang Gang malicious XLS targeted attack detection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 30992 | FILE-OTHER invalid ELF padding field value attempt (more info ...) | trojan-activity | 2012-1439 | |||
| 30993 | FILE-OTHER invalid ELF padding field value attempt (more info ...) | trojan-activity | 2012-1439 | |||
| 30994 | INDICATOR-COMPROMISE possible TAR file oversize length field (more info ...) | trojan-activity | 2012-1457 | |||
| 30995 | INDICATOR-COMPROMISE possible TAR file oversize length field (more info ...) | trojan-activity | 2012-1457 | |||
| 31002 | MALWARE-CNC Win.Trojan.Kimsuky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31004 | MALWARE-CNC Win.Trojan.Nethief information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 31005 | MALWARE-CNC Win.Trojan.Nethief information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 31006 | MALWARE-CNC Win.Trojan.Nethief initial outbound connection (more info ...) | trojan-activity | URL | |||
| 31007 | MALWARE-CNC Win.Trojan.Iplorko.A runtime detection (more info ...) | trojan-activity | URL | |||
| 31010 | MALWARE-CNC Win.Trojan.Sisbot variant outbound IRC connection (more info ...) | trojan-activity | URL | |||
| 31014 | MALWARE-CNC Win.Trojan.Cryptowall variant outbound connection (more info ...) | trojan-activity | ||||
| 31020 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31033 | MALWARE-CNC Win.Trojan.Cryptodefence variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31036 | MALWARE-CNC Win.Trojan.SpyBanker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31037 | PROTOCOL-SCADA Yokogawa CS3000 BKESimmgr.exe buffer overflow attempt (more info ...) | attempted-user | 2014-0782 | URL | ||
| 31045 | SERVER-OTHER Oracle Demantra arbitrary file retrieval with authentication bypass attempt (more info ...) | attempted-user | 2013-5880 | 64836 | ||
| 31046 | EXPLOIT-KIT Angler exploit kit outbound URL structure (more info ...) | trojan-activity | ||||
| 31047 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 99999 (more info ...) | misc-activity | ||||
| 31048 | PUA-ADWARE Win.Adware.PCSpeedUp variant outbound connection (more info ...) | policy-violation | URL | |||
| 31051 | MALWARE-CNC Win.Trojan.Hesperbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31052 | PUA-ADWARE Win.Adware.Kdupd variant outbound connection (more info ...) | policy-violation | URL | |||
| 31053 | MALWARE-CNC Win.Trojan.MadnessPro outbound connection (more info ...) | trojan-activity | URL | |||
| 31055 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31056 | PROTOCOL-SNMP Motorola Netopia 3347 series WEP key enumeration attempt (more info ...) | attempted-recon | URL | |||
| 31057 | PROTOCOL-SNMP Motorola Netopia 3347 series WPA key enumeration attempt (more info ...) | attempted-recon | URL | |||
| 31058 | PROTOCOL-SNMP Brocade snAgentUserAccntName enumeration attempt (more info ...) | attempted-recon | URL | |||
| 31062 | MALWARE-CNC Win.Trojan.Expone variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31064 | MALWARE-CNC Win.Trojan.Diatraha variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31066 | MALWARE-CNC Win.Trojan.Tobinload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31068 | SERVER-OTHER F5 BIG-IP iControl API hostname command injection attempt (more info ...) | attempted-admin | 2014-2928 | 67278 | URL | |
| 31070 | MALWARE-CNC Win.Rootkit.Necurs outbound connection (more info ...) | trojan-activity | URL | |||
| 31072 | MALWARE-CNC Win.Trojan.Cryfile variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31073 | MALWARE-CNC RemoteSpy connection to CNC server (more info ...) | trojan-activity | URL | |||
| 31074 | PUA-TOOLBARS AVG anti-virus toolbar download attempt - download-toolbar.avg.com (more info ...) | misc-activity | URL | |||
| 31075 | PUA-TOOLBARS AVG anti-virus toolbar download attempt - mmi.explabs.net (more info ...) | misc-activity | URL | |||
| 31076 | PUA-TOOLBARS Babylon toolbar download attempt - stat.info-stream.net (more info ...) | misc-activity | URL | |||
| 31079 | MALWARE-CNC Win.Trojan.Alurewo outbound connection (more info ...) | trojan-activity | URL | |||
| 31080 | MALWARE-CNC Win.Trojan.Alurewo outbound connection (more info ...) | trojan-activity | URL | |||
| 31083 | MALWARE-CNC Win.Trojan.Bexelets variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31084 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31085 | FILE-OTHER Autodesk AutoCAD insecure acad.fas file load attempt (more info ...) | attempted-user | 2014-0818 | 65745 | ||
| 31086 | FILE-OTHER Autodesk AutoCAD insecure acad.fas file load attempt (more info ...) | attempted-user | 2014-0818 | 65745 | ||
| 31087 | FILE-OTHER Sophos RAR virtual machine filters memory corruption attempt (more info ...) | attempted-user | URL | |||
| 31088 | FILE-OTHER Sophos RAR virtual machine filters memory corruption attempt (more info ...) | attempted-user | URL | |||
| 31090 | MALWARE-CNC User-Agent known malicious user agent - User-Agent hello crazyk (more info ...) | trojan-activity | URL | |||
| 31095 | PROTOCOL-SNMP Ubee DDW3611 series WEP key enumeration attempt (more info ...) | attempted-recon | ||||
| 31096 | PROTOCOL-SNMP Ubee DDW3611 series WPA key enumeration attempt (more info ...) | attempted-recon | ||||
| 31098 | PROTOCOL-SNMP Ubee U10C019 series WEP key enumeration attempt (more info ...) | attempted-recon | ||||
| 31099 | PROTOCOL-SNMP Ubee U10C019 series WPA key enumeration attempt (more info ...) | attempted-recon | ||||
| 31101 | SERVER-OTHER Sharetronix cross site request forgery attempt (more info ...) | attempted-admin | 2014-3414 | 67681 | ||
| 31102 | SERVER-OTHER TrendMicro InterScan Viruswall directory traversal attempt (more info ...) | misc-activity | 2004-1859 | URL | ||
| 31113 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31114 | MALWARE-CNC Win.Trojan.Rfusclient outbound connection (more info ...) | trojan-activity | URL | |||
| 31116 | MALWARE-CNC Win.Trojan.Garsuni variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31119 | MALWARE-CNC Win.Trojan.Marmoolak variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31121 | MALWARE-CNC Win.Trojan.Cahecon outbound connection (more info ...) | trojan-activity | URL | |||
| 31122 | MALWARE-CNC User-Agent known malicious user agent - User-Agent svchost (more info ...) | trojan-activity | URL | |||
| 31124 | MALWARE-CNC Win.Trojan.Pyrtomsop outbound connection (more info ...) | trojan-activity | URL | |||
| 31130 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 31131 | MALWARE-CNC Win.Trojan.Petun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31132 | MALWARE-CNC Win.Trojan.Petun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31135 | MALWARE-CNC Win.Trojan.Deedevil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31136 | MALWARE-CNC Win.Trojan.ZeroAccess inbound connection (more info ...) | trojan-activity | URL | |||
| 31142 | MALWARE-CNC Win.Trojan.Sloft variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31143 | SERVER-WEBAPP CA ERwin Web Portal ConfigServiceProvider directory traversal attempt (more info ...) | attempted-admin | 2014-2210 | 66644 | URL | |
| 31144 | MALWARE-CNC Win.Trojan.Spyrat variant inbound backdoor keep-alive (more info ...) | trojan-activity | URL | |||
| 31145 | MALWARE-CNC Win.Trojan.Spyrat variant outbound backdoor response (more info ...) | trojan-activity | URL | |||
| 31147 | MALWARE-CNC Win.Trojan.Zadnilay variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31157 | SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (more info ...) | attempted-admin | 2014-3789 | 67486 | ||
| 31158 | SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (more info ...) | attempted-admin | 2014-3789 | 67486 | ||
| 31159 | SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (more info ...) | attempted-admin | 2014-3789 | 67486 | ||
| 31160 | SERVER-WEBAPP Cogent DataHub getpermissions.asp command injection attempt (more info ...) | attempted-admin | 2014-3789 | 67486 | ||
| 31162 | SERVER-OTHER Beetel 450TC2 CSRF attempt (more info ...) | attempted-admin | 2014-3792 | 67169 | ||
| 31166 | PUA-ADWARE InstallRex bundled installer outbound activity (more info ...) | misc-activity | URL | |||
| 31167 | PUA-ADWARE InstallRex bundled installer outbound activity (more info ...) | misc-activity | URL | |||
| 31168 | MALWARE-CNC Win.Trojan.Guise outbound connection (more info ...) | trojan-activity | URL | |||
| 31171 | MALWARE-CNC Win.Trojan.Scarpnex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31172 | MALWARE-CNC Win.Trojan.Scarpnex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31173 | MALWARE-CNC Win.Trojan.Scarpnex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31174 | MALWARE-CNC Win.Trojan.Sapart variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31176 | SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (more info ...) | attempted-user | 2014-3466 | 67741 | URL | |
| 31177 | SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (more info ...) | attempted-user | 2014-3466 | 67741 | URL | |
| 31178 | SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (more info ...) | attempted-user | 2014-3466 | 67741 | URL | |
| 31179 | SERVER-OTHER GnuTLS Server Hello Session ID heap overflow attempt (more info ...) | attempted-user | 2014-3466 | 67741 | URL | |
| 31180 | SERVER-OTHER OpenSSL DTLS handshake recursion denial of service attempt (more info ...) | attempted-dos | 2014-0221 | URL | ||
| 31181 | SERVER-OTHER OpenSSL DTLS handshake recursion denial of service attempt (more info ...) | attempted-dos | 2014-0221 | URL | ||
| 31183 | MALWARE-CNC Win.Trojan.Bankeiya outbound connection (more info ...) | trojan-activity | URL | |||
| 31212 | INDICATOR-COMPROMISE http GET request smuggling attempt (more info ...) | misc-attack | 2014-0099 | |||
| 31213 | INDICATOR-COMPROMISE http POST request smuggling attempt (more info ...) | misc-attack | 2014-0099 | |||
| 31218 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | ||||
| 31221 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31222 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31223 | MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31224 | MALWARE-CNC Win.Trojan.Cryptor outbound connection (more info ...) | trojan-activity | URL | |||
| 31225 | MALWARE-CNC User-Agent known malicious User-Agent rome0321 - Win.Trojan.Soraya (more info ...) | trojan-activity | URL | |||
| 31228 | MALWARE-CNC Win.Trojan.Soraya variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 31234 | MALWARE-CNC Win.Trojan.Nuckam variant inbound connection (more info ...) | trojan-activity | URL | |||
| 31235 | MALWARE-CNC Win.Trojan.Nuckam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31236 | MALWARE-CNC Win.Trojan.Hidead outbound connection (more info ...) | trojan-activity | URL | |||
| 31237 | EXPLOIT-KIT Nuclear exploit kit outbound swf request (more info ...) | trojan-activity | ||||
| 31240 | MALWARE-CNC Win.Trojan.Dosoloid variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31241 | MALWARE-CNC Win.Trojan.Dosoloid variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31242 | MALWARE-CNC Win.Trojan.Utishaf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31243 | MALWARE-CNC Win.Trojan.Necurs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31244 | MALWARE-CNC Win.Trojan.Kuluoz outbound connection (more info ...) | trojan-activity | URL | |||
| 31254 | MALWARE-CNC Win.Trojan.HAVEX-RAT inbound connection to infected host (more info ...) | trojan-activity | URL | |||
| 31255 | MALWARE-CNC Win.Trojan.HAVEX-RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31258 | MALWARE-CNC Win.Trojan.Destoplug variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31260 | MALWARE-CNC Win.Trojan.Andromeda HTTP proxy response attempt (more info ...) | trojan-activity | URL | |||
| 31261 | MALWARE-CNC Win.Trojan.Symmi outbound connection (more info ...) | trojan-activity | URL | |||
| 31262 | MALWARE-CNC Win.Worm.VBNA variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31271 | MALWARE-CNC Win.Trojan.Vectecoin information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 31272 | MALWARE-CNC Win.Trojan.Vectecoin outbound command request attempt (more info ...) | trojan-activity | URL | |||
| 31273 | MALWARE-CNC Win.Trojan.Vectecoin coin mining program download attempt (more info ...) | trojan-activity | URL | |||
| 31288 | MALWARE-CNC Win.Downloader.Bladabindi variant outbound download request (more info ...) | trojan-activity | URL | |||
| 31289 | SERVER-WEBAPP /etc/passwd file access attempt (more info ...) | attempted-admin | URL | |||
| 31290 | MALWARE-CNC Win.Trojan.Vextstl outbound connection (more info ...) | trojan-activity | URL | |||
| 31295 | MALWARE-CNC Win.Trojan.Zusy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31297 | SERVER-WEBAPP VMWare vSphere API SOAP request RetrieveProperties remote denial of service attempt (more info ...) | attempted-dos | 2012-5703 | 56571 | URL | |
| 31299 | MALWARE-CNC Win.Trojan.Necurs or Win.Trojan.Locky variant outbound detection (more info ...) | trojan-activity | ||||
| 31303 | MALWARE-CNC Win.Trojan.Hadeki variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31304 | SERVER-WEBAPP PocketPAD brute-force login attempt (more info ...) | suspicious-login | ||||
| 31306 | MALWARE-CNC Win.Trojan.Toumlec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31307 | MALWARE-CNC Win.Trojan.Toumlec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31314 | MALWARE-CNC Win.Trojan.Daikou variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31315 | MALWARE-CNC Win.Trojan.MSIL variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31316 | MALWARE-CNC Win.Trojan.Matsnu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31317 | MALWARE-CNC Win.Trojan.Orbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31319 | MALWARE-CNC Win.Trojan.Zediv outbound connection (more info ...) | trojan-activity | URL | |||
| 31323 | FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (more info ...) | attempted-user | 2007-0197 | |||
| 31324 | FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (more info ...) | attempted-user | 2007-0197 | |||
| 31325 | FILE-OTHER Apple OSX Finder DMG volume name memory corruption attempt (more info ...) | attempted-user | 2007-0197 | |||
| 31328 | MALWARE-CNC Win.Trojan.Rofin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31331 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 31332 | EXPLOIT-KIT Angler exploit kit outbound URL structure (more info ...) | trojan-activity | ||||
| 31338 | SERVER-OTHER OpenAFS GetStatistics buffer overflow attempt (more info ...) | denial-of-service | 2014-0159 | 66776 | ||
| 31343 | MALWARE-CNC Win.Trojan.Mecklow variant outbound connection system information disclosure (more info ...) | trojan-activity | URL | |||
| 31344 | MALWARE-CNC Win.Trojan.Levyatan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31345 | MALWARE-CNC Win.Trojan.Mcdravsm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31346 | MALWARE-CNC Win.Trojan.Ajtonj variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31355 | MALWARE-CNC Win.Trojan.Bicololo outbound connection (more info ...) | trojan-activity | URL | |||
| 31359 | MALWARE-CNC Win.Trojan.Httneilc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31371 | EXPLOIT-KIT Angler exploit kit outbound URL structure (more info ...) | trojan-activity | ||||
| 31406 | SERVER-OTHER Samsung TV denial of service attempt (more info ...) | attempted-dos | 2013-4890 | |||
| 31417 | MALWARE-CNC User-Agent known malicious user-agent blacksun - Win.Trojan.Blacksun (more info ...) | trojan-activity | URL | |||
| 31418 | MALWARE-CNC Win.Trojan.Subla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31422 | MALWARE-CNC User-Agent known malicious user-agent string Cactus (more info ...) | trojan-activity | URL | |||
| 31424 | MALWARE-CNC Kegis.A outbound connection (more info ...) | trojan-activity | URL | |||
| 31433 | MALWARE-CNC MSIL Worm command and control connection (more info ...) | suspicious-login | URL | |||
| 31442 | MALWARE-CNC Win.Trojan.Injector variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31449 | MALWARE-CNC Win.Trojan.CryptoWall downloader attempt (more info ...) | trojan-activity | URL | |||
| 31450 | MALWARE-CNC Win.Trojan.CryptoWall outbound connection (more info ...) | trojan-activity | URL | |||
| 31452 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31453 | MALWARE-CNC Win.Trojan.ChoHeap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31454 | MALWARE-CNC Win.Trojan.ChoHeap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31455 | EXPLOIT-KIT Rig Exploit Kit Outbound DGA Request (more info ...) | trojan-activity | URL | |||
| 31458 | MALWARE-CNC Win.Trojan.SDBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31459 | MALWARE-CNC Win.Trojan.Jaktinier outbound connection (more info ...) | trojan-activity | URL | |||
| 31465 | MALWARE-CNC Win.Trojan.Androm Click Fraud Request (more info ...) | trojan-activity | URL | |||
| 31466 | MALWARE-CNC Win.Trojan.Androm Click Fraud Request (more info ...) | trojan-activity | URL | |||
| 31467 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31468 | MALWARE-CNC Win.Trojan.Papras variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31477 | SERVER-OTHER OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31478 | SERVER-OTHER OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31479 | SERVER-OTHER OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31480 | SERVER-OTHER OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31481 | SERVER-OTHER OpenSSL SSL ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31482 | SERVER-OTHER OpenSSL TLSv1.0 ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31483 | SERVER-OTHER OpenSSL TLSv1.1 ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31484 | SERVER-OTHER OpenSSL TLSv1.2 ChangeCipherSpec man-in-the-middle exploitation attempt (more info ...) | attempted-dos | 2014-0224 | 67899 | URL | |
| 31497 | SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (more info ...) | attempted-admin | 2014-2424 | 66871 | URL | |
| 31498 | SERVER-WEBAPP Oracle Event Processing FileUploadServlet directory traversal attempt (more info ...) | attempted-admin | 2014-2424 | 66871 | URL | |
| 31507 | MALWARE-CNC Win.Trojan.HW32 variant spam attempt (more info ...) | trojan-activity | URL | |||
| 31513 | BROWSER-FIREFOX Multiple browser pressure function denial of service attempt (more info ...) | denial-of-service | 2014-1512 | |||
| 31530 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31532 | APP-DETECT Xolominer outbound connection attempt (more info ...) | policy-violation | URL | |||
| 31533 | MALWARE-CNC Win.Trojan.Xolominer malicious user detected (more info ...) | trojan-activity | URL | |||
| 31543 | MALWARE-CNC User-Agent known malicious user-agent string - MSIE 7.0 na - Win.Trojan.Koobface (more info ...) | trojan-activity | URL | |||
| 31544 | MALWARE-CNC Win.Trojan.Koobface variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31545 | MALWARE-CNC Win.Trojan.Koobface variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31547 | MALWARE-CNC Win.Trojan.Yakes variant inbound connection (more info ...) | trojan-activity | URL | |||
| 31548 | MALWARE-CNC Win.Trojan.Yakes variant inbound connection (more info ...) | trojan-activity | URL | |||
| 31563 | MALWARE-CNC Backdoor Elirks.A command and control traffic (more info ...) | trojan-activity | URL | |||
| 31567 | SERVER-WEBAPP Gitlist remote command injection attempt (more info ...) | attempted-admin | 2014-4511 | 68888 | ||
| 31568 | SERVER-WEBAPP Invsionix Roaming System remote file include attempt (more info ...) | web-application-attack | 2006-4237 | |||
| 31571 | FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (more info ...) | attempted-user | 2012-5576 | 56647 | ||
| 31572 | FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (more info ...) | attempted-user | 2012-5576 | 56647 | ||
| 31573 | FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (more info ...) | attempted-user | 2012-5576 | 56647 | ||
| 31574 | FILE-IMAGE GIMP XWD BlueMask file-handling stack buffer overflow attempt (more info ...) | attempted-user | 2012-5576 | 56647 | ||
| 31575 | FILE-IMAGE GIMP XWD GreenMask file-handling stack buffer overflow attempt (more info ...) | attempted-user | 2012-5576 | 56647 | ||
| 31576 | FILE-IMAGE GIMP XWD RedMask file-handling stack buffer overflow attempt (more info ...) | attempted-user | 2012-5576 | 56647 | ||
| 31586 | MALWARE-CNC Win.Trojan.Backoff initial outbound connection (more info ...) | trojan-activity | URL | |||
| 31593 | MALWARE-CNC Andr.Trojan.SMSSend outbound connection (more info ...) | trojan-activity | URL | |||
| 31603 | MALWARE-CNC Win.Trojan.Glupteba C&C server HELLO request to client (more info ...) | trojan-activity | URL | |||
| 31604 | MALWARE-CNC Win.Trojan.Glupteba C&C server READD command to client (more info ...) | trojan-activity | URL | |||
| 31605 | MALWARE-CNC Win.Trojan.Glupteba C&C server READY command to client (more info ...) | trojan-activity | URL | |||
| 31606 | MALWARE-CNC Win.Trojan.Glupteba payload download request (more info ...) | trojan-activity | URL | |||
| 31607 | MALWARE-CNC Win.Trojan.Glupteba client response/authenticate to C&C server (more info ...) | trojan-activity | URL | |||
| 31633 | MALWARE-CNC Noniem.A outbound connection (more info ...) | trojan-activity | URL | |||
| 31637 | SERVER-WEBAPP Ad Fundum Integrateable News Script remote include path attempt (more info ...) | web-application-attack | 2007-0570 | 22259 | ||
| 31641 | MALWARE-CNC Win.Tinybanker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31642 | MALWARE-CNC Win.Tinybanker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31644 | MALWARE-CNC Andr.Trojan.Scarelocker outbound connection (more info ...) | trojan-activity | URL | |||
| 31647 | SERVER-WEBAPP AVM FritzBox webcm command injection attempt (more info ...) | attempted-admin | 65520 | |||
| 31648 | SERVER-WEBAPP AVM FritzBox webcm command injection attempt (more info ...) | attempted-admin | 65520 | |||
| 31649 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31669 | MALWARE-CNC Win.Trojan.Dexter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31670 | FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (more info ...) | attempted-user | 2014-3434 | 68946 | ||
| 31671 | FILE-OTHER Symantec Endpoint Protection Sysplant kernel pool overflow exploit attempt (more info ...) | attempted-user | 2014-3434 | 68946 | ||
| 31680 | MALWARE-CNC Win.Trojan.Tirabot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31681 | MALWARE-CNC Win.Trojan.Badur download attempt (more info ...) | trojan-activity | URL | |||
| 31682 | MALWARE-CNC Win.Trojan.Badur download attempt (more info ...) | trojan-activity | URL | |||
| 31683 | MALWARE-CNC Win.Trojan.Badur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31688 | MALWARE-CNC User-Agent known malicious user-agent string - Downloader 1.8 - Win.Trojan.Graftor (more info ...) | trojan-activity | URL | |||
| 31689 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31691 | MALWARE-CNC Win.Trojan.Kronos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31693 | MALWARE-CNC Win.Trojan.Korplug Poisoned Hurricane Malware outbound connection (more info ...) | trojan-activity | URL | |||
| 31694 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 31695 | EXPLOIT-KIT Angler exploit kit encrypted binary download (more info ...) | trojan-activity | ||||
| 31696 | SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (more info ...) | web-application-attack | 2014-2314 | 65849 | ||
| 31697 | SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (more info ...) | web-application-attack | 2014-2314 | 65849 | ||
| 31698 | SERVER-WEBAPP Jira Issue Collector Plugin directory traversal attempt (more info ...) | web-application-attack | 2014-2314 | 65849 | ||
| 31700 | EXPLOIT-KIT Hanjuan exploit kit landing page detection (more info ...) | trojan-activity | URL | |||
| 31704 | SERVER-OTHER FCKeditor textinputs cross site scripting attempt (more info ...) | web-application-attack | 2014-4037 | |||
| 31706 | MALWARE-CNC Win.Trojan.Korgapam outbound connection (more info ...) | trojan-activity | URL | |||
| 31709 | SERVER-OTHER Cougar-LG configuration file access attempt (more info ...) | attempted-recon | 2014-3928 | URL | ||
| 31712 | MALWARE-CNC Win.Trojan.Ragua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31713 | MALWARE-CNC Win.Trojan.Ragua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31714 | MALWARE-CNC Win.Trojan.Ragua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31715 | MALWARE-CNC Win.Trojan.Ragua variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31716 | MALWARE-CNC Win.Trojan.Otupsys variant outbound connection (more info ...) | trojan-activity | 2012-0158 | URL | ||
| 31718 | MALWARE-CNC Win.Trojan.Critroni outbound connection (more info ...) | trojan-activity | URL | |||
| 31722 | MALWARE-CNC Win.Trojan.Waski variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31727 | SERVER-OTHER Cistron-LG configuration file access attempt (more info ...) | attempted-recon | 2014-3930 | URL | ||
| 31735 | MALWARE-CNC Win.Trojan.Upatre variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31736 | MALWARE-CNC Win.Trojan.Upatre variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31744 | MALWARE-CNC Win.Trojan.Eratoma outbound connection (more info ...) | trojan-activity | URL | |||
| 31745 | SERVER-WEBAPP vTiger CRM install module command injection attempt (more info ...) | attempted-admin | 2014-2268 | 66758 | ||
| 31748 | MALWARE-CNC Win.Trojan.Qulkonwi outbound connection (more info ...) | trojan-activity | URL | |||
| 31753 | MALWARE-CNC Win.Trojan.Elpapok outbound connection (more info ...) | trojan-activity | URL | |||
| 31755 | MALWARE-CNC Win.Trojan.Miras variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31766 | SERVER-OTHER Cougar-LG addr parameter XSS attempt (more info ...) | misc-attack | 2014-3926 | URL | ||
| 31767 | SERVER-OTHER MRLG fastping echo reply memory corruption attempt (more info ...) | misc-attack | 2014-3931 | URL | ||
| 31768 | MALWARE-CNC Win.Trojan.Ecsudown outbound connection (more info ...) | trojan-activity | URL | |||
| 31770 | EXPLOIT-KIT Sweet Orange exploit kit jquery_datepicker domain decode attempt (more info ...) | trojan-activity | URL | |||
| 31772 | MALWARE-CNC Win.Trojan.Cridex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31774 | FILE-IDENTIFY BitTorrent torrent file attachment detected (more info ...) | misc-activity | URL | |||
| 31775 | FILE-IDENTIFY BitTorrent torrent file attachment detected (more info ...) | misc-activity | URL | |||
| 31776 | FILE-IDENTIFY BitTorrent torrent file attachment detected (more info ...) | misc-activity | URL | |||
| 31777 | FILE-OTHER Free Download Manager .torrent parsing announce overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 31778 | FILE-OTHER Free Download Manager .torrent parsing comment overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 31779 | FILE-OTHER Free Download Manager .torrent parsing name overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 31780 | FILE-OTHER Free Download Manager .torrent parsing path overflow attempt (more info ...) | attempted-user | 2009-0184 | 33555 | ||
| 31805 | MALWARE-CNC Win.Trojan.Dizk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31806 | MALWARE-CNC Win.Trojan.Nighthunter data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 31807 | MALWARE-CNC Win.Trojan.Nighthunter data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 31813 | MALWARE-CNC Win.Trojan.Expiro outbound connection (more info ...) | trojan-activity | URL | |||
| 31818 | SERVER-WEBAPP ManageEngine DesktopCentral statusUpdate servlet directory traversal attempt (more info ...) | web-application-attack | 2014-5005 | 69494 | ||
| 31820 | MALWARE-CNC Win.Banker.Delf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31824 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31826 | MALWARE-CNC Win.Trojan.Delf variant HTTP Response (more info ...) | trojan-activity | URL | |||
| 31827 | MALWARE-CNC Win.Trojan.Delf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31832 | MALWARE-CNC Win.Trojan.Pfinet outbound connection (more info ...) | trojan-activity | URL | |||
| 31833 | MALWARE-CNC Win.Trojan.Chkbot outbound connection (more info ...) | trojan-activity | URL | |||
| 31834 | MALWARE-CNC Win.Trojan-Downloader.Delorado variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31835 | MALWARE-CNC Win.Trojan.Yesudac variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31836 | MALWARE-CNC Win.Trojan.MSIL.Seribe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31837 | MALWARE-CNC Win.Trojan.Retgate variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31838 | SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (more info ...) | web-application-attack | 2014-6037 | 69482 | ||
| 31851 | PROTOCOL-SNMP Arris DG950A 128 bit WEP key enumeration attempt (more info ...) | attempted-recon | 2014-4863 | 69631 | ||
| 31852 | PROTOCOL-SNMP Arris DG950A 64 bit WEP key enumeration attempt (more info ...) | attempted-recon | 2014-4863 | 69631 | ||
| 31853 | PROTOCOL-SNMP Arris DG950A WPA key enumeration attempt (more info ...) | attempted-recon | 2014-4863 | 69631 | ||
| 31854 | PROTOCOL-SNMP Multiple Products 128 bit WEP key enumeration attempt (more info ...) | attempted-recon | 2014-4862 | 69630 | ||
| 31855 | PROTOCOL-SNMP Multiple Products 64 bit WEP key enumeration attempt (more info ...) | attempted-recon | 2014-4862 | 69630 | ||
| 31856 | PROTOCOL-SNMP Multiple Products WPA key enumeration attempt (more info ...) | attempted-recon | 2014-4862 | 69630 | ||
| 31860 | SERVER-OTHER Apple CUPS web interface cross site scripting attempt (more info ...) | web-application-attack | 2015-1159 | 75106 | URL | |
| 31883 | MALWARE-CNC Win.Trojan.Waterspout outbound connection (more info ...) | trojan-activity | URL | |||
| 31885 | MALWARE-CNC Win.Trojan.Threebyte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31889 | SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (more info ...) | attempted-user | ||||
| 31890 | SERVER-MAIL Exim Dovecot LDA sender_address command injection attempt (more info ...) | attempted-user | ||||
| 31895 | MALWARE-CNC Win.Trojan.Toupi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31896 | MALWARE-CNC Win.Trojan.Magnetor vairant outbound connection (more info ...) | trojan-activity | URL | |||
| 31897 | MALWARE-CNC Win.Trojan.Dexter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31904 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31907 | MALWARE-CNC Win.Trojan.MSIL.Honerep variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31909 | MALWARE-CNC Win.Trojan.Basostab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31911 | MALWARE-CNC Win.Trojan.MSIL.Gareme variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31912 | SERVER-WEBAPP cPanel 9.01 multiple URI parameters cross site scripting attempt (more info ...) | web-application-attack | 2004-1875 | |||
| 31913 | MALWARE-CNC Win.Trojan.Maozhi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31915 | MALWARE-CNC WIN.Trojan.Ziyazo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31916 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31923 | MALWARE-CNC Win.Trojan.Symmi variant HTTP response attempt (more info ...) | trojan-activity | URL | |||
| 31924 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31928 | MALWARE-CNC Win.Trojan-Downloader.Becontr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31929 | MALWARE-CNC Win.Trojan.Kanav variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31930 | MALWARE-CNC Win.Trojan.Kanav variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31941 | MALWARE-CNC Win.Trojan-Downloader.Pedrp variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31944 | MALWARE-CNC Win.Trojan.Tavdig outbound connection (more info ...) | trojan-activity | URL | |||
| 31947 | MALWARE-CNC User-Agent known malicious user-agent string - HttpCall - Win.Trojan.Rukypee (more info ...) | trojan-activity | URL | |||
| 31948 | MALWARE-CNC User-Agent known malicious user-agent string - MyProgramm - Win.Trojan.Rukypee (more info ...) | trojan-activity | URL | |||
| 31954 | MALWARE-CNC Win.Trojan.Ezbro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31955 | MALWARE-CNC Win.Trojan.Ezbro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31956 | SERVER-WEBAPP Rejetto HttpFileServer command injection attempt (more info ...) | web-application-attack | 2014-6287 | 69782 | ||
| 31957 | MALWARE-CNC Win.Backdoor.MSIL.Torct variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31964 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31965 | EXPLOIT-KIT Astrum exploit kit landing page (more info ...) | trojan-activity | URL | |||
| 31970 | EXPLOIT-KIT Astrum exploit kit redirection attempt (more info ...) | trojan-activity | URL | |||
| 31971 | EXPLOIT-KIT Astrum exploit kit multiple exploit download request (more info ...) | trojan-activity | URL | |||
| 31973 | MALWARE-CNC Win.Trojan.Chebri variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31974 | MALWARE-CNC Win.Trojan.Zegorg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 31990 | MALWARE-CNC User-Agent known malicious user-agent string - Install - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 31991 | MALWARE-CNC User-Agent known malicious user-agent string - Treck - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 31992 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31993 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31994 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31995 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31996 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31997 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31998 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 31999 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 32000 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 32001 | MALWARE-CNC Win.Backdoor.Upatre SSL Cert inbound (more info ...) | trojan-activity | URL | |||
| 32002 | MALWARE-CNC Win.Worm.Zorenium variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32003 | SERVER-WEBAPP Drupal xmlrp internal entity expansion denial of service attempt (more info ...) | attempted-dos | 2014-5265 | URL | ||
| 32004 | SERVER-WEBAPP Drupal xmlrp internal entity expansion denial of service attempt (more info ...) | attempted-dos | 2014-5265 | URL | ||
| 32012 | MALWARE-CNC Win.Trojan-Downloader.Bipamid variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32015 | MALWARE-CNC Win.Backdoor.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32016 | MALWARE-CNC Win.Trojan.MSIL.Menteni variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32017 | MALWARE-CNC Win.Trojan.Memlog SMB file transfer (more info ...) | trojan-activity | URL | |||
| 32018 | MALWARE-CNC Win.Backdoor.Hupigon.NYK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32020 | MALWARE-CNC Win.Backdoor.Krompt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32023 | MALWARE-CNC Win.Trojan.Sinpid variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32028 | MALWARE-CNC Win.Backdoor.Klabcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32029 | BROWSER-OTHER Android WebView same origin policy bypass attempt (more info ...) | misc-activity | 2014-6041 | 69548 | ||
| 32030 | MALWARE-CNC User-Agent known malicious user-agent string Decibal - Win.Trojan.Decibal (more info ...) | trojan-activity | URL | |||
| 32031 | MALWARE-CNC Win.Trojan.Decibal variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32033 | MALWARE-CNC Win.Trojan.Larosden variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32034 | MALWARE-CNC Win.Trojan.Larefervt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32035 | MALWARE-CNC Win.Trojan.Boleteiro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32036 | MALWARE-CNC Win.Trojan.Somoca vaniant outbound connection (more info ...) | trojan-activity | URL | |||
| 32037 | MALWARE-CNC Win.Trojan.Banload.awt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32044 | SERVER-WEBAPP ManageEngine Eventlog Analyzer directory traversal attempt (more info ...) | web-application-attack | 2014-6037 | 69482 | ||
| 32048 | MALWARE-CNC Win.Trojan.Lecpetex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32050 | MALWARE-CNC Win.Trojan.MSIL.Larosden variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32052 | MALWARE-CNC User-Agent Xsser mRAT user-agent (more info ...) | trojan-activity | URL | |||
| 32053 | MALWARE-CNC Xsser mRAT GPS data upload (more info ...) | trojan-activity | URL | |||
| 32054 | MALWARE-CNC Xsser mRAT file upload (more info ...) | trojan-activity | URL | |||
| 32057 | SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6036 | 70172 | URL | |
| 32058 | MALWARE-CNC Win.Backdoor.Masatekar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32060 | MALWARE-CNC User-Agent known malicious user agent string - httptestman - Win.Backdoor.Rabasheeta (more info ...) | trojan-activity | URL | |||
| 32061 | MALWARE-CNC Win.Trojan-Downloader.Nekill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32065 | MALWARE-CNC Win.Trojan.Asprox inbound connection (more info ...) | trojan-activity | URL | |||
| 32066 | MALWARE-CNC Win.Trojan.Asprox outbound connection (more info ...) | trojan-activity | URL | |||
| 32067 | MALWARE-CNC Win.Trojan.Asprox outbound connection (more info ...) | trojan-activity | URL | |||
| 32068 | POLICY-OTHER SolarWinds Log and Event Manager default credentials authentication attempt (more info ...) | policy-violation | 2014-5504 | 69559 | URL | |
| 32070 | MALWARE-CNC Win.Trojan.Dalgan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32071 | MALWARE-CNC Win.Backdoor.Zapchast variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32072 | MALWARE-CNC Win.Trojan.Zemot configuration download attempt (more info ...) | trojan-activity | URL | |||
| 32073 | MALWARE-CNC Win.Trojan.Zemot outbound connection (more info ...) | trojan-activity | URL | |||
| 32074 | MALWARE-CNC Win.Trojan.Zemot payload download attempt (more info ...) | trojan-activity | URL | |||
| 32075 | MALWARE-CNC Win.Trojan.Small variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32076 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (more info ...) | attempted-admin | 2014-5160 | 68856 | ||
| 32086 | MALWARE-CNC Win.Backdoor.Corkow variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32087 | FILE-OTHER GNU tar PAX extended headers handling overflow attempt (more info ...) | attempted-dos | 2006-0300 | 16764 | ||
| 32088 | FILE-OTHER GNU tar PAX extended headers handling overflow attempt (more info ...) | attempted-dos | 2006-0300 | 16764 | ||
| 32089 | FILE-OTHER GNU tar PAX extended headers handling overflow attempt (more info ...) | attempted-dos | 2006-0300 | 16764 | ||
| 32090 | MALWARE-CNC Win.Trojan.Saaglup variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32091 | MALWARE-CNC Win.Backdoor.PcertStealer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32092 | POLICY-OTHER ManageEngine DeviceExpert user credentials enumeration attempt (more info ...) | policy-violation | 2014-5377 | 69443 | ||
| 32093 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32096 | MALWARE-CNC Win.Trojan.Puver variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32109 | SERVER-WEBAPP Easy File Management stack buffer overflow attempt (more info ...) | attempted-admin | 67542 | |||
| 32117 | PUA-ADWARE MplayerX malvertising browser hijacker (more info ...) | misc-activity | URL | |||
| 32118 | PUA-ADWARE MplayerX malvertising connectivity check (more info ...) | misc-activity | URL | |||
| 32119 | PUA-ADWARE Vsearch installer User-Agent (more info ...) | misc-activity | URL | |||
| 32120 | PUA-ADWARE Vsearch installer request (more info ...) | misc-activity | URL | |||
| 32121 | MALWARE-CNC Win.Trojan.Kryptik variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32123 | MALWARE-CNC Win.Trojan.Zbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32125 | MALWARE-CNC User-Agent known malicious user-agent string - update - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 32126 | MALWARE-CNC Win.Trojan.Lizarbot outbound connection (more info ...) | trojan-activity | URL | |||
| 32129 | MALWARE-CNC Win.Trojan.Downloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32130 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32134 | FILE-IDENTIFY XBM file attachment detected (more info ...) | misc-activity | URL | |||
| 32135 | FILE-IDENTIFY XBM file attachment detected (more info ...) | misc-activity | URL | |||
| 32136 | FILE-OTHER GNU gzip LZH decompression make_table overflow attempt (more info ...) | attempted-user | 2006-4335 | URL | ||
| 32172 | MALWARE-CNC Win.Trojan.BlackPOS stolen data transfer to internal staging area (more info ...) | trojan-activity | URL | |||
| 32175 | MALWARE-CNC Osx.Backdoor.iWorm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32179 | MALWARE-CNC WIN.Trojan.Plugx variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32180 | MALWARE-CNC Win.Backdoor.ZxShell connection incoming attempt (more info ...) | trojan-activity | URL | |||
| 32181 | MALWARE-CNC Win.Backdoor.ZxShell connection outgoing attempt (more info ...) | trojan-activity | URL | |||
| 32188 | MALWARE-CNC Win.Trojan.BlackEnergy3 outbound connection (more info ...) | trojan-activity | URL | |||
| 32189 | MALWARE-CNC Win.Trojan.BlackEnergy2 outbound connection (more info ...) | trojan-activity | URL | |||
| 32192 | MALWARE-CNC Win.Trojan.Zxshell variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32193 | MALWARE-CNC Win.Trojan.Dubrute variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32194 | MALWARE-CNC Win.Trojan.Dubrute variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32195 | MALWARE-CNC Win.Trojan.Palebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32196 | MALWARE-CNC Win.Trojan.Graftor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32197 | MALWARE-CNC Win.Trojan.Zerolocker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32198 | MALWARE-CNC Win.Trojan.Mujormel outbound connection (more info ...) | trojan-activity | URL | |||
| 32199 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 305 directory traversal attempt (more info ...) | attempted-admin | 2014-5160 | 68855 | ||
| 32202 | MALWARE-CNC Win.Trojan.Soaphrish variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32204 | SERVER-OTHER SSLv3 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-3568 | URL | ||
| 32205 | SERVER-OTHER SSLv3 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-3568 | URL | ||
| 32220 | MALWARE-CNC Win.Trojan.Kazy download detected (more info ...) | trojan-activity | URL | |||
| 32221 | MALWARE-CNC Win.Trojan.Kazy download detected (more info ...) | trojan-activity | URL | |||
| 32222 | MALWARE-CNC Win.Backdoor.MSIL.Liroospu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32223 | SERVER-OTHER Firebird database invalid state integer overflow attempt (more info ...) | attempted-dos | 2008-0387 | 27403 | ||
| 32224 | SERVER-OTHER Firebird database invalid state integer overflow attempt (more info ...) | attempted-dos | 2008-0387 | 27403 | ||
| 32225 | MALWARE-CNC Win.Trojan.Cryptowall variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32240 | SERVER-OTHER rsyslog remote PRI out of bounds attempt (more info ...) | denial-of-service | 2014-3683 | URL | ||
| 32243 | MALWARE-CNC WIN.Trojan.Clemint variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32250 | MALWARE-CNC Win.Trojan.Hydraq.variant outbound detected (more info ...) | trojan-activity | ||||
| 32259 | MALWARE-CNC Win.Trojan.BlackEnergy INF file download attempt (more info ...) | trojan-activity | URL | |||
| 32270 | MALWARE-CNC Win.Trojan.Tinba variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32272 | MALWARE-CNC WIN.Trojan.Hesechca variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32273 | MALWARE-CNC Win.Trojan.Spamnost variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32274 | OS-MOBILE Apple iOS 8.x jailbreak download attempt (more info ...) | attempted-admin | URL | |||
| 32275 | OS-MOBILE Apple iOS 8.x jailbreak download attempt (more info ...) | attempted-admin | URL | |||
| 32285 | MALWARE-CNC Win.Trojan.Zoxpng variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32287 | MALWARE-CNC Win.Trojan.Sapertilz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32289 | MALWARE-CNC Win.Trojan.Cryptolocker download detected (more info ...) | trojan-activity | URL | |||
| 32290 | MALWARE-CNC Win.Trojan.Cryptolocker download detected (more info ...) | trojan-activity | URL | |||
| 32291 | MALWARE-CNC Win.Trojan.Cryptolocker download detected (more info ...) | trojan-activity | URL | |||
| 32292 | MALWARE-CNC Win.Trojan.Cryptolocker download detected (more info ...) | trojan-activity | URL | |||
| 32293 | MALWARE-CNC Win.Trojan.Acanas variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32294 | MALWARE-CNC User-Agent known malicious user agent BloodguyBrowser-_- (more info ...) | trojan-activity | URL | |||
| 32295 | MALWARE-CNC User-Agent known malicious user-agent string http - Win.Trojan.Waski (more info ...) | trojan-activity | URL | |||
| 32296 | MALWARE-CNC User-Agent known malicious user-agent string update - Win.Trojan.Waski (more info ...) | trojan-activity | URL | |||
| 32310 | MALWARE-CNC Win.Trojan.Farfli variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32311 | MALWARE-CNC Win.Trojan.Rehtesyk outbound connection (more info ...) | trojan-activity | URL | |||
| 32321 | SERVER-OTHER Generic JPEG stored cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 32322 | SERVER-OTHER Generic JPEG stored cross site scripting attempt (more info ...) | web-application-attack | URL | |||
| 32328 | MALWARE-CNC Win.Trojan.Maener variant download request (more info ...) | trojan-activity | URL | |||
| 32329 | MALWARE-CNC Win.Trojan.Maener variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32330 | MALWARE-CNC Win.Trojan.Maener variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32332 | MALWARE-CNC Win.Trojan.Hancitor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32333 | MALWARE-CNC User-Agent known malicious user-agent string fast uax (more info ...) | trojan-activity | URL | |||
| 32334 | MALWARE-CNC Win.Trojan.Stantinko variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32338 | MALWARE-CNC Win.Trojan.Ropest variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32339 | PUA-ADWARE Nosibay Bubble Dock freeware auto update outbound connection (more info ...) | misc-activity | URL | |||
| 32341 | MALWARE-CNC Win.Trojan.Cakwerd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32343 | MALWARE-CNC Win.Trojan.Graftor variant inbound spam attempt (more info ...) | attempted-user | URL | |||
| 32344 | MALWARE-CNC Win.Trojan.Graftor variant outbound spam attempt (more info ...) | attempted-user | URL | |||
| 32346 | SERVER-OTHER HP OpenView Storage Data Protector CRS opcode 1091 directory traversal attempt (more info ...) | attempted-admin | 2014-5160 | 68856 | ||
| 32350 | SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6036 | 70172 | URL | |
| 32351 | SERVER-WEBAPP ManageEngine multipartRequest servlet directory traversal attempt (more info ...) | attempted-admin | 2014-6036 | 70172 | URL | |
| 32357 | MALWARE-CNC Win.Trojan.Akaza variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32366 | OS-OTHER Bash environment variable injection attempt (more info ...) | attempted-admin | 2014-7169 | |||
| 32367 | MALWARE-CNC Win.Trojan.GameOverZeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32368 | MALWARE-CNC Win.Trojan.Cridex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32372 | MALWARE-CNC Win.Trojan.Drepitt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32373 | MALWARE-CNC Win.Trojan.Broonject variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32374 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32375 | BROWSER-OTHER WGet symlink arbitrary file write attempt (more info ...) | attempted-user | 2014-4877 | 70751 | ||
| 32376 | SERVER-OTHER Citrix NetScaler stack buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 32379 | MALWARE-CNC Win.Trojan.Baccamun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32382 | SERVER-OTHER OpenSSL DTLS SRTP extension parsing denial-of-service attempt (more info ...) | attempted-dos | 2014-3513 | 70584 | URL | |
| 32383 | MALWARE-CNC User-Agent known malicious user-agent string - connect - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 32384 | MALWARE-CNC User-Agent known malicious user-agent string - myupdate - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 32400 | MALWARE-CNC Win.Backdoor.Parama attempted outbound connection (more info ...) | trojan-activity | URL | |||
| 32401 | MALWARE-CNC Win.Backdoor.Kivars outbound connection (more info ...) | trojan-activity | URL | |||
| 32402 | MALWARE-CNC User-Agent known malicious user agent globalupdate - Osx.Trojan.Wirelurker (more info ...) | trojan-activity | URL | |||
| 32451 | MALWARE-CNC Win.Trojan.Backoff initial outbound connection (more info ...) | trojan-activity | URL | |||
| 32455 | MALWARE-CNC User-Agent known malicious user agent VUPHTTP - Win.Trojan.Puvespia (more info ...) | trojan-activity | URL | |||
| 32456 | MALWARE-CNC Win.Backdoor.Effseart variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32457 | MALWARE-CNC Win.Backdoor.Effseart variant inbound connection (more info ...) | trojan-activity | URL | |||
| 32464 | MALWARE-CNC Win.Trojan.TorrentLocker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32465 | SERVER-OTHER OpenSSL TLS large number of session tickets sent - possible dos attempt (more info ...) | attempted-dos | 2014-3567 | 70586 | ||
| 32466 | SERVER-OTHER OpenSSL TLS large number of session tickets sent - possible dos attempt (more info ...) | attempted-dos | 2014-3567 | 70586 | ||
| 32467 | SERVER-OTHER OpenSSL TLS large number of session tickets sent - possible dos attempt (more info ...) | attempted-dos | 2014-3567 | 70586 | ||
| 32468 | SERVER-OTHER OpenSSL TLS large number of session tickets sent - possible dos attempt (more info ...) | attempted-dos | 2014-3567 | 70586 | ||
| 32469 | MALWARE-CNC Win.Trojan.Bankeiya outbound connection (more info ...) | trojan-activity | URL | |||
| 32486 | MALWARE-CNC Win.Backdoor.Exadog outbound connection (more info ...) | trojan-activity | URL | |||
| 32487 | MALWARE-CNC Win.Backdoor.Exadog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32506 | MALWARE-CNC Win.Trojan.Secdeskinf outbound connection (more info ...) | trojan-activity | URL | |||
| 32511 | MALWARE-CNC PCRat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32512 | MALWARE-CNC PCRat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32513 | MALWARE-CNC Win.Backdoor.Havex outbound connection (more info ...) | trojan-activity | URL | |||
| 32521 | MALWARE-CNC Win.Trojan.Cryptowall 2.0 possible TOR client retrieval attempt (more info ...) | trojan-activity | URL | |||
| 32526 | POLICY-OTHER Visual Mining NetCharts default credentials authentication attempt (more info ...) | policy-violation | 2014-8516 | 70895 | URL | |
| 32529 | MALWARE-CNC Win.Backdoor.Vkont variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32546 | SERVER-WEBAPP F5 BIG-IP Enterprise Manager XML entity injection attempt (more info ...) | attempted-user | 2014-6032 | |||
| 32547 | SERVER-WEBAPP F5 BIG-IP Enterprise Manager XML entity injection attempt (more info ...) | attempted-user | 2014-6032 | |||
| 32548 | MALWARE-CNC Mac.Backdoor.iWorm attempted outbound connection (more info ...) | trojan-activity | URL | |||
| 32550 | MALWARE-CNC Win.Trojan.Extant variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32551 | MALWARE-CNC Win.Trojan.Coreshell variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32556 | MALWARE-CNC Win.Trojan.Bayoboiz outbound connection (more info ...) | trojan-activity | URL | |||
| 32557 | MALWARE-CNC Win.Trojan.Bayoboiz outbound connection (more info ...) | trojan-activity | URL | |||
| 32566 | POLICY-OTHER SSLv3 CBC client connection attempt (more info ...) | attempted-recon | 2014-3566 | |||
| 32579 | SERVER-WEBAPP Reflected file download attempt (more info ...) | web-application-attack | URL | |||
| 32580 | SERVER-WEBAPP Reflected file download attempt (more info ...) | web-application-attack | URL | |||
| 32583 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32584 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32585 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32586 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32598 | MALWARE-CNC Win.Backdoor.Mysayad file wipe attempt (more info ...) | trojan-activity | URL | |||
| 32599 | MALWARE-CNC Win.Backdoor.Mysayad outbound connection (more info ...) | trojan-activity | URL | |||
| 32600 | MALWARE-CNC Win.Backdoor.Mysayad file wipe attempt (more info ...) | trojan-activity | URL | |||
| 32602 | POLICY-OTHER ManageEngine Eventlog Analyzer credential disclosure attempt (more info ...) | attempted-recon | 2014-6039 | URL | ||
| 32603 | POLICY-OTHER ManageEngine Eventlog Analyzer information disclosure attempt (more info ...) | attempted-recon | 2014-6038 | |||
| 32604 | MALWARE-CNC Win.Trojan.Geodo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32605 | MALWARE-CNC Win.Worm.Jenxcus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32606 | MALWARE-CNC Win.Trojan.Sodebral variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32607 | MALWARE-CNC Win.Trojan.Sodebral HTTP Response attempt (more info ...) | trojan-activity | URL | |||
| 32608 | MALWARE-CNC Win.Trojan.Sodebral HTTP Response attempt (more info ...) | trojan-activity | URL | |||
| 32609 | MALWARE-CNC Win.Trojan.NetWiredRC variant registration message (more info ...) | trojan-activity | URL | |||
| 32610 | MALWARE-CNC Win.Trojan.NetWiredRC variant keepalive (more info ...) | trojan-activity | URL | |||
| 32613 | MALWARE-CNC Win.Downloader.Jadowndec attempted outbound connection (more info ...) | trojan-activity | URL | |||
| 32614 | MALWARE-CNC Win.Downloader.Jadowndec attempted outbound connection (more info ...) | trojan-activity | URL | |||
| 32619 | FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (more info ...) | attempted-user | 2013-6079 | |||
| 32620 | FILE-OTHER MostGear EasyLanFolderShare serial key overflow attempt (more info ...) | attempted-user | 2013-6079 | |||
| 32621 | MALWARE-CNC Win.Trojan.Regin outbound connection (more info ...) | trojan-activity | URL | |||
| 32622 | MALWARE-CNC Win.Trojan.Regin outbound connection (more info ...) | trojan-activity | URL | |||
| 32623 | MALWARE-CNC Win.Trojan.Regin outbound connection (more info ...) | trojan-activity | URL | |||
| 32624 | MALWARE-CNC Win.Trojan.Regin outbound connection (more info ...) | trojan-activity | URL | |||
| 32636 | FILE-OTHER fCreateShellLink function use - potential attack (more info ...) | misc-activity | 2008-2959 | |||
| 32640 | EXPLOIT-KIT Sweet Orange exploit kit outbound payload detection (more info ...) | trojan-activity | ||||
| 32645 | MALWARE-CNC User-Agent known malicious user-agent string RUpdate (more info ...) | trojan-activity | URL | |||
| 32665 | MALWARE-CNC Win.Trojan.Chopstick variant outbound request (more info ...) | trojan-activity | URL | |||
| 32667 | MALWARE-CNC Win.Trojan.Chopstick variant outbound request (more info ...) | trojan-activity | URL | |||
| 32670 | MALWARE-CNC Win.Dropper.Ch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32671 | FILE-OTHER LibYAML yaml_parser_scan_uri_escapes heap buffer overflow attempt (more info ...) | attempted-user | 2014-2525 | |||
| 32673 | SERVER-OTHER Web Service on Devices API WSDAPI URL processing buffer corruption attempt (more info ...) | denial-of-service | 2009-2512 | |||
| 32674 | MALWARE-CNC Win.Trojan.Wiper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32677 | MALWARE-CNC Win.Trojan.Dridex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32678 | MALWARE-CNC Win.Trojan.Dridex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32706 | MALWARE-CNC Win.Trojan.Kuluoz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32727 | MALWARE-CNC Win.Backdoor.Uclinu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32728 | MALWARE-CNC Win.Trojan.Olegb variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32729 | POLICY-OTHER HP Network Node Manager ovopi.dll command 685 insecure pointer dereference attempt (more info ...) | policy-violation | 2014-2624 | URL | ||
| 32734 | MALWARE-CNC Win.Backdoor.Typideg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32740 | POLICY-OTHER Arris VAP2500 default credentials authentication attempt (more info ...) | policy-violation | 2014-8424 | 71297 | URL | |
| 32741 | POLICY-OTHER Arris VAP2500 default credentials authentication attempt (more info ...) | policy-violation | 2014-8424 | 71297 | URL | |
| 32743 | MALWARE-CNC VGABot IRC communication attempt (more info ...) | trojan-activity | URL | |||
| 32744 | SERVER-WEBAPP ManageEngine NetFlow Analyzer DisplayChartPDF directory traversal attempt (more info ...) | attempted-recon | 2014-5446 | 71404 | ||
| 32747 | MALWARE-CNC Win.Trojan.Ragebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32748 | SERVER-OTHER Ecava IntegraXor HMI /res buffer overflow attempt (more info ...) | attempted-user | 2014-0753 | |||
| 32755 | SERVER-OTHER TLSv1.0 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-8730 | URL | ||
| 32756 | SERVER-OTHER TLSv1.1 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-8730 | URL | ||
| 32757 | SERVER-OTHER TLSv1.2 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-8730 | URL | ||
| 32758 | SERVER-OTHER TLSv1.0 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-8730 | URL | ||
| 32759 | SERVER-OTHER TLSv1.1 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-8730 | URL | ||
| 32760 | SERVER-OTHER TLSv1.2 POODLE CBC padding brute force attempt (more info ...) | attempted-recon | 2014-8730 | URL | ||
| 32769 | MALWARE-CNC Win.Trojan.WOWCheckC Attempted CNC (more info ...) | attempted-user | URL | |||
| 32770 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32773 | SERVER-WEBAPP Symantec messaging gateway management console cross-site scripting attempt (more info ...) | attempted-user | 2014-1648 | URL | ||
| 32776 | MALWARE-CNC FIN4 VBA Macro credentials upload attempt (more info ...) | trojan-activity | URL | |||
| 32780 | MALWARE-CNC Win.Backdoor.Eskaetee outbound connection (more info ...) | trojan-activity | URL | |||
| 32781 | MALWARE-CNC Win.Backdoor.Eskaetee outbound connection (more info ...) | trojan-activity | URL | |||
| 32791 | MALWARE-CNC Win.Virus.Ransomlock outbound connection (more info ...) | trojan-activity | URL | |||
| 32792 | MALWARE-CNC Win.Virus.Ransomlock inbound connection (more info ...) | trojan-activity | URL | |||
| 32821 | FILE-PDF Cross Domain potentially malicious redirection attempt (more info ...) | attempted-user | 2014-8453 | URL | ||
| 32822 | FILE-PDF Cross Domain potentially malicious redirection attempt (more info ...) | attempted-user | 2014-8453 | URL | ||
| 32823 | MALWARE-CNC Win.Trojan.Darkhotel outbound connection (more info ...) | trojan-activity | URL | |||
| 32824 | MALWARE-CNC Win.Trojan.Darkhotel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32825 | MALWARE-CNC Win.Trojan.Darkhotel outbound connection (more info ...) | trojan-activity | URL | |||
| 32826 | MALWARE-CNC Win.Trojan.Darkhotel data upload attempt (more info ...) | trojan-activity | URL | |||
| 32827 | MALWARE-CNC Win.Trojan.Darkhotel response connection attempt (more info ...) | trojan-activity | URL | |||
| 32852 | MALWARE-CNC Win.Trojan.Poolfiend variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32853 | MALWARE-CNC Win.Trojan.Poolfiend variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32854 | MALWARE-CNC Win.Trojan.Loodir outbound connection (more info ...) | trojan-activity | URL | |||
| 32866 | APP-DETECT I2P UPNP query attempt (more info ...) | misc-activity | URL | |||
| 32871 | OS-WINDOWS Multiple product mailto uri handling code execution attempt (more info ...) | attempted-user | 2007-4041 | 25945 | URL | |
| 32875 | MALWARE-TOOLS BlackSpider Tool ali.txt file upload attempt (more info ...) | misc-activity | URL | |||
| 32882 | MALWARE-CNC Win.Trojan.Ksypypro outbound connection (more info ...) | trojan-activity | URL | |||
| 32890 | SERVER-OTHER ntpd multiple vector buffer overflow attempt (more info ...) | attempted-user | 2014-9295 | URL | ||
| 32892 | MALWARE-CNC Win.Trojan.TorLocker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32893 | MALWARE-CNC Win.Trojan.Finforst outbound connection (more info ...) | trojan-activity | URL | |||
| 32901 | FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (more info ...) | attempted-admin | 2014-8386 | 71191 | ||
| 32902 | FILE-OTHER Advantech ADAMView GeniDAQ display designer stack buffer overflow attempt (more info ...) | attempted-admin | 2014-8386 | 71191 | ||
| 32903 | FILE-OTHER Oracle Database Server XML stack buffer overflow attempt (more info ...) | attempted-user | 2013-3751 | URL | ||
| 32904 | FILE-OTHER Oracle Database Server XML stack buffer overflow attempt (more info ...) | attempted-user | 2013-3751 | URL | ||
| 32907 | POLICY-OTHER PirateBrowser User-Agent detected (more info ...) | policy-violation | URL | |||
| 32908 | MALWARE-CNC Win.Trojan.TinyZBot outbound connection (more info ...) | trojan-activity | URL | |||
| 32909 | MALWARE-CNC Win.Trojan.TinyZBot outbound connection (more info ...) | trojan-activity | URL | |||
| 32910 | MALWARE-CNC Win.Trojan.TinyZBot outbound connection (more info ...) | trojan-activity | URL | |||
| 32911 | MALWARE-BACKDOOR Win.Trojan.Wiper inbound communication attempt (more info ...) | trojan-activity | URL | |||
| 32912 | MALWARE-BACKDOOR Win.Trojan.Wiper outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 32913 | MALWARE-BACKDOOR Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32914 | MALWARE-BACKDOOR Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32915 | MALWARE-BACKDOOR Win.Trojan.Wiper inbound communication attempt (more info ...) | trojan-activity | URL | |||
| 32916 | MALWARE-BACKDOOR Win.Trojan.Wiper outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 32917 | MALWARE-BACKDOOR Win.Trojan.Wiper inbound communication attempt (more info ...) | trojan-activity | URL | |||
| 32918 | MALWARE-BACKDOOR Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32919 | MALWARE-OTHER Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32920 | MALWARE-OTHER Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32921 | MALWARE-OTHER Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32922 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32923 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32924 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32925 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32926 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32927 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32928 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32929 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32930 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32931 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32932 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32933 | MALWARE-OTHER Win.Trojan.Wiper listener download attempt (more info ...) | trojan-activity | URL | |||
| 32934 | MALWARE-OTHER Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32935 | MALWARE-OTHER Win.Trojan.Wiper download attempt (more info ...) | trojan-activity | URL | |||
| 32936 | MALWARE-TOOLS Win.Trojan.Wiper proxy tools download attempt (more info ...) | trojan-activity | URL | |||
| 32937 | MALWARE-TOOLS Win.Trojan.Wiper proxy communication attempt (more info ...) | trojan-activity | URL | |||
| 32938 | MALWARE-TOOLS Win.Trojan.Wiper proxy tool download attempt (more info ...) | trojan-activity | URL | |||
| 32945 | FILE-IDENTIFY .scr executable screensaver file attachment detected (more info ...) | misc-activity | URL | |||
| 32946 | FILE-IDENTIFY .scr executable screensaver file attachment detected (more info ...) | misc-activity | URL | |||
| 32947 | FILE-IDENTIFY .scr executable screensaver file download request (more info ...) | misc-activity | URL | |||
| 32948 | INDICATOR-COMPROMISE Download of executable screensaver file (more info ...) | policy-violation | URL | |||
| 32949 | MALWARE-OTHER Download of executable screensaver file (more info ...) | policy-violation | URL | |||
| 32950 | MALWARE-CNC Win.Trojan.Bladabindi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32951 | POLICY-OTHER base64 encoded executable file download (more info ...) | policy-violation | URL | |||
| 32952 | SERVER-WEBAPP iCloud Apple ID brute-force login attempt (more info ...) | suspicious-login | ||||
| 32953 | SERVER-OTHER XCat Blind XPath Injection attempt (more info ...) | web-application-attack | URL | |||
| 32954 | SERVER-OTHER XCat Blind XPath Injection attempt (more info ...) | web-application-attack | URL | |||
| 32955 | SERVER-OTHER XCat Blind XPath Injection attempt (more info ...) | web-application-attack | URL | |||
| 32956 | MALWARE-CNC Android.CoolReaper.Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 32957 | MALWARE-CNC Win.Trojan.TinyZBot outbound SOAP connection attempt (more info ...) | trojan-activity | URL | |||
| 32958 | MALWARE-CNC Win.Trojan.TinyZBot response connection attempt (more info ...) | trojan-activity | URL | |||
| 32968 | SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (more info ...) | web-application-attack | 2014-8727 | 71063 | ||
| 32969 | SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (more info ...) | web-application-attack | 2014-8727 | 71063 | ||
| 32970 | SERVER-WEBAPP F5 BIG-IP name parameter directory traversal attempt (more info ...) | web-application-attack | 2014-8727 | 71063 | ||
| 32971 | SERVER-WEBAPP HP System Management iprange parameter buffer overflow attempt (more info ...) | attempted-admin | 2013-2362 | URL | ||
| 32973 | MALWARE-CNC Win.Trojan.Twerket variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32974 | OS-MOBILE Android ObjectInputStream privilege escalation attempt (more info ...) | attempted-user | 2014-7911 | 71176 | ||
| 32975 | OS-MOBILE Android ObjectInputStream privilege escalation attempt (more info ...) | attempted-user | 2014-7911 | 71176 | ||
| 32976 | MALWARE-CNC Win.Trojan.Kuluos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32977 | MALWARE-CNC Win.Trojan.Kuluos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 32978 | MALWARE-CNC User-Agent known malicious user agent - extra IE version (more info ...) | trojan-activity | URL | |||
| 32979 | MALWARE-CNC User-Agent known malicious user agent - extra IE version (more info ...) | trojan-activity | URL | |||
| 32980 | MALWARE-CNC User-Agent known malicious user agent - multi-browser (more info ...) | trojan-activity | URL | |||
| 32986 | MALWARE-CNC Win.Trojan.Toopu dll embedded in png download attempt (more info ...) | trojan-activity | URL | |||
| 32987 | MALWARE-CNC Win.Trojan.Graftor outbound connection (more info ...) | trojan-activity | URL | |||
| 32988 | MALWARE-CNC Win.Trojan.Graftor outbound connection (more info ...) | trojan-activity | URL | |||
| 32989 | MALWARE-CNC Win.Trojan.Graftor outbound connection (more info ...) | trojan-activity | URL | |||
| 32990 | MALWARE-CNC Win.Trojan.Toopu outbound connection (more info ...) | trojan-activity | URL | |||
| 32991 | SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (more info ...) | web-application-attack | URL | |||
| 32992 | SERVER-OTHER SAP NetWeaver SXPG_COMMAND_EXECUTE remote command execution attempt (more info ...) | web-application-attack | URL | |||
| 32999 | PROTOCOL-SCADA Advantech WebAccess SCADA command execution attempt (more info ...) | attempted-user | 2014-0773 | URL | ||
| 33000 | PROTOCOL-SCADA Advantech WebAccess SCADA command execution attempt (more info ...) | attempted-user | 2014-0773 | URL | ||
| 33001 | PROTOCOL-SCADA Advantech WebAccess SCADA command execution attempt (more info ...) | attempted-user | 2014-0773 | URL | ||
| 33002 | PROTOCOL-SCADA Advantech WebAccess SCADA command execution attempt (more info ...) | attempted-user | 2014-0773 | URL | ||
| 33005 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (more info ...) | attempted-user | 2014-0764 | 66718 | URL | |
| 33006 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (more info ...) | attempted-user | 2014-0764 | 66718 | URL | |
| 33007 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (more info ...) | attempted-user | 2014-0764 | 66718 | URL | |
| 33008 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx NodeName buffer overflow attempt (more info ...) | attempted-user | 2014-0764 | 66718 | URL | |
| 33009 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (more info ...) | attempted-user | 2014-0770 | 66733 | URL | |
| 33010 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (more info ...) | attempted-user | 2014-0770 | 66733 | URL | |
| 33011 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (more info ...) | attempted-user | 2014-0770 | 66733 | URL | |
| 33012 | SERVER-WEBAPP Advantec WebAccess SCADA webvact.ocx UserName buffer overflow attempt (more info ...) | attempted-user | 2014-0770 | 66733 | URL | |
| 33015 | PROTOCOL-SCADA ABB MicroSCADA wserver.exe EXECUTE remote code execution attempt (more info ...) | attempted-user | URL | |||
| 33026 | FILE-IDENTIFY Publish-iT PUI file attachment detected (more info ...) | misc-activity | ||||
| 33027 | FILE-IDENTIFY Publish-iT PUI file attachment detected (more info ...) | misc-activity | ||||
| 33028 | FILE-IDENTIFY Publish-iT PUI file download request (more info ...) | misc-activity | ||||
| 33029 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33030 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33031 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33032 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33033 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33034 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33035 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33036 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33037 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33038 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33039 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33040 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 33043 | FILE-MULTIMEDIA Multiple media players M3U playlist file handling buffer overflow attempt (more info ...) | attempted-user | 2006-6063 | 21206 | ||
| 33047 | MALWARE-CNC User-Agent known malicious user-agent string - realupdate - Win.Backdoor.Upatre (more info ...) | trojan-activity | ||||
| 33054 | MALWARE-CNC Win.Trojan.Joanap outbound connection (more info ...) | trojan-activity | URL | |||
| 33058 | MALWARE-CNC Win.Backdoor.Medusa variant inbound connection (more info ...) | trojan-activity | ||||
| 33059 | MALWARE-CNC Win.Backdoor.Medusa variant outbound connection (more info ...) | trojan-activity | ||||
| 33060 | MALWARE-CNC Win.Backdoor.Medusa variant outbound connection (more info ...) | trojan-activity | ||||
| 33061 | MALWARE-CNC Win.Trojan.Lagulon.A outbound connection (more info ...) | trojan-activity | URL | |||
| 33081 | MALWARE-CNC OnionDuke variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33082 | MALWARE-CNC Win.Trojan.Nocpos initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33083 | MALWARE-CNC Win.Trojan.Nocpos information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 33084 | MALWARE-CNC Win.Trojan.Tosct variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33087 | FILE-PDF Foxit Reader remote query string buffer overflow attempt (more info ...) | attempted-user | 57174 | URL | ||
| 33114 | SERVER-WEBAPP HP System Management Homepage cross site scripting attempt (more info ...) | attempted-user | 2014-2640 | 70206 | URL | |
| 33145 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33149 | MALWARE-CNC Win.Worm.Ultramine outbound connection (more info ...) | trojan-activity | URL | |||
| 33152 | MALWARE-CNC Win.Trojan.Nurjax.A outbound connection (more info ...) | trojan-activity | URL | |||
| 33153 | MALWARE-CNC Win.Trojan.Heur variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33155 | OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (more info ...) | attempted-admin | 2015-0010 | |||
| 33156 | OS-WINDOWS CryptProtectMemory Impersonation Check Bypass attempt (more info ...) | attempted-admin | 2015-0010 | |||
| 33161 | MALWARE-CNC Win.Spyware.Rombertik outbound connection (more info ...) | attempted-user | URL | |||
| 33165 | MALWARE-CNC Win.Trojan.Poweliks outbound connection (more info ...) | trojan-activity | URL | |||
| 33197 | SERVER-OTHER BMC Track-It FileStorageService directory traversal attempt (more info ...) | attempted-admin | 2014-4872 | 70264 | ||
| 33199 | MALWARE-CNC Win.Trojan.MSIL.Sabeba outbound connection (more info ...) | trojan-activity | URL | |||
| 33200 | MALWARE-CNC Win.Trojan.Pisces variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33205 | FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (more info ...) | attempted-user | 2014-9598 | |||
| 33206 | FILE-MULTIMEDIA VideoLAN VLC 2.1.5 Media Player libavcodex memory corruption attempt (more info ...) | attempted-user | 2014-9598 | |||
| 33207 | MALWARE-CNC User-Agent known malicious user-agent string - Mazilla/5.0 - Win.Backdoor.Upatre (more info ...) | trojan-activity | ||||
| 33211 | MALWARE-CNC Win.Trojan.Upatre variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33218 | MALWARE-CNC Win.Trojan.Cendode system information disclosure attempt (more info ...) | trojan-activity | URL | |||
| 33219 | MALWARE-CNC Win.Trojan.Gamarue variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33220 | MALWARE-CNC Win.Trojan.HawkEye keylogger exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 33221 | MALWARE-CNC Win.Trojan.HawkEye Keylogger exfiltration attempt - clipboard and screenshot (more info ...) | trojan-activity | URL | |||
| 33222 | MALWARE-CNC Win.Trojan.HawkEye Keylogger exfiltration attempt - clipboard and screenshot (more info ...) | trojan-activity | URL | |||
| 33223 | MALWARE-CNC Win.Trojan.HawkEye Keylogger exfiltration attempt - clipboard and screenshot (more info ...) | trojan-activity | URL | |||
| 33224 | INDICATOR-COMPROMISE Win.Trojan.Blocker variant outbound connection attempt (more info ...) | misc-activity | URL | |||
| 33228 | MALWARE-CNC Win.Trojan.Kovter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33230 | MALWARE-CNC User-Agent known malicious user-agent string - Firefox - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33231 | MALWARE-CNC User-Agent known malicious user-agent string - Firefox/5.0 - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33232 | MALWARE-CNC User-Agent known malicious user-agent string - AppUpdate - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33233 | MALWARE-CNC User-Agent known malicious user-agent string - 2608cw-1 - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33234 | MALWARE-CNC User-Agent known malicious user-agent string - 2508Inst - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33235 | MALWARE-CNC User-Agent known malicious user-agent string - 2608cw-2 - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33236 | MALWARE-CNC User-Agent known malicious user-agent string - 2808inst - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33237 | MALWARE-CNC User-Agent known malicious user-agent string - Player - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33238 | MALWARE-CNC User-Agent known malicious user-agent string - Wurst - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33239 | MALWARE-CNC User-Agent known malicious user-agent string - Installer/1.0 - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33240 | MALWARE-CNC User-Agent known malicious user-agent string - FixUpdate - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33242 | MALWARE-CNC User-Agent known malicious user-agent string - Explorer - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33247 | MALWARE-CNC User-Agent known malicious user-agent string - PPKHandler - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33248 | MALWARE-CNC User-Agent known malicious user-agent string - Peers12 - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33249 | MALWARE-CNC User-Agent known malicious user-agent string - SLSSoapClient - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33250 | MALWARE-CNC User-Agent known malicious user-agent string - Tintin - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33251 | MALWARE-CNC User-Agent known malicious user-agent string - USER_CHECK - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33252 | MALWARE-CNC User-Agent known malicious user-agent string - WATClient - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33253 | MALWARE-CNC User-Agent known malicious user-agent string - bbbbbbbbbb - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33254 | MALWARE-CNC User-Agent known malicious user-agent string - hi - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33255 | MALWARE-CNC User-Agent known malicious user-agent string - iMacros - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33256 | MALWARE-CNC User-Agent known malicious user-agent string - macrotest - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33257 | MALWARE-CNC User-Agent known malicious user-agent string - onlymacros - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33258 | MALWARE-CNC User-Agent known malicious user-agent string - Updates downloader - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33259 | MALWARE-CNC User-Agent known malicious user-agent string - testupdate - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33260 | MALWARE-CNC User-Agent known malicious user-agent string - onlyupdate - Win.Backdoor.Upatre (more info ...) | trojan-activity | URL | |||
| 33279 | SERVER-WEBAPP McAfee ePolicy Orchestrator XML external entity injection attempt (more info ...) | web-application-attack | 2015-0921 | 71881 | ||
| 33282 | MALWARE-CNC Win.Trojan.Upatre variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33284 | MALWARE-CNC Win.Trojan.OnLineGames variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33285 | MALWARE-CNC Win.Trojan.Bavload outbound download request attempt (more info ...) | trojan-activity | URL | |||
| 33289 | MALWARE-CNC Win.Trojan.Rawpos incoming backdoor connection attempt (more info ...) | trojan-activity | URL | |||
| 33299 | MALWARE-CNC Win.Trojan.Foxy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33305 | MALWARE-CNC Win.Trojan.Rubinurd variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33309 | FILE-OTHER libxml2 entity reference name heap buffer overflow attempt (more info ...) | attempted-user | 2011-3919 | |||
| 33310 | FILE-OTHER libxml2 entity reference name heap buffer overflow attempt (more info ...) | attempted-user | 2011-3919 | |||
| 33328 | MALWARE-CNC Osx.Trojan.Yinli outbound connection (more info ...) | attempted-user | URL | |||
| 33329 | MALWARE-CNC Osx.Trojan.Yinli outbound connection (more info ...) | attempted-user | URL | |||
| 33330 | MALWARE-CNC Osx.Trojan.Yinli outbound connection (more info ...) | attempted-user | URL | |||
| 33339 | INDICATOR-SHELLCODE ASCII heapspray characters detected (more info ...) | attempted-user | URL | |||
| 33342 | MALWARE-CNC Doc.Downloader.Dridex outbound connection (more info ...) | attempted-user | URL | |||
| 33411 | MALWARE-CNC Doc.Downloader.Dridex outbound connection (more info ...) | attempted-user | URL | |||
| 33430 | APP-DETECT I2P traffic transmission attempt (more info ...) | policy-violation | URL | |||
| 33431 | MALWARE-CNC Win.Trojan.Cryptowall 3.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33432 | MALWARE-CNC Win.Trojan.Cryptowall 3.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33433 | MALWARE-CNC Win.Trojan.Cryptowall 3.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33434 | MALWARE-CNC Win.Trojan.Cryptowall 3.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33435 | MALWARE-CNC Win.Trojan.Cryptowall 3.0 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33439 | MALWARE-CNC Win.Trojan.Gefetroe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33443 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33444 | MALWARE-CNC Win.Trojan.SpyBanker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33449 | MALWARE-CNC Win.Trojan.FileEncoder IP geolocation checkin attempt (more info ...) | trojan-activity | URL | |||
| 33450 | MALWARE-CNC Win.Trojan.FileEncoder variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33453 | MALWARE-CNC Win.Trojan.Kovter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33456 | MALWARE-CNC Doc.Downloader.Dridex outbound connection (more info ...) | attempted-user | URL | |||
| 33457 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33464 | MALWARE-CNC Win.Trojan.Dynamer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33480 | PUA-ADWARE Win.Adware.DownloadGuide variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33482 | MALWARE-CNC Win.Worm.Enosch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33496 | MALWARE-CNC Win.Trojan.Andromeda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33519 | MALWARE-CNC User-Agent known malicious user agent - ALIZER (more info ...) | trojan-activity | URL | |||
| 33520 | MALWARE-CNC Win.Trojan.Zusy inbound CNC response (more info ...) | trojan-activity | URL | |||
| 33521 | MALWARE-CNC Win.Trojan.Zusy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33531 | PUA-ADWARE MediaBuzz malvertising browser redirect attempt (more info ...) | misc-activity | URL | |||
| 33532 | PUA-ADWARE MediaBuzz malvertising browser redirect attempt (more info ...) | misc-activity | URL | |||
| 33543 | MALWARE-CNC Win.Trojan.Equation outbound connection (more info ...) | trojan-activity | URL | |||
| 33545 | MALWARE-CNC Win.Trojan.Equation outbound connection (more info ...) | trojan-activity | URL | |||
| 33546 | MALWARE-CNC Win.Trojan.Equation outbound connection (more info ...) | trojan-activity | URL | |||
| 33547 | MALWARE-CNC Win.Trojan.Turla outbound connection (more info ...) | trojan-activity | URL | |||
| 33561 | SERVER-OTHER OpenSSL fragmented protocol downgrade attempt (more info ...) | policy-violation | 2014-3511 | URL | ||
| 33564 | SERVER-MAIL GNU Mailman date field buffer overflow attempt (more info ...) | attempted-user | 2005-4153 | |||
| 33565 | SERVER-OTHER McAfee E-Business Server remote preauth code execution attempt (more info ...) | attempted-user | URL | |||
| 33580 | PUA-ADWARE SuperFish adware outbound connection attempt (more info ...) | policy-violation | URL | |||
| 33581 | SERVER-WEBAPP nginx URI processing security bypass attempt (more info ...) | attempted-user | 2013-4547 | 63814 | ||
| 33594 | MALWARE-CNC Win.Trojan.Upatre variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33595 | SERVER-OTHER GnuTLS TLSA record heap buffer overflow attempt (more info ...) | attempted-user | 2013-4466 | |||
| 33596 | SERVER-OTHER GnuTLS TLSA record heap buffer overflow attempt (more info ...) | attempted-user | 2013-4466 | |||
| 33600 | MALWARE-CNC Win.Trojan.Ramnit variant outbound detected (more info ...) | trojan-activity | URL | |||
| 33607 | SERVER-WEBAPP cron access (more info ...) | attempted-recon | ||||
| 33608 | SERVER-WEBAPP bin access (more info ...) | attempted-recon | ||||
| 33609 | SERVER-WEBAPP .wwwpasswd access (more info ...) | web-application-activity | ||||
| 33610 | SERVER-WEBAPP .wwwgroup access (more info ...) | web-application-activity | ||||
| 33611 | SERVER-WEBAPP httpd.conf access (more info ...) | web-application-activity | ||||
| 33612 | SERVER-WEBAPP stronghold-status access (more info ...) | web-application-activity | ||||
| 33613 | SERVER-WEBAPP stronghold-info access (more info ...) | web-application-activity | ||||
| 33614 | SERVER-WEBAPP caucho-status access (more info ...) | web-application-activity | ||||
| 33618 | MALWARE-BACKDOOR Win.Trojan.lubot download (more info ...) | trojan-activity | URL | |||
| 33619 | MALWARE-BACKDOOR Win.Trojan.lubot download (more info ...) | trojan-activity | URL | |||
| 33633 | MALWARE-CNC User-Agent known malicious user-agent - Downing - Win.Trojan.Otwycal (more info ...) | trojan-activity | URL | |||
| 33640 | FILE-IDENTIFY Apple Motion file download request (more info ...) | misc-activity | ||||
| 33641 | FILE-IDENTIFY Apple Motion file attachment detected (more info ...) | misc-activity | ||||
| 33642 | FILE-IDENTIFY Apple Motion file attachment detected (more info ...) | misc-activity | ||||
| 33643 | FILE-OTHER Apple Motion OZDocumentparseElement Integer Overflow attempt (more info ...) | attempted-user | 2013-6114 | |||
| 33644 | FILE-OTHER Apple Motion OZDocumentparseElement Integer Overflow attempt (more info ...) | attempted-user | 2013-6114 | |||
| 33645 | PUA-ADWARE SuperFish adware outbound connection attempt (more info ...) | policy-violation | URL | |||
| 33649 | MALWARE-CNC User-Agent known malicious user agent - Google Omaha - Win.Trojan.ExtenBro (more info ...) | trojan-activity | URL | |||
| 33650 | MALWARE-CNC Win.Trojan.Tinba outbound connection (more info ...) | trojan-activity | URL | |||
| 33655 | SERVER-OTHER Squid Proxy invalid HTTP response code denial of service attempt (more info ...) | denial-of-service | 2009-2622 | 35812 | ||
| 33656 | MALWARE-CNC Win.Trojan.Carbanak data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 33660 | MALWARE-CNC Win.Trojan.Vawtrak variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33664 | BROWSER-OTHER Network Security Services NSS library RSA signature forgery attempt (more info ...) | misc-activity | 2014-1568 | 70116 | URL | |
| 33666 | FILE-IDENTIFY PIF Program Information File file download request (more info ...) | misc-activity | ||||
| 33667 | FILE-IDENTIFY PIF Program Information File file attachment detected (more info ...) | misc-activity | ||||
| 33668 | FILE-IDENTIFY PIF Program Information File file attachment detected (more info ...) | misc-activity | ||||
| 33669 | FILE-OTHER Executable disguised as PIF file (more info ...) | attempted-user | URL | |||
| 33670 | SERVER-OTHER Symantec AMS Intel handler service overly large size1 dos attempt (more info ...) | attempted-dos | 2010-3268 | |||
| 33671 | SERVER-OTHER Symantec AMS Intel handler service overly large size2 dos attempt (more info ...) | attempted-dos | 2010-3268 | |||
| 33672 | SERVER-OTHER Symantec AMS Intel handler service overly large size3 dos attempt (more info ...) | attempted-dos | 2010-3268 | |||
| 33674 | MALWARE-CNC Win.Trojan.Athena variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33675 | MALWARE-CNC Win.Trojan.Athena variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33677 | MALWARE-CNC Win.Trojan.Babar outbound connection (more info ...) | trojan-activity | URL | |||
| 33678 | MALWARE-CNC Win.Trojan.FannyWorm outbound connection (more info ...) | trojan-activity | URL | |||
| 33681 | MALWARE-CNC Win.Trojan.Carbanak connection to server (more info ...) | trojan-activity | URL | |||
| 33704 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33728 | OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (more info ...) | attempted-user | 2015-0087 | URL | ||
| 33729 | OS-WINDOWS ATLMFD.DLL improperly terminated encrypted charstrings in type 1 font attempt (more info ...) | attempted-user | 2015-0087 | URL | ||
| 33745 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33746 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33747 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33748 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33749 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33750 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33751 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33752 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33753 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33754 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33755 | MALWARE-CNC Win.Trojan.Dridex initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33756 | MALWARE-CNC Win.Ransomware.CTB-Locker outbound connection (more info ...) | trojan-activity | URL | |||
| 33757 | MALWARE-CNC Win.Ransomware.CTB-Locker outbound connection (more info ...) | trojan-activity | URL | |||
| 33777 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33778 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33779 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33780 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33781 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33782 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33783 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33784 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33785 | SERVER-OTHER SSL request for export grade cipher suite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33786 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33787 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33788 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33789 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33790 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33791 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33792 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33793 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33794 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33795 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33796 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33797 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33798 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33799 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33800 | SERVER-OTHER SSL export grade ciphersuite server negotiation attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33801 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33802 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33803 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33804 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33805 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33806 | SERVER-OTHER SSL request for export grade ciphersuite attempt (more info ...) | policy-violation | 2015-4000 | URL | ||
| 33814 | SERVER-OTHER ElasticSearch script remote code execution attempt (more info ...) | attempted-user | 2015-1427 | URL | ||
| 33815 | PUA-ADWARE Adware Goobzo/CrossRider variant outbound connection (more info ...) | misc-activity | URL | |||
| 33816 | PUA-ADWARE Adware Goobzo/CrossRider variant outbound connection (more info ...) | misc-activity | URL | |||
| 33817 | SERVER-OTHER Lighttpd Host header directory traversal attempt (more info ...) | attempted-admin | 2014-2324 | URL | ||
| 33818 | MALWARE-CNC Win.Trojan.Egamipload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33819 | MALWARE-CNC Win.Trojan.Egamipload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33820 | MALWARE-CNC Win.Trojan.Egamipload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33821 | MALWARE-CNC Win.Trojan.Egamipload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33822 | MALWARE-CNC Win.Trojan.Egamipload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33830 | SERVER-OTHER ElasticSearch script remote code execution attempt (more info ...) | attempted-user | 2014-3120 | URL | ||
| 33831 | MALWARE-CNC User-Agent known malicious user agent DownloadMR - Solimba (more info ...) | trojan-activity | URL | |||
| 33833 | PUA-ADWARE User-Agent adware OutBrowse/Amonitize (more info ...) | trojan-activity | ||||
| 33834 | PUA-ADWARE User-Agent adware OutBrowse/Amonitize (more info ...) | trojan-activity | ||||
| 33835 | PUA-ADWARE User-Agent adware OutBrowse/Amonitize (more info ...) | trojan-activity | ||||
| 33851 | MALWARE-CNC Win.Trojan.Poseidon outbound connection (more info ...) | trojan-activity | URL | |||
| 33852 | MALWARE-CNC Win.Trojan.Poseidon outbound connection (more info ...) | trojan-activity | URL | |||
| 33853 | SERVER-WEBAPP D-Link multiple products ping.ccp command injection attempt (more info ...) | attempted-admin | 2015-1187 | 72848 | ||
| 33854 | MALWARE-CNC Win.Trojan.LogPOS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33857 | MALWARE-CNC Win.Trojan.PwnPOS data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 33858 | SERVER-OTHER rsyslog remote PRI out of bounds attempt (more info ...) | denial-of-service | 2014-3683 | URL | ||
| 33859 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33860 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33861 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33862 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33863 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33864 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33865 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33866 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33867 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33868 | MALWARE-CNC Win.Trojan.Dridex3 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 33872 | MALWARE-CNC Win.Worm.Urahu outbound connection (more info ...) | trojan-activity | URL | |||
| 33873 | MALWARE-CNC Win.Trojan.Tepoyx outbound connection detection (more info ...) | trojan-activity | URL | |||
| 33876 | MALWARE-CNC Win.Trojan.Meowner runtime detection (more info ...) | trojan-activity | URL | |||
| 33877 | MALWARE-CNC Win.Trojan.Meowner runtime detection (more info ...) | trojan-activity | URL | |||
| 33878 | MALWARE-CNC Win.Trojan.Meowner runtime detection (more info ...) | trojan-activity | URL | |||
| 33879 | MALWARE-CNC Win.Trojan.Meowner runtime detection (more info ...) | trojan-activity | URL | |||
| 33880 | MALWARE-CNC Win.Backdoor.Casper outbound connection (more info ...) | trojan-activity | URL | |||
| 33883 | MALWARE-CNC Win.Trojan.Jadtre variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33884 | MALWARE-CNC User-Agent known malicious user-agent string dolit (more info ...) | trojan-activity | URL | |||
| 33885 | MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33886 | MALWARE-CNC WIn.Trojan.HawkEye keylogger variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33892 | MALWARE-CNC Win.Trojan.Xerq outbound connection (more info ...) | trojan-activity | URL | |||
| 33893 | MALWARE-CNC Win.Trojan.TeslaCrypt outbound connection (more info ...) | trojan-activity | URL | |||
| 33896 | SERVER-WEBAPP OpenNMS XML external entity injection attempt (more info ...) | web-application-attack | 2015-0975 | |||
| 33907 | MALWARE-CNC User-Agent known malicious user-agent - KAIIOOOO871 - Win.Trojan.Dridex (more info ...) | trojan-activity | URL | |||
| 33910 | BROWSER-WEBKIT Apple Webkit rowspan denial of service attempt (more info ...) | attempted-dos | 2007-0342 | |||
| 33911 | BROWSER-WEBKIT Apple Webkit rowspan denial of service attempt (more info ...) | attempted-dos | 2007-0342 | |||
| 33912 | MALWARE-CNC Cryptofortress Decryption Software Purchase Tor Website (more info ...) | trojan-activity | URL | |||
| 33913 | MALWARE-CNC Win.Trojan.Concbak outbound connection (more info ...) | trojan-activity | URL | |||
| 33914 | MALWARE-CNC User-Agent known malicious user-agent - Win.Trojan.Barys (more info ...) | trojan-activity | URL | |||
| 33930 | MALWARE-CNC Vicepass outbound connection initial request to the CNC sending system information (more info ...) | misc-activity | URL | |||
| 33931 | MALWARE-CNC Win.Worm.Goldrv variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33932 | MALWARE-CNC Win.Trojan.Tempedreve Samba probe (more info ...) | trojan-activity | URL | |||
| 33933 | MALWARE-CNC Win.Trojan.Penget variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33942 | MALWARE-OTHER Executable control panel file download request (more info ...) | misc-activity | URL | |||
| 33963 | POLICY-OTHER Evercookie persistent cookie storage attempt (more info ...) | policy-violation | URL | |||
| 33964 | POLICY-OTHER Evercookie persistent cookie storage attempt (more info ...) | policy-violation | URL | |||
| 33966 | MALWARE-CNC Win.Worm.Mafusc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33987 | SERVER-OTHER Symantec System Center Alert Management System untrusted command execution attempt (more info ...) | policy-violation | 2009-1431 | 34675 | ||
| 33989 | MALWARE-CNC Win.Trojan.Trioptid outbound connection (more info ...) | trojan-activity | URL | |||
| 33990 | MALWARE-CNC Win.Trojan.Trioptid outbound connection (more info ...) | trojan-activity | URL | |||
| 33992 | MALWARE-CNC Win.Trojan.Insidious outbound connection (more info ...) | trojan-activity | URL | |||
| 33993 | MALWARE-CNC Win.Trojan.Insidious outbound connection (more info ...) | trojan-activity | URL | |||
| 33994 | MALWARE-CNC Win.Downloader.Beshida outbound connection (more info ...) | misc-activity | URL | |||
| 33996 | MALWARE-CNC Win.Trojan.Pwexes variant outbound connection (more info ...) | trojan-activity | URL | |||
| 33997 | MALWARE-CNC Win.Trojan.Pwexes variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34001 | MALWARE-CNC Win.Trojan.Picommex outbound connection (more info ...) | trojan-activity | URL | |||
| 34002 | MALWARE-CNC Win.Trojan.Picommex outbound connection (more info ...) | trojan-activity | URL | |||
| 34003 | MALWARE-CNC Win.Trojan.Picommex outbound connection (more info ...) | trojan-activity | URL | |||
| 34004 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34005 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34006 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34007 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34008 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34009 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34010 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34011 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34012 | MALWARE-CNC Win.Trojan.Explosive variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34013 | MALWARE-CNC Win.Trojan.Ayuther variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34018 | INDICATOR-SHELLCODE percent encoded heapspray detected (more info ...) | shellcode-detect | ||||
| 34019 | INDICATOR-SHELLCODE percent encoded heapspray detected (more info ...) | shellcode-detect | ||||
| 34023 | PROTOCOL-VOIP Unity Conversation Manager record-route INVITE anomaly denial of service attempt (more info ...) | denial-of-service | 2015-0613 | |||
| 34025 | MALWARE-CNC Win.Trojan.Endstar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34026 | MALWARE-CNC Win.Trojan.Endstar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34028 | MALWARE-CNC Win.Trojan.Bruecimig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34029 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34030 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34031 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34032 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34033 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34034 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34035 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34036 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34037 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34038 | MALWARE-CNC Win.Trojan.Dridex4 initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34039 | MALWARE-CNC Win.Trojan.Banklaed variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34041 | MALWARE-CNC Win.Backdoor.Igliveforg variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34042 | MALWARE-CNC Win.Backdoor.Igliveforg variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34044 | MALWARE-CNC Win.Trojan.Exacrytion variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34045 | MALWARE-CNC Win.Trojan.Eitenckay initial outbound connection (more info ...) | trojan-activity | URL | |||
| 34046 | MALWARE-CNC Win.Trojan.Expilan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34049 | MALWARE-CNC Win.Backdoor.EvilBunny variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34050 | MALWARE-CNC Win.Backdoor.Nepigon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34052 | MALWARE-CNC Win.Trojan.NewPos outbound connection (more info ...) | trojan-activity | URL | |||
| 34097 | FILE-OTHER Multiple products external entity injection attempt (more info ...) | attempted-admin | 2018-8533 | URL | ||
| 34098 | FILE-OTHER Multiple products external entity injection attempt (more info ...) | attempted-admin | 2018-8533 | URL | ||
| 34108 | MALWARE-CNC Win.Trojan.Scarsi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34111 | MALWARE-CNC Win.Trojan.Chrozil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34112 | SERVER-OTHER NTP mode 6 REQ_NONCE denial of service attempt (more info ...) | attempted-dos | 2013-5211 | URL | ||
| 34113 | MALWARE-CNC Win.Trojan.Agent beacon reply attempt (more info ...) | trojan-activity | URL | |||
| 34114 | SERVER-OTHER NTP mode 6 UNSETTRAP denial of service attempt (more info ...) | attempted-dos | 2013-5211 | URL | ||
| 34115 | MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34116 | MALWARE-CNC MacOS.Trojan.Wirelurker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34117 | MALWARE-CNC Win.Backdoor.Zupdax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34119 | PUA-ADWARE InstallMetrix precheck stage outbound connection (more info ...) | misc-activity | URL | |||
| 34120 | PUA-ADWARE InstallMetrix fetch offers stage outbound connection (more info ...) | misc-activity | URL | |||
| 34121 | PUA-ADWARE InstallMetrix reporting binary installation stage status (more info ...) | misc-activity | URL | |||
| 34122 | PUA-ADWARE InstallMetrix reporting fetch offers stage status (more info ...) | misc-activity | URL | |||
| 34125 | PUA-ADWARE User-Agent Vitruvian (more info ...) | misc-activity | URL | |||
| 34126 | PUA-ADWARE Vitruvian outbound connection (more info ...) | misc-activity | URL | |||
| 34127 | PUA-ADWARE Vitruvian outbound connection (more info ...) | misc-activity | URL | |||
| 34128 | MALWARE-CNC Win.Trojan.WIntruder outbound connection (more info ...) | trojan-activity | URL | |||
| 34130 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34132 | MALWARE-CNC Win.Backdoor.Erotimpact variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34137 | PUA-ADWARE SearchProtect user-agent detection (more info ...) | misc-activity | URL | |||
| 34138 | MALWARE-CNC Win.Downloader.Netkrypt inbound response (more info ...) | trojan-activity | URL | |||
| 34140 | MALWARE-CNC Win.Trojan.Dyre publickey outbound connection (more info ...) | trojan-activity | URL | |||
| 34141 | SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (more info ...) | attempted-admin | 2013-0418 | |||
| 34142 | SERVER-OTHER Oracle CorelDRAW file parser heap buffer overflow attempt (more info ...) | attempted-admin | 2013-0418 | |||
| 34143 | MALWARE-CNC Win.Trojan.Crypvault outbound connection (more info ...) | trojan-activity | URL | |||
| 34144 | PUA-ADWARE SuperOptimizer installation status (more info ...) | misc-activity | URL | |||
| 34145 | PUA-ADWARE SuperOptimizer encrypted data transmission (more info ...) | misc-activity | URL | |||
| 34146 | PUA-ADWARE SuperOptimizer geolocation request (more info ...) | misc-activity | URL | |||
| 34155 | MALWARE-CNC MacOS.Backdoor.Xslcmd outbound connection (more info ...) | trojan-activity | URL | |||
| 34160 | SERVER-OTHER Oracle Outside In Paradox database denial of service attempt (more info ...) | attempted-dos | 2013-0393 | 57357 | URL | |
| 34161 | MALWARE-CNC Win.Trojan.Punkey outbound connection (more info ...) | trojan-activity | URL | |||
| 34181 | MALWARE-CNC Win.Trojan.Bartallex outbound connection (more info ...) | trojan-activity | URL | |||
| 34182 | MALWARE-CNC Win.Trojan.Bartallex outbound connection (more info ...) | trojan-activity | URL | |||
| 34183 | MALWARE-CNC Win.Trojan.Bartallex outbound connection (more info ...) | trojan-activity | URL | |||
| 34184 | SERVER-WEBAPP ESF pfSense services_unbound_acls cross site scripting attempt (more info ...) | attempted-user | 2015-2294 | 73344 | ||
| 34185 | SERVER-WEBAPP ESF pfSense status_captiveportal cross site scripting attempt (more info ...) | attempted-user | 2015-2294 | 73344 | ||
| 34214 | MALWARE-CNC Win.Trojan.Capimac variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34215 | SERVER-WEBAPP ESF pfSense diag_logs_filter cross site scripting attempt (more info ...) | attempted-user | 2015-2294 | 73344 | ||
| 34216 | MALWARE-CNC Win.Trojan.FighterPOS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34217 | MALWARE-CNC Win.Trojan.Aytoke variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34219 | MALWARE-CNC Win.Trojan.Nanocore variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34223 | MALWARE-CNC Win.Backdoor.Yebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34226 | INDICATOR-OBFUSCATION Multiple AV products evasion attempt (more info ...) | misc-activity | 2012-1461 | URL | ||
| 34227 | INDICATOR-OBFUSCATION Multiple AV products evasion attempt (more info ...) | misc-activity | 2012-1461 | URL | ||
| 34236 | PUA-ADWARE Eorezo outbound connection (more info ...) | misc-activity | URL | |||
| 34237 | PUA-ADWARE Eorezo get advertisement (more info ...) | misc-activity | URL | |||
| 34246 | MALWARE-CNC Win.Trojan.AAEH variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34280 | MALWARE-CNC Win.Trojan.TeslaCrypt outbound connection (more info ...) | trojan-activity | URL | |||
| 34281 | MALWARE-CNC Win.Trojan.Bartallex outbound connection (more info ...) | trojan-activity | URL | |||
| 34282 | MALWARE-CNC Win.Trojan.Bartallex outbound connection (more info ...) | trojan-activity | URL | |||
| 34283 | MALWARE-CNC Win.Trojan.Bartallex outbound connection (more info ...) | trojan-activity | URL | |||
| 34284 | SERVER-WEBAPP ESF pfSense firewall_rules cross site scripting attempt (more info ...) | attempted-user | 2015-2294 | 73344 | ||
| 34285 | SERVER-WEBAPP ESF pfSense firewall_shaper cross site scripting attempt (more info ...) | attempted-user | 2015-2294 | 73344 | ||
| 34286 | MALWARE-CNC Win.Trojan.Mudrop variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34287 | SERVER-WEBAPP vBulletin XSS redirect attempt (more info ...) | web-application-attack | URL | |||
| 34288 | SERVER-OTHER Windows iSCSI target login request Denial of Service attempt (more info ...) | attempted-dos | 2014-0255 | URL | ||
| 34289 | MALWARE-CNC Win.Backdoor.Plez outbound connection (more info ...) | trojan-activity | URL | |||
| 34290 | MALWARE-CNC Win.Backdoor.Plez outbound connection (more info ...) | trojan-activity | URL | |||
| 34291 | MALWARE-CNC User-Agent known malicious user-agent string crackim (more info ...) | trojan-activity | URL | |||
| 34292 | MALWARE-CNC Win.Trojan.Kraken outbound connection (more info ...) | trojan-activity | URL | |||
| 34296 | MALWARE-CNC Win.Trojan.Simda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34297 | MALWARE-CNC Win.Trojan.Simda variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34301 | SERVER-OTHER GNU Mailman listname directory traversal attempt (more info ...) | attempted-user | 2015-2775 | |||
| 34306 | SERVER-WEBAPP Subversion HTTP excessive REPORT requests denial of service attempt (more info ...) | attempted-dos | 2015-0202 | URL | ||
| 34307 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34308 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34309 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34310 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34311 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34312 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34313 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34314 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34315 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34316 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34317 | MALWARE-CNC Win.Trojan.DesertFalcon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34318 | MALWARE-CNC Win.Trojan.CryptoWall variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34319 | MALWARE-CNC Win.Worm.Klogwjds variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34322 | MALWARE-CNC Win.Trojan.Farfli outbound connection (more info ...) | trojan-activity | URL | |||
| 34323 | MALWARE-CNC Win.Trojan.Fulairo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34324 | MALWARE-CNC Win.Downloader.Siromost variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34325 | MALWARE-CNC Win.Trojan.Sanhotan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34326 | MALWARE-CNC Win.Trojan.Sanhotan variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34327 | MALWARE-CNC Win.Trojan.Bedepshel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34329 | MALWARE-CNC Cryptolocker variant inbound connection (more info ...) | trojan-activity | URL | |||
| 34337 | MALWARE-CNC Backdoor.Win32.Chkngrbot.A outbound connection (more info ...) | trojan-activity | URL | |||
| 34338 | MALWARE-CNC Backdoor.Win32.Chkngrbot.A outbound connection (more info ...) | trojan-activity | URL | |||
| 34339 | MALWARE-CNC Win.Backdoor.Cybergate outbound connection (more info ...) | trojan-activity | URL | |||
| 34343 | FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (more info ...) | attempted-dos | 2011-2194 | 48171 | URL | |
| 34344 | FILE-MULTIMEDIA VideoLAN VLC Media Player XSPF integer overflow attempt (more info ...) | attempted-dos | 2011-2194 | 48171 | URL | |
| 34346 | MALWARE-CNC Win.Trojan.Backspace outbound connection (more info ...) | trojan-activity | URL | |||
| 34347 | MALWARE-CNC Win.Trojan.Cheprobnk variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34348 | EXPLOIT-KIT Angler exploit kit payload download (more info ...) | trojan-activity | ||||
| 34349 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-0119 | 73917 | ||
| 34350 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-0119 | 73917 | ||
| 34351 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-0119 | 73917 | ||
| 34352 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-0119 | 73917 | ||
| 34353 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-0119 | 73917 | ||
| 34358 | SERVER-WEBAPP Dell SonicWALL SonicOS macIpSpoofView cross site scripting attempt (more info ...) | attempted-user | 2015-3447 | |||
| 34359 | SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (more info ...) | web-application-attack | 2015-2295 | 73344 | ||
| 34360 | SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (more info ...) | web-application-attack | 2015-2295 | 73344 | ||
| 34361 | SERVER-WEBAPP ESF pfSense deletefile directory traversal attempt (more info ...) | web-application-attack | 2015-2295 | 73344 | ||
| 34362 | MALWARE-CNC Win.Trojan.Mantal variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34365 | SERVER-WEBAPP Magento remote code execution attempt (more info ...) | attempted-admin | 2015-1398 | |||
| 34366 | MALWARE-CNC Win.Trojan.Beebone outbound connection (more info ...) | trojan-activity | URL | |||
| 34367 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34368 | MALWARE-CNC Win.Trojan.Banload variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34446 | MALWARE-CNC Win.Trojan.Odlanor information exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 34452 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34453 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34458 | MALWARE-CNC Win.Trojan.Tendrit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34459 | MALWARE-CNC Win.Trojan.Pvzin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34460 | MALWARE-CNC Win.Worm.Mozibe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34463 | APP-DETECT TeamViewer remote administration tool outbound connection attempt (more info ...) | policy-violation | URL | |||
| 34465 | INDICATOR-COMPROMISE known malicious SSL certificate - APT28 Lisuife (more info ...) | trojan-activity | URL | |||
| 34469 | MALWARE-CNC Win.Backdoor.Nirunte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34470 | MALWARE-CNC Win.Backdoor.Nirunte variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34476 | MALWARE-CNC Win.Trojan.Kriptovor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34481 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34482 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34483 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34484 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34485 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34486 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34487 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34488 | OS-OTHER QEMU floppy disk controller buffer overflow attempt (more info ...) | attempted-admin | 2015-3456 | 74640 | ||
| 34489 | MALWARE-CNC Win.Trojan.Nalodew variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34491 | MALWARE-CNC Win.Trojan.MalPutty variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34501 | MALWARE-CNC Win.Backdoor.Wekby Torn variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34540 | MALWARE-CNC Win.Trojan.Dalexis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34541 | MALWARE-CNC Win.Trojan.Dalexis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34567 | MALWARE-CNC MacOS.Trojan.MacVX outbound connection (more info ...) | trojan-activity | URL | |||
| 34572 | MALWARE-CNC Win.Trojan.Zinnemls variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34581 | MALWARE-CNC Win.Trojan.Mathanuc outbound connection (more info ...) | trojan-activity | URL | |||
| 34595 | SERVER-OTHER OpenSSL handshake with potentially unseeded PRNG information disclosure attempt (more info ...) | attempted-recon | 2015-0285 | 73234 | URL | |
| 34596 | MALWARE-CNC Win.Trojan.Atrax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34597 | MALWARE-CNC Win.Trojan.Atrax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34598 | MALWARE-CNC Win.Trojan.Kjdoom outbound connection (more info ...) | trojan-activity | URL | |||
| 34599 | MALWARE-CNC Win.Trojan.Kjdoom outbound connection (more info ...) | trojan-activity | URL | |||
| 34600 | MALWARE-CNC Win.Trojan.Kjdoom outbound connection (more info ...) | trojan-activity | URL | |||
| 34601 | MALWARE-CNC Win.Trojan.Teqimp outbound connection (more info ...) | trojan-activity | URL | |||
| 34603 | SERVER-OTHER IBM Tivoli Storage Manager FastBack buffer overflow attempt (more info ...) | attempted-admin | 2015-0120 | 74021 | ||
| 34607 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Punkey (more info ...) | trojan-activity | URL | |||
| 34608 | MALWARE-CNC Win.Trojan.Punkey variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34609 | MALWARE-CNC Trojan.NitLove variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34610 | MALWARE-CNC Win.Trojan.Kayfcbk outbound connection (more info ...) | trojan-activity | URL | |||
| 34611 | MALWARE-CNC Win.Trojan.Dujfudg outbound connection (more info ...) | trojan-activity | URL | |||
| 34614 | MALWARE-CNC Win.Trojan.Enkalogs outbound connection (more info ...) | trojan-activity | URL | |||
| 34622 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34624 | MALWARE-CNC Win.Trojan.Crypaura variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34632 | SERVER-MAIL IBM Lotus Notes WPD attachment handling buffer overflow attempt (more info ...) | attempted-admin | 2008-4564 | 34086 | ||
| 34636 | MALWARE-CNC Win.Trojan.Flactionbot outbound connection (more info ...) | trojan-activity | URL | |||
| 34637 | MALWARE-CNC Win.Trojan.Flactionbot outbound connection (more info ...) | trojan-activity | URL | |||
| 34645 | SERVER-MAIL Exim buffer overflow attempt (more info ...) | attempted-admin | 2004-0400 | |||
| 34720 | EXPLOIT-KIT Angler exploit kit exploit download (more info ...) | trojan-activity | ||||
| 34818 | MALWARE-CNC Win.Trojan.Emdivi outbound connection (more info ...) | attempted-user | URL | |||
| 34831 | MALWARE-CNC Win.Trojan.Cozybear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34832 | MALWARE-CNC Win.Trojan.Cozybear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34833 | MALWARE-CNC Win.Trojan.Werdlod variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34835 | MALWARE-CNC Win.Trojan.Neos outbound connection (more info ...) | trojan-activity | URL | |||
| 34840 | MALWARE-CNC Win.Trojan.DownExecute outbound connection (more info ...) | trojan-activity | URL | |||
| 34841 | MALWARE-CNC Win.Trojan.DownExecute outbound connection (more info ...) | trojan-activity | URL | |||
| 34842 | MALWARE-CNC Win.Trojan.DownExecute outbound connection (more info ...) | trojan-activity | URL | |||
| 34843 | MALWARE-CNC User-Agent known malicious user agent - EMERY - Win.Trojan.W97M (more info ...) | trojan-activity | URL | |||
| 34844 | MALWARE-CNC Win.Trojan.Adelinoq outbound connection (more info ...) | trojan-activity | URL | |||
| 34857 | MALWARE-CNC Win.Trojan.Fanny outbound connection (more info ...) | trojan-activity | 2010-2568 | URL | ||
| 34862 | MALWARE-CNC Win.Trojan.Wheelsof variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34863 | MALWARE-CNC Win.Trojan.Wheelsof variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34864 | INDICATOR-COMPROMISE Metasploit Meterpreter reverse HTTPS certificate (more info ...) | misc-activity | URL | |||
| 34865 | MALWARE-CNC Win.Trojan.Saibipoc outbound connection (more info ...) | trojan-activity | URL | |||
| 34866 | MALWARE-CNC Win.Trojan.Saibipoc outbound connection (more info ...) | trojan-activity | URL | |||
| 34867 | MALWARE-CNC Win.Trojan.Xobtide outbound connection (more info ...) | trojan-activity | URL | |||
| 34868 | MALWARE-CNC Win.Trojan.Rovnix variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34869 | MALWARE-CNC Win.Trojan.XTalker outbound connection (more info ...) | trojan-activity | URL | |||
| 34870 | MALWARE-CNC Win.Trojan.Logreaz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34871 | MALWARE-CNC Win.Trojan.Logreaz variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34872 | MALWARE-CNC Win.Trojan.Compfolder variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34875 | SERVER-WEBAPP ManageEngine EventLog Analyzer cross site request forgery attempt (more info ...) | attempted-user | 2014-4930 | 74743 | ||
| 34876 | MALWARE-CNC Win.Fudu outbound variant connection (more info ...) | trojan-activity | URL | |||
| 34877 | MALWARE-CNC Win.Trojan.Jemerr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34884 | BROWSER-PLUGINS Samsung iPOLiS device manager clsid access attempt (more info ...) | attempted-user | 2014-3912 | 67823 | ||
| 34885 | BROWSER-PLUGINS Samsung iPOLiS device manager clsid access attempt (more info ...) | attempted-user | 2014-3912 | 67823 | ||
| 34886 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34887 | MALWARE-CNC Win.Trojan.Sojax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34888 | MALWARE-CNC Win.Trojan.Sojax variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34889 | SERVER-OTHER OpenSSL denial-of-service via crafted x.509 certificate attempt (more info ...) | attempted-dos | 2015-0286 | |||
| 34890 | FILE-OTHER Corel PaintShop Pro u32ZLib.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34891 | FILE-OTHER Corel PaintShop Pro u32Zlib.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34893 | FILE-OTHER Corel PaintShop Pro quserex.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34894 | FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34895 | FILE-OTHER Corel PaintShop Pro FxManagedCommands dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34896 | FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34897 | FILE-OTHER Corel PaintShop Pro TD_Mgd_3.08_9.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34898 | FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34899 | FILE-OTHER Corel PaintShop Pro wacommt.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34900 | FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34901 | FILE-OTHER Corel PaintShop Pro igfxcmrt32.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34902 | FILE-OTHER Corel PaintShop Pro ipl.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34903 | FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34904 | FILE-OTHER Corel PaintShop Pro MSPStyleLib.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34905 | FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34906 | FILE-OTHER Corel PaintShop Pro uFioUtil.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34907 | FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34908 | FILE-OTHER Corel PaintShop Pro uhDSPlay.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34909 | FILE-OTHER Corel PaintShop Pro uipl.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34910 | FILE-OTHER Corel PaintShop Pro uvipl.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34911 | FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34912 | FILE-OTHER Corel PaintShop Pro VC1DecDll.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34913 | FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34914 | FILE-OTHER Corel PaintShop Pro VC1DecDll_SSE3.dll dll-load exploit attempt (more info ...) | attempted-user | 2014-8393 | URL | ||
| 34927 | PUA-ADWARE PullUpdate installer outbound connection (more info ...) | misc-activity | URL | |||
| 34930 | MALWARE-OTHER Win.Trojan.Urausy outbound traffic attempt (more info ...) | trojan-activity | URL | |||
| 34931 | MALWARE-CNC Win.Trojan.Bancos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34932 | MALWARE-CNC Win.Trojan.Shindo outbound connection (more info ...) | trojan-activity | URL | |||
| 34934 | MALWARE-CNC Win.Trojan.Pheloyx outbound connection (more info ...) | trojan-activity | URL | |||
| 34935 | MALWARE-CNC Win.Trojan.Zutwoxy outbound connection (more info ...) | trojan-activity | URL | |||
| 34936 | MALWARE-CNC Win.Trojan.Swaylib variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34950 | MALWARE-CNC Win.Trojan.Prok variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34952 | SERVER-OTHER OpenSSL invalid PSS parameter denial of service attempt (more info ...) | attempted-dos | 2015-0208 | |||
| 34953 | SERVER-OTHER OpenSSL invalid PSS parameter denial of service attempt (more info ...) | attempted-dos | 2015-0208 | |||
| 34955 | SERVER-OTHER OpenSSL invalid PSS parameter denial of service attempt (more info ...) | attempted-dos | 2015-0208 | |||
| 34957 | MALWARE-CNC Win.Trojan.Sysmain outbound connection (more info ...) | trojan-activity | URL | |||
| 34958 | MALWARE-CNC Win.Trojan.Androm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34959 | MALWARE-CNC Win.Trojan.SpyBanker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34960 | SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (more info ...) | web-application-attack | 2015-2995 | 75038 | ||
| 34961 | SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (more info ...) | web-application-attack | 2015-2995 | 75038 | ||
| 34962 | SERVER-WEBAPP SysAid Help Desk RdsLogsEntry servlet directory traversal attempt (more info ...) | web-application-attack | 2015-2995 | 75038 | ||
| 34963 | MALWARE-CNC Win.Trojan.Threebyte outbound connection (more info ...) | trojan-activity | URL | |||
| 34964 | PUA-ADWARE Win.Adware.Sendori user-agent detection (more info ...) | misc-activity | URL | |||
| 34965 | MALWARE-CNC Win.Trojan.Cryptolocker outbound connection (more info ...) | trojan-activity | URL | |||
| 34966 | MALWARE-CNC Win.Trojan.Cyvadextr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34979 | SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (more info ...) | web-application-attack | 2015-2997 | 75038 | ||
| 34980 | SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (more info ...) | web-application-attack | 2015-2997 | 75038 | ||
| 34981 | SERVER-WEBAPP SysAid Help Desk getAgentLogFile directory traversal attempt (more info ...) | web-application-attack | 2015-2997 | 75038 | ||
| 34982 | MALWARE-CNC Win.Trojan.Msnmm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34984 | FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (more info ...) | attempted-admin | 2012-0897 | URL | ||
| 34985 | FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (more info ...) | attempted-admin | 2012-0897 | URL | ||
| 34986 | FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (more info ...) | attempted-admin | 2012-0897 | URL | ||
| 34987 | FILE-OTHER VMWare Workstation JPEG2000 stack overflow attempt (more info ...) | attempted-admin | 2012-0897 | URL | ||
| 34994 | MALWARE-CNC Win.Trojan.Banbra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34995 | MALWARE-CNC Win.Trojan.Banbra HTTP Header Structure (more info ...) | trojan-activity | URL | |||
| 34996 | MALWARE-CNC Win.Trojan.Agent-ALPW variant outbound connection (more info ...) | trojan-activity | URL | |||
| 34997 | MALWARE-CNC Win.Trojan.Graftor variant HTTP Response (more info ...) | trojan-activity | URL | |||
| 34998 | MALWARE-CNC Win.Trojan.Bossabot outbound connection (more info ...) | trojan-activity | URL | |||
| 35005 | MALWARE-CNC Win.Trojan.Vcaredrix variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35027 | MALWARE-CNC known malicious SSL certificate - Troldesh C&C (more info ...) | trojan-activity | URL | |||
| 35029 | MALWARE-CNC Win.Keylogger.Lotronc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35030 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35031 | MALWARE-CNC Win.Trojan.Konus outbound connection (more info ...) | trojan-activity | URL | |||
| 35034 | MALWARE-CNC Win.Downloader.Boltolog variant outbound connection download request (more info ...) | trojan-activity | URL | |||
| 35035 | MALWARE-CNC Win.Trojan.Taleretzbj outbound connection (more info ...) | trojan-activity | URL | |||
| 35036 | MALWARE-CNC Backdoor.Perl.Santy inbound variant connection (more info ...) | trojan-activity | URL | |||
| 35037 | MALWARE-CNC Backdoor.Perl.Santy outbound variant connection (more info ...) | trojan-activity | URL | |||
| 35038 | SERVER-OTHER Trustwave ModSecurity chunked transfer encoding policy bypass attempt (more info ...) | attempted-user | 2013-5705 | URL | ||
| 35042 | POLICY-OTHER Apple Cups cupsd.conf change attempt (more info ...) | policy-violation | ||||
| 35047 | MALWARE-CNC Win.Trojan.Scar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35050 | MALWARE-CNC Win.Trojan.Elise variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35060 | PROTOCOL-OTHER TRUFFLEHUNTER SFVRT-1018 attack attempt (more info ...) | attempted-dos | ||||
| 35069 | MALWARE-CNC Win.Trojan.Dino variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35076 | MALWARE-CNC Win.Zusy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35080 | MALWARE-CNC Win.Trojan.Tenbus outbound connection (more info ...) | trojan-activity | URL | |||
| 35081 | MALWARE-CNC Win.Trojan.Tenbus outbound connection (more info ...) | trojan-activity | URL | |||
| 35083 | MALWARE-CNC Win.Trojan.Regiskazi outbound connection (more info ...) | trojan-activity | URL | |||
| 35097 | POLICY-OTHER IPv6 neighbor solicitation - THC-IPv6 tool indicator attempt (more info ...) | misc-activity | URL | |||
| 35098 | POLICY-OTHER IPv6 neighbor solicitation - THC-IPv6 tool indicator attempt (more info ...) | misc-activity | URL | |||
| 35101 | MALWARE-CNC Win.Trojan.Dridex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35104 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35111 | SERVER-OTHER OpenSSL anomalous x509 certificate with default org name and certificate chain detected (more info ...) | misc-attack | 2015-1793 | URL | ||
| 35221 | MALWARE-CNC Win.Dropper.Agent inbound connection (more info ...) | trojan-activity | URL | |||
| 35251 | SERVER-OTHER Advantech ADAMView conditional bitmap buffer overflow attempt (more info ...) | attempted-user | 2014-8386 | URL | ||
| 35252 | SERVER-OTHER Advantech ADAMView conditional bitmap buffer overflow attempt (more info ...) | attempted-user | 2014-8386 | URL | ||
| 35254 | MALWARE-CNC Win.trojan.Seaduke outbound connection (more info ...) | trojan-activity | URL | |||
| 35300 | MALWARE-CNC Win.Trojan.Lpdsuite GET request (more info ...) | trojan-activity | URL | |||
| 35301 | MALWARE-CNC Win.Trojan.Lpdsuite POST request (more info ...) | trojan-activity | URL | |||
| 35303 | MALWARE-CNC Win.Trojan.ProxyChange (more info ...) | trojan-activity | URL | |||
| 35306 | MALWARE-CNC Trojan.Win32.Cigamve request (more info ...) | trojan-activity | URL | |||
| 35307 | SERVER-OTHER OpenSSL alternative chains certificate forgery attempt (more info ...) | misc-attack | 2015-1793 | URL | ||
| 35312 | MALWARE-CNC Win.Trojan.Ursnif outbound connection (more info ...) | trojan-activity | URL | |||
| 35313 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35316 | MALWARE-CNC User-Agent known malicious user-agent string EI Plugin updater (more info ...) | trojan-activity | URL | |||
| 35317 | MALWARE-CNC Win.Trojan.Directate outbound connection (more info ...) | trojan-activity | URL | |||
| 35318 | MALWARE-CNC Win.Trojan.Jemerr outbound connection (more info ...) | trojan-activity | URL | |||
| 35344 | MALWARE-CNC Win.Trojan.Cryptowall click fraud response (more info ...) | trojan-activity | URL | |||
| 35348 | MALWARE-CNC Trojan.Win32.Ralminey POST request (more info ...) | trojan-activity | URL | |||
| 35353 | MALWARE-CNC Win.Trojan.Elise.B variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35355 | MALWARE-CNC Win.Trojan.Usteal outbound connection (more info ...) | trojan-activity | URL | |||
| 35386 | MALWARE-CNC Win.Trojan.Bedep initial outbound connection (more info ...) | trojan-activity | URL | |||
| 35387 | MALWARE-CNC Win.Trojan.Andromeda initial outbound connection (more info ...) | trojan-activity | URL | |||
| 35388 | MALWARE-CNC Win.Trojan.Andromeda download request (more info ...) | trojan-activity | URL | |||
| 35393 | MALWARE-CNC Win.Trojan.TorrentLocker/Teerac self-signed certificate (more info ...) | trojan-activity | URL | |||
| 35394 | MALWARE-CNC Win.Trojan.TorrentLocker/Teerac payment page request (more info ...) | trojan-activity | URL | |||
| 35396 | BROWSER-PLUGINS Oracle Data Quality DateTimeWrapper onchange untrusted pointer dereference attempt (more info ...) | attempted-user | 2014-2416 | URL | ||
| 35397 | BROWSER-PLUGINS Oracle Data Quality DateTimeWrapper onchange untrusted pointer dereference attempt (more info ...) | attempted-user | 2014-2416 | URL | ||
| 35398 | BROWSER-PLUGINS Oracle Data Quality DateTimeWrapper onchange untrusted pointer dereference attempt (more info ...) | attempted-user | 2014-2416 | URL | ||
| 35400 | MALWARE-CNC Win.Trojan.Inexsmar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35402 | BROWSER-PLUGINS Oracle Data Quality Postcard PreviewInt onclose untrusted pointer dereference attempt (more info ...) | attempted-user | 2014-2415 | URL | ||
| 35403 | BROWSER-PLUGINS Oracle Data Quality Postcard PreviewInt onclose untrusted pointer dereference attempt (more info ...) | attempted-user | 2014-2415 | URL | ||
| 35404 | BROWSER-PLUGINS Oracle Data Quality Postcard PreviewInt onclose untrusted pointer dereference attempt (more info ...) | attempted-user | 2014-2415 | URL | ||
| 35405 | SERVER-OTHER HP Release Control authenticated privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 35413 | FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (more info ...) | attempted-user | 2007-0051 | 21871 | ||
| 35414 | FILE-MULTIMEDIA Apple iLife iPhoto Photocast XML format string code injection attempt (more info ...) | attempted-user | 2007-0051 | 21871 | ||
| 35415 | MALWARE-CNC Win.Trojan.Sakurel outbound connection (more info ...) | trojan-activity | URL | |||
| 35416 | MALWARE-CNC Win.Trojan.Mivast outbound connection (more info ...) | trojan-activity | URL | |||
| 35417 | SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (more info ...) | denial-of-service | 2015-2281 | 73206 | ||
| 35418 | SERVER-OTHER Fortinet Single Sign On hello message denial of service attempt (more info ...) | denial-of-service | 2015-2281 | 73206 | ||
| 35419 | BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (more info ...) | attempted-user | 2014-9200 | URL | ||
| 35420 | BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (more info ...) | attempted-user | 2014-9200 | URL | ||
| 35422 | BROWSER-PLUGINS Scneider Electric IsObjectModel RemoveParameter buffer overflow attempt (more info ...) | attempted-user | 2014-9200 | URL | ||
| 35426 | MALWARE-CNC Win.Trojan.Heur outbound connection (more info ...) | trojan-activity | URL | |||
| 35436 | MALWARE-CNC Win.Trojan.BlackCoffee outbound connection (more info ...) | trojan-activity | URL | |||
| 35437 | MALWARE-CNC Win.Downloader.Jrml variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35444 | BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (more info ...) | attempted-user | 2015-0446 | |||
| 35445 | BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (more info ...) | attempted-user | 2015-0446 | |||
| 35446 | BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (more info ...) | attempted-user | 2015-0446 | |||
| 35447 | BROWSER-PLUGINS Oracle Data Quality LoaderWizard DataPreview type confusion attempt (more info ...) | attempted-user | 2015-0446 | |||
| 35448 | MALWARE-CNC Win.Trojan.Bedep variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35462 | MALWARE-CNC Win.Trojan.Kazy outbound connection (more info ...) | trojan-activity | URL | |||
| 35471 | MALWARE-CNC Win.Trojan.Baisogu outbound connection (more info ...) | trojan-activity | URL | |||
| 35472 | MALWARE-CNC Win.Trojan.Bergard outbound connection (more info ...) | trojan-activity | URL | |||
| 35538 | POLICY-OTHER EMC AutoStart ftagent insecure opcode 20 subcode 2060 access attempt (more info ...) | policy-violation | 2015-0538 | 74426 | ||
| 35539 | POLICY-OTHER EMC AutoStart ftagent insecure opcode 20 subcode 2219 access attempt (more info ...) | policy-violation | 2015-0538 | 74426 | ||
| 35549 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35550 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 35551 | MALWARE-CNC Win.Trojan.BlackCoffee outbound connection (more info ...) | trojan-activity | URL | |||
| 35552 | SERVER-MAIL cURL protocol file path URL parsing control character injection attempt (more info ...) | attempted-user | 2012-0036 | 51665 | URL | |
| 35553 | SERVER-MAIL cURL protocol file path URL parsing control character injection attempt (more info ...) | attempted-user | 2012-0036 | 51665 | URL | |
| 35554 | SERVER-MAIL cURL protocol file path URL parsing control character injection attempt (more info ...) | attempted-user | 2012-0036 | 51665 | URL | |
| 35555 | SERVER-MAIL cURL protocol file path URL parsing control character injection attempt (more info ...) | attempted-user | 2012-0036 | 51665 | URL | |
| 35570 | MALWARE-CNC Win.Trojan.NetEagle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35594 | SERVER-WEBAPP Websense Triton Content Manager handle_debug_network stack buffer overflow attempt (more info ...) | attempted-admin | 2015-5718 | 75160 | ||
| 35596 | MALWARE-CNC Win.Trojan.Nibagem outbound variant connection (more info ...) | trojan-activity | URL | |||
| 35597 | MALWARE-CNC Win.Trojan.Nibagem outbound variant connection (more info ...) | trojan-activity | URL | |||
| 35611 | SERVER-WEBAPP Symantec Endpoint Protection directory traversal attempt (more info ...) | web-application-attack | 2015-1488 | URL | ||
| 35612 | SERVER-WEBAPP Symantec Endpoint Protection directory traversal attempt (more info ...) | web-application-attack | 2015-1488 | URL | ||
| 35613 | SERVER-WEBAPP Symantec Endpoint Protection directory traversal attempt (more info ...) | web-application-attack | 2015-1488 | URL | ||
| 35630 | SERVER-OTHER LibVNCServer rfbProcessClientNormalMessage msg.ssc.scale denial of service attempt (more info ...) | denial-of-service | 2014-6054 | URL | ||
| 35631 | SERVER-OTHER LibVNCServer rfbProcessClientNormalMessage msg.ssc.scale denial of service attempt (more info ...) | denial-of-service | 2014-6054 | URL | ||
| 35689 | PROTOCOL-OTHER MiniUPNP rootdesc.xml buffer overflow attempt (more info ...) | attempted-user | 2015-6031 | URL | ||
| 35707 | SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (more info ...) | web-application-attack | 2015-4425 | 75729 | ||
| 35708 | SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (more info ...) | web-application-attack | 2015-4425 | 75729 | ||
| 35709 | SERVER-WEBAPP Pimcore CMS add-asset-compatibility directory traversal attempt (more info ...) | web-application-attack | 2015-4425 | 75729 | ||
| 35729 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (more info ...) | attempted-admin | URL | |||
| 35730 | OS-WINDOWS TRUFFLEHUNTER TALOS-2015-0009 attack attempt (more info ...) | attempted-admin | URL | |||
| 35732 | MALWARE-CNC Win.Trojan.Naberkalara variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35733 | MALWARE-CNC Win.Trojan.Potao outbound connection (more info ...) | trojan-activity | URL | |||
| 35734 | SERVER-WEBAPP Netgear WNDR4700 and R6200 admin interface authentication bypass attempt (more info ...) | attempted-admin | 2013-3071 | 59406 | ||
| 35746 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35749 | MALWARE-CNC Win.Backdoor.IsSpace outbound connection (more info ...) | trojan-activity | URL | |||
| 35750 | MALWARE-CNC Win.Backdoor.IsSpace initial outbound connection (more info ...) | trojan-activity | URL | |||
| 35763 | SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (more info ...) | attempted-dos | 2015-3622 | 74419 | URL | |
| 35764 | SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious server dos attempt (more info ...) | attempted-dos | 2015-3622 | 74419 | URL | |
| 35765 | SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (more info ...) | attempted-dos | 2015-3622 | 74419 | URL | |
| 35766 | SERVER-OTHER gnuTLS _asn1_extract_der_octet memory error inbound malicious client dos attempt (more info ...) | attempted-dos | 2015-3622 | 74419 | URL | |
| 35773 | FILE-MULTIMEDIA Matroska libmatroska track video double free attempt (more info ...) | attempted-user | 2015-8790 | URL | ||
| 35774 | FILE-MULTIMEDIA Matroska libmatroska track video double free attempt (more info ...) | attempted-user | 2015-8790 | URL | ||
| 35775 | FILE-MULTIMEDIA Matroska libmatroska track video double free attempt (more info ...) | attempted-user | 2015-8790 | URL | ||
| 35776 | FILE-MULTIMEDIA Matroska libmatroska track video double free attempt (more info ...) | attempted-user | 2015-8790 | URL | ||
| 35777 | FILE-MULTIMEDIA Matroska libmatroska track video double free attempt (more info ...) | attempted-user | 2015-8790 | URL | ||
| 35778 | FILE-MULTIMEDIA Matroska libmatroska track video double free attempt (more info ...) | attempted-user | 2015-8790 | URL | ||
| 35783 | MALWARE-CNC Win.Trojan.Jiripbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35794 | MALWARE-CNC Win.Trojan.TeslaCrypt outbound connection (more info ...) | trojan-activity | URL | |||
| 35804 | MALWARE-CNC Win.Trojan.Seyelifon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35817 | SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (more info ...) | attempted-admin | 2015-2606 | 75758 | ||
| 35818 | SERVER-WEBAPP Oracle Endeca Server RenameFile method directory traversal attempt (more info ...) | attempted-admin | 2015-2606 | 75758 | ||
| 35826 | FILE-OTHER TAR archive with absolute path detected (more info ...) | policy-violation | 2014-3697 | URL | ||
| 35827 | FILE-OTHER TAR archive with absolute path detected (more info ...) | policy-violation | 2014-3697 | URL | ||
| 35831 | SERVER-OTHER multiple vendors NTP daemon integer overflow attempt (more info ...) | attempted-dos | 2015-7848 | URL | ||
| 35842 | MALWARE-CNC Win.Trojan.Namospu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 35843 | SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (more info ...) | attempted-admin | 2015-2605 | 75756 | ||
| 35844 | SERVER-WEBAPP Oracle Endeca Server MoveFile method directory traversal attempt (more info ...) | attempted-admin | 2015-2605 | 75756 | ||
| 35847 | SERVER-WEBAPP Oracle Endeca server directory traversal attempt (more info ...) | attempted-admin | 2015-4745 | 75758 | ||
| 35851 | SERVER-OTHER QEMU VNC set-pixel-format memory corruption attempt (more info ...) | attempted-user | 2014-7815 | 70998 | ||
| 35884 | POLICY-OTHER MBean retrieval attempt (more info ...) | policy-violation | URL | |||
| 35889 | PROTOCOL-SCADA Kaskad SCADA arbitrary command execution attempt (more info ...) | policy-violation | ||||
| 35895 | SERVER-OTHER Hewlett-Packard Radia Client Automation VerbData buffer overflow attempt (more info ...) | attempted-admin | ||||
| 35904 | SERVER-OTHER SCADA InduSoft Web Studio buffer overflow attempt (more info ...) | attempted-user | ||||
| 35914 | SERVER-OTHER EMC AutoStart ftAgent.exe trigger creation attempt (more info ...) | policy-violation | ||||
| 35915 | SERVER-OTHER EMC AutoStart ftAgent.exe rule creation attempt (more info ...) | policy-violation | ||||
| 35916 | SERVER-OTHER Websense Triton Web Security untrusted remote file creation attempt (more info ...) | policy-violation | ||||
| 35917 | SERVER-OTHER Websense Triton Web Security untrusted remote file creation attempt (more info ...) | policy-violation | ||||
| 35918 | SERVER-OTHER EMC NetWorker server overflow attempt (more info ...) | attempted-admin | ||||
| 35919 | SERVER-OTHER Vinzant Global ECS Agent untrusted command execution attempt (more info ...) | policy-violation | ||||
| 35921 | SERVER-OTHER General Electric Proficy malicious log forwarding request attempt (more info ...) | attempted-recon | ||||
| 35923 | SERVER-WEBAPP LANDesk Management Suite arbitrary remote file upload attempt (more info ...) | web-application-attack | ||||
| 35924 | SERVER-WEBAPP Oracle Directory Services Manager remote jsp code execution attempt (more info ...) | attempted-admin | ||||
| 35925 | SERVER-WEBAPP Oracle Directory Services Manager LDAP plugin field null byte injection attempt (more info ...) | attempted-admin | ||||
| 35939 | FILE-MULTIMEDIA PLF playlist name buffer overflow attempt (more info ...) | attempted-user | 2006-6199 | 21337 | ||
| 35988 | FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (more info ...) | attempted-admin | 2015-2512 | URL | ||
| 35989 | FILE-EXECUTABLE NtGdiStretchBlt buffer overflow privilege escalation attempt (more info ...) | attempted-admin | 2015-2512 | URL | ||
| 36025 | SERVER-OTHER Multiple Products TLS certificate common name null byte validation bypass attempt (more info ...) | misc-attack | 2022-20813 | 74022 | URL | |
| 36048 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36054 | MALWARE-CNC Ios.Backdoor.SYNful inbound connection (more info ...) | trojan-activity | URL | |||
| 36060 | MALWARE-CNC Win.Trojan.Shifu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36064 | MALWARE-CNC Win.Trojan.Bagsu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36065 | MALWARE-CNC Win.Trojan.Bagsu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36066 | MALWARE-CNC Win.Trojan.Bagsu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36067 | SERVER-OTHER ElasticSearch script remote code execution attempt (more info ...) | attempted-user | 2015-1427 | URL | ||
| 36072 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36073 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36074 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36075 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36076 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36077 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36078 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36079 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36080 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36081 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36082 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36083 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36084 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36085 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36086 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36087 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36088 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36089 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36090 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36091 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36092 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36093 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36094 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36095 | SERVER-OTHER Dell Netvault Backup remote denial of service attempt (more info ...) | attempted-dos | 2015-5696 | 76122 | URL | |
| 36096 | SERVER-OTHER OpenSSL DTLS handshake oversized fragment length denial of service attempt (more info ...) | attempted-dos | 2014-3506 | 69076 | URL | |
| 36100 | SERVER-WEBAPP ManageEngine OpManager default credentials authentication attempt (more info ...) | attempted-admin | 2015-7765 | URL | ||
| 36105 | MALWARE-CNC Win.Trojan.Hodoor APT variant (more info ...) | trojan-activity | URL | |||
| 36106 | MALWARE-CNC Win.Trojan.Hodoor APT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36107 | MALWARE-CNC Win.Trojan.FakeAV variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36108 | MALWARE-CNC Win.Trojan.Nimisi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36115 | MALWARE-CNC Win.Backdoor.Liudoor outbound connection (more info ...) | trojan-activity | URL | |||
| 36131 | MALWARE-CNC User-Agent known malicious user-agent string - MyIE 3.01 (more info ...) | trojan-activity | URL | |||
| 36132 | MALWARE-CNC Win.Trojan.Mitozhan initial outbound connection (more info ...) | trojan-activity | URL | |||
| 36133 | MALWARE-CNC Win.Trojan.Mitozhan initial outbound connection server response (more info ...) | trojan-activity | URL | |||
| 36134 | MALWARE-CNC Win.Trojan.Mitozhan initial outbound connection (more info ...) | trojan-activity | URL | |||
| 36182 | SERVER-WEBAPP Ignite Realtime Openfire server-session-details cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 36183 | SERVER-WEBAPP Ignite Realtime Openfire create-bookmark cross site scripting attempt (more info ...) | attempted-user | 2015-6972 | |||
| 36184 | SERVER-WEBAPP Ignite Realtime Openfire group-summary cross site scripting attempt (more info ...) | attempted-user | 2015-6972 | |||
| 36186 | MALWARE-CNC Win.Trojan.Qytags variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36194 | POLICY-OTHER BitTorrent distributed reflected denial-of-service attempt (more info ...) | attempted-dos | URL | |||
| 36195 | SERVER-WEBAPP Reprise license manager actserver and akey HTTP parameters parsing stack buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 36196 | SERVER-WEBAPP Reprise license manager actserver and akey HTTP parameters parsing stack buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 36198 | MALWARE-CNC Win.Trojan.Yakes variant certificate (more info ...) | trojan-activity | URL | |||
| 36199 | MALWARE-CNC Win.Trojan.Yakes variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36202 | MALWARE-CNC Win.Trojan.Yakes variant dropper (more info ...) | trojan-activity | URL | |||
| 36231 | MALWARE-CNC Win.Trojan.SdBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36232 | MALWARE-CNC Win.Trojan.Kapento variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36233 | MALWARE-CNC Win.Trojan.Kapento variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36234 | MALWARE-CNC Win.Trojan.Kapento variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36243 | SERVER-WEBAPP LANDesk Management Suite frm_splitfrm remote file include attempt (more info ...) | web-application-attack | 2014-5362 | URL | ||
| 36247 | SERVER-OTHER IRC w3wt0rk pitbull perl bot remote command execution attempt (more info ...) | attempted-user | URL | |||
| 36248 | SERVER-OTHER IRC w3wt0rk pitbull perl bot remote command execution attempt (more info ...) | attempted-user | URL | |||
| 36250 | SERVER-OTHER ntpd keyfile buffer overflow attempt (more info ...) | attempted-admin | 2015-7854 | URL | ||
| 36251 | SERVER-OTHER ntpq atoascii memory corruption attempt (more info ...) | attempted-user | 2015-7852 | URL | ||
| 36252 | SERVER-OTHER ntpd remote configuration denial of service attempt (more info ...) | attempted-dos | 2015-7850 | URL | ||
| 36253 | SERVER-OTHER ntpd saveconfig directory traversal attempt (more info ...) | attempted-admin | 2015-7851 | URL | ||
| 36254 | SERVER-WEBAPP IBM Rational Focal Point webservice Axis Gateway GET vulnerability attempt (more info ...) | attempted-user | 2013-5398 | URL | ||
| 36255 | SERVER-WEBAPP IBM Rational Focal Point webservice Axis Gateway POST vulnerability attempt (more info ...) | attempted-user | 2013-5398 | URL | ||
| 36256 | SERVER-OTHER ElasticSearch information disclosure attempt (more info ...) | policy-violation | 2014-3120 | URL | ||
| 36267 | MALWARE-CNC Win.Trojan.Rusrushel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36268 | MALWARE-CNC Win.Trojan.Rusrushel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36269 | MALWARE-CNC Win.Trojan.Rusrushel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36275 | MALWARE-CNC Win.Trojan.Corebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36276 | MALWARE-CNC Win.Trojan.Corebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36281 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | trojan-activity | ||||
| 36294 | MALWARE-CNC Win.Backdoor.Nisinul variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36303 | MALWARE-CNC Win.Trojan.Mitozhan initial outbound connection server response (more info ...) | trojan-activity | URL | |||
| 36304 | MALWARE-CNC Win.Trojan.WinPlock variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36305 | FILE-PDF Foxit Reader PNG to PDF conversion heap buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 36306 | FILE-PDF Foxit Reader PNG to PDF conversion heap buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 36325 | MALWARE-CNC Win.Trojan.MSIL.Misnt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36326 | MALWARE-CNC Win.Trojan.MSIL.Misnt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36327 | MALWARE-CNC Win.Trojan.MSIL.Misnt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36328 | MALWARE-CNC Win.Trojan.MSIL.Misnt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36329 | MALWARE-CNC Win.Trojan.MSIL.Misnt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36331 | MALWARE-CNC Win.Trojan.Alina variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36335 | SERVER-WEBAPP Ignite Realtime Openfire user-create cross site request forgery attempt (more info ...) | attempted-user | 2015-6973 | |||
| 36336 | SERVER-WEBAPP Ignite Realtime Openfire server properties cross site request forgery attempt (more info ...) | attempted-user | 2015-6973 | |||
| 36337 | SERVER-WEBAPP Ignite Realtime Openfire permitted-clients cross site request forgery attempt (more info ...) | attempted-user | 2015-6973 | |||
| 36359 | SERVER-WEBAPP pfSense WebGui Zone Parameter cross-site scripting attempt (more info ...) | attempted-user | 2015-4029 | URL | ||
| 36363 | SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (more info ...) | attempted-user | 2015-5956 | URL | ||
| 36364 | SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (more info ...) | attempted-user | 2015-5956 | URL | ||
| 36365 | SERVER-WEBAPP Typo3 CMS show_rechis cross site scripting attempt (more info ...) | attempted-user | 2015-5956 | URL | ||
| 36366 | SERVER-WEBAPP Typo3 CMS index cross site scripting attempt (more info ...) | attempted-user | 2015-5956 | URL | ||
| 36376 | SERVER-OTHER IBM Tivoli Management Framework lcfd endpoint daemon buffer overflow attempt (more info ...) | attempted-user | 2011-1220 | 48049 | URL | |
| 36396 | MALWARE-CNC Win.Trojan.DustySky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36397 | MALWARE-CNC Win.Trojan.DustySky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36400 | SERVER-WEBAPP OpenDocMan redirection parameter cross site scripting attempt (more info ...) | attempted-user | 2015-5625 | 76627 | URL | |
| 36407 | OS-WINDOWS RDP client dll-load exploit attempt (more info ...) | attempted-user | 2015-6051 | URL | ||
| 36408 | OS-WINDOWS RDP client dll-load exploit attempt (more info ...) | attempted-user | 2015-6051 | URL | ||
| 36409 | OS-WINDOWS RDP client dll-load exploit attempt (more info ...) | attempted-user | 2015-6051 | URL | ||
| 36410 | OS-WINDOWS RDP client dll-load exploit attempt (more info ...) | attempted-user | 2015-6051 | URL | ||
| 36454 | SERVER-OTHER multiple products WinExec function remote code execution attempt (more info ...) | attempted-user | 2015-7374 | URL | ||
| 36455 | SERVER-OTHER Schneider Electric InduSoft Web Studio Remote Agent remote code execution attempt (more info ...) | attempted-user | 2015-7374 | URL | ||
| 36456 | FILE-MULTIMEDIA MultiMedia Soft Components AdjMmsEng.dll PLS file processing buffer overflow attempt (more info ...) | attempted-user | 2009-5109 | 33589 | ||
| 36460 | MALWARE-CNC Win.Trojan.CenterPos outbound connection (more info ...) | trojan-activity | URL | |||
| 36463 | SERVER-OTHER IBM Tivoli Storage Manager FastBack Server opcode 1332 buffer overflow attempt (more info ...) | attempted-admin | 2015-1925 | 75449 | ||
| 36468 | MALWARE-CNC Win.Trojan.AridViper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36469 | MALWARE-CNC Win.Trojan.AridViper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36471 | MALWARE-CNC Andr.Trojan.Kemoge outbound connection (more info ...) | trojan-activity | URL | |||
| 36492 | EXPLOIT-KIT Neutrino exploit kit gate detected (more info ...) | attempted-user | URL | |||
| 36497 | MALWARE-CNC Win.Trojan.Hangman.A outbound connection (more info ...) | trojan-activity | URL | |||
| 36506 | MALWARE-CNC Win.Trojan.Njrat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36511 | SERVER-WEBAPP Ignite Realtime Openfire server properties cross site request forgery attempt (more info ...) | attempted-user | 2015-6973 | |||
| 36522 | MALWARE-CNC Win.Trojan.Banker.NWT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36523 | EXPLOIT-KIT Sundown exploit kit landing page detected (more info ...) | attempted-user | URL | |||
| 36526 | MALWARE-CNC Win.Trojan.MSIL.Misnt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36535 | EXPLOIT-KIT Neutrino exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36536 | SERVER-OTHER NTP crypto-NAK packet flood attempt (more info ...) | misc-activity | 2016-1550 | URL | ||
| 36540 | MALWARE-CNC Win.Trojan.Brolux variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36541 | POLICY-OTHER Polycom Botnet inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 36545 | SERVER-OTHER Avast Antivirus X.509 Common Name remote code execution attempt (more info ...) | attempted-user | ||||
| 36546 | SERVER-OTHER Avast Antivirus X.509 Common Name remote code execution attempt (more info ...) | attempted-user | ||||
| 36547 | SERVER-OTHER Avast Antivirus X.509 Common Name remote code execution attempt (more info ...) | attempted-user | ||||
| 36548 | SERVER-OTHER Avast Antivirus X.509 Common Name remote code execution attempt (more info ...) | attempted-user | ||||
| 36564 | FILE-MULTIMEDIA libav LZO integer overflow attempt (more info ...) | attempted-user | 2014-4609 | 68217 | ||
| 36565 | FILE-MULTIMEDIA libav LZO integer overflow attempt (more info ...) | attempted-user | 2014-4609 | 68217 | ||
| 36566 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36567 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36568 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36569 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36570 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36571 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36572 | MALWARE-CNC Win.Trojan.MSIL.Troloscup outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36577 | MALWARE-CNC Win.Trojan.MSIL.Stimilik outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36578 | MALWARE-CNC Win.Trojan.MSIL.Stimilik outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36579 | MALWARE-CNC Win.Trojan.Slackbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36580 | MALWARE-CNC Win.Trojan.Slackbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36601 | MALWARE-CNC Win.Trojan.QVKeylogger outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36602 | MALWARE-CNC Win.Trojan.QVKeylogger outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36603 | MALWARE-CNC Win.Trojan.QVKeylogger outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36610 | MALWARE-CNC Win.Trojan.Panskeg outbound connection (more info ...) | trojan-activity | URL | |||
| 36611 | INDICATOR-COMPROMISE Metasploit Meterpreter reverse HTTPS certificate (more info ...) | misc-activity | URL | |||
| 36612 | INDICATOR-COMPROMISE Metasploit Meterpreter reverse HTTPS certificate (more info ...) | misc-activity | URL | |||
| 36613 | SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (more info ...) | web-application-attack | 2014-2536 | 66181 | ||
| 36614 | SERVER-WEBAPP McAfee Cloud Single Sign ExtensionAccessServlet directory traversal attempt (more info ...) | web-application-attack | 2014-2536 | 66181 | ||
| 36622 | MALWARE-CNC Win.Trojan.Wedots outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36623 | MALWARE-CNC Win.Trojan.Wedots outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36624 | MALWARE-CNC Win.Trojan.Wedots outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36625 | MALWARE-CNC Windows.Backdoor.Quaverse outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36626 | MALWARE-CNC Windows.Backdoor.Quaverse outbound variant connection (more info ...) | trojan-activity | URL | |||
| 36627 | MALWARE-CNC Win.Trojan.Tanmar outbound connection (more info ...) | trojan-activity | URL | |||
| 36628 | MALWARE-CNC Win.Trojan.Recodler variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36629 | MALWARE-CNC Win.Trojan.Teabevil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36630 | MALWARE-CNC Win.Trojan.Teabevil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36632 | SERVER-OTHER NTP decodenetnum assertion failure denial of service attempt (more info ...) | attempted-dos | 2015-7855 | URL | ||
| 36633 | SERVER-OTHER NTP decodenetnum assertion failure denial of service attempt (more info ...) | attempted-dos | 2015-7855 | URL | ||
| 36639 | MALWARE-CNC Win.Trojan.Tavex outbound connection (more info ...) | trojan-activity | URL | |||
| 36666 | MALWARE-CNC Win.Trojan.Tentobr outbound connection (more info ...) | trojan-activity | URL | |||
| 36670 | MALWARE-CNC Win.Trojan.Sathurbot outbound connection (more info ...) | trojan-activity | URL | |||
| 36732 | MALWARE-CNC Win.Trojan.Sefnit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36765 | MALWARE-CNC Win.Trojan.Stupeval variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36770 | MALWARE-CNC Win.Trojan.Redcontrole variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36777 | MALWARE-CNC Win.Trojan.Zimwervi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36781 | MALWARE-CNC Win.Trojan.Gokawa variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36786 | FILE-OTHER Apple SceneKit qlmanage setelementname buffer overflow attempt (more info ...) | attempted-user | 2015-3783 | 76340 | URL | |
| 36787 | FILE-OTHER Apple SceneKit qlmanage setelementname buffer overflow attempt (more info ...) | attempted-user | 2015-3783 | 76340 | URL | |
| 36797 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 36800 | MALWARE-CNC Win.Trojan.Ruinmail outbound connection (more info ...) | trojan-activity | URL | |||
| 36807 | MALWARE-CNC Win.Trojan.Nodslit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36810 | MALWARE-CNC OSX.Trojan.Mabouia outbound connection (more info ...) | trojan-activity | URL | |||
| 36823 | SERVER-OTHER IBM Tivoli Storage Manager FastBack Server buffer overflow attempt (more info ...) | attempted-admin | 2015-1929 | 75451 | URL | |
| 36833 | MALWARE-CNC User-Agent known malicious user-agent string - Mozila (more info ...) | trojan-activity | URL | |||
| 36834 | MALWARE-CNC Win.Trojan.Banload outbound connection (more info ...) | trojan-activity | URL | |||
| 36835 | MALWARE-CNC Win.Trojan.Banload inbound connection (more info ...) | trojan-activity | URL | |||
| 36841 | MALWARE-CNC Win.Trojan.Leralogs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36854 | FILE-OTHER IDEAL Administration IPJ file handling stack overflow attempt (more info ...) | attempted-user | 2009-4265 | |||
| 36887 | POLICY-OTHER self-signed SSL certificate eDellRoot use attempt (more info ...) | policy-violation | ||||
| 36889 | MALWARE-CNC TinyDropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36890 | MALWARE-CNC AbbadonPOS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 36893 | MALWARE-CNC Win.Trojan.Trfijan outbound connection (more info ...) | trojan-activity | URL | |||
| 36894 | SERVER-WEBAPP Zend Technologies Zend Framework heuristicScan XML external entity injection attempt (more info ...) | web-application-attack | 2015-5161 | 76117 | ||
| 36895 | SERVER-WEBAPP Zend Technologies Zend Framework heuristicScan XML external entity injection attempt (more info ...) | web-application-attack | 2015-5161 | 76117 | ||
| 36911 | MALWARE-CNC GlassRAT handshake beacon (more info ...) | trojan-activity | URL | |||
| 36916 | MALWARE-CNC Milkoad.A First Request (more info ...) | trojan-activity | URL | |||
| 37014 | EXPLOIT-KIT Angler exploit kit landing page detected (more info ...) | attempted-user | ||||
| 37020 | MALWARE-CNC Win.Trojan.Gh0st variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37024 | MALWARE-CNC Win.Trojan.Sofacy outbound connection (more info ...) | trojan-activity | URL | |||
| 37027 | MALWARE-CNC Win.Trojan.Alina variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37028 | PROTOCOL-OTHER Websocket upgrade request without a client key detected (more info ...) | misc-activity | 2015-8027 | |||
| 37036 | MALWARE-CNC Win.Trojan.ModPOS outbound connection (more info ...) | trojan-activity | URL | |||
| 37037 | MALWARE-CNC Win.Trojan.Arfadinf variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37045 | MALWARE-CNC Win.Trojan.Kovter outbound connection (more info ...) | trojan-activity | URL | |||
| 37047 | MALWARE-CNC Win.Trojan.Vonterra outbound connection (more info ...) | trojan-activity | URL | |||
| 37048 | MALWARE-CNC Win.Trojan.Bookworm variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37049 | MALWARE-CNC Win.Trojan.Geratid variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37050 | MALWARE-CNC ATSEngine initial beacon (more info ...) | trojan-activity | URL | |||
| 37051 | MALWARE-CNC ATSEngine credit card number sent via URL parameter (more info ...) | trojan-activity | URL | |||
| 37052 | MALWARE-CNC Win.Trojan.TeslaCrypt outbound connection (more info ...) | trojan-activity | URL | |||
| 37053 | MALWARE-CNC Win.Trojan.Tdrop2 variant dropper download attempt (more info ...) | trojan-activity | URL | |||
| 37054 | FILE-OTHER BACnet OPC client csv file buffer overflow attempt (more info ...) | attempted-user | 2010-4740 | 43289 | ||
| 37055 | FILE-OTHER BACnet OPC client csv file buffer overflow attempt (more info ...) | attempted-user | 2010-4740 | 43289 | ||
| 37063 | MALWARE-CNC Win.Trojan.Paligenpo outbound connection (more info ...) | trojan-activity | URL | |||
| 37064 | MALWARE-CNC Win.Trojan.Telehot outbound connection (more info ...) | trojan-activity | URL | |||
| 37065 | MALWARE-CNC Win.Backdoor.Venik outbound connection (more info ...) | trojan-activity | URL | |||
| 37066 | MALWARE-CNC Win.Trojan.Banload (more info ...) | trojan-activity | URL | |||
| 37067 | MALWARE-CNC Win.Trojan.Droot outbound connection (more info ...) | trojan-activity | URL | |||
| 37068 | MALWARE-CNC Win.Trojan.Flusihoc variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37100 | MALWARE-CNC Win.Trojan.Dashikut outbound connection (more info ...) | trojan-activity | URL | |||
| 37101 | MALWARE-CNC Win.Trojan.Nessfi outbound connection (more info ...) | trojan-activity | URL | |||
| 37102 | MALWARE-CNC Win.Trojan.Nessfi outbound connection (more info ...) | trojan-activity | URL | |||
| 37117 | MALWARE-CNC Win.Trojan.Cetsiol outbound connection (more info ...) | trojan-activity | URL | |||
| 37127 | MALWARE-CNC Win.Trojan.Batec outbound connection (more info ...) | trojan-activity | URL | |||
| 37141 | MALWARE-CNC Win.Trojan.Collicky variant inbound command attempt (more info ...) | trojan-activity | URL | |||
| 37154 | SERVER-OTHER OpenSSL invalid RSASSA-PSS certificate denial of service attempt (more info ...) | attempted-dos | 2015-3194 | URL | ||
| 37155 | SERVER-OTHER OpenSSL invalid RSASSA-PSS certificate denial of service attempt (more info ...) | attempted-dos | 2015-3194 | URL | ||
| 37164 | MALWARE-CNC Win.Trojan.Hpastal outbound email attempt (more info ...) | trojan-activity | URL | |||
| 37212 | MALWARE-CNC Win.Trojan.Pmabot outbound connection (more info ...) | trojan-activity | URL | |||
| 37213 | MALWARE-CNC Win.Trojan.Pmabot outbound connection (more info ...) | trojan-activity | URL | |||
| 37214 | MALWARE-CNC Win.Trojan.Pmabot outbound connection (more info ...) | trojan-activity | URL | |||
| 37215 | MALWARE-CNC Win.Trojan.Pmabot outbound connection (more info ...) | trojan-activity | URL | |||
| 37225 | MALWARE-CNC Win.Trojan.Isniffer outbound connection (more info ...) | trojan-activity | URL | |||
| 37226 | MALWARE-CNC Win.Trojan.Isniffer outbound connection (more info ...) | trojan-activity | URL | |||
| 37227 | MALWARE-CNC Win.Trojan.Isniffer outbound connection (more info ...) | trojan-activity | URL | |||
| 37228 | MALWARE-CNC Win.Trojan.Isniffer outbound connection (more info ...) | trojan-activity | URL | |||
| 37233 | SERVER-WEBAPP ManageEngine ServiceDesk Plus FileUploader servlet directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 37245 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 37288 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37291 | SERVER-OTHER Trend Micro local node.js http command execution attempt (more info ...) | attempted-user | URL | |||
| 37296 | MALWARE-CNC Win.Trojan.Sesramot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37297 | MALWARE-CNC Win.Trojan.Sesramot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37298 | APP-DETECT Hola VPN installation attempt (more info ...) | policy-violation | URL | |||
| 37299 | APP-DETECT Hola VPN installation attempt (more info ...) | policy-violation | URL | |||
| 37300 | APP-DETECT Hola VPN startup attempt (more info ...) | policy-violation | URL | |||
| 37301 | APP-DETECT Hola VPN startup attempt (more info ...) | policy-violation | URL | |||
| 37302 | APP-DETECT Hola VPN X-Hola-Version header nonstandard port attempt (more info ...) | policy-violation | URL | |||
| 37303 | APP-DETECT Hola VPN X-Hola-Version header attempt (more info ...) | policy-violation | URL | |||
| 37304 | APP-DETECT Hola VPN non-http port ping (more info ...) | policy-violation | URL | |||
| 37305 | APP-DETECT Hola VPN tunnel keep alive (more info ...) | policy-violation | URL | |||
| 37306 | APP-DETECT Hola VPN startup attempt (more info ...) | policy-violation | URL | |||
| 37317 | MALWARE-CNC Win.Trojan.Radamant inbound connection (more info ...) | attempted-user | URL | |||
| 37320 | MALWARE-CNC Win.Trojan.Sakurel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37323 | MALWARE-CNC Win.Trojan.Direvex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37348 | SERVER-WEBAPP Limesurvey unauthenticated file download attempt (more info ...) | web-application-attack | URL | |||
| 37349 | SERVER-WEBAPP Limesurvey unauthenticated file download attempt (more info ...) | web-application-attack | URL | |||
| 37354 | APP-DETECT Jenkins Groovy script access through script console attempt (more info ...) | policy-violation | URL | |||
| 37355 | EXPLOIT-KIT Sweet Orange exploit kit landing page detected (more info ...) | attempted-user | ||||
| 37359 | MALWARE-CNC MultiOS.Trojan.Pbot inbound command attempt (more info ...) | trojan-activity | URL | |||
| 37360 | MALWARE-CNC MultiOS.Trojan.Pbot outbound IRC channel join attempt (more info ...) | trojan-activity | URL | |||
| 37361 | EXPLOIT-KIT DarkLeech iframe injection tool detected (more info ...) | trojan-activity | ||||
| 37370 | MALWARE-CNC Win.Trojan.Trochulis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37374 | MALWARE-CNC Win.Trojan.Derkziel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37401 | FILE-OTHER librtmp invalid pointer dereference attempt (more info ...) | attempted-dos | 2015-8270 | URL | ||
| 37402 | FILE-OTHER librtmp invalid pointer dereference attempt (more info ...) | attempted-dos | 2015-8270 | URL | ||
| 37404 | SERVER-OTHER Easy Chat server authentication request username parameter overflow attempt (more info ...) | misc-attack | 2004-2466 | |||
| 37407 | FILE-OTHER librtmp invalid pointer dereference attempt (more info ...) | attempted-user | 2015-8271 | URL | ||
| 37415 | SERVER-WEBAPP JBoss expression language actionOutcome remote code execution attempt (more info ...) | attempted-admin | 2010-1871 | 41994 | ||
| 37416 | MALWARE-BACKDOOR Adzok RAT download (more info ...) | trojan-activity | URL | |||
| 37417 | MALWARE-BACKDOOR Adzok RAT server file download (more info ...) | trojan-activity | URL | |||
| 37418 | MALWARE-BACKDOOR Adzok RAT inbound connection (more info ...) | trojan-activity | URL | |||
| 37419 | MALWARE-BACKDOOR Adzok RAT inbound connection (more info ...) | trojan-activity | URL | |||
| 37420 | MALWARE-BACKDOOR Adzok RAT initial connection (more info ...) | trojan-activity | URL | |||
| 37421 | MALWARE-BACKDOOR Adzok RAT download (more info ...) | trojan-activity | URL | |||
| 37422 | MALWARE-BACKDOOR Adzok RAT server file download (more info ...) | trojan-activity | URL | |||
| 37447 | MALWARE-CNC Win.Backdoor.Evilgrab outbound connection (more info ...) | trojan-activity | URL | |||
| 37457 | MALWARE-CNC Win.Trojan.Sovfo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37466 | MALWARE-CNC Win.Trojan.Blackmoon outbound connection (more info ...) | trojan-activity | URL | |||
| 37467 | MALWARE-CNC Win.Trojan.Vawtrak variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37468 | SERVER-WEBAPP InterWoven WorkDocs XSS attempt (more info ...) | web-application-attack | ||||
| 37471 | SERVER-WEBAPP F-Secure web console username overflow attempt (more info ...) | attempted-admin | 2006-2838 | 18201 | ||
| 37506 | FILE-PDF TRUFFLEHUNTER TALOS-CAN-0086 attack attempt (more info ...) | attempted-user | URL | |||
| 37516 | MALWARE-CNC Win.Trojan.Sality variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37521 | MALWARE-CNC Win.Trojan.iSpySoft variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37522 | MALWARE-CNC Win.Trojan.iSpySoft variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37523 | MALWARE-CNC Win.Trojan.iSpySoft variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37524 | FILE-OTHER ReGet Deluxe wjr file buffer overflow attempt (more info ...) | misc-attack | 37511 | |||
| 37534 | MALWARE-CNC Win.Trojan.Derusbi outbound connection (more info ...) | trojan-activity | URL | |||
| 37535 | MALWARE-CNC Win.Trojan.Derusbi outbound connection (more info ...) | trojan-activity | URL | |||
| 37536 | MALWARE-CNC Win.Trojan.Derusbi outbound connection (more info ...) | trojan-activity | URL | |||
| 37552 | MALWARE-CNC Win.Trojan.Engr variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37618 | POLICY-OTHER SupRemo remote desktop outbound connection attempt (more info ...) | policy-violation | URL | |||
| 37619 | SERVER-OTHER InterSystems Cache UtilConfigHome.csp buffer overflow attempt (more info ...) | misc-attack | 37177 | |||
| 37620 | PUA-ADWARE Genieo Adware framework variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37621 | PUA-ADWARE Genieo Adware framework User-Agent (more info ...) | trojan-activity | URL | |||
| 37636 | MALWARE-CNC Win.Trojan.Graftor outbound connection (more info ...) | trojan-activity | URL | |||
| 37637 | MALWARE-CNC Win.Trojan.Graftor outbound connection (more info ...) | trojan-activity | URL | |||
| 37646 | MALWARE-CNC Win.Trojan.Symmi variant dropper download connection (more info ...) | trojan-activity | URL | |||
| 37647 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37649 | FILE-OTHER Sophos Anti-Virus reserved device name handling vulnerability attempt (more info ...) | misc-activity | 2004-0552 | |||
| 37650 | FILE-OTHER CA BrightStor stack buffer overflow attempt (more info ...) | web-application-attack | 2006-6917 | |||
| 37681 | POLICY-OTHER junk rule to autoenable vnetd.bpspsserver.connection flowbit (more info ...) | misc-activity | ||||
| 37682 | POLICY-OTHER junk rule to autoenable smb.session.negotiate flowbit (more info ...) | misc-activity | ||||
| 37686 | MALWARE-CNC Win.Trojan.Agent outbound POST attempt (more info ...) | trojan-activity | URL | |||
| 37717 | MALWARE-CNC Win.Trojan.Teslacrypt outbound POST attempt (more info ...) | trojan-activity | URL | |||
| 37718 | MALWARE-CNC Win.Trojan.Teslacrypt outbound POST attempt (more info ...) | trojan-activity | URL | |||
| 37719 | MALWARE-CNC Win.Trojan.Teslacrypt outbound POST attempt (more info ...) | trojan-activity | URL | |||
| 37725 | SERVER-OTHER CA message queuing server buffer overflow attempt (more info ...) | attempted-admin | 2007-0060 | 25051 | URL | |
| 37728 | INDICATOR-OBFUSCATION SWF with large DefineBinaryData tag (more info ...) | attempted-user | 2015-3113 | URL | ||
| 37733 | MALWARE-CNC Win.Trojan.Dridex dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37813 | POLICY-OTHER junk rule to autoenable vnc.server.auth.types flowbit (more info ...) | misc-activity | ||||
| 37814 | POLICY-OTHER Polycom Botnet inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 37815 | POLICY-OTHER Polycom Botnet inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 37816 | MALWARE-CNC Win.Trojan.Kazy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37830 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 37831 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 37832 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 37833 | FILE-OTHER Poster Software Publish-It buffer overflow attempt (more info ...) | attempted-user | 2014-0980 | 65366 | ||
| 37834 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37835 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 37838 | MALWARE-CNC Win.Trojan.Zeus outbound connection (more info ...) | trojan-activity | URL | |||
| 37841 | SERVER-OTHER ntpd reference clock impersonation attempt (more info ...) | misc-attack | 2016-1551 | URL | ||
| 37842 | SERVER-OTHER ntpd reference clock impersonation attempt (more info ...) | misc-attack | 2016-1551 | URL | ||
| 37843 | SERVER-OTHER NTP crypto-NAK possible DoS attempt (more info ...) | attempted-dos | 2016-1547 | URL | ||
| 37844 | MALWARE-CNC Win.Ransomware.LeChiffre outbound connection (more info ...) | trojan-activity | URL | |||
| 37851 | FILE-OTHER Oracle Outside-In invalid CRG segment memory corruption attempt (more info ...) | attempted-user | 2011-4517 | |||
| 37852 | FILE-OTHER Oracle Outside-In invalid CRG segment memory corruption attempt (more info ...) | attempted-user | 2011-4517 | |||
| 37854 | SERVER-WEBAPP D-Link DSL router cross site scripting attempt (more info ...) | attempted-user | 2015-1028 | 72725 | ||
| 37855 | SERVER-WEBAPP D-Link DSL router cross site scripting attempt (more info ...) | attempted-user | 2015-1028 | 72725 | ||
| 37856 | SERVER-WEBAPP D-Link DSL router cross site scripting attempt (more info ...) | attempted-user | 2015-1028 | 72725 | ||
| 37857 | SERVER-WEBAPP D-Link DSL router cross site scripting attempt (more info ...) | attempted-user | 2015-1028 | 72725 | ||
| 37858 | SERVER-WEBAPP Thru Managed File Transfer Portal command injection attempt (more info ...) | web-application-attack | URL | |||
| 37861 | SERVER-OTHER SafeNEt SoftRemote IKE service buffer overflow attempt (more info ...) | attempted-user | 2009-1943 | |||
| 37862 | FILE-PDF Oracle Outside In libvs_pdf integer overflow attempt (more info ...) | attempted-user | 2016-3575 | URL | ||
| 37863 | FILE-PDF Oracle Outside In libvs_pdf integer overflow attempt (more info ...) | attempted-user | 2016-3575 | URL | ||
| 37864 | FILE-PDF Oracle Outside In libvs_pdf xref offset out of bounds read attempt (more info ...) | attempted-user | 2016-3580 | URL | ||
| 37865 | FILE-PDF Oracle Outside In libvs_pdf xref offset out of bounds read attempt (more info ...) | attempted-user | 2016-3580 | URL | ||
| 37866 | FILE-PDF Oracle Outside In libvs_pdf arbitrary pointer access attempt (more info ...) | attempted-recon | 2016-3579 | URL | ||
| 37867 | FILE-PDF Oracle Outside In libvs_pdf arbitrary pointer access attempt (more info ...) | attempted-recon | 2016-3579 | URL | ||
| 37868 | FILE-PDF Oracle Outside In libvs_pdf integer overflow attempt (more info ...) | attempted-user | 2016-3574 | URL | ||
| 37869 | FILE-PDF Oracle Outside In libvs_pdf integer overflow attempt (more info ...) | attempted-user | 2016-3574 | URL | ||
| 37890 | SERVER-WEBAPP Netgear ProSafe NMS arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2016-1525 | 82630 | ||
| 37893 | FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 37894 | FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 37895 | FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 37896 | FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 37897 | FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 37898 | FILE-OTHER Oracle Outside In tag parsing buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 37903 | INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (more info ...) | misc-activity | URL | |||
| 37904 | INDICATOR-OBFUSCATION fromCharcode known obfuscation attempt (more info ...) | misc-activity | URL | |||
| 37912 | POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (more info ...) | policy-violation | 2015-2808 | 73684 | ||
| 37913 | POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (more info ...) | policy-violation | 2015-2808 | 73684 | ||
| 37914 | POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (more info ...) | policy-violation | 2015-2808 | 73684 | ||
| 37915 | POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (more info ...) | policy-violation | 2015-2808 | 73684 | ||
| 37916 | POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (more info ...) | policy-violation | 2015-2808 | 73684 | ||
| 37917 | SERVER-WEBAPP AMX backdoor username login attempt (more info ...) | default-login-attempt | 2016-1984 | URL | ||
| 37950 | INDICATOR-OBFUSCATION email of heavily compressed PDF attempt (more info ...) | misc-activity | URL | |||
| 37960 | SERVER-OTHER Pidgin MSN MSNP2P message integer overflow attempt (more info ...) | attempted-user | 2008-2927 | 29956 | URL | |
| 37971 | INDICATOR-OBFUSCATION obfuscated script encoding detected (more info ...) | misc-activity | URL | |||
| 37972 | INDICATOR-OBFUSCATION obfuscated script encoding detected (more info ...) | misc-activity | URL | |||
| 38017 | MALWARE-CNC Win.Trojan.TeslaCrypt server reply (more info ...) | misc-activity | URL | |||
| 38018 | MALWARE-CNC Win.Trojan.Dridex outbound connection (more info ...) | trojan-activity | URL | |||
| 38116 | MALWARE-CNC Osx.Trojan.Keranger outbound connection (more info ...) | trojan-activity | URL | |||
| 38131 | SERVER-WEBAPP Netgear ProSafe NMS image.do directory traversal attempt (more info ...) | web-application-attack | 2016-1524 | 82630 | ||
| 38132 | SERVER-WEBAPP Netgear ProSafe NMS image.do directory traversal attempt (more info ...) | web-application-attack | 2016-1524 | 82630 | ||
| 38134 | MALWARE-CNC known malicious SSL certificate - Win.Trojan.Adwind (more info ...) | trojan-activity | URL | |||
| 38135 | BROWSER-OTHER Apple iOS CoreGraphics library PDF embedded image handling information leak attempt (more info ...) | attempted-recon | 2014-4378 | 69915 | URL | |
| 38136 | SERVER-MAIL excessive email recipients - potential spam attempt (more info ...) | misc-activity | ||||
| 38145 | MALWARE-CNC Win.Trojan.Kovter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38150 | MALWARE-CNC Win.Trojan.TeslaCrypt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38156 | SERVER-WEBAPP 29o3 CMS LibDir parameter multiple remote file include attempt (more info ...) | web-application-attack | 2010-1922 | 40049 | ||
| 38157 | SERVER-WEBAPP 29o3 CMS LibDir parameter multiple remote file include attempt (more info ...) | web-application-attack | 2010-1922 | 40049 | ||
| 38158 | SERVER-WEBAPP 29o3 CMS LibDir parameter multiple remote file include attempt (more info ...) | web-application-attack | 2010-1922 | 40049 | ||
| 38159 | SERVER-WEBAPP 29o3 CMS LibDir parameter multiple remote file include attempt (more info ...) | web-application-attack | 2010-1922 | 40049 | ||
| 38234 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.FighterPOS (more info ...) | trojan-activity | URL | |||
| 38235 | MALWARE-CNC Win.Trojan.FighterPOS variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38242 | SERVER-WEBAPP VmWare Tools command injection attempt (more info ...) | web-application-attack | 2010-4297 | 45166 | ||
| 38243 | SERVER-WEBAPP VmWare Tools command injection attempt (more info ...) | web-application-attack | 2010-4297 | 45166 | ||
| 38251 | INDICATOR-OBFUSCATION HTML entity encoded script language declaration detected (more info ...) | misc-activity | URL | |||
| 38259 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38260 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38261 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38263 | SERVER-OTHER CUPS Filters command injection attempt (more info ...) | attempted-user | 2014-2707 | 66624 | ||
| 38270 | SERVER-OTHER Wavelink Emulation License Server HTTP header overflow attempt (more info ...) | attempted-user | 2015-4059 | |||
| 38289 | FILE-PDF Oracle IOT IX SDK libvs_pdf null pointer dereference attempt (more info ...) | attempted-user | 2016-3576 | URL | ||
| 38290 | FILE-PDF Oracle IOT IX SDK libvs_pdf null pointer dereference attempt (more info ...) | attempted-user | 2016-3576 | URL | ||
| 38291 | FILE-IDENTIFY UDF file magic detected (more info ...) | misc-activity | URL | |||
| 38292 | FILE-IDENTIFY UDF file magic detected (more info ...) | misc-activity | URL | |||
| 38293 | FILE-OTHER 7zip UDF partition reference out of bounds read attempt (more info ...) | attempted-user | 2016-2335 | URL | ||
| 38294 | FILE-OTHER 7zip UDF partition reference out of bounds read attempt (more info ...) | attempted-user | 2016-2335 | URL | ||
| 38295 | FILE-OTHER 7zip UDF partition reference out of bounds read attempt (more info ...) | attempted-user | 2016-2335 | URL | ||
| 38296 | FILE-OTHER 7zip UDF partition reference out of bounds read attempt (more info ...) | attempted-user | 2016-2335 | URL | ||
| 38304 | MALWARE-CNC User-Agent known malicious user-agent string - JexBoss (more info ...) | trojan-activity | URL | |||
| 38306 | FILE-IDENTIFY DMG com.apple.decmpfs file magic detected (more info ...) | misc-activity | URL | |||
| 38307 | FILE-IDENTIFY DMG com.apple.decmpfs file magic detected (more info ...) | misc-activity | URL | |||
| 38314 | SERVER-WEBAPP Borland AccuRev Reprise License Server directory traversal attempt (more info ...) | web-application-attack | ||||
| 38315 | SERVER-WEBAPP Borland AccuRev Reprise License Server directory traversal attempt (more info ...) | web-application-attack | ||||
| 38316 | SERVER-WEBAPP Borland AccuRev Reprise License Server directory traversal attempt (more info ...) | web-application-attack | ||||
| 38323 | FILE-OTHER 7zip HFS+ handling heap buffer overflow attempt (more info ...) | attempted-user | 2016-2334 | URL | ||
| 38324 | FILE-OTHER 7zip HFS+ handling heap buffer overflow attempt (more info ...) | attempted-user | 2016-2334 | URL | ||
| 38331 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38332 | INDICATOR-OBFUSCATION HTTP header dual colon evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38337 | INDICATOR-OBFUSCATION HTTP header illegal character prior to encoding type evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38340 | INDICATOR-OBFUSCATION HTTP multiple encodings per line attempt (more info ...) | non-standard-protocol | URL | |||
| 38341 | INDICATOR-OBFUSCATION Multiple Encodings header evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38342 | FILE-PDF Oracle Outside In libvs_pdf Root xref stack exhaustion attempt (more info ...) | attempted-user | 2016-3577 | URL | ||
| 38343 | FILE-PDF Oracle Outside In libvs_pdf Root xref stack exhaustion attempt (more info ...) | attempted-user | 2016-3577 | URL | ||
| 38348 | SERVER-OTHER McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (more info ...) | attempted-admin | 2008-1855 | 28573 | ||
| 38349 | SERVER-OTHER McAfee ePolicy Orchestrator Framework Services buffer overflow attempt (more info ...) | attempted-admin | 2008-1855 | 28573 | ||
| 38352 | MALWARE-CNC Win.Trojan.NetWiredRC variant check logs (more info ...) | trojan-activity | URL | |||
| 38353 | MALWARE-CNC Win.Trojan.NetWiredRC variant connection setup (more info ...) | trojan-activity | URL | |||
| 38354 | MALWARE-CNC Win.Trojan.NetWiredRC variant failed read logs (more info ...) | trojan-activity | URL | |||
| 38355 | MALWARE-CNC Win.Trojan.NetWiredRC variant keepalive (more info ...) | trojan-activity | URL | |||
| 38356 | MALWARE-CNC Win.Trojan.NetWiredRC variant read logs (more info ...) | trojan-activity | URL | |||
| 38357 | MALWARE-CNC Win.Trojan.NetWiredRC variant send credentials (more info ...) | trojan-activity | URL | |||
| 38358 | MALWARE-CNC Win.Trojan.NetWiredRC variant send logs (more info ...) | trojan-activity | URL | |||
| 38359 | MALWARE-CNC Win.Trojan.NetWiredRC variant send mail credentials (more info ...) | trojan-activity | URL | |||
| 38365 | SERVER-OTHER TCPDUMP ISAKMP payload handling denial of service attempt (more info ...) | attempted-dos | 2004-0183 | |||
| 38367 | MALWARE-CNC Win.Trojan.Bedep.variant CNC server response (more info ...) | trojan-activity | URL | |||
| 38368 | INDICATOR-OBFUSCATION HTTP illegal chars after encoding type evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38369 | INDICATOR-OBFUSCATION HTTP header whitespace evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38370 | SERVER-WEBAPP IPESOFT D2000 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 38379 | MALWARE-CNC Win.Trojan.Dridex file download attempt (more info ...) | trojan-activity | URL | |||
| 38380 | MALWARE-CNC Win.Trojan.Dridex file download attempt (more info ...) | trojan-activity | URL | |||
| 38381 | BROWSER-OTHER HTTP characters prior to header evasion attempt (more info ...) | non-standard-protocol | ||||
| 38382 | BROWSER-OTHER ICY HTTP version evasion attempt (more info ...) | non-standard-protocol | ||||
| 38394 | INDICATOR-OBFUSCATION Gzip invalid extra field evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38395 | SERVER-WEBAPP Oracle Application Testing Suite Grid Control directory traversal attempt (more info ...) | web-application-attack | 2016-0489 | 81184 | ||
| 38396 | SERVER-WEBAPP Oracle Application Testing Suite Grid Control directory traversal attempt (more info ...) | web-application-attack | 2016-0489 | 81184 | ||
| 38439 | EXPLOIT-KIT Angler exploit kit news uri structure (more info ...) | trojan-activity | ||||
| 38497 | MALWARE-OTHER samsam delfiletype.exe file load attempt (more info ...) | trojan-activity | ||||
| 38498 | MALWARE-OTHER samsam samsam.exe file load attempt (more info ...) | trojan-activity | ||||
| 38500 | MALWARE-OTHER samsam delfiletype.exe file load attempt (more info ...) | trojan-activity | ||||
| 38501 | MALWARE-OTHER samsam samsam.exe file load attempt (more info ...) | trojan-activity | ||||
| 38509 | MALWARE-CNC Win.Trojan.Boaxxe variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38510 | MALWARE-CNC Win.Trojan.iSpySoft variant exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 38514 | MALWARE-CNC Win.Trojan.Sweeper outbound connection (more info ...) | trojan-activity | URL | |||
| 38515 | MALWARE-CNC Win.Trojan.Sweeper outbound connection (more info ...) | trojan-activity | URL | |||
| 38516 | MALWARE-CNC Win.Trojan.Sweeper outbound connection (more info ...) | trojan-activity | URL | |||
| 38517 | MALWARE-CNC binary download while video expected (more info ...) | trojan-activity | URL | |||
| 38528 | MALWARE-CNC XBot Command Request get_action (more info ...) | trojan-activity | URL | |||
| 38542 | MALWARE-CNC VBS Trojan Downloading Encoded Executable (more info ...) | trojan-activity | URL | |||
| 38544 | SERVER-OTHER TRUFFLEHUNTER TALOS-CAN-0121 attack attempt (more info ...) | attempted-user | URL | |||
| 38545 | SERVER-OTHER Pidgin mxit_update_contact out of bounds read attempt (more info ...) | attempted-user | 2016-2373 | URL | ||
| 38546 | SERVER-OTHER Pidgin MXIT table markup command out of bounds read attempt (more info ...) | attempted-user | 2016-2366 | URL | ||
| 38547 | SERVER-OTHER Pidgin MXIT table markup command out of bounds read attempt (more info ...) | attempted-user | 2016-2366 | URL | ||
| 38548 | SERVER-OTHER Pidgin MXIT protocol handling null pointer dereference attempt (more info ...) | attempted-user | 2016-2369 | URL | ||
| 38549 | SERVER-OTHER Pidgin mxit_parse_cmd_extprofile out of bounds read attempt (more info ...) | attempted-user | 2016-2371 | URL | ||
| 38550 | SERVER-OTHER Pidgin MXIT protocol handling splash_remove directory traversal attempt (more info ...) | attempted-user | 2016-4323 | URL | ||
| 38551 | SERVER-OTHER Pidgin MXIT protocol handling splash_remove directory traversal attempt (more info ...) | attempted-user | 2016-4323 | URL | ||
| 38552 | EXPLOIT-KIT Angler landing page detected (more info ...) | attempted-user | ||||
| 38553 | EXPLOIT-KIT Angler landing page detected (more info ...) | attempted-user | ||||
| 38556 | EXPLOIT-KIT Angler landing page detected (more info ...) | attempted-user | ||||
| 38557 | MALWARE-CNC Win.Trojan.GateKeylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 38558 | MALWARE-CNC Win.Trojan.GateKeylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 38559 | MALWARE-CNC Win.Trojan.GateKeylogger outbound connection - keystorkes (more info ...) | trojan-activity | URL | |||
| 38560 | MALWARE-CNC Win.Trojan.GateKeylogger outbound connection - screenshot (more info ...) | trojan-activity | URL | |||
| 38561 | MALWARE-CNC Win.Trojan.GateKeylogger plugins download attempt (more info ...) | trojan-activity | URL | |||
| 38562 | MALWARE-CNC Win.Trojan.GateKeylogger initial exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 38563 | MALWARE-CNC Win.Trojan.GateKeylogger fake 404 response (more info ...) | trojan-activity | URL | |||
| 38564 | MALWARE-CNC Win.Trojan.GateKeylogger keylog exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 38565 | MALWARE-CNC Win.Trojan.Sweeper variant dropper initial download attempt (more info ...) | trojan-activity | URL | |||
| 38566 | MALWARE-CNC Win.Trojan.Sweeper variant dropper download attempt (more info ...) | trojan-activity | URL | |||
| 38567 | MALWARE-CNC Win.Trojan.Coverton variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38568 | SERVER-OTHER Smart Software Solutions Codesys Gateway Server projectName heap buffer overflow attempt (more info ...) | attempted-admin | 2015-6460 | 76754 | ||
| 38569 | FILE-OTHER ABC file instruction field parsing exploitation attempt (more info ...) | attempted-user | 2013-4234 | URL | ||
| 38570 | FILE-OTHER ABC file instruction field parsing exploitation attempt (more info ...) | attempted-user | 2013-4234 | URL | ||
| 38571 | FILE-OTHER ABC file instruction field parsing exploitation attempt (more info ...) | attempted-user | 2013-4234 | URL | ||
| 38572 | FILE-OTHER ABC file instruction field parsing exploitation attempt (more info ...) | attempted-user | 2013-4234 | URL | ||
| 38573 | MALWARE-CNC Win.Trojan.TreasureHunter variant handshake beacon (more info ...) | trojan-activity | URL | |||
| 38574 | MALWARE-CNC Win.Trojan.TreasureHunter variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38578 | SERVER-OTHER Pidgin multimx_message_received out of bounds read attempt (more info ...) | attempted-user | 2016-2374 | URL | ||
| 38583 | SERVER-OTHER Pidgin mxit_parse_cmd_suggestcontacts out of bounds read attempt (more info ...) | attempted-user | 2016-2375 | URL | ||
| 38594 | APP-DETECT Bloomberg web crawler outbound connection (more info ...) | misc-activity | URL | |||
| 38595 | INDICATOR-OBFUSCATION Invalid HTTP version evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38596 | INDICATOR-OBFUSCATION HTTP header null byte evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38597 | INDICATOR-OBFUSCATION HTTP header null byte evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38598 | INDICATOR-OBFUSCATION invalid HTTP header evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38599 | INDICATOR-OBFUSCATION Invalid HTTP 100 response followed by 200 evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38600 | INDICATOR-OBFUSCATION Invalid HTTP response code evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38601 | INDICATOR-OBFUSCATION Invalid HTTP header format evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38602 | INDICATOR-OBFUSCATION mixed case HTTP header evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38603 | MALWARE-CNC Win.Trojan.UP007 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38606 | MALWARE-CNC Win.Trojan.Qakbot variant network speed test (more info ...) | trojan-activity | URL | |||
| 38607 | MALWARE-CNC Win.Trojan.Qakbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38608 | MALWARE-CNC Win.Trojan.RockLoader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38610 | MALWARE-CNC Win.Trojan.Godzilla downloader successful base64 binary download (more info ...) | trojan-activity | URL | |||
| 38613 | MALWARE-CNC Win.Trojan.Wallex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38614 | INDICATOR-OBFUSCATION carriage return only separator evasion (more info ...) | non-standard-protocol | URL | |||
| 38616 | INDICATOR-OBFUSCATION carriage return only separator evasion (more info ...) | non-standard-protocol | URL | |||
| 38617 | INDICATOR-OBFUSCATION carriage return only separator evasion (more info ...) | non-standard-protocol | URL | |||
| 38618 | INDICATOR-OBFUSCATION newline only separator evasion (more info ...) | non-standard-protocol | URL | |||
| 38619 | INDICATOR-COMPROMISE Content-Type text/plain containing Portable Executable data (more info ...) | trojan-activity | URL | |||
| 38622 | SERVER-OTHER ISC BIND malformed control channel authentication message denial of service attempt (more info ...) | attempted-dos | 2016-1285 | URL | ||
| 38637 | INDICATOR-OBFUSCATION Invalid HTTP response code evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38638 | MALWARE-CNC Win.Trojan.GozNym variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38641 | INDICATOR-OBFUSCATION Invalid header line evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38642 | INDICATOR-OBFUSCATION Invalid HTTP 301 response evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38643 | MALWARE-CNC Win.Trojan.Jadowndec outbound connection (more info ...) | trojan-activity | URL | |||
| 38644 | MALWARE-CNC Win.Trojan.Jadowndec outbound connection (more info ...) | trojan-activity | URL | |||
| 38645 | MALWARE-CNC Win.Trojan.Jadowndec outbound connection (more info ...) | trojan-activity | URL | |||
| 38646 | MALWARE-CNC Win.Trojan.Jadowndec outbound connection (more info ...) | trojan-activity | URL | |||
| 38647 | MALWARE-CNC Win.Trojan.Jadowndec outbound connection (more info ...) | trojan-activity | URL | |||
| 38666 | INDICATOR-OBFUSCATION HTTP header invalid entry evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38667 | INDICATOR-OBFUSCATION Mixed case encoding type evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38668 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38673 | SERVER-WEBAPP Oracle Application Testing Suite DownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2016-0484 | 81102 | URL | |
| 38674 | MALWARE-CNC Win.Trojan.Koohipa outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 38676 | MALWARE-CNC Win.Trojan.BBSwift variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38677 | INDICATOR-OBFUSCATION UTF-8 evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38678 | INDICATOR-OBFUSCATION UTF-8 evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38679 | INDICATOR-OBFUSCATION non HTTP 1.1 version with 1.1 headers evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38680 | MALWARE-CNC Win.Trojan.Tooka GET attempt (more info ...) | trojan-activity | URL | |||
| 38681 | MALWARE-CNC Win.Trojan.Tooka POST attempt (more info ...) | trojan-activity | URL | |||
| 38724 | MALWARE-CNC Win.Trojan.Renegin outbound GET attempt (more info ...) | trojan-activity | URL | |||
| 38731 | SERVER-OTHER Squid Proxy range header denial of service attempt (more info ...) | denial-of-service | 2014-3609 | |||
| 38732 | MALWARE-CNC Win.Trojan.VBDos Runtime Detection (more info ...) | trojan-activity | URL | |||
| 38733 | MALWARE-CNC Win.Trojan.Ransom variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38734 | INDICATOR-OBFUSCATION HTTP header value without key evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38746 | MALWARE-CNC CTFMONv4 beacon attempt (more info ...) | trojan-activity | ||||
| 38747 | MALWARE-CNC FF-RAT outbound connection attempt (more info ...) | trojan-activity | ||||
| 38748 | MALWARE-CNC FF-RAT outbound connection attempt (more info ...) | trojan-activity | ||||
| 38749 | MALWARE-CNC FF-RAT outbound connection attempt (more info ...) | trojan-activity | ||||
| 38750 | MALWARE-CNC FF-RAT outbound connection attempt (more info ...) | trojan-activity | ||||
| 38751 | MALWARE-CNC Jimini outbound connection attempt (more info ...) | trojan-activity | ||||
| 38752 | MALWARE-CNC HILIGHT outbound connection attempt (more info ...) | trojan-activity | ||||
| 38754 | MALWARE-CNC XDOT outbound connection attempt (more info ...) | trojan-activity | ||||
| 38755 | MALWARE-CNC PlugX outbound connection attempt (more info ...) | trojan-activity | ||||
| 38756 | MALWARE-CNC PlugX outbound communication attempt (more info ...) | trojan-activity | ||||
| 38757 | MALWARE-CNC PlugX outbound communication attempt (more info ...) | trojan-activity | ||||
| 38767 | INDICATOR-COMPROMISE potential abuse of originating page privileges by new tab (more info ...) | policy-violation | URL | |||
| 38784 | MALWARE-CNC CryptXXX initial outbound connection (more info ...) | trojan-activity | URL | |||
| 38834 | MALWARE-CNC Win.Trojan.Locky variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 38851 | FILE-IDENTIFY Hancom Hangul HCell file download request (more info ...) | misc-activity | ||||
| 38852 | FILE-IDENTIFY Hancom Hangul HCell file attachment detected (more info ...) | misc-activity | ||||
| 38853 | FILE-IDENTIFY Hancom Hangul HCell file attachment detected (more info ...) | misc-activity | ||||
| 38854 | FILE-IDENTIFY Hancom Hangul HCell file magic detected (more info ...) | misc-activity | ||||
| 38855 | FILE-IDENTIFY Hancom Hangul HCell file magic detected (more info ...) | misc-activity | ||||
| 38867 | SERVER-OTHER Pidgin mxit_chunk_parse_get_avatar out of bounds read attempt (more info ...) | attempted-user | 2016-2367 | URL | ||
| 38870 | SERVER-OTHER Pidgin mxit_chunk_parse_cr out of bounds read attempt (more info ...) | attempted-user | 2016-2370 | URL | ||
| 38885 | MALWARE-CNC Win.Trojan.Cerber outbound registration attempt (more info ...) | trojan-activity | URL | |||
| 38886 | MALWARE-CNC Win.Trojan.Bayrob variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38887 | MALWARE-CNC Win.Trojan.Locky JS dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 38888 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38889 | SERVER-ORACLE Oracle Application Test Suite server authentication bypass attempt (more info ...) | attempted-admin | 2016-0492 | 81158 | URL | |
| 38890 | MALWARE-CNC Win.Trojan.Kirts exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 38891 | MALWARE-CNC Win.Trojan.Kirts initial registration (more info ...) | trojan-activity | URL | |||
| 38913 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0486 | 81107 | URL | |
| 38916 | MALWARE-CNC Win.Trojan.Dridex download attempt (more info ...) | trojan-activity | URL | |||
| 38917 | MALWARE-CNC Win.Trojan.Dridex variant CNC traffic (more info ...) | trojan-activity | URL | |||
| 38922 | INDICATOR-OBFUSCATION Brotli encoding evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 38933 | INDICATOR-COMPROMISE IRC nick change on non-standard port (more info ...) | trojan-activity | ||||
| 38940 | SERVER-WEBAPP Oracle Application Testing Suite DownloadServlet servlet directory traversal attempt (more info ...) | web-application-attack | 2016-0477 | 81153 | ||
| 38941 | SERVER-WEBAPP Oracle Application Testing Suite DownloadServlet servlet directory traversal attempt (more info ...) | web-application-attack | 2016-0477 | 81153 | ||
| 38942 | SERVER-WEBAPP Oracle Application Testing Suite DownloadServlet servlet directory traversal attempt (more info ...) | web-application-attack | 2016-0477 | 81153 | ||
| 38949 | MALWARE-CNC Win.Trojan.TeslaCrypt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 38961 | MALWARE-CNC User-Agent known malicious user-agent string - fsrhrsrg - Win.Trojan.Nemucod (more info ...) | trojan-activity | URL | |||
| 38962 | MALWARE-CNC User-Agent known malicious user-agent string - uguogo - Win.Trojan.Nemucod (more info ...) | trojan-activity | URL | |||
| 38964 | POLICY-OTHER VMware vCenter Chargeback Manager ImageUploadServlet arbitrary JSP file upload attempt (more info ...) | policy-violation | 2013-3520 | 60484 | URL | |
| 38989 | MALWARE-TOOLS TorStresser http DoS tool (more info ...) | attempted-dos | URL | |||
| 38994 | MALWARE-CNC Win.Trojan.Zeus config file download (more info ...) | trojan-activity | URL | |||
| 38995 | MALWARE-CNC Win.Trojan.Zeus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39034 | FILE-OTHER libarchive mtree parse_device stack buffer overflow attempt (more info ...) | attempted-user | 2016-4301 | URL | ||
| 39035 | FILE-OTHER libarchive mtree parse_device stack buffer overflow attempt (more info ...) | attempted-user | 2016-4301 | URL | ||
| 39040 | MALWARE-CNC Win.Trojan.TeslaCrypt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39045 | FILE-OTHER libarchive RAR RestartModel out of bounds write attempt (more info ...) | attempted-user | 2016-4302 | URL | ||
| 39046 | FILE-OTHER libarchive RAR RestartModel out of bounds write attempt (more info ...) | attempted-user | 2016-4302 | URL | ||
| 39047 | FILE-EXECUTABLE Kaspersky Internet Security kl1.sys out of bounds read attempt (more info ...) | attempted-user | 2016-4307 | URL | ||
| 39048 | FILE-EXECUTABLE Kaspersky Internet Security kl1.sys out of bounds read attempt (more info ...) | attempted-user | 2016-4307 | URL | ||
| 39052 | MALWARE-CNC Win.Trojan.Adialer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39053 | MALWARE-CNC Win.Trojan.7ev3n variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39056 | MALWARE-CNC Win.Trojan.Rofin variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39063 | MALWARE-CNC Win.Trojan.Qakbot outbound POST attempt (more info ...) | trojan-activity | URL | |||
| 39064 | MALWARE-CNC Win.Trojan.Sinrin initial JS dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 39071 | SERVER-OTHER Aruba Networks IAP PAPI authentication bypass attempt (more info ...) | attempted-admin | 2016-2031 | URL | ||
| 39072 | SERVER-WEBAPP Aruba Networks IAP insecure disclosure of environment variables attempt (more info ...) | attempted-recon | 2016-2031 | URL | ||
| 39080 | MALWARE-CNC Win.Trojan.NetWiredRC variant connection setup (more info ...) | trojan-activity | URL | |||
| 39084 | MALWARE-CNC Win.Trojan.Cript outbound connection (more info ...) | trojan-activity | URL | |||
| 39085 | MALWARE-CNC Win.Trojan.Cript outbound connection (more info ...) | trojan-activity | URL | |||
| 39086 | MALWARE-CNC Win.Trojan.Cript outbound connection (more info ...) | trojan-activity | URL | |||
| 39106 | MALWARE-CNC Win.Trojan.LuminosityLink RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39107 | MALWARE-CNC Win.Trojan.LuminosityLink RAT variant inbound connection (more info ...) | trojan-activity | URL | |||
| 39116 | MALWARE-CNC Win.Trojan.DMALocker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39117 | MALWARE-CNC Win.Trojan.Symmi variant outbound connection (more info ...) | trojan-activity | ||||
| 39150 | SERVER-OTHER Pidgin MXIT negative message length underflow attempt (more info ...) | attempted-user | 2016-2376 | URL | ||
| 39151 | SERVER-OTHER Pidgin MXIT message length overflow attempt (more info ...) | attempted-user | 2016-2376 | URL | ||
| 39159 | MALWARE-CNC Win.Backdoor.JRat inbound self-signed SSL certificate (more info ...) | trojan-activity | URL | |||
| 39160 | MALWARE-CNC Win.Backdoor.JRat inbound self-signed SSL certificate (more info ...) | trojan-activity | URL | |||
| 39173 | MALWARE-CNC Win.Ransomware.BlackShades Crypter outbound connection (more info ...) | trojan-activity | URL | |||
| 39176 | MALWARE-CNC Win.Trojan.Helminth variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39182 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0478 | |||
| 39183 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0478 | |||
| 39184 | SERVER-WEBAPP Oracle Application Testing Suite directory traversal attempt (more info ...) | web-application-attack | 2016-0478 | |||
| 39197 | SERVER-WEBAPP AirTies RT hardcoded credentials login attempt (more info ...) | attempted-admin | URL | |||
| 39240 | EXPLOIT-KIT Neutrino Exploit Kit exploitation attempt (more info ...) | attempted-user | ||||
| 39320 | INDICATOR-OBFUSCATION HTTP header invalid entry evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 39321 | INDICATOR-OBFUSCATION Gzip encoded with reserved bit set evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 39322 | MALWARE-CNC Win.Trojan.GozNym variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39323 | INDICATOR-OBFUSCATION Gzip encoded with invalid CRC16 evasion attempt (more info ...) | non-standard-protocol | URL | |||
| 39327 | MALWARE-CNC Win.Trojan.CryptoRoger outbound POST attempt (more info ...) | trojan-activity | URL | |||
| 39341 | MALWARE-CNC Win.Trojan.FastPOS credit card data exfiltration (more info ...) | trojan-activity | URL | |||
| 39342 | MALWARE-CNC Win.Trojan.FastPOS initial outbound connection (more info ...) | trojan-activity | URL | |||
| 39343 | MALWARE-CNC Win.Trojan.FastPOS keylog exfiltration (more info ...) | trojan-activity | URL | |||
| 39344 | MALWARE-CNC Win.Trojan.FastPOS status update (more info ...) | trojan-activity | URL | |||
| 39345 | MALWARE-CNC Win.Trojan.FastPOS update request (more info ...) | trojan-activity | URL | |||
| 39348 | SERVER-WEBAPP SAP servlet authentication bypass attempt (more info ...) | attempted-admin | 2010-5326 | |||
| 39351 | SERVER-WEBAPP SAP NetWeaver CrashFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2016-3976 | URL | ||
| 39352 | SERVER-WEBAPP SAP NetWeaver CrashFileDownloadServlet directory traversal attempt (more info ...) | web-application-attack | 2016-3976 | URL | ||
| 39360 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39361 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Batlopma (more info ...) | trojan-activity | URL | |||
| 39362 | INDICATOR-COMPROMISE User-Agent blank user-agent string (more info ...) | misc-activity | URL | |||
| 39369 | MALWARE-CNC Win.Trojan.Lorozoad variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39409 | MALWARE-CNC Win.Trojan.iSpy variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 39410 | MALWARE-CNC Win.Trojan.iSpy variant exfiltration outbound connection (more info ...) | trojan-activity | URL | |||
| 39411 | MALWARE-CNC Win.Trojan.Qbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39413 | SERVER-WEBAPP WANem WAN emulator command injection attempt (more info ...) | web-application-attack | URL | |||
| 39414 | SERVER-WEBAPP WANem WAN emulator command injection attempt (more info ...) | web-application-attack | URL | |||
| 39415 | SERVER-WEBAPP WANem WAN emulator command injection attempt (more info ...) | web-application-attack | URL | |||
| 39430 | MALWARE-CNC Win.Malware.Furtim variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39433 | MALWARE-CNC Win.Trojan.Zcryptor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39434 | MALWARE-CNC Win.Trojan.Zcryptor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39442 | SERVER-WEBAPP Oracle E-Business Suite Arbitrary Document Download attempt (more info ...) | web-application-attack | 2007-2135 | 23532 | URL | |
| 39443 | PUA-ADWARE Win.Adware.InstallFaster variant outbound connection attempt (more info ...) | misc-activity | URL | |||
| 39448 | MALWARE-CNC Win.Trojan.Renos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39463 | FILE-EXECUTABLE McAfee LiveSafe malformed executable denial of service attempt (more info ...) | attempted-dos | 2016-4535 | |||
| 39464 | FILE-EXECUTABLE McAfee LiveSafe malformed executable denial of service attempt (more info ...) | attempted-dos | 2016-4535 | |||
| 39465 | MALWARE-CNC Win.Trojan.Unlock92 outbound connection (more info ...) | trojan-activity | URL | |||
| 39501 | POLICY-OTHER Google Chromium ClusterFuzz fuzzer generated code detected (more info ...) | policy-violation | URL | |||
| 39502 | POLICY-OTHER Google Chromium ClusterFuzz fuzzer generated code detected (more info ...) | policy-violation | URL | |||
| 39573 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39574 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39575 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39576 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39577 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39578 | MALWARE-CNC Win.Backdoor.NanoBot variant inbound connection (more info ...) | trojan-activity | URL | |||
| 39579 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39580 | MALWARE-CNC Win.Backdoor.NanoBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39581 | MALWARE-CNC Win.Trojan.NanoBot/Perseus initial outbound connection (more info ...) | trojan-activity | URL | |||
| 39582 | MALWARE-CNC Win.Trojan.NanoBot/Perseus server heartbeat request attempt (more info ...) | trojan-activity | URL | |||
| 39583 | MALWARE-CNC Win.Trojan.NanoBot/Perseus client heartbeat response attempt (more info ...) | trojan-activity | URL | |||
| 39584 | SERVER-OTHER EasyCafe Server remote file access attempt (more info ...) | attempted-user | URL | |||
| 39586 | PUA-ADWARE Win.Adware.Antivirus Container.exe referral link attempt (more info ...) | misc-activity | URL | |||
| 39587 | PUA-ADWARE Win.Adware.Antivirus Container.exe referral link attempt (more info ...) | misc-activity | URL | |||
| 39588 | SERVER-WEBAPP WebNMS Framework arbitrary file upload attempt (more info ...) | attempted-admin | URL | |||
| 39589 | SERVER-WEBAPP WebNMS Framework arbitrary file upload attempt (more info ...) | attempted-admin | URL | |||
| 39593 | FILE-IMAGE Oracle OIT BMP file parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3596 | URL | ||
| 39594 | FILE-IMAGE Oracle OIT BMP file parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3596 | URL | ||
| 39595 | FILE-IMAGE Oracle OIT BMP file parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3596 | URL | ||
| 39596 | FILE-IMAGE Oracle OIT BMP file parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3596 | URL | ||
| 39597 | FILE-MULTIMEDIA Apple OSX SceneKit invalid COLLADA file geometry attribute type confusion attempt (more info ...) | attempted-user | 2016-1850 | URL | ||
| 39598 | FILE-MULTIMEDIA Apple OSX SceneKit invalid COLLADA file geometry attribute type confusion attempt (more info ...) | attempted-user | 2016-1850 | URL | ||
| 39599 | FILE-IMAGE Apple OSX EXR image tile size heap buffer overflow attempt (more info ...) | attempted-user | 2016-4630 | URL | ||
| 39600 | FILE-IMAGE Apple OSX EXR image tile size heap buffer overflow attempt (more info ...) | attempted-user | 2016-4630 | URL | ||
| 39633 | PUA-ADWARE Win.Adware.Mizenota outbound connection (more info ...) | trojan-activity | URL | |||
| 39636 | MALWARE-CNC Win.Ransomware.Ranscam request.html response (more info ...) | trojan-activity | URL | |||
| 39642 | SERVER-WEBAPP WebNMS framework server credential disclosure attempt (more info ...) | attempted-admin | URL | |||
| 39650 | MALWARE-CNC Win.Trojan.Kirts variant CNC IRC response attempt (more info ...) | trojan-activity | URL | |||
| 39653 | MALWARE-CNC Win.Trojan.Mangit initial outbound connection (more info ...) | trojan-activity | URL | |||
| 39660 | FILE-OTHER Oracle OIT gem metafile n_integers heap buffer overflow attempt (more info ...) | attempted-user | 2016-3595 | URL | ||
| 39661 | FILE-OTHER Oracle OIT gem metafile n_integers heap buffer overflow attempt (more info ...) | attempted-user | 2016-3595 | URL | ||
| 39663 | FILE-OTHER Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord out of bounds write attempt (more info ...) | attempted-user | 2016-3591 | URL | ||
| 39664 | FILE-OTHER Oracle OIT ContentAccess libvs_mwkd VwStreamReadRecord out of bounds write attempt (more info ...) | attempted-user | 2016-3591 | URL | ||
| 39673 | FILE-IMAGE Oracle OIT CYMK TIFF parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3582 | URL | ||
| 39674 | FILE-IMAGE Oracle OIT CYMK TIFF parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3582 | URL | ||
| 39675 | FILE-IMAGE Oracle OIT CYMK TIFF parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3582 | URL | ||
| 39676 | FILE-IMAGE Oracle OIT CYMK TIFF parsing heap buffer overflow attempt (more info ...) | attempted-user | 2016-3582 | URL | ||
| 39677 | EXPLOIT-KIT Pseudo-Darkleech gate redirect attempt (more info ...) | trojan-activity | ||||
| 39682 | PUA-ADWARE Win.Adware.EoRezo outbound ad download attempt (more info ...) | trojan-activity | URL | |||
| 39685 | MALWARE-CNC Win.Trojan.Tinba variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39686 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 39705 | MALWARE-CNC Win.Trojan.Zeus variant inbound connection (more info ...) | trojan-activity | URL | |||
| 39729 | INDICATOR-COMPROMISE Content-Type image containing Portable Executable data (more info ...) | trojan-activity | URL | |||
| 39730 | MALWARE-CNC Win.Adware.Xiazai outbound connection (more info ...) | trojan-activity | URL | |||
| 39735 | FILE-OTHER Multiple Products XML buffer overflow attempt (more info ...) | attempted-admin | 2013-6935 | URL | ||
| 39736 | FILE-OTHER Multiple Products XML buffer overflow attempt (more info ...) | attempted-admin | 2013-6935 | URL | ||
| 39738 | MALWARE-CNC Win.Trojan.Trans variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39741 | PUA-ADWARE Win.Adware.StartPage variant outbound connection (more info ...) | misc-activity | URL | |||
| 39767 | MALWARE-CNC Win.Ransomware.Alfa outbound connection (more info ...) | trojan-activity | URL | |||
| 39770 | SERVER-WEBAPP GoAhead Embedded Web Server directory traversal attempt (more info ...) | attempted-admin | 2014-9707 | URL | ||
| 39774 | MALWARE-CNC Win.Trojan.Qarallax initial outbound connection (more info ...) | trojan-activity | URL | |||
| 39775 | EXPLOIT-KIT malicious script detected via RBF classifier (more info ...) | attempted-user | ||||
| 39776 | FILE-IDENTIFY Heroes of Might and Magic III map file attachment detected (more info ...) | misc-activity | ||||
| 39777 | FILE-IDENTIFY Heroes of Might and Magic III map file attachment detected (more info ...) | misc-activity | ||||
| 39778 | FILE-IDENTIFY Heroes of Might and Magic III map file download request (more info ...) | misc-activity | ||||
| 39779 | FILE-OTHER Ubisoft Heroes of Might and Magic III .h3m map file buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 39780 | FILE-OTHER Ubisoft Heroes of Might and Magic III .h3m map file buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 39781 | FILE-OTHER Ubisoft Heroes of Might and Magic III .h3m map file buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 39785 | MALWARE-CNC Win.Trojan.Lientchtp variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39786 | PUA-ADWARE Win.Dowadmin.Adware outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39787 | PUA-ADWARE Win.Dowadmin.Adware outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39800 | MALWARE-CNC Win.Trojan.Hancitor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39801 | MALWARE-CNC Win.Trojan.Spyrat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39852 | MALWARE-CNC Win.Trojan.Sharik variant connectivity check (more info ...) | trojan-activity | URL | |||
| 39853 | MALWARE-CNC Win.Trojan.Sharik variant connectivity check (more info ...) | trojan-activity | URL | |||
| 39854 | MALWARE-CNC Win.Trojan.Sharik variant connectivity check (more info ...) | trojan-activity | URL | |||
| 39855 | MALWARE-CNC Win.Trojan.Sharik variant connectivity check (more info ...) | trojan-activity | URL | |||
| 39856 | MALWARE-CNC Win.Trojan.Sharik variant executable download (more info ...) | trojan-activity | URL | |||
| 39857 | MALWARE-CNC Win.Trojan.Sharik variant executable download (more info ...) | trojan-activity | URL | |||
| 39861 | MALWARE-CNC Win.Trojan.NanHaiShu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39870 | INDICATOR-COMPROMISE Oracle E-Business Suite arbitrary node deletion (more info ...) | misc-activity | 2007-2170 | 23532 | URL | |
| 39877 | PROTOCOL-SNMP Allen-Bradley MicroLogix PLC firmware update detected (more info ...) | policy-violation | 2016-5645 | URL | ||
| 39882 | MALWARE-CNC Win.Trojan.Vibro outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39886 | MALWARE-CNC User-Agent known Adware user-agent string - Win.Adware.Prepscram (more info ...) | trojan-activity | URL | |||
| 39887 | MALWARE-CNC Win.Trojan.Toga variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39888 | PUA-ADWARE Dorv Adware variant outbound connection (more info ...) | trojan-activity | URL | |||
| 39899 | PUA-ADWARE Win.Adware.Techsnab outbound connection detected (more info ...) | misc-activity | URL | |||
| 39900 | PUA-ADWARE Win.Adware.Techsnab outbound connection detected (more info ...) | misc-activity | URL | |||
| 39901 | PUA-ADWARE Win.Adware.Techsnab outbound connection detected (more info ...) | misc-activity | URL | |||
| 39902 | PUA-ADWARE Win.Adware.Techsnab outbound connection detected (more info ...) | misc-activity | URL | |||
| 39908 | SERVER-WEBAPP Multiple Products long multipart POST boundary attack attempt (more info ...) | denial-of-service | 2023-20158 | 91453 | URL | |
| 39909 | MALWARE-CNC Win.Trojan.Adnel outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39911 | MALWARE-CNC Win.Trojan.HawkEye keylogger exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 39918 | FILE-EXECUTABLE Kaspersky Anti-Virus unhandled windows messages denial of service vulnerability attempt (more info ...) | attempted-dos | 2016-4329 | URL | ||
| 39919 | FILE-EXECUTABLE Kaspersky Anti-Virus unhandled windows messages denial of service vulnerability attempt (more info ...) | attempted-dos | 2016-4329 | URL | ||
| 39920 | MALWARE-CNC Neutrino outbound connection (more info ...) | trojan-activity | ||||
| 39921 | MALWARE-CNC Neutrino outbound connection (more info ...) | trojan-activity | ||||
| 39931 | MALWARE-CNC Win.Trojan.BlackEnergy outbound connection (more info ...) | trojan-activity | URL | |||
| 39937 | FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (more info ...) | attempted-recon | URL | |||
| 39938 | FILE-PDF TRUFFLEHUNTER TALOS-CAN-0194 attack attempt (more info ...) | attempted-recon | URL | |||
| 39941 | SERVER-WEBAPP Schneider Electric Accutech http request overflow attempt (more info ...) | attempted-admin | 2013-0658 | 57651 | ||
| 39958 | MALWARE-CNC Win.Trojan.Folyris outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39968 | MALWARE-CNC Win.Trojan.Donoff outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39969 | MALWARE-CNC Win.Trojan.Donoff outbound connection detected (more info ...) | trojan-activity | URL | |||
| 39976 | SERVER-OTHER BGP bad marker strings (more info ...) | bad-unknown | ||||
| 39977 | SERVER-OTHER BGP invalid length (more info ...) | bad-unknown | 2002-1350 | 6213 | 15043 | |
| 39993 | SERVER-OTHER Netcore router backdoor access attempt (more info ...) | attempted-admin | URL | |||
| 40007 | MALWARE-CNC Win.Trojan.Nemim outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40011 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40012 | MALWARE-CNC User-Agent known malicious user-agent string DetoxCrypto2 (more info ...) | trojan-activity | URL | |||
| 40016 | MALWARE-CNC Win.Trojan.Madeba outbound connection detected (more info ...) | trojan-activity | ||||
| 40027 | MALWARE-CNC Win.Trojan.Shakti variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40028 | POLICY-OTHER AutoItv3 Aut2Exe interpreter - compiled script (more info ...) | policy-violation | URL | |||
| 40029 | POLICY-OTHER AutoItv3 Aut2Exe interpreter - compiled script (more info ...) | policy-violation | URL | |||
| 40034 | EXPLOIT-KIT Exploit kit embedded iframe redirection attempt (more info ...) | attempted-user | ||||
| 40043 | MALWARE-CNC Win.Ransomware.Fantom outbound connection (more info ...) | trojan-activity | URL | |||
| 40044 | MALWARE-CNC Win.Ransomware.Fantom post encryption outbound connection (more info ...) | trojan-activity | URL | |||
| 40045 | MALWARE-CNC Win.Ransomware.Fantom post encryption outbound connection (more info ...) | trojan-activity | URL | |||
| 40059 | MALWARE-CNC Win.Trojan.Hadsruda outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40060 | MALWARE-CNC Win.Trojan.Hadsruda outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40061 | MALWARE-CNC Win.Backdoor.Morel variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40062 | MALWARE-CNC Win.Backdoor.Morel variant inbound connection (more info ...) | trojan-activity | URL | |||
| 40066 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.LokiBot (more info ...) | trojan-activity | URL | |||
| 40067 | MALWARE-CNC Win.Trojan.LokiBot outbound connection (more info ...) | trojan-activity | URL | |||
| 40081 | PUA-OTHER User-Agent known PUA user-agent string - TopTools100 (more info ...) | misc-activity | URL | |||
| 40084 | INDICATOR-COMPROMISE TextDecorationBlink property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40085 | INDICATOR-COMPROMISE TextDecorationLineNone property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40086 | INDICATOR-COMPROMISE TextDecorationLineOverline property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40087 | INDICATOR-COMPROMISE TextDecorationLineThrough property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40088 | INDICATOR-COMPROMISE TextDecorationLineUnderline property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40089 | INDICATOR-COMPROMISE TextDecorationBlink property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40090 | INDICATOR-COMPROMISE TextDecorationLineNone property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40091 | INDICATOR-COMPROMISE TextDecorationLineOverline property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40092 | INDICATOR-COMPROMISE TextDecorationLineThrough property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40093 | INDICATOR-COMPROMISE TextDecorationLineUnderline property use (more info ...) | attempted-recon | 2016-3324 | URL | ||
| 40182 | SERVER-WEBAPP AirOS authentication bypass attempt (more info ...) | attempted-admin | 51178 | |||
| 40183 | MALWARE-CNC Win.Trojan.Malex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40185 | SERVER-WEBAPP WebNMS framework server .jsp file retrieval attempt (more info ...) | attempted-admin | URL | |||
| 40187 | POLICY-OTHER SSL weak 3DES cipher suite use attempt (more info ...) | policy-violation | 2016-2183 | 92630 | ||
| 40188 | POLICY-OTHER SSL weak 3DES cipher suite use attempt (more info ...) | policy-violation | 2016-2183 | 92630 | ||
| 40203 | MALWARE-CNC Win.Trojan.Drolnux variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40204 | MALWARE-CNC Win.Trojan.Qiwmonk outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40205 | MALWARE-CNC Win.Trojan.Comisproc outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40206 | MALWARE-CNC Win.Trojan.Comisproc outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40207 | MALWARE-CNC Win.Trojan.Comisproc outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40209 | MALWARE-CNC Win.Trojan.Bulta external connection attempt (more info ...) | trojan-activity | URL | |||
| 40211 | PUA-ADWARE Win.Adware.EoRezo outbound connection (more info ...) | misc-activity | URL | |||
| 40212 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Darkshell (more info ...) | trojan-activity | URL | |||
| 40213 | MALWARE-CNC Win.Trojan.DarkShell external connection attempt (more info ...) | trojan-activity | URL | |||
| 40214 | MALWARE-CNC Win.Downloader.Ogimant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40215 | MALWARE-CNC Win.Downloader.Ogimant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40216 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.VBInject (more info ...) | trojan-activity | URL | |||
| 40217 | MALWARE-CNC User-Agent known malicious user-agent string - F.5.E.C (more info ...) | web-application-attack | ||||
| 40223 | MALWARE-CNC Win.Trojan.Injector external connection attempt (more info ...) | trojan-activity | URL | |||
| 40232 | MALWARE-CNC Win.Trojan.CeeInject external connection (more info ...) | trojan-activity | URL | |||
| 40238 | MALWARE-CNC Win.Keylogger.AgentTesla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40242 | MALWARE-CNC Win.Trojan.iSpy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40249 | MALWARE-CNC Win.Downloader.QuantLoader external connection attempt (more info ...) | trojan-activity | URL | |||
| 40251 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Perseus (more info ...) | trojan-activity | URL | |||
| 40252 | MALWARE-CNC Win.Perseus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40258 | MALWARE-CNC Osx.Trojan.Keydnap variant backdoor detected (more info ...) | trojan-activity | URL | |||
| 40259 | MALWARE-CNC Osx.Trojan.Keydnap variant backdoor detected (more info ...) | trojan-activity | URL | |||
| 40260 | MALWARE-CNC Osx.Trojan.Keydnap variant initial backdoor download attempt (more info ...) | trojan-activity | URL | |||
| 40261 | MALWARE-CNC Osx.Trojan.Keydnap variant backdoor detected (more info ...) | trojan-activity | URL | |||
| 40262 | MALWARE-CNC Osx.Trojan.Keydnap variant backdoor detected (more info ...) | trojan-activity | URL | |||
| 40288 | MALWARE-CNC Win.Trojan.Poxters external connection (more info ...) | trojan-activity | URL | |||
| 40289 | MALWARE-CNC Win.Trojan.Philadelphia variant initial outbound connection (more info ...) | trojan-activity | ||||
| 40290 | MALWARE-CNC Win.Trojan.Philadelphia variant status update outbound connection (more info ...) | trojan-activity | URL | |||
| 40291 | SERVER-WEBAPP Advantech WebAccess openWidget directory traversal attempt (more info ...) | web-application-attack | 2016-0855 | URL | ||
| 40292 | SERVER-WEBAPP Advantech WebAccess openWidget directory traversal attempt (more info ...) | web-application-attack | 2016-0855 | URL | ||
| 40293 | SERVER-WEBAPP Advantech WebAccess openWidget directory traversal attempt (more info ...) | web-application-attack | 2016-0855 | URL | ||
| 40301 | SERVER-OTHER Redis CONFIG SET array index out of bounds attempt (more info ...) | attempted-admin | 2016-8339 | URL | ||
| 40305 | PUA-ADWARE Win.Adware.SupTab external connection attempt (more info ...) | misc-activity | URL | |||
| 40308 | MALWARE-CNC Backdoor.MSIL.Kazybot.A botnet server connection attempt (more info ...) | trojan-activity | URL | |||
| 40309 | MALWARE-CNC Win.Trojan.Randrew variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40310 | MALWARE-CNC Osx.Trojan.Keydnap variant dropper detected (more info ...) | trojan-activity | URL | |||
| 40311 | MALWARE-CNC Osx.Trojan.Keydnap variant dropper detected (more info ...) | trojan-activity | URL | |||
| 40322 | SERVER-OTHER CA weblogic default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40326 | SERVER-OTHER JBoss directory traversal attempt (more info ...) | attempted-recon | ||||
| 40328 | SERVER-OTHER Railo directory traversal attempt (more info ...) | attempted-recon | ||||
| 40329 | SERVER-OTHER Axis2 directory traversal attempt (more info ...) | attempted-recon | ||||
| 40330 | SERVER-OTHER JBoss directory traversal attempt (more info ...) | attempted-recon | ||||
| 40331 | SERVER-WEBAPP JBoss default credential login attempt (more info ...) | default-login-attempt | URL | |||
| 40332 | SERVER-WEBAPP Ruby on Rails Web Console remote code execution attempt (more info ...) | web-application-attack | 2015-3224 | URL | ||
| 40333 | PROTOCOL-SCADA Rockwell firmware upload attempt (more info ...) | policy-violation | 2012-6437 | URL | ||
| 40334 | MALWARE-CNC Win.Trojan.Sality variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40335 | APP-DETECT OpenVAS Scanner User-Agent attempt (more info ...) | web-application-activity | ||||
| 40338 | MALWARE-CNC Win.Trojan.Bartallex outbound connection detected (more info ...) | trojan-activity | URL | |||
| 40339 | MALWARE-CNC Win.Trojan.Cry variant outbound connection (more info ...) | trojan-activity | ||||
| 40340 | MALWARE-CNC Win.Trojan.Cry variant outbound connection (more info ...) | trojan-activity | ||||
| 40353 | SERVER-OTHER Linknat Vos Manager potential directory traversal attempt (more info ...) | suspicious-filename-detect | URL | |||
| 40356 | PUA-ADWARE Win.Trojan.InstantAccess variant outbound connection (more info ...) | misc-activity | URL | |||
| 40357 | PUA-ADWARE Win.Trojan.InstantAccess variant outbound connection (more info ...) | misc-activity | URL | |||
| 40361 | BROWSER-OTHER Android Browser potential denial of service attempt (more info ...) | denial-of-service | 2012-6301 | URL | ||
| 40432 | MALWARE-CNC Win.Trojan.Marsjoke variant post infection beacon (more info ...) | trojan-activity | URL | |||
| 40433 | MALWARE-CNC Win.Trojan.Marsjoke variant post infection beacon (more info ...) | trojan-activity | URL | |||
| 40444 | MALWARE-CNC Doc.Dropper.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40445 | MALWARE-CNC Doc.Dropper.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40449 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40450 | MALWARE-CNC Doc.Downloader.Agent file download attempt (more info ...) | trojan-activity | URL | |||
| 40454 | SERVER-WEBAPP Nibbleblog remote code execution attempt (more info ...) | attempted-user | 2015-6967 | |||
| 40457 | PUA-ADWARE Win.Downloader.OpenCandy variant outbound connection (more info ...) | misc-activity | URL | |||
| 40458 | BROWSER-OTHER Android browser file exfiltration attempt (more info ...) | attempted-recon | URL | |||
| 40461 | MALWARE-CNC Win.Trojan.Deshacop variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40465 | MALWARE-CNC Win.Trojan.Kapahyku variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40466 | MALWARE-CNC Win.Trojan.Kapahyku variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40467 | MALWARE-CNC Win.Trojan.Hades outbound connection (more info ...) | trojan-activity | URL | |||
| 40484 | FILE-PDF Iceni Argus ipNameAdd stack buffer overflow attempt (more info ...) | attempted-admin | 2016-8335 | URL | ||
| 40485 | FILE-PDF Iceni Argus ipNameAdd stack buffer overflow attempt (more info ...) | attempted-admin | 2016-8335 | URL | ||
| 40486 | FILE-PDF Iceni Argus ipNameAdd stack buffer overflow attempt (more info ...) | attempted-admin | 2016-8335 | URL | ||
| 40487 | FILE-PDF Iceni Argus ipNameAdd stack buffer overflow attempt (more info ...) | attempted-admin | 2016-8335 | URL | ||
| 40492 | PUA-ADWARE Win.Adware.DownloadManager outbound connection (more info ...) | misc-activity | URL | |||
| 40500 | MALWARE-CNC Andr.Tool.Snowfox Androidbauts/snowfox outbound connection (more info ...) | trojan-activity | URL | |||
| 40501 | MALWARE-CNC Andr.Tool.Snowfox Androidbauts/snowfox outbound connection (more info ...) | trojan-activity | URL | |||
| 40517 | PROTOCOL-SCADA Rockwell Controllogix Network Policy Change attempt (more info ...) | policy-violation | ||||
| 40518 | PROTOCOL-SCADA Rockwell Controllogix Stop CPU attempt (more info ...) | policy-violation | ||||
| 40525 | FILE-IMAGE LibTIFF tiff2pdf JPEG compression tables heap buffer overflow attempt (more info ...) | attempted-user | 2016-5652 | URL | ||
| 40526 | FILE-IMAGE LibTIFF tiff2pdf JPEG compression tables heap buffer overflow attempt (more info ...) | attempted-user | 2016-5652 | URL | ||
| 40527 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40528 | MALWARE-CNC User-Agent known malicious user-agent string Instally (more info ...) | trojan-activity | URL | |||
| 40529 | PUA-ADWARE Win.Downloader.Instally variant outbound connection attempt (more info ...) | misc-activity | URL | |||
| 40530 | PUA-ADWARE Win.Downloader.Instally variant outbound connection attempt (more info ...) | misc-activity | URL | |||
| 40531 | PUA-ADWARE Win.Downloader.Instally variant outbound connection attempt (more info ...) | misc-activity | URL | |||
| 40532 | PUA-ADWARE Win.Downloader.Instally variant outbound connection attempt (more info ...) | misc-activity | URL | |||
| 40533 | FILE-IMAGE LibTIFF FAX IFD entry parsing type confusion attempt (more info ...) | attempted-user | 2016-8331 | URL | ||
| 40534 | FILE-IMAGE LibTIFF FAX IFD entry parsing type confusion attempt (more info ...) | attempted-user | 2016-8331 | URL | ||
| 40535 | FILE-IMAGE LibTIFF FAX IFD entry parsing type confusion attempt (more info ...) | attempted-user | 2016-8331 | URL | ||
| 40536 | FILE-IMAGE LibTIFF FAX IFD entry parsing type confusion attempt (more info ...) | attempted-user | 2016-8331 | URL | ||
| 40537 | FILE-IMAGE LibTIFF FAX IFD entry parsing type confusion attempt (more info ...) | attempted-user | 2016-8331 | URL | ||
| 40538 | FILE-IMAGE LibTIFF FAX IFD entry parsing type confusion attempt (more info ...) | attempted-user | 2016-8331 | URL | ||
| 40541 | MALWARE-CNC Win.Trojan.Satana ransomware outbound connection (more info ...) | trojan-activity | URL | |||
| 40548 | MALWARE-CNC Win.Trojan.Redosdru variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40549 | MALWARE-CNC Win.Trojan.CryPy ransomware variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40550 | MALWARE-CNC Win.Trojan.Dexter Banker variant second stage download attempt (more info ...) | trojan-activity | URL | |||
| 40551 | MALWARE-CNC Win.Trojan.Dexter Banker variant successful installation report attempt (more info ...) | trojan-activity | URL | |||
| 40559 | MALWARE-CNC Win.Trojan.iSpy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40567 | MALWARE-CNC known malicious SSL certificate - Odinaff C&C (more info ...) | trojan-activity | URL | |||
| 40568 | INDICATOR-COMPROMISE wsf inside zip potential malicious file download attempt (more info ...) | attempted-user | URL | |||
| 40593 | PUA-ADWARE Win.Adware.CoolMirage outbound ad download attempt (more info ...) | trojan-activity | URL | |||
| 40594 | PUA-ADWARE Win.Adware.CoolMirage outbound ad download attempt (more info ...) | trojan-activity | URL | |||
| 40595 | PUA-ADWARE Win.Adware.CoolMirage outbound ad download attempt (more info ...) | trojan-activity | URL | |||
| 40596 | MALWARE-CNC Win.Trojan.Berbew variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40597 | INDICATOR-COMPROMISE shell script download with wget from external source (more info ...) | suspicious-filename-detect | ||||
| 40598 | INDICATOR-COMPROMISE shell script download with curl from external source (more info ...) | suspicious-filename-detect | ||||
| 40605 | MALWARE-CNC Win.Trojan.Sality variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40606 | MALWARE-CNC Win.Trojan.Sality variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40611 | MALWARE-CNC Win.Trojan.Zeus variant download attempt (more info ...) | trojan-activity | URL | |||
| 40613 | SERVER-WEBAPP Oracle Application Testing Suite authentication bypass attempt (more info ...) | attempted-admin | 2016-0488 | URL | ||
| 40614 | SERVER-WEBAPP Oracle Application Testing Suite authentication bypass attempt (more info ...) | attempted-admin | 2016-0488 | URL | ||
| 40615 | SERVER-WEBAPP Oracle Application Testing Suite authentication bypass attempt (more info ...) | attempted-admin | 2016-0488 | URL | ||
| 40616 | SERVER-WEBAPP Oracle Application Testing Suite authentication bypass attempt (more info ...) | attempted-admin | 2016-0488 | URL | ||
| 40617 | SERVER-WEBAPP Oracle Application Testing Suite authentication bypass attempt (more info ...) | attempted-admin | 2016-0488 | URL | ||
| 40637 | POLICY-OTHER TL1 ACT-USER login detected (more info ...) | policy-violation | 2016-6441 | URL | ||
| 40643 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.TrickBot (more info ...) | trojan-activity | URL | |||
| 40644 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.TrickBot (more info ...) | trojan-activity | URL | |||
| 40709 | MALWARE-CNC Osx.Trojan.Komplex outbound connection (more info ...) | trojan-activity | URL | |||
| 40710 | MALWARE-CNC Osx.Trojan.Komplex outbound connection (more info ...) | trojan-activity | URL | |||
| 40733 | MALWARE-CNC User-Agent known malicious user-agent string - Sality (more info ...) | trojan-activity | URL | |||
| 40751 | MALWARE-CNC Win.Trojan.Autoit-73 configuration file download attempt (more info ...) | trojan-activity | URL | |||
| 40752 | MALWARE-CNC Win.Trojan.Autoit-73 configuration file download attempt (more info ...) | trojan-activity | URL | |||
| 40760 | SERVER-OTHER OpenLDAP deref control denial of service attempt (more info ...) | attempted-dos | 2015-1545 | URL | ||
| 40761 | MALWARE-CNC Win.Trojan.Syscan outbound connection (more info ...) | trojan-activity | URL | |||
| 40762 | MALWARE-CNC Android.Trojan.SpyNote RAT variant inbound connection (more info ...) | trojan-activity | URL | |||
| 40763 | MALWARE-CNC Android.Trojan.SpyNote RAT variant getSMS command response (more info ...) | trojan-activity | URL | |||
| 40764 | MALWARE-CNC Android.Trojan.SpyNote RAT variant getContacts command response (more info ...) | trojan-activity | URL | |||
| 40771 | MALWARE-CNC Win.Trojan.Miuref variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40773 | FILE-PDF Oracle Outside In Technology remote code execution attempt (more info ...) | attempted-admin | 2017-3271 | URL | ||
| 40774 | FILE-PDF Oracle Outside In Technology remote code execution attempt (more info ...) | attempted-admin | 2017-3271 | URL | ||
| 40775 | MALWARE-CNC Win.Trojan.Banker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40782 | MALWARE-CNC User-Agent known malicious user-agent string - Venik (more info ...) | trojan-activity | URL | |||
| 40783 | SERVER-WEBAPP ZyXEL TR-064 GetSecurityKeys information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 40795 | MALWARE-CNC Nesxlh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40796 | MALWARE-CNC Nesxlh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40797 | MALWARE-CNC Nesxlh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40800 | MALWARE-CNC User-Agent known malicious user-agent string - Crypton (more info ...) | trojan-activity | URL | |||
| 40811 | SERVER-OTHER NTP origin timestamp denial of service attempt (more info ...) | attempted-dos | 2015-7704 | URL | ||
| 40812 | MALWARE-CNC Rtf.Trojan.Mauris outbound download attempt (more info ...) | trojan-activity | URL | |||
| 40816 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40820 | SERVER-WEBAPP Moxa AWK-3131A systemlog.log information disclosure attempt (more info ...) | attempted-recon | 2016-8725 | URL | ||
| 40821 | SERVER-WEBAPP Moxa AWK-3131A makeonekey.gz information disclosure attempt (more info ...) | attempted-recon | 2016-8727 | URL | ||
| 40822 | SERVER-WEBAPP Moxa AWK-3131A getonekey.gz information disclosure attempt (more info ...) | attempted-recon | 2016-8727 | URL | ||
| 40823 | MALWARE-CNC Win.Trojan.Gendwndrop variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40824 | MALWARE-CNC Logbro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40827 | PUA-ADWARE MindSpark framework installer attempt (more info ...) | trojan-activity | URL | |||
| 40828 | INDICATOR-COMPROMISE Malicious script redirect attempt (more info ...) | attempted-user | ||||
| 40831 | MALWARE-CNC Win.Backdoor.Houdini variant initial outbound connection (more info ...) | trojan-activity | ||||
| 40832 | MALWARE-CNC Win.Backdoor.Houdini variant keylogger inbound init command attempt (more info ...) | trojan-activity | URL | |||
| 40833 | MALWARE-CNC Win.Backdoor.Houdini variant screenshot inbound init command attempt (more info ...) | trojan-activity | ||||
| 40834 | MALWARE-CNC Win.Backdoor.Houdini variant screenshot inbound silence command attempt (more info ...) | trojan-activity | ||||
| 40835 | MALWARE-CNC Win.Backdoor.Houdini variant screen_thumb inbound init command attempt (more info ...) | trojan-activity | ||||
| 40836 | MALWARE-CNC Win.Backdoor.Houdini variant file enumeration inbound init/root/faf command attempt (more info ...) | trojan-activity | ||||
| 40839 | PUA-ADWARE Sokuxuan outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 40840 | PUA-OTHER Bitcoin Mining subscribe Stratum protocol client request attempt (more info ...) | policy-violation | URL | |||
| 40841 | PUA-OTHER Bitcoin Mining authorize Stratum protocol client request attempt (more info ...) | policy-violation | URL | |||
| 40842 | PUA-OTHER Bitcoin Mining extranonce Stratum protocol subscribe client request attempt (more info ...) | policy-violation | URL | |||
| 40844 | SERVER-OTHER OpenSSL Invalid CMS structure null pointer dereference attempt (more info ...) | attempted-dos | 2016-7053 | URL | ||
| 40850 | SERVER-WEBAPP VTSCADA WAP information disclosure attempt (more info ...) | attempted-user | 2016-4510 | |||
| 40851 | SERVER-WEBAPP VTSCADA WAP information disclosure attempt (more info ...) | attempted-user | 2016-4510 | |||
| 40852 | SERVER-WEBAPP VTSCADA WAP information disclosure attempt (more info ...) | attempted-user | 2016-4510 | |||
| 40853 | SERVER-WEBAPP VTSCADA WAP information disclosure attempt (more info ...) | attempted-user | 2016-4510 | |||
| 40854 | SERVER-WEBAPP VTSCADA WAP information disclosure attempt (more info ...) | attempted-user | 2016-4510 | |||
| 40869 | MALWARE-CNC User-Agent known malicious user-agent string - Virut (more info ...) | trojan-activity | URL | |||
| 40870 | MALWARE-CNC User-Agent known malicious user-agent string - Virut (more info ...) | trojan-activity | URL | |||
| 40872 | FILE-PDF Iceni Argus loadTrailer heap corruption attempt (more info ...) | attempted-user | 2016-8715 | URL | ||
| 40873 | FILE-PDF Iceni Argus loadTrailer heap corruption attempt (more info ...) | attempted-user | 2016-8715 | URL | ||
| 40874 | FILE-PDF Iceni Argus icnChainAlloc heap corruption attempt (more info ...) | attempted-user | 2016-8715 | URL | ||
| 40875 | FILE-PDF Iceni Argus icnChainAlloc heap corruption attempt (more info ...) | attempted-user | 2016-8715 | URL | ||
| 40876 | SERVER-OTHER Pidgin MXIT file transfer length memory disclosure attempt (more info ...) | attempted-user | 2016-2372 | URL | ||
| 40878 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-CAN-0188 attack attempt (more info ...) | attempted-dos | URL | |||
| 40879 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-CAN-0188 attack attempt (more info ...) | attempted-dos | URL | |||
| 40890 | SERVER-WEBAPP Flexense DiskPulse Disk Change Monitor login buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 40891 | FILE-IDENTIFY R Programming Language source file file download request (more info ...) | misc-activity | ||||
| 40892 | FILE-IDENTIFY R Programming Language source file file attachment detected (more info ...) | misc-activity | ||||
| 40893 | FILE-IDENTIFY R Programming Language source file file attachment detected (more info ...) | misc-activity | ||||
| 40894 | FILE-OTHER R Project PDF encoding buffer overflow attempt (more info ...) | attempted-user | 2016-8714 | URL | ||
| 40895 | FILE-OTHER R Project PDF encoding buffer overflow attempt (more info ...) | attempted-user | 2016-8714 | URL | ||
| 40904 | SERVER-WEBAPP Oracle Weblogic default credentials login attempt (more info ...) | attempted-admin | URL | |||
| 40906 | MALWARE-CNC Win.Malware.Disttrack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40910 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | ||||
| 40911 | MALWARE-CNC Win.Rootkit.Sednit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 40916 | SERVER-WEBAPP Moxa AWK-3131A asqc.asp information disclosure attempt (more info ...) | attempted-recon | 2016-8722 | URL | ||
| 40921 | FILE-PDF Iceni Argus loadLZWBuffer out of bounds write attempt (more info ...) | attempted-user | 2016-8387 | URL | ||
| 40922 | FILE-PDF Iceni Argus loadLZWBuffer out of bounds write attempt (more info ...) | attempted-user | 2016-8387 | URL | ||
| 40990 | OS-WINDOWS empty PostScript Type 1 font pfb file null dereference attempt (more info ...) | attempted-user | 2016-7259 | URL | ||
| 41031 | MALWARE-CNC Win.Trojan.Athena variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41033 | MALWARE-CNC Win.Trojan.Proteus outbound connection (more info ...) | trojan-activity | URL | |||
| 41034 | MALWARE-CNC Win.Trojan.Sality variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41042 | PROTOCOL-SCADA Rockwell Controllogix Dump Boot Code attempt (more info ...) | denial-of-service | 2012-6441 | URL | ||
| 41043 | PROTOCOL-SCADA Rockwell Controllogix Ethernet Reset attempt (more info ...) | denial-of-service | 2012-6442 | URL | ||
| 41044 | PROTOCOL-SCADA Rockwell Controllogix Crash CPU attempt (more info ...) | denial-of-service | 2012-6436 | URL | ||
| 41088 | MALWARE-CNC Win.Trojan.MrWhite out bound communication attempt (more info ...) | trojan-activity | ||||
| 41089 | MALWARE-CNC Win.Trojan.Ostap out bound communication attempt (more info ...) | trojan-activity | ||||
| 41090 | SERVER-OTHER Rockwell Factorytalk RNADiagReceiver denial of service attempt (more info ...) | denial-of-service | 2012-0222 | |||
| 41091 | PROTOCOL-SCADA Rockwell Controllogix Crash Ethernet attempt (more info ...) | denial-of-service | 2012-6438 | URL | ||
| 41093 | POLICY-OTHER Docker management traffic detected (more info ...) | policy-violation | 2016-9223 | URL | ||
| 41097 | SERVER-OTHER Moxa AWK-3131A serviceAgent information disclosure attempt (more info ...) | attempted-recon | 2016-8724 | URL | ||
| 41118 | SERVER-OTHER OpenSSL ChaCha20 Poly1305 heap-buffer overflow attempt (more info ...) | attempted-dos | 2016-7054 | URL | ||
| 41119 | SERVER-WEBAPP SourceBans advsearch banlist cross site scripting attempt (more info ...) | attempted-user | 2015-8349 | URL | ||
| 41133 | MALWARE-CNC Win.Trojan.Agent variant compromise download attempt (more info ...) | trojan-activity | URL | |||
| 41134 | MALWARE-CNC Win.Trojan.Agent variant compromise download attempt (more info ...) | trojan-activity | URL | |||
| 41135 | MALWARE-CNC Win.Trojan.Agent variant compromise download attempt (more info ...) | trojan-activity | URL | |||
| 41136 | MALWARE-CNC Win.Trojan.Agent variant compromise download attempt (more info ...) | trojan-activity | URL | |||
| 41162 | MALWARE-CNC Js.Trojan.Nemucod variant (more info ...) | trojan-activity | URL | |||
| 41173 | MALWARE-CNC Win.Trojan.August variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41174 | MALWARE-CNC Win.Trojan.August variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41175 | MALWARE-CNC Win.Trojan.August variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41176 | MALWARE-CNC Win.Trojan.August variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41177 | MALWARE-CNC Win.Trojan.August variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41178 | MALWARE-CNC Win.Trojan.August variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41179 | MALWARE-CNC Win.Trojan.August variant post compromise download attempt (more info ...) | trojan-activity | URL | |||
| 41180 | MALWARE-CNC Win.Trojan.August variant post compromise download attempt (more info ...) | trojan-activity | URL | |||
| 41206 | SERVER-OTHER Aerospike Database Server index name buffer overflow attempt (more info ...) | attempted-admin | 2016-9052 | URL | ||
| 41209 | SERVER-OTHER Aerospike Database Server Fabric particle_vtable out of bounds read attempt (more info ...) | attempted-user | 2016-9053 | URL | ||
| 41219 | SERVER-OTHER Aerospike Database Server Fabric denial of service attempt (more info ...) | attempted-user | 2016-9049 | URL | ||
| 41220 | SERVER-WEBAPP Moxa AWK-3131A web application HTTP response parameter injection attempt (more info ...) | attempted-user | 2016-8720 | URL | ||
| 41221 | SERVER-WEBAPP Moxa AWK-3131A web application HTTP response parameter injection attempt (more info ...) | attempted-user | 2016-8720 | URL | ||
| 41222 | SERVER-WEBAPP Moxa AWK-3131A web application web_runScript access attempt (more info ...) | attempted-dos | 2016-8726 | URL | ||
| 41227 | INDICATOR-SHELLCODE BSDi x86 bind stage (more info ...) | shellcode-detect | ||||
| 41228 | INDICATOR-SHELLCODE BSDi x86 reverse connect stage (more info ...) | shellcode-detect | ||||
| 41229 | INDICATOR-SHELLCODE BSDi x86 shell (more info ...) | shellcode-detect | ||||
| 41230 | INDICATOR-SHELLCODE BSDi x86 shell toupper (more info ...) | shellcode-detect | ||||
| 41231 | INDICATOR-SHELLCODE BSD PPC shell (more info ...) | shellcode-detect | ||||
| 41232 | INDICATOR-SHELLCODE BSD SPARC bind shell (more info ...) | shellcode-detect | ||||
| 41233 | INDICATOR-SHELLCODE BSD x86 bind stage (more info ...) | shellcode-detect | ||||
| 41234 | INDICATOR-SHELLCODE BSD x86 chroot (more info ...) | shellcode-detect | ||||
| 41235 | INDICATOR-SHELLCODE BSD x86 execute (more info ...) | shellcode-detect | ||||
| 41236 | INDICATOR-SHELLCODE BSD x86 FindRecv stage (more info ...) | shellcode-detect | ||||
| 41237 | INDICATOR-SHELLCODE BSD x86 FindSock shell (more info ...) | shellcode-detect | ||||
| 41238 | INDICATOR-SHELLCODE BSD x86 mail passwd (more info ...) | shellcode-detect | ||||
| 41239 | INDICATOR-SHELLCODE BSD x86 reverse connect shell (more info ...) | shellcode-detect | ||||
| 41240 | INDICATOR-SHELLCODE BSD x86 reverse connect shell (more info ...) | shellcode-detect | ||||
| 41241 | INDICATOR-SHELLCODE BSD x86 reverse stage (more info ...) | shellcode-detect | ||||
| 41242 | INDICATOR-SHELLCODE BSD x86 setuid shell (more info ...) | shellcode-detect | ||||
| 41243 | INDICATOR-SHELLCODE BSD x86 shell (more info ...) | shellcode-detect | ||||
| 41244 | INDICATOR-SHELLCODE BSD x86 shell - evade (more info ...) | shellcode-detect | ||||
| 41245 | INDICATOR-SHELLCODE BSD x86 shell - evade (more info ...) | shellcode-detect | ||||
| 41246 | INDICATOR-SHELLCODE freeBSD x86 kldload (more info ...) | shellcode-detect | ||||
| 41247 | INDICATOR-SHELLCODE freeBSD x86 shell - chown/chmod/exec (more info ...) | shellcode-detect | ||||
| 41248 | INDICATOR-SHELLCODE freeBSD x86 shell (more info ...) | shellcode-detect | ||||
| 41249 | INDICATOR-SHELLCODE freeBSD x86 shell (more info ...) | shellcode-detect | ||||
| 41250 | INDICATOR-SHELLCODE HP-UX PA-RISC shell (more info ...) | shellcode-detect | ||||
| 41251 | INDICATOR-SHELLCODE IRIX MIPS shell (more info ...) | shellcode-detect | ||||
| 41265 | INDICATOR-SHELLCODE Mac OS X PPC add user (more info ...) | shellcode-detect | ||||
| 41266 | INDICATOR-SHELLCODE Mac OS X PPC create setuid (more info ...) | shellcode-detect | ||||
| 41267 | INDICATOR-SHELLCODE Mac OS X PPC INETD backdoor (more info ...) | shellcode-detect | ||||
| 41268 | INDICATOR-SHELLCODE Mac OS X PPC reboot (more info ...) | shellcode-detect | ||||
| 41269 | INDICATOR-SHELLCODE Mac OS X PPC reverse shell (more info ...) | shellcode-detect | ||||
| 41270 | INDICATOR-SHELLCODE Mac OS X PPC reverse stage (more info ...) | shellcode-detect | ||||
| 41271 | INDICATOR-SHELLCODE Mac OS X PPC reverse stage null free (more info ...) | shellcode-detect | ||||
| 41272 | INDICATOR-SHELLCODE Mac OS X PPC shell (more info ...) | shellcode-detect | ||||
| 41273 | INDICATOR-SHELLCODE Mac OS X PPC shell setuid (more info ...) | shellcode-detect | ||||
| 41274 | INDICATOR-SHELLCODE Mac OS X PPC Xterm execution (more info ...) | shellcode-detect | ||||
| 41276 | INDICATOR-SHELLCODE Multi-OS shell - osx x86/ppc (more info ...) | shellcode-detect | ||||
| 41279 | INDICATOR-SHELLCODE NetBSD x86 reverse connect shell (more info ...) | shellcode-detect | ||||
| 41280 | INDICATOR-SHELLCODE NetBSD x86 shell (more info ...) | shellcode-detect | ||||
| 41281 | INDICATOR-SHELLCODE NetBSD x86 shell (more info ...) | shellcode-detect | ||||
| 41282 | INDICATOR-SHELLCODE NetBSD x86 shell (more info ...) | shellcode-detect | ||||
| 41283 | INDICATOR-SHELLCODE OpenBSD x86 add user (more info ...) | shellcode-detect | ||||
| 41284 | INDICATOR-SHELLCODE OpenBSD x86 bind shell (more info ...) | shellcode-detect | ||||
| 41289 | INDICATOR-SHELLCODE Windows x86 add user (more info ...) | shellcode-detect | ||||
| 41290 | INDICATOR-SHELLCODE Windows x86 download execute (more info ...) | shellcode-detect | ||||
| 41291 | INDICATOR-SHELLCODE Windows x86 EMET disable (more info ...) | shellcode-detect | ||||
| 41292 | INDICATOR-SHELLCODE Windows x86 PassiveX stage (more info ...) | shellcode-detect | ||||
| 41293 | INDICATOR-SHELLCODE x86 decoder (more info ...) | shellcode-detect | ||||
| 41294 | INDICATOR-SHELLCODE x86 decoder (more info ...) | shellcode-detect | ||||
| 41295 | INDICATOR-SHELLCODE x86 decoder (more info ...) | shellcode-detect | ||||
| 41296 | INDICATOR-SHELLCODE x86 decoder (more info ...) | shellcode-detect | ||||
| 41297 | INDICATOR-SHELLCODE x86 decoder (more info ...) | shellcode-detect | ||||
| 41308 | FILE-OTHER Dell Precision Optimizer dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 41309 | FILE-OTHER Dell Precision Optimizer dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 41315 | MALWARE-CNC Win.Trojan.DragonOK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41316 | MALWARE-CNC Win.Trojan.DragonOK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41317 | MALWARE-CNC Win.Trojan.DragonOK variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41318 | MALWARE-CNC User-Agent known malicious user-agent string - Visbot (more info ...) | trojan-activity | URL | |||
| 41331 | MALWARE-CNC Win.Trojan.Scudy outbound connection (more info ...) | trojan-activity | URL | |||
| 41334 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41335 | MALWARE-CNC Win.Trojan.Locky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41336 | MALWARE-CNC Andr.Trojan.Sysch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41337 | MALWARE-CNC Andr.Trojan.Sysch variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41352 | SERVER-WEBAPP Moxa AWK-3131A Series cross-site request forgery attempt (more info ...) | attempted-user | 2016-8718 | URL | ||
| 41359 | SERVER-WEBAPP Trihedral VTScada WAP URI null byte injection attempt (more info ...) | web-application-attack | 2016-4532 | 91077 | URL | |
| 41366 | SERVER-OTHER IBM Tivoli Storage Manager FastBack server denial of service attempt (more info ...) | attempted-dos | 2015-8523 | URL | ||
| 41368 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (more info ...) | attempted-admin | 2017-2779 | URL | ||
| 41369 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0273 attack attempt (more info ...) | attempted-admin | 2017-2779 | URL | ||
| 41374 | MALWARE-CNC Win.Trojan.NetWiredRC variant registration message (more info ...) | trojan-activity | URL | |||
| 41375 | MALWARE-CNC Win.Trojan.NetWiredRC variant check logs (more info ...) | trojan-activity | URL | |||
| 41376 | MALWARE-CNC Win.Trojan.NetWiredRC variant keepalive (more info ...) | trojan-activity | URL | |||
| 41379 | SERVER-OTHER Squid HTTP Vary response header denial of service attempt (more info ...) | denial-of-service | 2016-2569 | URL | ||
| 41380 | SERVER-OTHER OpenLDAP BER Message denial of service attempt (more info ...) | attempted-dos | 2015-6908 | |||
| 41381 | SERVER-OTHER OpenLDAP BER Message denial of service attempt (more info ...) | attempted-dos | 2015-6908 | |||
| 41382 | SERVER-OTHER OpenLDAP BER Message denial of service attempt (more info ...) | attempted-dos | 2015-6908 | |||
| 41403 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Simda (more info ...) | trojan-activity | URL | |||
| 41424 | MALWARE-CNC Win.Trojan.Cerber outbound connection (more info ...) | trojan-activity | URL | |||
| 41434 | MALWARE-CNC Win.Trojan.Oilrig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41435 | MALWARE-CNC Win.Trojan.Oilrig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41436 | MALWARE-CNC Win.Trojan.Oilrig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41437 | MALWARE-CNC Win.Trojan.Oilrig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41438 | MALWARE-CNC Win.Trojan.Oilrig variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41439 | MALWARE-CNC Dos.Tool.LOIC variant IRC command detected (more info ...) | trojan-activity | URL | |||
| 41440 | MALWARE-OTHER Dos.Tool.LOIC TCP default U dun goofed attack (more info ...) | attempted-dos | URL | |||
| 41441 | MALWARE-CNC User-Agent known malicious user-agent string - X-Mas (more info ...) | trojan-activity | URL | |||
| 41442 | MALWARE-CNC Win.Ransomware.X-Mas outbound connection (more info ...) | trojan-activity | URL | |||
| 41443 | MALWARE-CNC Win.Ransomware.X-Mas variant keylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 41444 | MALWARE-CNC Win.Ransomware.X-Mas variant keylogger outbound connection (more info ...) | trojan-activity | URL | |||
| 41445 | SERVER-OTHER QNAP remote buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 41456 | MALWARE-CNC User-Agent known malicious user-agent string - Elite Keylogger (more info ...) | trojan-activity | URL | |||
| 41457 | MALWARE-CNC User-Agent known malicious user-agent string - Elite Keylogger (more info ...) | trojan-activity | URL | |||
| 41458 | MALWARE-CNC Osx.Keylogger.Elite variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41459 | MALWARE-CNC Osx.Keylogger.Elite variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41460 | MALWARE-CNC Osx.Keylogger.Elite variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41461 | MALWARE-CNC Osx.Keylogger.Elite variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41467 | SERVER-OTHER InsideSecure MatrixSSL x509 IssuerDomainPolicy remote code execution attempt (more info ...) | attempted-user | 2017-2781 | URL | ||
| 41476 | MALWARE-CNC Win.Trojan.Locky payload download - 987t67g (more info ...) | trojan-activity | URL | |||
| 41477 | MALWARE-CNC Win.Trojan.Vibrio file download - 4g3vg334 (more info ...) | trojan-activity | URL | |||
| 41478 | MALWARE-CNC Win.Trojan.Locky payload download - result (more info ...) | trojan-activity | URL | |||
| 41483 | FILE-OTHER LexMark Perceptive Document Filters BZIP2 convert out of bounds write attempt (more info ...) | attempted-user | 2016-4336 | URL | ||
| 41484 | FILE-OTHER LexMark Perceptive Document Filters BZIP2 convert out of bounds write attempt (more info ...) | attempted-user | 2016-4336 | URL | ||
| 41491 | BROWSER-PLUGINS NTR Check buffer overflow attempt (more info ...) | attempted-user | 2012-0266 | URL | ||
| 41492 | BROWSER-PLUGINS NTR Check buffer overflow attempt (more info ...) | attempted-user | 2012-0266 | URL | ||
| 41498 | MALWARE-CNC Win.Ransomware.CryptoLocker binary download response attempt (more info ...) | trojan-activity | URL | |||
| 41507 | SERVER-OTHER Pharos PopUp Printer Client DecodeString denial of service attempt (more info ...) | denial-of-service | 2017-2786 | URL | ||
| 41524 | INDICATOR-COMPROMISE SOCKS5 proxy server method negotiation on non-standard port (more info ...) | trojan-activity | URL | |||
| 41525 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41526 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41527 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41528 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41529 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41530 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41531 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41532 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41533 | INDICATOR-COMPROMISE SOCKS5 proxy inbound connection on non-standard port (more info ...) | trojan-activity | URL | |||
| 41534 | INDICATOR-COMPROMISE SOCKS5 proxy server method negotiation on non-standard port (more info ...) | trojan-activity | URL | |||
| 41537 | SERVER-OTHER Siemens WinCC TIA Portal DOS attempt (more info ...) | attempted-dos | URL | |||
| 41539 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Malware.DistTrack (more info ...) | trojan-activity | URL | |||
| 41540 | MALWARE-CNC Win.Malware.Disttrack variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41541 | SERVER-ORACLE Oracle reports servlet command execution attempt (more info ...) | attempted-user | 2005-2371 | 14316 | URL | |
| 41542 | SERVER-ORACLE Oracle reports servlet command execution attempt (more info ...) | attempted-user | 2005-2371 | 14316 | URL | |
| 41640 | FILE-EXECUTABLE QuickHeal Internet Security malformed Mach-O file buffer overflow attempt (more info ...) | attempted-admin | 2017-5005 | |||
| 41641 | FILE-EXECUTABLE QuickHeal Internet Security malformed Mach-O file buffer overflow attempt (more info ...) | attempted-admin | 2017-5005 | |||
| 41648 | PROTOCOL-SCADA SCADA Trace Mode DoS attempt (more info ...) | attempted-dos | URL | |||
| 41651 | SERVER-OTHER Schneider Electric ETY Telnet DOS attempt (more info ...) | attempted-dos | URL | |||
| 41656 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.MagicHound (more info ...) | trojan-activity | URL | |||
| 41657 | MALWARE-CNC Win.Trojan.MagicHound variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41660 | MALWARE-OTHER VBScript potential executable write attempt (more info ...) | trojan-activity | URL | |||
| 41661 | MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41662 | MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41663 | MALWARE-CNC Osx.Downloader.MacDownloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41664 | PUA-ADWARE Win.Adware.Xiazai variant outbound connection (more info ...) | misc-activity | URL | |||
| 41665 | MALWARE-CNC Win.Trojan.Mirai variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41670 | SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (more info ...) | web-application-attack | 2013-2751 | |||
| 41671 | SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (more info ...) | web-application-attack | 2013-2751 | |||
| 41672 | SERVER-WEBAPP Netgear ReadyNAS np_handler command injection attempt (more info ...) | web-application-attack | 2013-2751 | |||
| 41682 | MALWARE-CNC Win.Trojan.Malear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41683 | MALWARE-CNC Win.Trojan.Malear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41684 | MALWARE-CNC Win.Trojan.Malear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41685 | MALWARE-CNC Win.Trojan.Malear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41686 | MALWARE-CNC Win.Trojan.Malear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41687 | MALWARE-CNC Win.Trojan.Malear variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41691 | SERVER-WEBAPP Siemens WinCC DoS attempt (more info ...) | attempted-dos | URL | |||
| 41702 | MALWARE-CNC Win.Adware.Winwrapper outbound connection (more info ...) | trojan-activity | URL | |||
| 41711 | MALWARE-CNC Win.Trojan.Houdini variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 41712 | MALWARE-CNC Win.Trojan.Houdini backdoor file download request (more info ...) | trojan-activity | URL | |||
| 41713 | SERVER-WEBAPP DotNetNuke installation attempt detected (more info ...) | attempted-admin | 2015-2794 | URL | ||
| 41714 | INDICATOR-OBFUSCATION rfc822 HTTP transfer encoding attempt (more info ...) | policy-violation | URL | |||
| 41721 | SERVER-WEBAPP Mikrotik Syslog Server DoS attempt (more info ...) | attempted-dos | URL | |||
| 41736 | SERVER-OTHER Beck IPC CHIP DoS attempt (more info ...) | attempted-dos | 2001-1337 | |||
| 41737 | PROTOCOL-SCADA Sunway DOS attempt (more info ...) | attempted-dos | URL | |||
| 41738 | PROTOCOL-SCADA Sunway DOS attempt (more info ...) | attempted-dos | URL | |||
| 41739 | PROTOCOL-SCADA Moxa Mass Config Tool DOS attempt (more info ...) | attempted-dos | URL | |||
| 41780 | MALWARE-CNC Win.Trojan.Ratankba variant outbound connection (more info ...) | trojan-activity | URL | |||
| 41784 | INDICATOR-COMPROMISE clorius controls information gathering attempt (more info ...) | attempted-recon | URL | |||
| 41785 | SERVER-WEBAPP carel plantvisor directory traversal exploitation attempt (more info ...) | web-application-attack | URL | |||
| 41799 | SERVER-OTHER IBM Tivoli Storage Manager Fastback buffer overflow attempt (more info ...) | attempted-admin | 2015-8521 | |||
| 41800 | SERVER-OTHER IBM Tivoli Storage Manager Fastback buffer overflow attempt (more info ...) | attempted-admin | 2015-8520 | |||
| 41801 | SERVER-OTHER IBM Tivoli Storage Manager Fastback buffer overflow attempt (more info ...) | attempted-admin | 2015-8522 | |||
| 41802 | SERVER-OTHER IBM Tivoli Storage Manager Fastback buffer overflow attempt (more info ...) | attempted-admin | 2015-8519 | |||
| 41820 | SERVER-WEBAPP Reprise License Manager diagnostics_doit outputfile directory traversal attempt (more info ...) | web-application-attack | ||||
| 41823 | SERVER-OTHER Nagios Core privilege escalation attempt (more info ...) | attempted-admin | 2016-9566 | URL | ||
| 41824 | SERVER-OTHER Nagios Core privilege escalation attempt (more info ...) | attempted-admin | 2016-9566 | URL | ||
| 41827 | BROWSER-PLUGINS WebGate eDVR Manager WESPPlayback access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41828 | BROWSER-PLUGINS WebGate eDVR Manager WESPPlayback access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41830 | BROWSER-PLUGINS WebGate eDVR Manager WESPPlayback access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41831 | BROWSER-PLUGINS WebGate eDVR Manager WESPPTZ access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41832 | BROWSER-PLUGINS WebGate eDVR Manager WESPPTZ access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41833 | BROWSER-PLUGINS WebGate eDVR Manager WESPPTZ access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41834 | BROWSER-PLUGINS WebGate eDVR Manager WESPPTZ access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41835 | BROWSER-PLUGINS WebGate eDVR Manager WESPEvent access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41836 | BROWSER-PLUGINS WebGate eDVR Manager WESPEvent access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41837 | BROWSER-PLUGINS WebGate eDVR Manager WESPEvent access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41838 | BROWSER-PLUGINS WebGate eDVR Manager WESPEvent access attempt (more info ...) | attempted-admin | 2015-2098 | |||
| 41851 | SERVER-OTHER Valhala Honeypot ABOR command buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 41856 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41857 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2018-10602 | |||
| 41858 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2018-10602 | |||
| 41859 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41860 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41861 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41862 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41863 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41864 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41865 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41866 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41867 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41868 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41869 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41870 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41871 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41872 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41873 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41874 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41875 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41876 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41877 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41878 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41879 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41880 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41881 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2016-5781 | |||
| 41883 | SERVER-OTHER ImageMagick mvg label arbitrary file read attempt (more info ...) | attempted-admin | 2016-3717 | |||
| 41884 | SERVER-OTHER ImageMagick mvg label arbitrary file read attempt (more info ...) | attempted-admin | 2016-3717 | |||
| 41885 | SERVER-OTHER ImageMagick mvg label arbitrary file read attempt (more info ...) | attempted-admin | 2016-3717 | |||
| 41886 | SERVER-OTHER ImageMagick mvg label arbitrary file read attempt (more info ...) | attempted-admin | 2016-3717 | |||
| 41887 | SERVER-OTHER ImageMagick mvg label arbitrary file read attempt (more info ...) | attempted-admin | 2016-3717 | |||
| 41888 | SERVER-OTHER ImageMagick mvg label arbitrary file read attempt (more info ...) | attempted-admin | 2016-3717 | |||
| 41889 | POLICY-OTHER ImageMagick magick vector graphics msl access attempt (more info ...) | policy-violation | 2016-3716 | |||
| 41890 | POLICY-OTHER ImageMagick magick vector graphics msl access attempt (more info ...) | policy-violation | 2016-3716 | |||
| 41891 | POLICY-OTHER ImageMagick magick vector graphics msl access attempt (more info ...) | policy-violation | 2016-3716 | |||
| 41892 | POLICY-OTHER ImageMagick magick vector graphics msl access attempt (more info ...) | policy-violation | 2016-3716 | |||
| 41893 | POLICY-OTHER ImageMagick magick vector graphics msl access attempt (more info ...) | policy-violation | 2016-3716 | |||
| 41894 | POLICY-OTHER ImageMagick magick vector graphics msl access attempt (more info ...) | policy-violation | 2016-3716 | |||
| 41897 | POLICY-OTHER ImageMagick magick vector graphics ephemeral access attempt (more info ...) | policy-violation | 2016-3715 | |||
| 41898 | POLICY-OTHER ImageMagick magick vector graphics ephemeral access attempt (more info ...) | policy-violation | 2016-3715 | |||
| 41899 | POLICY-OTHER ImageMagick magick vector graphics ephemeral access attempt (more info ...) | policy-violation | 2016-3715 | |||
| 41900 | POLICY-OTHER ImageMagick magick vector graphics ephemeral access attempt (more info ...) | policy-violation | 2016-3715 | |||
| 41901 | POLICY-OTHER ImageMagick magick vector graphics ephemeral access attempt (more info ...) | policy-violation | 2016-3715 | |||
| 41902 | POLICY-OTHER ImageMagick magick vector graphics ephemeral access attempt (more info ...) | policy-violation | 2016-3715 | |||
| 41907 | POLICY-OTHER SSL/TLS weak RC4 cipher suite use attempt (more info ...) | policy-violation | 2015-2808 | 73684 | ||
| 41908 | EXPLOIT-KIT Exploit kit Pseudo-Darkleech Gate redirection attempt (more info ...) | attempted-user | ||||
| 41913 | SERVER-WEBAPP InterSystem Cache DOS attempt (more info ...) | web-application-attack | URL | |||
| 41921 | SERVER-WEBAPP PAESSLER PRTG DoS attempt (more info ...) | attempted-dos | URL | |||
| 41924 | FILE-OTHER Notepad++ request for scilexer.dll over SMB attempt (more info ...) | attempted-user | URL | |||
| 41925 | FILE-OTHER Notepad++ scilexer.dll dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 41947 | FILE-IMAGE GDI+ malformed EMF description out of bounds read attempt (more info ...) | attempted-admin | 2018-12849 | URL | ||
| 42000 | SERVER-OTHER WolfSSL X509 parsing off-by-one code execution attempt (more info ...) | attempted-user | 2017-2800 | URL | ||
| 42015 | SERVER-OTHER Randombit Botan Library X509 DistinguishedName out of bounds read attempt (more info ...) | attempted-user | 2017-2801 | URL | ||
| 42017 | INDICATOR-OBFUSCATION Gzip encoded HTTP response with no Content-Length or chunked Transfer-Encoding header (more info ...) | non-standard-protocol | URL | |||
| 42019 | MALWARE-CNC User-Agent known malicious user-agent string - Andr.Trojan.Agent (more info ...) | trojan-activity | URL | |||
| 42020 | MALWARE-CNC User-Agent known malicious user-agent string - Andr.Trojan.Agent (more info ...) | trojan-activity | URL | |||
| 42021 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42022 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42023 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42024 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42025 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42026 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42027 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42028 | MALWARE-CNC Andr.Trojan.Agent variant file download attempt (more info ...) | trojan-activity | URL | |||
| 42029 | MALWARE-CNC Andr.Trojan.Agent variant file download attempt (more info ...) | trojan-activity | URL | |||
| 42030 | MALWARE-CNC Andr.Trojan.Agent variant file download attempt (more info ...) | trojan-activity | URL | |||
| 42031 | MALWARE-CNC Andr.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42054 | PROTOCOL-SCADA Moxa get SNMP read string attempt (more info ...) | attempted-admin | URL | |||
| 42057 | PROTOCOL-SCADA Moxa unlock function code attempt (more info ...) | attempted-admin | URL | |||
| 42058 | PROTOCOL-SCADA Moxa unlock function code attempt (more info ...) | attempted-admin | URL | |||
| 42059 | MALWARE-CNC Win.Ransomware.Sage variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42062 | SERVER-WEBAPP xArrow heap corruption exploitation attempt (more info ...) | attempted-dos | 2012-2427 | URL | ||
| 42063 | SERVER-WEBAPP xArrow null pointer denial of service exploitation attempt (more info ...) | attempted-dos | 2012-2426 | URL | ||
| 42064 | SERVER-OTHER kaskad SCADA daserver heap overflow exploitation attempt (more info ...) | attempted-user | URL | |||
| 42065 | SERVER-OTHER kaskad SCADA daserver heap overflow exploitation attempt (more info ...) | attempted-user | URL | |||
| 42067 | POLICY-OTHER Aviosys IP Power 9258 W2 management.asp information disclosure (more info ...) | web-application-attack | URL | |||
| 42068 | POLICY-OTHER Aviosys IP Power 9258 W2 default login attempt (more info ...) | web-application-attack | URL | |||
| 42072 | SERVER-WEBAPP Aultware pwStore denial of service attempt (more info ...) | web-application-attack | 2013-5657 | |||
| 42073 | PROTOCOL-SCADA TraceMode Runtime DOS attempt (more info ...) | attempted-dos | URL | |||
| 42079 | MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (more info ...) | trojan-activity | URL | |||
| 42080 | MALWARE-CNC Win.Trojan.Jenxcus outbound connection with unique User-Agent (more info ...) | trojan-activity | URL | |||
| 42081 | MALWARE-CNC Win.Trojan.Jenxcus outbound POST request attempt (more info ...) | trojan-activity | URL | |||
| 42082 | INDICATOR-COMPROMISE Request for external IP address detected (more info ...) | trojan-activity | URL | |||
| 42083 | MALWARE-CNC Win.Trojan.Downeks variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 42084 | FILE-IMAGE Corel Photo Paint invalid NewSubFileType memory corruption attempt (more info ...) | attempted-user | 2017-2803 | URL | ||
| 42085 | FILE-IMAGE Corel Photo Paint invalid NewSubFileType memory corruption attempt (more info ...) | attempted-user | 2017-2803 | URL | ||
| 42086 | FILE-IMAGE Corel Photo Paint invalid NewSubFileType memory corruption attempt (more info ...) | attempted-user | 2017-2803 | URL | ||
| 42087 | FILE-IMAGE Corel Photo Paint invalid NewSubFileType memory corruption attempt (more info ...) | attempted-user | 2017-2803 | URL | ||
| 42092 | POLICY-OTHER NetBiter WebSCADA ws100/ws200 logo modification attempt (more info ...) | web-application-attack | 2010-4732 | URL | ||
| 42094 | SERVER-WEBAPP NetBiter WebSCADA ws100/ws200 information gathering attempt (more info ...) | web-application-attack | 2010-4731 | URL | ||
| 42095 | SERVER-WEBAPP NetBiter WebSCADA ws100/ws200 directory traversal attempt (more info ...) | web-application-attack | 2010-4730 | URL | ||
| 42098 | MALWARE-CNC Win.Trojan.Winpud encoded payload download attempt (more info ...) | trojan-activity | URL | |||
| 42099 | MALWARE-CNC Win.Trojan.Winpud encoded payload download attempt (more info ...) | trojan-activity | URL | |||
| 42100 | FILE-EXECUTABLE AnC MMU side channel ASLR bypass attack (more info ...) | attempted-recon | 2017-5927 | URL | ||
| 42101 | FILE-EXECUTABLE AnC MMU side channel ASLR bypass attack (more info ...) | attempted-recon | 2017-5927 | URL | ||
| 42109 | PROTOCOL-SCADA invalid modbus protocol identifier (more info ...) | misc-activity | URL | |||
| 42126 | MALWARE-CNC Win.Trojan.Acronym variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42127 | PROTOCOL-SCADA Eaton Network Pi3Web DOS attempt (more info ...) | attempted-dos | 2003-0276 | |||
| 42128 | MALWARE-CNC Win.Trojan.Ismdoor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42129 | MALWARE-CNC Win.Trojan.Ismdoor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42134 | SERVER-WEBAPP GE Proficy CimWeb substitute.bcl arbitrary file access attempt (more info ...) | web-application-attack | 2013-0653 | URL | ||
| 42135 | SERVER-WEBAPP GE Proficy CimWeb substitute.bcl arbitrary file access attempt (more info ...) | web-application-attack | 2013-0653 | URL | ||
| 42136 | SERVER-WEBAPP Infinite Automation Mango Automation info leak attempt (more info ...) | attempted-recon | 2015-7900 | |||
| 42171 | MALWARE-CNC Win.Downloader.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42172 | MALWARE-CNC Win.Downloader.Agent variant certificate negotiation (more info ...) | trojan-activity | URL | |||
| 42223 | FILE-IDENTIFY AOP file download request (more info ...) | misc-activity | ||||
| 42224 | SERVER-OTHER Moxa MX-AOPC XML external entity injection attempt (more info ...) | attempted-admin | 2017-7457 | |||
| 42225 | MALWARE-CNC Win.Trojan.RedLeaves outbound connection (more info ...) | trojan-activity | URL | |||
| 42227 | SERVER-OTHER NTP Config Unpeer denial of service attempt (more info ...) | denial-of-service | 2017-6463 | URL | ||
| 42228 | MALWARE-CNC Win.Trojan.DocumentCrypt variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42229 | INDICATOR-COMPROMISE RTF url moniker COM file download attempt (more info ...) | misc-activity | 2017-0199 | |||
| 42230 | INDICATOR-COMPROMISE RTF url moniker COM file download attempt (more info ...) | misc-activity | 2017-0199 | |||
| 42233 | MALWARE-CNC Win.Trojan.Mikcer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42242 | MALWARE-CNC Win.Downloader.Dimnie file download attempt (more info ...) | trojan-activity | URL | |||
| 42243 | MALWARE-CNC Win.Trojan.Dimnie outbound connection (more info ...) | trojan-activity | URL | |||
| 42263 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42264 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42265 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42266 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42267 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42268 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42269 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42270 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42271 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42272 | FILE-OTHER Power Software PowerISO stack buffer overflow attempt (more info ...) | attempted-user | 2017-2817 | URL | ||
| 42277 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0317 attack attempt (more info ...) | attempted-user | 2017-2816 | URL | ||
| 42278 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0317 attack attempt (more info ...) | attempted-user | 2017-2816 | URL | ||
| 42284 | PROTOCOL-SCADA 3S CoDeSys Gateway Server DOS attempt (more info ...) | attempted-dos | URL | |||
| 42295 | SERVER-WEBAPP Events HMI information disclosure attempt (more info ...) | attempted-recon | ||||
| 42300 | SERVER-WEBAPP SensorIP2 default credentials enumeration attempt (more info ...) | web-application-attack | URL | |||
| 42301 | MALWARE-CNC Win.Trojan.Kuaibu inbound server configuration response (more info ...) | trojan-activity | URL | |||
| 42302 | MALWARE-CNC Win.Trojan.Kuaibu outbound connection (more info ...) | trojan-activity | URL | |||
| 42303 | MALWARE-CNC Win.Trojan.Kuaibu outbound file download attempt (more info ...) | trojan-activity | URL | |||
| 42304 | FILE-OTHER fwpuclnt dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 42305 | FILE-OTHER fwpuclnt dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 42319 | FILE-PDF Poppler PDF library embedded jp2 COD levels integer overflow attempt (more info ...) | attempted-admin | 2017-2820 | URL | ||
| 42320 | FILE-PDF Poppler PDF library embedded jp2 COD levels integer overflow attempt (more info ...) | attempted-admin | 2017-2820 | URL | ||
| 42323 | SERVER-WEBAPP IOServer OPC Server directory traversal exploitation attempt (more info ...) | web-application-attack | 2012-4680 | URL | ||
| 42329 | MALWARE-CNC Win.Trojan.Doublepulsar variant successful ping response (more info ...) | trojan-activity | URL | |||
| 42330 | MALWARE-CNC Win.Trojan.Doublepulsar variant successful injection response (more info ...) | trojan-activity | URL | |||
| 42331 | MALWARE-CNC Win.Trojan.Doublepulsar variant process injection command (more info ...) | trojan-activity | URL | |||
| 42332 | MALWARE-CNC Win.Trojan.Doublepulsar variant ping command (more info ...) | trojan-activity | URL | |||
| 42348 | MALWARE-CNC Win.Trojan.QQPass variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42349 | PROTOCOL-SCADA InduSoft Web Studio CEServer buffer overflow attempt (more info ...) | misc-activity | URL | |||
| 42350 | PROTOCOL-SCADA InduSoft Web Studio CEServer buffer overflow attempt (more info ...) | misc-activity | URL | |||
| 42351 | PROTOCOL-SCADA InduSoft Web Studio CEServer buffer overflow attempt (more info ...) | misc-activity | 2011-4052 | URL | ||
| 42352 | FILE-PDF Poppler readProgressiveSOF out of bounds write attempt (more info ...) | attempted-user | 2017-2818 | URL | ||
| 42353 | FILE-PDF Poppler readProgressiveSOF out of bounds write attempt (more info ...) | attempted-user | 2017-2818 | URL | ||
| 42363 | FILE-IDENTIFY bzip2 compressed file detected (more info ...) | misc-activity | ||||
| 42364 | FILE-IDENTIFY bzip2 compressed file detected (more info ...) | misc-activity | ||||
| 42365 | FILE-IDENTIFY bzip2 compressed file detected (more info ...) | misc-activity | ||||
| 42366 | FILE-IDENTIFY XZ compressed file detected (more info ...) | misc-activity | ||||
| 42367 | FILE-IDENTIFY XZ compressed file detected (more info ...) | misc-activity | ||||
| 42368 | FILE-IDENTIFY XZ compressed file detected (more info ...) | misc-activity | ||||
| 42369 | FILE-IDENTIFY gzip compressed file detected (more info ...) | misc-activity | ||||
| 42370 | FILE-IDENTIFY gzip compressed file detected (more info ...) | misc-activity | ||||
| 42371 | FILE-IDENTIFY gzip compressed file detected (more info ...) | misc-activity | ||||
| 42378 | SERVER-OTHER Yealink VoIP phone remote code execution attempt (more info ...) | attempted-admin | 2013-5758 | 68052 | ||
| 42379 | SERVER-WEBAPP OpenCart directory traversal attempt (more info ...) | web-application-attack | 2013-1891 | |||
| 42380 | SERVER-WEBAPP OpenCart directory traversal attempt (more info ...) | web-application-attack | 2013-1891 | |||
| 42381 | SERVER-WEBAPP OpenCart directory traversal attempt (more info ...) | web-application-attack | 2013-1891 | |||
| 42385 | MALWARE-CNC Win.Trojan.Moonwind outbound connection (more info ...) | trojan-activity | URL | |||
| 42386 | MALWARE-CNC Win.Trojan.Mikcer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42387 | SERVER-WEBAPP DataRate SCADA directory traversal attempt (more info ...) | web-application-attack | 2007-6483 | |||
| 42388 | SERVER-WEBAPP DataRate SCADA directory traversal attempt (more info ...) | web-application-attack | 2008-0760 | |||
| 42390 | MALWARE-CNC Win.Trojan.Moarider variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42391 | MALWARE-CNC Win.Trojan.Moarider variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42395 | MALWARE-CNC Win.Trojan.Oddjob outbound connection (more info ...) | trojan-activity | URL | |||
| 42398 | MALWARE-CNC Win.Trojan.RedLeaves outbound connection (more info ...) | trojan-activity | URL | |||
| 42399 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0323 attack attempt (more info ...) | attempted-user | 2017-2822 | URL | ||
| 42400 | FILE-PDF TRUFFLEHUNTER TALOS-2017-0323 attack attempt (more info ...) | attempted-user | 2017-2822 | URL | ||
| 42401 | SERVER-WEBAPP multiple product version scan attempt (more info ...) | attempted-recon | URL | |||
| 42402 | SERVER-WEBAPP multiple product command injection attempt (more info ...) | attempted-admin | URL | |||
| 42418 | FILE-EXECUTABLE Win.Trojan.DoubleAgent download attempt (more info ...) | attempted-user | URL | |||
| 42419 | FILE-EXECUTABLE Win.Trojan.DoubleAgent download attempt (more info ...) | attempted-user | URL | |||
| 42421 | MALWARE-CNC Win.Trojan.Cerber variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 42425 | MALWARE-CNC Win.Trojan.ChChes set cookie tag inbound connection (more info ...) | trojan-activity | URL | |||
| 42439 | MALWARE-CNC Win.Trojan.Axespec outbound request (more info ...) | trojan-activity | URL | |||
| 42447 | MALWARE-CNC Win.Trojan.Batlopma variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42452 | MALWARE-CNC Win.Trojan.Frethog variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42453 | MALWARE-CNC Win.Trojan.Frethog variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 42454 | MALWARE-CNC User-Agent known malicious user-agent string - Frethog (more info ...) | trojan-activity | URL | |||
| 42463 | FILE-IMAGE Foxit Reader malformed DataSubBlock size attempt (more info ...) | denial-of-service | 2015-2790 | |||
| 42464 | FILE-IMAGE Foxit Reader malformed DataSubBlock size attempt (more info ...) | denial-of-service | 2015-2790 | |||
| 42465 | SERVER-WEBAPP triple dot directory traversal attempt (more info ...) | web-application-attack | 2012-5972 | |||
| 42492 | APP-DETECT Intel AMT DHCP boot request detected (more info ...) | policy-violation | URL | |||
| 42494 | FILE-EXECUTABLE XOR 0x01 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42495 | FILE-EXECUTABLE XOR 0x02 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42496 | FILE-EXECUTABLE XOR 0x03 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42497 | FILE-EXECUTABLE XOR 0x04 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42498 | FILE-EXECUTABLE XOR 0x05 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42499 | FILE-EXECUTABLE XOR 0x06 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42500 | FILE-EXECUTABLE XOR 0x07 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42501 | FILE-EXECUTABLE XOR 0x08 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42502 | FILE-EXECUTABLE XOR 0x09 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42503 | FILE-EXECUTABLE XOR 0x0a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42504 | FILE-EXECUTABLE XOR 0x0b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42505 | FILE-EXECUTABLE XOR 0x0c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42506 | FILE-EXECUTABLE XOR 0x0d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42507 | FILE-EXECUTABLE XOR 0x0e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42508 | FILE-EXECUTABLE XOR 0x0f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42509 | FILE-EXECUTABLE XOR 0x10 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42511 | FILE-EXECUTABLE XOR 0x12 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42512 | FILE-EXECUTABLE XOR 0x13 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42513 | FILE-EXECUTABLE XOR 0x14 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42514 | FILE-EXECUTABLE XOR 0x15 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42515 | FILE-EXECUTABLE XOR 0x16 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42516 | FILE-EXECUTABLE XOR 0x17 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42517 | FILE-EXECUTABLE XOR 0x18 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42518 | FILE-EXECUTABLE XOR 0x19 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42519 | FILE-EXECUTABLE XOR 0x1a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42520 | FILE-EXECUTABLE XOR 0x1b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42521 | FILE-EXECUTABLE XOR 0x1c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42522 | FILE-EXECUTABLE XOR 0x1d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42523 | FILE-EXECUTABLE XOR 0x1e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42524 | FILE-EXECUTABLE XOR 0x1f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42525 | FILE-EXECUTABLE XOR 0x20 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42526 | FILE-EXECUTABLE XOR 0x21 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42527 | FILE-EXECUTABLE XOR 0x22 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42528 | FILE-EXECUTABLE XOR 0x23 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42529 | FILE-EXECUTABLE XOR 0x24 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42530 | FILE-EXECUTABLE XOR 0x25 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42531 | FILE-EXECUTABLE XOR 0x26 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42532 | FILE-EXECUTABLE XOR 0x27 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42533 | FILE-EXECUTABLE XOR 0x28 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42534 | FILE-EXECUTABLE XOR 0x29 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42535 | FILE-EXECUTABLE XOR 0x2a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42536 | FILE-EXECUTABLE XOR 0x2b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42537 | FILE-EXECUTABLE XOR 0x2c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42538 | FILE-EXECUTABLE XOR 0x2d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42539 | FILE-EXECUTABLE XOR 0x2e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42540 | FILE-EXECUTABLE XOR 0x2f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42541 | FILE-EXECUTABLE XOR 0x30 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42542 | FILE-EXECUTABLE XOR 0x31 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42543 | FILE-EXECUTABLE XOR 0x32 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42544 | FILE-EXECUTABLE XOR 0x33 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42545 | FILE-EXECUTABLE XOR 0x34 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42546 | FILE-EXECUTABLE XOR 0x35 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42547 | FILE-EXECUTABLE XOR 0x36 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42548 | FILE-EXECUTABLE XOR 0x37 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42549 | FILE-EXECUTABLE XOR 0x38 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42550 | FILE-EXECUTABLE XOR 0x39 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42551 | FILE-EXECUTABLE XOR 0x3a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42552 | FILE-EXECUTABLE XOR 0x3b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42553 | FILE-EXECUTABLE XOR 0x3c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42554 | FILE-EXECUTABLE XOR 0x3d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42555 | FILE-EXECUTABLE XOR 0x3e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42556 | FILE-EXECUTABLE XOR 0x3f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42557 | FILE-EXECUTABLE XOR 0x40 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42558 | FILE-EXECUTABLE XOR 0x41 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42559 | FILE-EXECUTABLE XOR 0x42 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42560 | FILE-EXECUTABLE XOR 0x43 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42561 | FILE-EXECUTABLE XOR 0x44 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42562 | FILE-EXECUTABLE XOR 0x45 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42563 | FILE-EXECUTABLE XOR 0x46 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42564 | FILE-EXECUTABLE XOR 0x47 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42565 | FILE-EXECUTABLE XOR 0x48 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42566 | FILE-EXECUTABLE XOR 0x49 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42567 | FILE-EXECUTABLE XOR 0x4a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42568 | FILE-EXECUTABLE XOR 0x4b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42569 | FILE-EXECUTABLE XOR 0x4c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42570 | FILE-EXECUTABLE XOR 0x4d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42571 | FILE-EXECUTABLE XOR 0x4e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42572 | FILE-EXECUTABLE XOR 0x4f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42573 | FILE-EXECUTABLE XOR 0x50 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42574 | FILE-EXECUTABLE XOR 0x51 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42575 | FILE-EXECUTABLE XOR 0x52 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42576 | FILE-EXECUTABLE XOR 0x53 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42577 | FILE-EXECUTABLE XOR 0x54 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42578 | FILE-EXECUTABLE XOR 0x55 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42579 | FILE-EXECUTABLE XOR 0x56 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42580 | FILE-EXECUTABLE XOR 0x57 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42581 | FILE-EXECUTABLE XOR 0x58 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42582 | FILE-EXECUTABLE XOR 0x59 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42583 | FILE-EXECUTABLE XOR 0x5a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42584 | FILE-EXECUTABLE XOR 0x5b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42585 | FILE-EXECUTABLE XOR 0x5c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42586 | FILE-EXECUTABLE XOR 0x5d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42587 | FILE-EXECUTABLE XOR 0x5e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42588 | FILE-EXECUTABLE XOR 0x5f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42589 | FILE-EXECUTABLE XOR 0x60 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42590 | FILE-EXECUTABLE XOR 0x61 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42591 | FILE-EXECUTABLE XOR 0x62 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42592 | FILE-EXECUTABLE XOR 0x63 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42593 | FILE-EXECUTABLE XOR 0x64 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42594 | FILE-EXECUTABLE XOR 0x65 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42595 | FILE-EXECUTABLE XOR 0x66 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42596 | FILE-EXECUTABLE XOR 0x67 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42597 | FILE-EXECUTABLE XOR 0x68 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42598 | FILE-EXECUTABLE XOR 0x69 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42599 | FILE-EXECUTABLE XOR 0x6a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42600 | FILE-EXECUTABLE XOR 0x6b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42601 | FILE-EXECUTABLE XOR 0x6c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42602 | FILE-EXECUTABLE XOR 0x6d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42603 | FILE-EXECUTABLE XOR 0x6e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42604 | FILE-EXECUTABLE XOR 0x6f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42605 | FILE-EXECUTABLE XOR 0x70 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42606 | FILE-EXECUTABLE XOR 0x71 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42607 | FILE-EXECUTABLE XOR 0x72 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42608 | FILE-EXECUTABLE XOR 0x73 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42609 | FILE-EXECUTABLE XOR 0x74 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42610 | FILE-EXECUTABLE XOR 0x75 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42611 | FILE-EXECUTABLE XOR 0x76 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42612 | FILE-EXECUTABLE XOR 0x77 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42613 | FILE-EXECUTABLE XOR 0x78 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42614 | FILE-EXECUTABLE XOR 0x79 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42615 | FILE-EXECUTABLE XOR 0x7a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42616 | FILE-EXECUTABLE XOR 0x7b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42617 | FILE-EXECUTABLE XOR 0x7c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42618 | FILE-EXECUTABLE XOR 0x7d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42619 | FILE-EXECUTABLE XOR 0x7e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42620 | FILE-EXECUTABLE XOR 0x7f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42621 | FILE-EXECUTABLE XOR 0x80 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42622 | FILE-EXECUTABLE XOR 0x81 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42623 | FILE-EXECUTABLE XOR 0x82 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42624 | FILE-EXECUTABLE XOR 0x83 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42625 | FILE-EXECUTABLE XOR 0x84 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42626 | FILE-EXECUTABLE XOR 0x85 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42627 | FILE-EXECUTABLE XOR 0x86 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42628 | FILE-EXECUTABLE XOR 0x87 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42629 | FILE-EXECUTABLE XOR 0x88 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42630 | FILE-EXECUTABLE XOR 0x89 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42631 | FILE-EXECUTABLE XOR 0x8a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42632 | FILE-EXECUTABLE XOR 0x8b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42633 | FILE-EXECUTABLE XOR 0x8c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42634 | FILE-EXECUTABLE XOR 0x8d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42635 | FILE-EXECUTABLE XOR 0x8e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42636 | FILE-EXECUTABLE XOR 0x8f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42637 | FILE-EXECUTABLE XOR 0x90 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42638 | FILE-EXECUTABLE XOR 0x91 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42639 | FILE-EXECUTABLE XOR 0x92 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42640 | FILE-EXECUTABLE XOR 0x93 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42641 | FILE-EXECUTABLE XOR 0x94 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42642 | FILE-EXECUTABLE XOR 0x95 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42643 | FILE-EXECUTABLE XOR 0x96 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42644 | FILE-EXECUTABLE XOR 0x97 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42645 | FILE-EXECUTABLE XOR 0x98 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42646 | FILE-EXECUTABLE XOR 0x99 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42647 | FILE-EXECUTABLE XOR 0x9a encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42648 | FILE-EXECUTABLE XOR 0x9b encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42649 | FILE-EXECUTABLE XOR 0x9c encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42650 | FILE-EXECUTABLE XOR 0x9d encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42651 | FILE-EXECUTABLE XOR 0x9e encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42652 | FILE-EXECUTABLE XOR 0x9f encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42653 | FILE-EXECUTABLE XOR 0xa0 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42654 | FILE-EXECUTABLE XOR 0xa1 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42655 | FILE-EXECUTABLE XOR 0xa2 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42656 | FILE-EXECUTABLE XOR 0xa3 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42657 | FILE-EXECUTABLE XOR 0xa4 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42658 | FILE-EXECUTABLE XOR 0xa5 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42659 | FILE-EXECUTABLE XOR 0xa6 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42660 | FILE-EXECUTABLE XOR 0xa7 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42661 | FILE-EXECUTABLE XOR 0xa8 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42662 | FILE-EXECUTABLE XOR 0xa9 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42663 | FILE-EXECUTABLE XOR 0xaa encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42664 | FILE-EXECUTABLE XOR 0xab encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42665 | FILE-EXECUTABLE XOR 0xac encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42666 | FILE-EXECUTABLE XOR 0xad encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42667 | FILE-EXECUTABLE XOR 0xae encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42668 | FILE-EXECUTABLE XOR 0xaf encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42669 | FILE-EXECUTABLE XOR 0xb0 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42670 | FILE-EXECUTABLE XOR 0xb1 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42671 | FILE-EXECUTABLE XOR 0xb2 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42672 | FILE-EXECUTABLE XOR 0xb3 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42673 | FILE-EXECUTABLE XOR 0xb4 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42674 | FILE-EXECUTABLE XOR 0xb5 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42675 | FILE-EXECUTABLE XOR 0xb6 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42676 | FILE-EXECUTABLE XOR 0xb7 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42677 | FILE-EXECUTABLE XOR 0xb8 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42678 | FILE-EXECUTABLE XOR 0xb9 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42679 | FILE-EXECUTABLE XOR 0xba encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42680 | FILE-EXECUTABLE XOR 0xbb encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42681 | FILE-EXECUTABLE XOR 0xbc encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42682 | FILE-EXECUTABLE XOR 0xbd encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42683 | FILE-EXECUTABLE XOR 0xbe encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42684 | FILE-EXECUTABLE XOR 0xbf encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42685 | FILE-EXECUTABLE XOR 0xc0 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42686 | FILE-EXECUTABLE XOR 0xc1 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42687 | FILE-EXECUTABLE XOR 0xc2 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42688 | FILE-EXECUTABLE XOR 0xc3 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42689 | FILE-EXECUTABLE XOR 0xc4 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42690 | FILE-EXECUTABLE XOR 0xc5 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42691 | FILE-EXECUTABLE XOR 0xc6 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42692 | FILE-EXECUTABLE XOR 0xc7 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42693 | FILE-EXECUTABLE XOR 0xc8 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42694 | FILE-EXECUTABLE XOR 0xc9 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42695 | FILE-EXECUTABLE XOR 0xca encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42696 | FILE-EXECUTABLE XOR 0xcb encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42697 | FILE-EXECUTABLE XOR 0xcc encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42698 | FILE-EXECUTABLE XOR 0xcd encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42699 | FILE-EXECUTABLE XOR 0xce encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42700 | FILE-EXECUTABLE XOR 0xcf encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42701 | FILE-EXECUTABLE XOR 0xd0 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42702 | FILE-EXECUTABLE XOR 0xd1 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42703 | FILE-EXECUTABLE XOR 0xd2 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42704 | FILE-EXECUTABLE XOR 0xd3 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42705 | FILE-EXECUTABLE XOR 0xd4 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42706 | FILE-EXECUTABLE XOR 0xd5 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42707 | FILE-EXECUTABLE XOR 0xd6 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42708 | FILE-EXECUTABLE XOR 0xd7 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42709 | FILE-EXECUTABLE XOR 0xd8 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42710 | FILE-EXECUTABLE XOR 0xd9 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42711 | FILE-EXECUTABLE XOR 0xda encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42712 | FILE-EXECUTABLE XOR 0xdb encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42713 | FILE-EXECUTABLE XOR 0xdc encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42714 | FILE-EXECUTABLE XOR 0xdd encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42715 | FILE-EXECUTABLE XOR 0xde encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42716 | FILE-EXECUTABLE XOR 0xdf encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42717 | FILE-EXECUTABLE XOR 0xe0 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42718 | FILE-EXECUTABLE XOR 0xe1 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42719 | FILE-EXECUTABLE XOR 0xe2 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42720 | FILE-EXECUTABLE XOR 0xe3 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42721 | FILE-EXECUTABLE XOR 0xe4 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42722 | FILE-EXECUTABLE XOR 0xe5 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42723 | FILE-EXECUTABLE XOR 0xe6 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42724 | FILE-EXECUTABLE XOR 0xe7 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42725 | FILE-EXECUTABLE XOR 0xe8 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42726 | FILE-EXECUTABLE XOR 0xe9 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42727 | FILE-EXECUTABLE XOR 0xea encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42728 | FILE-EXECUTABLE XOR 0xeb encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42729 | FILE-EXECUTABLE XOR 0xec encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42730 | FILE-EXECUTABLE XOR 0xed encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42731 | FILE-EXECUTABLE XOR 0xee encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42732 | FILE-EXECUTABLE XOR 0xef encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42733 | FILE-EXECUTABLE XOR 0xf0 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42734 | FILE-EXECUTABLE XOR 0xf1 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42735 | FILE-EXECUTABLE XOR 0xf2 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42736 | FILE-EXECUTABLE XOR 0xf3 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42737 | FILE-EXECUTABLE XOR 0xf4 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42738 | FILE-EXECUTABLE XOR 0xf5 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42739 | FILE-EXECUTABLE XOR 0xf6 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42740 | FILE-EXECUTABLE XOR 0xf7 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42741 | FILE-EXECUTABLE XOR 0xf8 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42742 | FILE-EXECUTABLE XOR 0xf9 encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42743 | FILE-EXECUTABLE XOR 0xfa encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42744 | FILE-EXECUTABLE XOR 0xfb encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42745 | FILE-EXECUTABLE XOR 0xfc encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42746 | FILE-EXECUTABLE XOR 0xfd encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42747 | FILE-EXECUTABLE XOR 0xfe encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42748 | FILE-EXECUTABLE XOR 0xff encrypted portable executable file download attempt (more info ...) | policy-violation | ||||
| 42786 | PROTOCOL-SCADA Moxa unlock function code attempt (more info ...) | attempted-admin | URL | |||
| 42804 | SERVER-WEBAPP IntegraXor directory traversal attempt (more info ...) | web-application-attack | 2010-4598 | |||
| 42830 | MALWARE-CNC User-Agent known malicious user-agent string - Sublink (more info ...) | trojan-activity | URL | |||
| 42831 | MALWARE-CNC User-Agent known malicious user agent - micro (more info ...) | trojan-activity | URL | |||
| 42832 | MALWARE-CNC User-Agent known malicious user agent - SessionI (more info ...) | trojan-activity | URL | |||
| 42833 | MALWARE-CNC Kasperagent outbound connection detected (more info ...) | trojan-activity | URL | |||
| 42834 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 42835 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 42836 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 42837 | MALWARE-CNC Win.Backdoor.Chopper web shell connection (more info ...) | trojan-activity | URL | |||
| 42838 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Backdoor.Chopper (more info ...) | trojan-activity | URL | |||
| 42857 | SERVER-WEBAPP MVPower DVR Shell arbitrary command execution attempt (more info ...) | attempted-admin | URL | |||
| 42866 | SERVER-WEBAPP GE Proficy RT Portal information disclosure attempt (more info ...) | attempted-recon | 2013-0651 | |||
| 42867 | SERVER-WEBAPP GE Proficy RT Portal information disclosure attempt (more info ...) | attempted-recon | 2013-0651 | |||
| 42880 | MALWARE-CNC Deputy Dog implant outbound connection (more info ...) | trojan-activity | ||||
| 42881 | MALWARE-CNC Deputy Dog implant outbound connection (more info ...) | trojan-activity | ||||
| 42882 | MALWARE-CNC ZoxPNG initial outbound connection (more info ...) | trojan-activity | ||||
| 42883 | MALWARE-CNC Win.Trojan.MadMax implant outbound connection attempt (more info ...) | trojan-activity | ||||
| 42884 | MALWARE-CNC Win.Trojan.MadMax implant outbound connection (more info ...) | trojan-activity | ||||
| 42885 | MALWARE-CNC WashingTon ssl certificate negotiation attempt (more info ...) | trojan-activity | ||||
| 42886 | MALWARE-CNC HttpBrowser User-Agent outbound communication attmept (more info ...) | trojan-activity | ||||
| 42893 | SERVER-WEBAPP Eaton VURemote denial of service attempt (more info ...) | denial-of-service | URL | |||
| 42894 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 42895 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42898 | SERVER-WEBAPP Eaton Network Shutdown Module remote code execution attempt (more info ...) | attempted-user | 54161 | |||
| 42899 | MALWARE-CNC Jaff ransomware outbound connection (more info ...) | trojan-activity | ||||
| 42919 | FILE-IDENTIFY ISO file attachment with executable detected (more info ...) | misc-activity | ||||
| 42925 | MALWARE-CNC Js.Keylogger.Scanbox outbound connection (more info ...) | trojan-activity | URL | |||
| 42926 | MALWARE-CNC Js.Keylogger.Scanbox outbound connection (more info ...) | trojan-activity | URL | |||
| 42929 | MALWARE-CNC Win.Trojan.Niramdat variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 42934 | PROTOCOL-SCADA GE Proficy Historian buffer overflow attempt (more info ...) | attempted-admin | 2011-1918 | |||
| 42935 | FILE-OTHER Everest Software PeakHMI malicious .bsu file buffer overflow attempt (more info ...) | misc-activity | URL | |||
| 42936 | FILE-OTHER Everest Software PeakHMI malicious .bsu file buffer overflow attempt (more info ...) | misc-activity | URL | |||
| 42945 | MALWARE-CNC Win.Trojan.Adylkuzz variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 42946 | INDICATOR-OBFUSCATION Hex escaped valueOf function name obfuscation attempt (more info ...) | misc-activity | URL | |||
| 42948 | INDICATOR-OBFUSCATION Hex escaped split function name obfuscation attempt (more info ...) | misc-activity | URL | |||
| 42949 | INDICATOR-OBFUSCATION URL encoded document class name obfuscation attempt (more info ...) | misc-activity | URL | |||
| 42950 | INDICATOR-OBFUSCATION URL encoded vbscript tag obfuscation attempt (more info ...) | misc-activity | URL | |||
| 42993 | SERVER-WEBAPP ReadyDesk arbitrary file upload attempt (more info ...) | web-application-attack | 2016-5050 | |||
| 42994 | SERVER-WEBAPP ReadyDesk arbitrary file upload attempt (more info ...) | web-application-attack | 2016-5050 | |||
| 42995 | PROTOCOL-SCADA Weintek EB Pro denial of service attempt (more info ...) | attempted-dos | URL | |||
| 42996 | MALWARE-CNC Win.Trojan.Spesseo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 42997 | MALWARE-CNC Win.Trojan.Spesseo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43000 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0342 attack attempt (more info ...) | attempted-user | 2017-2840 | URL | ||
| 43001 | FILE-OTHER TRUFFLEHUNTER TALOS-2017-0342 attack attempt (more info ...) | attempted-user | 2017-2840 | URL | ||
| 43006 | SERVER-WEBAPP MailStore Server cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 43044 | SERVER-OTHER RaySharp DVR administrative interface access attempt (more info ...) | attempted-admin | URL | |||
| 43049 | MALWARE-CNC Win.Trojan.Gasonen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43050 | SERVER-WEBAPP Schneider Electric ClearSCADA information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 43062 | SERVER-WEBAPP Cogent Datahub EvalExpresssion remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 43063 | MALWARE-CNC Win.Trojan.Kabob outbound connection (more info ...) | trojan-activity | ||||
| 43076 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0354 attack attempt (more info ...) | attempted-dos | 2017-2852 | URL | ||
| 43080 | BROWSER-OTHER Foscam IP Camera User-Agent string detected (more info ...) | misc-activity | ||||
| 43081 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2017-0357 attack attempt (more info ...) | attempted-admin | 2017-2856 | URL | ||
| 43082 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2017-0360 attack attempt (more info ...) | attempted-admin | 2017-2857 | URL | ||
| 43084 | FILE-IDENTIFY Rhinoceros 3D 3dm file attachment detected (more info ...) | misc-activity | ||||
| 43085 | FILE-IDENTIFY Rhinoceros 3D 3dm file attachment detected (more info ...) | misc-activity | ||||
| 43086 | FILE-IDENTIFY Rhinoceros 3D 3dm file attachment detected (more info ...) | misc-activity | ||||
| 43087 | FILE-IDENTIFY FLIC animation file download request (more info ...) | misc-activity | ||||
| 43088 | FILE-IDENTIFY FLIC animation file attachment detected (more info ...) | misc-activity | ||||
| 43089 | FILE-IDENTIFY FLIC animation file attachment detected (more info ...) | misc-activity | ||||
| 43090 | FILE-IDENTIFY FLIC animation file attachment detected (more info ...) | misc-activity | ||||
| 43091 | SERVER-WEBAPP AggreGate SCADA HMI web form upload xml external entity attack attempt (more info ...) | web-application-attack | URL | |||
| 43092 | INDICATOR-COMPROMISE OLE attachment with embedded PICT attempt (more info ...) | misc-activity | 2017-8487 | |||
| 43094 | SERVER-OTHER Ecava IntegraXor SCADA information leak attempt (more info ...) | attempted-admin | URL | |||
| 43099 | SERVER-WEBAPP Simple SCADA web-socket connection initialization attempt (more info ...) | misc-activity | URL | |||
| 43100 | SERVER-WEBAPP Simple SCADA web-socket remote command execution attempt (more info ...) | misc-activity | URL | |||
| 43101 | SERVER-WEBAPP Beckhoff CX9020 remote configuration modification attempt (more info ...) | web-application-attack | 2015-4051 | URL | ||
| 43102 | SERVER-WEBAPP Mango Automation arbitrary JSP code upload attempt (more info ...) | attempted-admin | 2015-7904 | |||
| 43103 | PROTOCOL-SCADA Weintek EasyBuilder Pro denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43104 | PROTOCOL-SCADA OPC Systems denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43105 | SERVER-OTHER Novus WS10 Data Server buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 43107 | FILE-OTHER FreeBSD bspatch utility remote code execution attempt (more info ...) | attempted-user | 2014-9862 | |||
| 43108 | FILE-OTHER FreeBSD bspatch utility remote code execution attempt (more info ...) | attempted-user | 2014-9862 | |||
| 43112 | SERVER-WEBAPP Schneider Electric IGSS dashboard overwrite attempt (more info ...) | web-application-attack | URL | |||
| 43113 | SERVER-WEBAPP Schneider Electric IGSS dashboard deletion attempt (more info ...) | web-application-attack | URL | |||
| 43116 | SERVER-OTHER Moore Industries NCS denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43119 | SERVER-WEBAPP CyberPower Systems PowerPanel XXE out of band data retrieval attempt (more info ...) | web-application-attack | URL | |||
| 43127 | POLICY-OTHER Beck IPC network configuration enumeration attempt (more info ...) | attempted-recon | URL | |||
| 43128 | POLICY-OTHER Beck IPC network configuration overwrite attempt (more info ...) | misc-activity | URL | |||
| 43129 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43135 | POLICY-OTHER JBoss Management console access detected (more info ...) | policy-violation | 2017-6640 | URL | ||
| 43137 | FILE-OTHER INSAT MasterSCADA malicious project command execution attempt (more info ...) | misc-activity | URL | |||
| 43138 | FILE-OTHER INSAT MasterSCADA malicious project command execution attempt (more info ...) | misc-activity | URL | |||
| 43139 | PROTOCOL-SCADA Pro-Face Pro-ServerEX large data allocation denial of service attempt (more info ...) | denial-of-service | 2012-3794 | |||
| 43140 | PROTOCOL-SCADA Pro-Face Pro-ServerEX large size value denial of service attempt (more info ...) | denial-of-service | 2012-3796 | |||
| 43141 | PROTOCOL-SCADA Pro-Face Pro-ServerEX large data allocation denial of service attempt (more info ...) | denial-of-service | 2012-3794 | |||
| 43142 | PROTOCOL-SCADA Pro-Face Pro-ServerEX large size value denial of service attempt (more info ...) | denial-of-service | 2012-3796 | |||
| 43143 | PROTOCOL-SCADA Pro-Face Pro-ServerEX arbitrary memory disclosure attempt (more info ...) | denial-of-service | 2012-3795 | |||
| 43144 | PROTOCOL-SCADA Pro-Face Pro-ServerEX arbitrary memory disclosure attempt (more info ...) | denial-of-service | 2012-3795 | |||
| 43145 | POLICY-OTHER Pro-Face Pro-ServerEX find node invalid memory access attempt (more info ...) | misc-activity | 2012-3792 | |||
| 43146 | POLICY-OTHER Pro-Face Pro-ServerEX find node invalid memory access attempt (more info ...) | misc-activity | 2012-3792 | |||
| 43177 | PROTOCOL-SCADA Siemens SIPROTEC V4.24 crafted packet denial of service attempt (more info ...) | attempted-dos | 2015-5374 | URL | ||
| 43183 | MALWARE-CNC Win.Trojan.Matsnu variant outbound conection (more info ...) | trojan-activity | URL | |||
| 43184 | MALWARE-CNC Win.Trojan.Matsnu variant outbound conection (more info ...) | trojan-activity | URL | |||
| 43187 | EXPLOIT-KIT Rig Exploit Kit URL outbound communication (more info ...) | attempted-user | ||||
| 43190 | MALWARE-CNC Win.Trojan.Konus variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 43193 | MALWARE-CNC Win.Trojan.HiddenCobra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43194 | MALWARE-CNC Win.Trojan.HiddenCobra variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43214 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0366 attack attempt (more info ...) | attempted-user | 2017-2862 | URL | ||
| 43215 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0366 attack attempt (more info ...) | attempted-user | 2017-2862 | URL | ||
| 43217 | EXPLOIT-KIT Rig Exploit Kit redirection attempt (more info ...) | trojan-activity | ||||
| 43218 | PUA-ADWARE Win.Adware.Hotbar variant outbound connection (more info ...) | misc-activity | URL | |||
| 43219 | PUA-ADWARE Win.Adware.Hotbar variant outbound connection (more info ...) | misc-activity | URL | |||
| 43220 | MALWARE-CNC User-Agent known malicious user-agent string - Hotbar (more info ...) | trojan-activity | URL | |||
| 43222 | MALWARE-CNC Win.Trojan.Micropsia outbound connection (more info ...) | trojan-activity | URL | |||
| 43223 | MALWARE-CNC Win.Trojan.Micropsia outbound connection (more info ...) | trojan-activity | URL | |||
| 43224 | MALWARE-CNC Win.Trojan.Micropsia outbound connection (more info ...) | trojan-activity | URL | |||
| 43227 | PROTOCOL-SCADA IEC 104 force off denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43238 | SERVER-WEBAPP Imatix Xitami web server head processing denial of service attempt (more info ...) | attempted-dos | URL | |||
| 43252 | PROTOCOL-SCADA IEC 61850 device connection enumeration attempt (more info ...) | attempted-recon | URL | |||
| 43253 | PROTOCOL-SCADA IEC 61850 virtual manufacturing device domain variable enumeration attempt (more info ...) | attempted-recon | URL | |||
| 43254 | INDICATOR-SHELLCODE KUSER_SHARED_DATA NtMajorVersion and NtMinorVersion offsets (more info ...) | shellcode-detect | ||||
| 43280 | SERVER-WEBAPP Advantech WebAccess cross site scripting attempt (more info ...) | attempted-user | 2012-0233 | |||
| 43281 | SERVER-WEBAPP .NET AjaxControlToolkit directory traversal remote code execution attempt (more info ...) | attempted-user | 2015-4670 | |||
| 43282 | SERVER-WEBAPP .NET AjaxControlToolkit directory traversal remote code execution attempt (more info ...) | attempted-user | 2015-4670 | |||
| 43283 | SERVER-WEBAPP .NET AjaxControlToolkit directory traversal remote code execution attempt (more info ...) | attempted-user | 2015-4670 | |||
| 43285 | SERVER-WEBAPP /.svn/entries file access attempt (more info ...) | attempted-recon | ||||
| 43287 | SERVER-WEBAPP /etc/inetd.conf file access attempt (more info ...) | attempted-recon | URL | |||
| 43288 | SERVER-WEBAPP /etc/motd file access attempt (more info ...) | attempted-recon | URL | |||
| 43289 | SERVER-WEBAPP /etc/shadow file access attempt (more info ...) | attempted-recon | URL | |||
| 43292 | MALWARE-CNC Andr.Adware.Judy malicious dex file download attempt (more info ...) | trojan-activity | URL | |||
| 43296 | SERVER-WEBAPP IP3 Networks NetAccess directory traversal attempt (more info ...) | web-application-attack | 2007-0883 | |||
| 43299 | SERVER-WEBAPP Belkin N150 abitrary file read attempt (more info ...) | web-application-attack | 2014-2962 | |||
| 43304 | SERVER-WEBAPP csChatRBox setup attempt (more info ...) | web-application-activity | 2002-1752 | 4452 | ||
| 43305 | SERVER-WEBAPP csLiveSupport setup attempt (more info ...) | web-application-activity | 2002-1751 | 4450 | ||
| 43306 | SERVER-WEBAPP csNewsRemote setup attempt (more info ...) | web-application-activity | 2002-1753 | 4451 | ||
| 43324 | SERVER-WEBAPP Trihedral VTScada directory traversal attempt (more info ...) | web-application-attack | 2016-4532 | 91077 | URL | |
| 43325 | SERVER-WEBAPP Trihedral VTScada directory traversal attempt (more info ...) | web-application-attack | 2016-4532 | 91077 | URL | |
| 43326 | SERVER-WEBAPP Trihedral VTScada directory traversal attempt (more info ...) | web-application-attack | 2016-4532 | 91077 | URL | |
| 43332 | EXPLOIT-KIT Rig Exploit Kit Landing Page Request Attempt (more info ...) | attempted-user | ||||
| 43333 | FILE-OTHER ProShow Gold PSH file handling overflow attempt (more info ...) | attempted-user | 2009-3214 | |||
| 43334 | SERVER-WEBAPP OpenFiler NetworkCard command execution attempt (more info ...) | attempted-admin | 55490 | |||
| 43339 | FILE-OTHER Cytel Studio string stack overflow attempt (more info ...) | attempted-user | 49924 | URL | ||
| 43340 | FILE-OTHER Cytel Studio row overflow attempt (more info ...) | attempted-user | 49924 | URL | ||
| 43341 | FILE-OTHER Cytel Studio USE command overflow attempt (more info ...) | attempted-user | 49924 | URL | ||
| 43348 | PROTOCOL-SCADA Advantech Studio DOS attempt (more info ...) | attempted-dos | URL | |||
| 43352 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated dms access attempt (more info ...) | attempted-recon | 2002-0563 | |||
| 43353 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated dms access attempt (more info ...) | attempted-recon | 2002-0563 | |||
| 43354 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated dms access attempt (more info ...) | attempted-recon | 2002-0563 | |||
| 43355 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated dms access attempt (more info ...) | attempted-recon | 2002-0563 | |||
| 43356 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated dms access attempt (more info ...) | attempted-recon | 2002-0563 | |||
| 43357 | SERVER-WEBAPP Oracle Application Server 9i unauthenticated dms access attempt (more info ...) | attempted-recon | 2002-0563 | |||
| 43368 | FILE-OTHER Compface xbm long declaration buffer overflow attempt (more info ...) | denial-of-service | 2009-2286 | |||
| 43369 | FILE-OTHER Compface xbm long declaration buffer overflow attempt (more info ...) | denial-of-service | 2009-2286 | |||
| 43379 | SERVER-WEBAPP CA ERwin Web Portal ProfileIconServlet directory traversal attempt (more info ...) | web-application-attack | 2014-2210 | |||
| 43388 | OS-OTHER Apple OSX CFNetwork HTTP response denial of service attempt (more info ...) | denial-of-service | 2007-0464 | |||
| 43389 | INDICATOR-COMPROMISE Symantec Endpoint Protection potential binary planting RCE attempt (more info ...) | attempted-user | 2015-1492 | URL | ||
| 43390 | SERVER-WEBAPP Netgear Prosafe startup config information disclosure attempt (more info ...) | attempted-recon | 2013-4775 | |||
| 43397 | SERVER-OTHER Proface GP-Pro EX EX-ED BeginPreRead stack buffer overflow attempt (more info ...) | attempted-user | 2016-2292 | |||
| 43399 | FILE-IMAGE multiple products PNG processing buffer overflow attempt (more info ...) | attempted-user | 2017-3077 | 34240 | URL | |
| 43436 | SERVER-WEBAPP GE Fanuc Real Time Information Portal arbitrary file write attempt (more info ...) | web-application-attack | 2008-0175 | 27446 | URL | |
| 43444 | SERVER-WEBAPP XML entity parsing information disclosure attempt (more info ...) | attempted-recon | 2014-0054 | |||
| 43449 | POLICY-OTHER log file access detected (more info ...) | attempted-recon | 2017-6709 | URL | ||
| 43457 | MALWARE-CNC Win.Trojan.Eorezo variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43459 | MALWARE-CNC Win.Trojan.Doublepulsar variant successful ping response (more info ...) | trojan-activity | URL | |||
| 43467 | MALWARE-CNC Win.Trojan.Fireball variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43468 | MALWARE-CNC Win.Trojan.Fireball variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43475 | MALWARE-CNC Win.Dropper.Agent ransomware downloader outbound connection detected (more info ...) | trojan-activity | URL | |||
| 43476 | MALWARE-CNC Win.Dropper.Agent ransomware downloader outbound connection detected (more info ...) | trojan-activity | URL | |||
| 43477 | MALWARE-CNC Win.Dropper.Agent ransomware downloader outbound connection detected (more info ...) | trojan-activity | URL | |||
| 43481 | FILE-OTHER Vim modelines remote command execution attempt (more info ...) | attempted-user | 2016-1248 | |||
| 43482 | FILE-OTHER Vim modelines remote command execution attempt (more info ...) | attempted-user | 2016-1248 | |||
| 43487 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0370 attack attempt (more info ...) | attempted-user | 2017-2864 | URL | ||
| 43495 | SERVER-WEBAPP Lets Encrypt SSL certificate for domain resembling paypal (more info ...) | misc-attack | ||||
| 43496 | SERVER-WEBAPP Lets Encrypt SSL certificate issuer detected (more info ...) | misc-attack | ||||
| 43523 | MALWARE-CNC Win.Trojan.Donvibs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43524 | MALWARE-CNC Win.Trojan.Donvibs variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43526 | MALWARE-CNC Win.Trojan.Deltasource variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 43527 | MALWARE-CNC Win.Trojan.Deltasource variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 43539 | SERVER-WEBAPP Koha directory traversal attempt (more info ...) | web-application-attack | 2011-4715 | |||
| 43540 | FILE-OTHER Multiple products media player wma file buffer overflow attempt (more info ...) | attempted-user | 2012-0904 | URL | ||
| 43541 | FILE-OTHER Multiple products media player wma file buffer overflow attempt (more info ...) | attempted-user | 2012-0904 | URL | ||
| 43542 | SERVER-OTHER CCProxy telnet ping buffer overflow attempt (more info ...) | attempted-user | 2004-2685 | |||
| 43546 | INDICATOR-COMPROMISE Juniper vSRX Application Firewall IPv6 REJECT buffer overflow attempt (more info ...) | attempted-admin | ||||
| 43555 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0381 attack attempt (more info ...) | attempted-recon | 2017-2874 | URL | ||
| 43560 | FILE-OTHER Oracle Outside-In JPEG2000 QCD segment processing heap buffer overflow attempt (more info ...) | attempted-admin | 2012-1769 | 54500 | ||
| 43562 | POLICY-OTHER Teleopti WFM database information request detected (more info ...) | attempted-recon | URL | |||
| 43563 | POLICY-OTHER Teleopti WFM administrative user credentials request detected (more info ...) | attempted-recon | URL | |||
| 43564 | POLICY-OTHER Teleopti WFM administrative user creation detected (more info ...) | attempted-admin | URL | |||
| 43565 | APP-DETECT HTTPTunnel proxy outbound connection detected (more info ...) | policy-violation | URL | |||
| 43566 | SERVER-OTHER LAN Messenger initiation request buffer overflow attempt (more info ...) | denial-of-service | 2012-3845 | |||
| 43567 | SERVER-WEBAPP Oracle Application Framework diagnostic information disclosure attempt (more info ...) | attempted-recon | 2013-0397 | |||
| 43568 | SERVER-WEBAPP Oracle Application Framework diagnostic information disclosure attempt (more info ...) | attempted-recon | 2013-0397 | |||
| 43569 | SERVER-WEBAPP Zavio Cam command injection attempt (more info ...) | web-application-attack | 2013-2568 | |||
| 43570 | SERVER-WEBAPP Zavio Cam command injection attempt (more info ...) | web-application-attack | 2013-2568 | |||
| 43571 | SERVER-WEBAPP Zavio Cam command injection attempt (more info ...) | web-application-attack | 2013-2568 | |||
| 43572 | SERVER-WEBAPP Zavio Cam command injection attempt (more info ...) | web-application-attack | 2013-2568 | |||
| 43575 | MALWARE-CNC Win32.Trojan.NeutrinoPOS connection attempt (more info ...) | trojan-activity | URL | |||
| 43576 | INDICATOR-COMPROMISE possible Samsung DVR authentication bypass attempt (more info ...) | attempted-admin | 2013-3586 | |||
| 43577 | SERVER-WEBAPP Oracle BPEL Process Manager directory traversal attempt (more info ...) | attempted-user | 2013-3828 | 63058 | ||
| 43582 | FILE-OTHER multiple vulnerabilities malformed .wav file buffer overflow attempt (more info ...) | attempted-user | 2009-4962 | |||
| 43591 | SERVER-WEBAPP IBM Tealeaf testconn_host command injection attempt (more info ...) | web-application-attack | 2013-6719 | 65984 | ||
| 43592 | SERVER-WEBAPP IBM Tealeaf testconn_host command injection attempt (more info ...) | web-application-attack | 2013-6719 | 65984 | ||
| 43593 | SERVER-WEBAPP IBM Tealeaf testconn_host command injection attempt (more info ...) | web-application-attack | 2013-6719 | 65984 | ||
| 43594 | SERVER-WEBAPP IBM Tealeaf testconn_host command injection attempt (more info ...) | web-application-attack | 2013-6719 | 65984 | ||
| 43595 | SERVER-WEBAPP Netgear Prosafe filesystem denial of service attempt (more info ...) | denial-of-service | 2013-4776 | |||
| 43596 | SERVER-OTHER Oracle Demantra information disclosure attempt (more info ...) | attempted-recon | 2013-5877 | 64831 | ||
| 43597 | MALWARE-CNC Win.Trojan.BlackEnergy outbound connection (more info ...) | trojan-activity | URL | |||
| 43600 | FILE-OTHER Wireshark ENTTEC DMX RLE buffer overflow attempt (more info ...) | attempted-admin | 2010-4538 | |||
| 43601 | FILE-OTHER Wireshark ENTTEC DMX RLE buffer overflow attempt (more info ...) | attempted-admin | 2010-4538 | |||
| 43602 | SERVER-OTHER Wireshark ENTTEC DMX RLE buffer overflow attempt (more info ...) | attempted-admin | 2010-4538 | |||
| 43608 | FILE-OTHER Multiple Products SGI ZSIZE handling buffer overflow attempt (more info ...) | attempted-user | 2018-5040 | 19507 | URL | |
| 43609 | FILE-OTHER Multiple Products SGI ZSIZE handling buffer overflow attempt (more info ...) | attempted-user | 2018-5040 | 19507 | URL | |
| 43610 | SERVER-OTHER Piwigo LocalFiles editor cross-site request forgery attempt (more info ...) | web-application-attack | 2013-1468 | |||
| 43611 | SERVER-OTHER Piwigo LocalFiles editor cross-site request forgery attempt (more info ...) | web-application-attack | 2013-1468 | |||
| 43615 | FILE-OTHER Orbital Viewer .orb stack buffer overflow attempt (more info ...) | attempted-user | 2010-0688 | 38436 | ||
| 43616 | SERVER-WEBAPP E-Mail Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 43617 | SERVER-WEBAPP E-Mail Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 43618 | SERVER-WEBAPP E-Mail Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 43619 | SERVER-WEBAPP E-Mail Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | URL | |||
| 43620 | SERVER-OTHER Real Networks Helix Server RTSP denial of service attempt (more info ...) | denial-of-service | 2004-0389 | |||
| 43621 | SERVER-OTHER Real Networks Helix Server RTSP denial of service attempt (more info ...) | denial-of-service | 2004-0389 | |||
| 43623 | FILE-OTHER IBM Informix Client SDK NFX file HostList processing stack buffer overflow attempt (more info ...) | attempted-user | 2009-3691 | 36588 | ||
| 43624 | FILE-OTHER IBM Informix Client SDK NFX file InformixServerList processing stack buffer overflow attempt (more info ...) | attempted-user | 2009-3691 | 36588 | ||
| 43626 | FILE-OTHER Schneider Electric MaxStream Configuration X-CTU code execution attempt (more info ...) | attempted-user | URL | |||
| 43627 | FILE-OTHER Schneider Electric MaxStream Configuration X-CTU code execution attempt (more info ...) | attempted-user | URL | |||
| 43632 | FILE-EXECUTABLE SandboxEscaper WER download attempt (more info ...) | attempted-user | ||||
| 43633 | FILE-EXECUTABLE SandboxEscaper WER download attempt (more info ...) | attempted-user | ||||
| 43634 | SERVER-WEBAPP Zenoss call home remote code execution attempt (more info ...) | attempted-user | 2014-6261 | |||
| 43637 | SERVER-WEBAPP SAP Internet Transaction Server cross site scripting attempt (more info ...) | attempted-user | 2003-0749 | |||
| 43660 | SERVER-ORACLE Oracle Reports Server information disclosure attempt (more info ...) | attempted-recon | 2012-3152 | URL | ||
| 43661 | SERVER-ORACLE Oracle Reports Servlet information disclosure attempt (more info ...) | attempted-recon | 2012-3153 | URL | ||
| 43662 | SERVER-ORACLE Oracle Reports Servlet information disclosure attempt (more info ...) | attempted-recon | 2012-3153 | URL | ||
| 43666 | SERVER-WEBAPP VirtualSystem VS-News-System remote file include attempt (more info ...) | web-application-attack | 2007-1017 | |||
| 43667 | SERVER-WEBAPP VirtualSystem VS-News-System remote file include attempt (more info ...) | web-application-attack | 2007-1017 | |||
| 43669 | FILE-OTHER Node.js JS-YAML js function tag code execution attempt (more info ...) | attempted-user | 2013-4660 | |||
| 43670 | FILE-OTHER Node.js JS-YAML js function tag code execution attempt (more info ...) | attempted-user | 2013-4660 | |||
| 43676 | FILE-PDF FreeType PostScript Type1 font parsing memory corruption attempt (more info ...) | attempted-user | 2011-0226 | |||
| 43677 | FILE-PDF FreeType PostScript Type1 font parsing memory corruption attempt (more info ...) | attempted-user | 2011-0226 | |||
| 43682 | FILE-OTHER Xion Media Player AIFF denial of service attempt (more info ...) | denial-of-service | URL | |||
| 43683 | FILE-OTHER Xion Media Player AIFF denial of service attempt (more info ...) | denial-of-service | URL | |||
| 43700 | SERVER-OTHER Monkey HTTPD null request denial of service attempt (more info ...) | denial-of-service | 2013-3724 | |||
| 43705 | SERVER-OTHER HPE LoadRunner buffer overflow exploitation attempt (more info ...) | attempted-user | 2016-4359 | 90975 | ||
| 43708 | INDICATOR-OBFUSCATION obfuscated vbscript detected (more info ...) | misc-activity | URL | |||
| 43712 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0389 attack attempt (more info ...) | policy-violation | 2017-2882 | URL | ||
| 43714 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0389 attack attempt (more info ...) | policy-violation | 2017-2881 | URL | ||
| 43715 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0390 attack attempt (more info ...) | policy-violation | 2017-2883 | URL | ||
| 43716 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0391 attack attempt (more info ...) | attempted-user | 2017-2884 | URL | ||
| 43717 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0386 attack attempt (more info ...) | attempted-admin | 2017-2879 | URL | ||
| 43720 | SERVER-WEBAPP SAP Internet Transaction Server directory traversal attempt (more info ...) | web-application-attack | 2003-0748 | 8516 | ||
| 43721 | SERVER-WEBAPP SAP Internet Transaction Server directory traversal attempt (more info ...) | web-application-attack | 2003-0748 | 8516 | ||
| 43722 | SERVER-WEBAPP SAP Internet Transaction Server directory traversal attempt (more info ...) | web-application-attack | 2003-0748 | 8516 | ||
| 43725 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0387 attack attempt (more info ...) | attempted-user | 2017-2880 | URL | ||
| 43726 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0387 attack attempt (more info ...) | attempted-user | 2017-2880 | URL | ||
| 43728 | SERVER-OTHER XChat heap buffer overflow attempt (more info ...) | attempted-admin | 2011-5129 | |||
| 43729 | EXPLOIT-KIT Rig/Grandsoft Exploit Kit IE exploit attempt (more info ...) | attempted-admin | ||||
| 43730 | SERVER-OTHER multiple vulnerabilities malformed mp3 buffer overflow attempt (more info ...) | attempted-admin | 2012-6044 | |||
| 43750 | FILE-OTHER Sorensoft Media Player asz file buffer overflow attempt (more info ...) | denial-of-service | URL | |||
| 43751 | FILE-OTHER Sorensoft Media Player asz file buffer overflow attempt (more info ...) | denial-of-service | URL | |||
| 43755 | SERVER-OTHER FreeBSD Routing Information Protocol assertion failure attempt (more info ...) | policy-violation | 2015-5674 | |||
| 43757 | SERVER-WEBAPP ScadaBR remote credential export attempt (more info ...) | web-application-attack | URL | |||
| 43769 | SERVER-OTHER D-Link DSL-2740B cross site request forgery attempt (more info ...) | attempted-admin | 2013-5730 | |||
| 43770 | SERVER-OTHER D-Link DSL-2740B cross site request forgery attempt (more info ...) | attempted-admin | 2013-5730 | |||
| 43771 | SERVER-OTHER D-Link DSL-2740B cross site request forgery attempt (more info ...) | attempted-admin | 2013-5730 | |||
| 43772 | SERVER-OTHER D-Link DSL-2740B cross site request forgery attempt (more info ...) | attempted-admin | 2013-5730 | |||
| 43773 | SERVER-OTHER D-Link DSL-2740B cross site request forgery attempt (more info ...) | attempted-admin | 2013-5730 | |||
| 43774 | SERVER-OTHER D-Link DSL-2740B cross site request forgery attempt (more info ...) | attempted-admin | 2013-5730 | |||
| 43780 | SERVER-WEBAPP D-Link DIR-645 router buffer overflow attempt (more info ...) | attempted-admin | 2013-7389 | |||
| 43781 | SERVER-WEBAPP D-Link DIR-645 router cross site scripting attempt (more info ...) | attempted-user | 2013-7389 | |||
| 43782 | SERVER-WEBAPP D-Link DIR-645 router cross site scripting attempt (more info ...) | attempted-user | 2013-7389 | |||
| 43783 | SERVER-WEBAPP D-Link DIR-645 router cross site scripting attempt (more info ...) | attempted-user | 2013-7389 | |||
| 43786 | SERVER-ORACLE Oracle Application Test Suite server authentication bypass attempt (more info ...) | attempted-admin | 2016-0492 | 81158 | URL | |
| 43787 | SERVER-ORACLE Oracle Application Test Suite server authentication bypass attempt (more info ...) | attempted-admin | 2016-0492 | 81158 | URL | |
| 43788 | SERVER-ORACLE Oracle Application Test Suite server authentication bypass attempt (more info ...) | attempted-admin | 2016-0492 | 81158 | URL | |
| 43794 | FILE-OTHER Schneider Electric VAMSET CFG file heap buffer overflow attempt (more info ...) | attempted-admin | 2014-8390 | |||
| 43795 | FILE-OTHER Schneider Electric VAMSET CFG file heap buffer overflow attempt (more info ...) | attempted-admin | 2014-8390 | |||
| 43797 | FILE-OTHER Schneider Electric VAMSET CFG file heap buffer overflow attempt (more info ...) | attempted-admin | 2014-8390 | |||
| 43798 | FILE-OTHER Schneider Electric VAMSET CFG file heap buffer overflow attempt (more info ...) | attempted-admin | 2014-8390 | |||
| 43806 | MALWARE-BACKDOOR HVL Rat inbound command (more info ...) | trojan-activity | URL | |||
| 43825 | MALWARE-CNC Osx.Trojan.XAgent outbound connection (more info ...) | trojan-activity | URL | |||
| 43828 | FILE-OTHER Snackamp malformed AIFF buffer overflow attempt (more info ...) | denial-of-service | 2012-5917 | |||
| 43829 | SERVER-OTHER IBM Tivoli Storage Manager FastBack mount service code execution attempt (more info ...) | attempted-admin | 2010-3058 | 42549 | ||
| 43834 | FILE-OTHER Bmxplay malformed BMX buffer overflow attempt (more info ...) | denial-of-service | 2009-4759 | |||
| 43839 | INDICATOR-COMPROMISE backwards executable download (more info ...) | attempted-user | ||||
| 43840 | FILE-OTHER Wireshark PROFINET DCP response format string exploit attempt (more info ...) | attempted-admin | 2009-1210 | |||
| 43841 | FILE-OTHER Wireshark PROFINET DCP request format string exploit attempt (more info ...) | attempted-admin | 2009-1210 | |||
| 43842 | FILE-OTHER Wireshark PROFINET DCP response format string exploit attempt (more info ...) | attempted-admin | 2009-1210 | |||
| 43843 | FILE-OTHER Wireshark PROFINET DCP request format string exploit attempt (more info ...) | attempted-admin | 2009-1210 | |||
| 43844 | FILE-OTHER Wireshark PROFINET DCP request format string exploit attempt (more info ...) | attempted-admin | 2009-1210 | |||
| 43845 | FILE-OTHER Wireshark PROFINET DCP request format string exploit attempt (more info ...) | attempted-admin | 2009-1210 | |||
| 43846 | SERVER-OTHER ISC BIND malformed control channel authentication message denial of service attempt (more info ...) | attempted-dos | 2016-1285 | URL | ||
| 43864 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0371 attack attempt (more info ...) | policy-violation | 2017-2865 | URL | ||
| 43885 | EXPLOIT-KIT Exploit Kit malicious redirection attempt (more info ...) | attempted-user | ||||
| 43890 | MALWARE-CNC Win.Malware.Emotet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43899 | MALWARE-CNC Win.Trojan.Biggluck variant inbound response (more info ...) | trojan-activity | ||||
| 43929 | MALWARE-CNC Win.Trojan.Poogetad Variant connection attempt (more info ...) | trojan-activity | URL | |||
| 43930 | MALWARE-CNC Win.Malware.GamKer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43933 | INDICATOR-COMPROMISE VBScript accessing scripting API for WMI (more info ...) | attempted-user | ||||
| 43942 | FILE-OTHER Abbs Media Player LST buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 43943 | MALWARE-BACKDOOR Win.Trojan.DonaldDick variant outbound connection detection (more info ...) | trojan-activity | URL | |||
| 43944 | FILE-OTHER multiple products malformed CUE file buffer overflow attempt (more info ...) | attempted-user | 2007-2888 | 33960 | ||
| 43945 | FILE-OTHER Magic Music Editor malformed CDA buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 43946 | FILE-OTHER Guitar Pro malformed GPX buffer overflow attempt (more info ...) | denial-of-service | 2012-6048 | |||
| 43947 | FILE-OTHER Guitar Pro malformed GPX buffer overflow attempt (more info ...) | denial-of-service | 2012-6048 | |||
| 43950 | MALWARE-CNC Win.Trojan.Globeimposter outbound connection (more info ...) | trojan-activity | URL | |||
| 43952 | FILE-OTHER VLC Media Player malformed AMR buffer overflow attempt (more info ...) | attempted-admin | 2012-0904 | |||
| 43953 | FILE-OTHER VLC Media Player malformed AMR buffer overflow attempt (more info ...) | attempted-admin | 2012-0904 | |||
| 43957 | SERVER-WEBAPP Ubiquiti Networks UniFi Cloud Key Firm v0.6.1 Host Remote Command Execution attempt (more info ...) | web-application-attack | URL | |||
| 43958 | SERVER-WEBAPP SoapUI WSDL types element remote code execution attempt (more info ...) | attempted-user | 2014-1202 | URL | ||
| 43959 | SERVER-OTHER Sybase Open Server function pointer array code execution attempt (more info ...) | attempted-admin | 48934 | URL | ||
| 43969 | MALWARE-CNC Win.Trojan.Kradod connection attempt (more info ...) | trojan-activity | URL | |||
| 43972 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43981 | MALWARE-CNC Andr.Trojan.Femas variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43982 | MALWARE-CNC Andr.Trojan.Femas variant outbound connection (more info ...) | trojan-activity | URL | |||
| 43985 | MALWARE-CNC Win.Trojan.Rortiem outbound connection (more info ...) | trojan-activity | URL | |||
| 43989 | INDICATOR-OBFUSCATION newlines embedded in rtf header (more info ...) | misc-attack | 2012-0158 | URL | ||
| 43990 | INDICATOR-OBFUSCATION RTF obfuscation string (more info ...) | misc-attack | 2012-0158 | URL | ||
| 44011 | MALWARE-CNC Win.Trojan.Hippo variant outbound connection (more info ...) | trojan-activity | ||||
| 44019 | FILE-IMAGE malformed png missing IHDR (more info ...) | attempted-user | ||||
| 44020 | FILE-IMAGE malformed png missing IHDR (more info ...) | attempted-user | ||||
| 44021 | SERVER-WEBAPP Dell OpenManage server application field buffer overflow attempt (more info ...) | attempted-user | 2004-0331 | |||
| 44027 | MALWARE-CNC Win.Trojan.Locky dropper variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 44028 | MALWARE-CNC Win.Trojan.Locky dropper variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 44038 | SERVER-OTHER LCDproc parse_all_client_messages buffer overflow attempt (more info ...) | attempted-admin | 2004-1915 | |||
| 44039 | FILE-PDF Foxit PDF Reader Launch action buffer overflow attempt (more info ...) | attempted-user | 2009-0837 | 34035 | URL | |
| 44041 | SERVER-OTHER LCDproc test_func buffer overflow attempt (more info ...) | attempted-admin | 10085 | |||
| 44042 | MALWARE-CNC Win.Trojan.Hupigon Connection attempt (more info ...) | trojan-activity | URL | |||
| 44096 | MALWARE-TOOLS Request to service that provices external IP address detected (more info ...) | trojan-activity | URL | |||
| 44105 | SERVER-OTHER WebPageTests upload feature remote file upload attempt (more info ...) | attempted-user | URL | |||
| 44123 | FILE-OTHER EMF EMR_EXTTEXTOUTW record memory corruption attempt (more info ...) | misc-activity | ||||
| 44124 | FILE-OTHER EMF EMR_EXTTEXTOUTW record memory corruption attempt (more info ...) | misc-activity | URL | |||
| 44133 | SERVER-WEBAPP OPENi-CMS Seitenschutz plugin remote file include attempt (more info ...) | web-application-attack | 2007-0881 | |||
| 44134 | SERVER-WEBAPP OPENi-CMS Seitenschutz plugin remote file include attempt (more info ...) | web-application-attack | 2007-0881 | |||
| 44142 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0424 attack attempt (more info ...) | policy-violation | 2017-2917 | URL | ||
| 44143 | SERVER-OTHER LCDproc test_func format string code execution attempt (more info ...) | attempted-admin | 2004-1917 | |||
| 44150 | SERVER-WEBAPP IBM Websphere cross site scripting attempt (more info ...) | attempted-user | 2009-0856 | |||
| 44162 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0422 attack attempt (more info ...) | policy-violation | 2017-2915 | URL | ||
| 44165 | SERVER-WEBAPP websocket protocol upgrade request detected (more info ...) | protocol-command-decode | URL | |||
| 44166 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0428 attack attempt (more info ...) | attempted-user | 2017-2921 | URL | ||
| 44171 | MALWARE-CNC Win.Trojan.Zurgop variant outbound beaconing connection (more info ...) | trojan-activity | URL | |||
| 44172 | INDICATOR-OBFUSCATION suspicious dynamic http link creation attempt (more info ...) | attempted-user | URL | |||
| 44177 | MALWARE-CNC Win.Trojan.Cerber variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44180 | FILE-OTHER Bluezone Desktop buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 44181 | FILE-OTHER Bluezone Desktop buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 44190 | MALWARE-CNC Win.Trojan.Cyfshent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44194 | FILE-MULTIMEDIA multiple audio players playlist file handling heap overflow attempt (more info ...) | attempted-user | 2013-7409 | 62926 | URL | |
| 44201 | SERVER-OTHER Verso NetPerformer frame relay access device telnet buffer overflow attempt (more info ...) | denial-of-service | 19989 | |||
| 44203 | SERVER-OTHER HP Data Protector memory corruption attempt (more info ...) | attempted-user | URL | |||
| 44204 | FILE-OTHER VideoLAN VLC Media Player Ogg/Vorbis denial of service attempt (more info ...) | attempted-admin | 2007-3316 | |||
| 44205 | FILE-OTHER VideoLAN VLC Media Player Ogg/Vorbis denial of service attempt (more info ...) | attempted-admin | 2007-3316 | |||
| 44210 | MALWARE-CNC Win.Trojan.Bullrat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44211 | MALWARE-CNC Win.Trojan.Tarayt outbound connection (more info ...) | trojan-activity | URL | |||
| 44212 | MALWARE-CNC Win.Trojan.Tarayt outbound connection (more info ...) | trojan-activity | URL | |||
| 44213 | MALWARE-CNC User-Agent known malicious user-agent - ace4956e-736e-11e6-9584-d7165ca591df - Win.Trojan.Tarayt (more info ...) | trojan-activity | URL | |||
| 44214 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Graftor (more info ...) | trojan-activity | URL | |||
| 44215 | SERVER-OTHER Sybase Open Server TDS login packet stack memory corruption attempt (more info ...) | attempted-admin | URL | |||
| 44220 | MALWARE-CNC Win.Ransomware.SyncCrypt variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 44221 | MALWARE-CNC Win.Ransomware.SyncCrypt variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 44222 | MALWARE-CNC Win.Ransomware.SyncCrypt variant initial outbound connection (more info ...) | trojan-activity | URL | |||
| 44267 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0436 attack attempt (more info ...) | policy-violation | 2017-12084 | URL | ||
| 44268 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0437 attack attempt (more info ...) | policy-violation | 2017-12085 | URL | ||
| 44276 | MALWARE-CNC Win.Trojan.Chthonic outbound file download attempt (more info ...) | trojan-activity | URL | |||
| 44277 | MALWARE-CNC Win.Trojan.Chthonic outbound file download attempt (more info ...) | trojan-activity | URL | |||
| 44278 | MALWARE-CNC Win.Trojan.CrystalAttack outbound file download attempt (more info ...) | trojan-activity | URL | |||
| 44279 | MALWARE-CNC Win.Ransomware.FlatChestWare varint outbound connection (more info ...) | trojan-activity | ||||
| 44298 | SERVER-WEBAPP AT&T U-verse modem command injection attempt (more info ...) | web-application-attack | URL | |||
| 44299 | SERVER-WEBAPP AT&T U-verse modem information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44300 | SERVER-WEBAPP AT&T U-verse modem authentication bypass attempt (more info ...) | web-application-attack | 2017-14117 | URL | ||
| 44301 | SERVER-WEBAPP AT&T U-verse modem information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44302 | SERVER-WEBAPP AT&T U-verse modem firmware upload attempt (more info ...) | attempted-admin | URL | |||
| 44307 | MALWARE-CNC Win.Downloader.Razy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44313 | MALWARE-CNC Win.Trojan.Totbrick variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44314 | MALWARE-CNC Win.Trojan.Totbrick variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 44316 | MALWARE-CNC Win.Trojan.Ellell variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44317 | MALWARE-CNC User-Agent known malicious user-agent - Version/100 - Win.Trojan.Tarayt (more info ...) | trojan-activity | URL | |||
| 44323 | FILE-OTHER RAR file malformed header antivirus evasion attempt (more info ...) | misc-activity | 2012-1443 | |||
| 44325 | FILE-OTHER ZIP file malformed header antivirus evasion attempt (more info ...) | misc-activity | 2012-1462 | |||
| 44355 | FILE-IMAGE Free Opener malformed JPEG file buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 44358 | PUA-ADWARE DealPly Adware variant outbound connection (more info ...) | misc-activity | URL | |||
| 44362 | MALWARE-CNC User-Agent known malicious user-agent string - Sality (more info ...) | trojan-activity | URL | |||
| 44365 | MALWARE-CNC Win.Trojan.Paradise ransomware outbound post (more info ...) | trojan-activity | URL | |||
| 44366 | MALWARE-CNC Win.Trojan.Paradise ransomware inbound executable (more info ...) | trojan-activity | URL | |||
| 44367 | MALWARE-CNC Win.Trojan.Paradise ransomware inbound executable (more info ...) | trojan-activity | URL | |||
| 44368 | PROTOCOL-SCADA CoDeSys GatewayService heap overrun attempt (more info ...) | attempted-user | 2011-5008 | 50849 | ||
| 44369 | FILE-PDF Nitro Pro malformed object index buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 44370 | FILE-PDF Nitro Pro malformed object index buffer overflow attempt (more info ...) | attempted-user | URL | |||
| 44373 | SERVER-WEBAPP XStream void primitive denial of service attempt (more info ...) | denial-of-service | 2018-1327 | URL | ||
| 44382 | SERVER-OTHER D-Link router remote reboot attempt (more info ...) | misc-activity | URL | |||
| 44391 | MALWARE-CNC Win.Trojan.Konus variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44392 | MALWARE-CNC Win.Trojan.Konus variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44393 | MALWARE-CNC Win.Trojan.Konus variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44394 | PUA-ADWARE Win.Adware.Techsnab variant outbound connection detected (more info ...) | misc-activity | URL | |||
| 44395 | PUA-ADWARE Win.Adware.Techsnab variant outbound connection detected (more info ...) | misc-activity | URL | |||
| 44396 | MALWARE-CNC Win.Trojan.KediRAT outbound connection (more info ...) | trojan-activity | URL | |||
| 44403 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44404 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44405 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44406 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44407 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44408 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44409 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44410 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44411 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44412 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44413 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44414 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44415 | MALWARE-CNC Win.Trojan.Trickbot malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 44419 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2017-0445 attack attempt (more info ...) | denial-of-service | 2017-12093 | URL | ||
| 44420 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2017-0440 attack attempt (more info ...) | denial-of-service | 2017-12088 | URL | ||
| 44421 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0441 attack attempt (more info ...) | policy-violation | 2017-12089 | URL | ||
| 44422 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0441 attack attempt (more info ...) | policy-violation | 2017-12089 | URL | ||
| 44423 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0444 attack attempt (more info ...) | policy-violation | 2017-12092 | URL | ||
| 44424 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (more info ...) | policy-violation | 2017-12091 | URL | ||
| 44425 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (more info ...) | policy-violation | 2017-12091 | URL | ||
| 44426 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (more info ...) | policy-violation | 2017-12091 | URL | ||
| 44427 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (more info ...) | policy-violation | 2017-12091 | URL | ||
| 44428 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (more info ...) | policy-violation | 2017-12091 | URL | ||
| 44429 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0443 attack attempt (more info ...) | policy-violation | 2017-12091 | URL | ||
| 44438 | MALWARE-CNC Win.Backdoor.Poison variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44439 | MALWARE-CNC Win.Backdoor.Poison variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44440 | MALWARE-CNC User-Agent known malicious user-agent string - Poison (more info ...) | trojan-activity | URL | |||
| 44443 | MALWARE-CNC Win.Trojan.Popureb variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44450 | MALWARE-CNC Win.Trojan.Buterat variant outbount connection detected (more info ...) | trojan-activity | URL | |||
| 44451 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0458 attack attempt (more info ...) | attempted-user | 2017-12106 | URL | ||
| 44452 | FILE-IMAGE TRUFFLEHUNTER TALOS-2017-0458 attack attempt (more info ...) | attempted-user | 2017-12106 | URL | ||
| 44455 | FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (more info ...) | attempted-user | 2008-3021 | 30598 | ||
| 44456 | FILE-IMAGE Apple PICT Quickdraw image converter packType 4 buffer overflow attempt (more info ...) | attempted-user | 2008-3021 | 30598 | ||
| 44468 | SERVER-OTHER SAP Netweaver Dynpro Engine denial of service attempt (more info ...) | attempted-dos | 2017-9845 | 96874 | URL | |
| 44476 | PUA-ADWARE Win.Adware.OutBrowse variant outbound connection detected (more info ...) | misc-activity | URL | |||
| 44507 | SERVER-WEBAPP Symantec Endpoint Protection Manager information disclosure attempt (more info ...) | attempted-recon | 2016-3649 | 91440 | ||
| 44540 | SERVER-OTHER Jiangmin Anti-Virus Network Edition information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44541 | SERVER-OTHER Jiangmin Anti-Virus Network Edition configuration change attempt (more info ...) | misc-activity | URL | |||
| 44542 | SERVER-OTHER Jiangmin Anti-Virus Network Edition remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 44543 | SERVER-OTHER Jiangmin Anti-Virus Network Edition information disclosure attempt (more info ...) | attempted-recon | ||||
| 44554 | MALWARE-CNC Andr.Trojan.Congur variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44561 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44562 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44563 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44564 | MALWARE-CNC PowerShell Empire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44565 | SERVER-WEBAPP Trend Micro SPS and IMS diagnostic.log session disclosure attempt (more info ...) | attempted-recon | 2017-11398 | 102275 | URL | |
| 44569 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44570 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44574 | SERVER-OTHER Ipass Client control pipe remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 44575 | SERVER-WEBAPP Ignite Realtime Openfire user-create cross site request forgery attempt (more info ...) | attempted-user | 2015-6973 | |||
| 44576 | SERVER-OTHER Samsung Security Manager ActiveMQ arbitrary file upload attempt (more info ...) | attempted-admin | 2015-3435 | |||
| 44577 | SERVER-OTHER Samsung Security Manager ActiveMQ cross site scripting attempt (more info ...) | web-application-attack | 2015-3435 | |||
| 44610 | MALWARE-CNC Win.Trojan.Locky dropper variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 44611 | MALWARE-CNC Win.Trojan.Locky dropper variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 44612 | INDICATOR-COMPROMISE VBscript downloader detected (more info ...) | trojan-activity | URL | |||
| 44613 | INDICATOR-COMPROMISE VBscript downloader detected (more info ...) | trojan-activity | URL | |||
| 44616 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44617 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44618 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44619 | MALWARE-CNC Android Red Alert Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 44620 | MALWARE-CNC Android Red Alert Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 44621 | MALWARE-CNC Android Red Alert Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 44622 | MALWARE-CNC Android Red Alert Trojan outbound connection (more info ...) | trojan-activity | URL | |||
| 44623 | POLICY-OTHER EMC Autostart default domain login attempt (more info ...) | default-login-attempt | URL | |||
| 44639 | MALWARE-CNC Win.Trojan.Quimonk variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44640 | POLICY-OTHER WPA2 key reuse tool attempt (more info ...) | attempted-user | 2017-13088 | URL | ||
| 44643 | SERVER-OTHER Mikrotik RouterOS denial of service attempt (more info ...) | denial-of-service | 2012-6050 | |||
| 44652 | MALWARE-CNC Win.Zusy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44653 | MALWARE-CNC IoT Reaper botnet (more info ...) | trojan-activity | URL | |||
| 44654 | MALWARE-CNC IoT Reaper botnet CNC (more info ...) | trojan-activity | URL | |||
| 44655 | MALWARE-CNC IoT Reaper botnet dropper (more info ...) | trojan-activity | URL | |||
| 44656 | MALWARE-CNC IoT Reaper botnet CNC (more info ...) | trojan-activity | URL | |||
| 44659 | MALWARE-CNC Win.Trojan.Wraut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44660 | SERVER-OTHER D-Link multiple routers command execution attempt (more info ...) | attempted-admin | 2020-9377 | URL | ||
| 44661 | SERVER-OTHER D-Link DIR-300 and DIR-600 information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44662 | SERVER-OTHER D-Link DIR-300 and DIR-600 information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 44663 | SERVER-OTHER Mikrotik RouterOS SNMP security bypass attempt (more info ...) | attempted-admin | 2008-6976 | |||
| 44665 | SERVER-OTHER Easy Chat Server buffer overflow attempt (more info ...) | attempted-admin | 2004-2466 | 67384 | ||
| 44666 | SERVER-OTHER Easy Chat Server buffer overflow attempt (more info ...) | attempted-admin | 2004-2466 | 67384 | ||
| 44668 | SERVER-WEBAPP Advantech WebAccess cross site scripting attempt (more info ...) | attempted-user | 2012-0233 | |||
| 44675 | SERVER-OTHER iSCSI target multiple implementations iSNS stack buffer overflow attempt (more info ...) | attempted-admin | 2010-2221 | 41327 | ||
| 44676 | SERVER-OTHER Wireshark Sigcomp buffer overflow attempt (more info ...) | attempted-user | 2010-2287 | |||
| 44677 | MALWARE-CNC Win.Trojan.Nemucod outbound connection (more info ...) | trojan-activity | ||||
| 44678 | POLICY-OTHER NetSupport Manager RAT outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44679 | SERVER-OTHER Beetel Connection Manager username buffer overflow attempt (more info ...) | attempted-user | 63414 | |||
| 44680 | SERVER-OTHER Beetel Connection Manager username buffer overflow attempt (more info ...) | attempted-user | 63414 | |||
| 44685 | SERVER-OTHER TVMOBiLi HttpUtils.dll denial of service attempt (more info ...) | attempted-admin | 2012-5451 | |||
| 44686 | SERVER-OTHER TVMOBiLi HttpUtils.dll denial of service attempt (more info ...) | attempted-admin | 2012-5451 | |||
| 44689 | MALWARE-CNC Win.Trojan.Gen variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44690 | SERVER-OTHER ElasticSearch script remote code execution attempt (more info ...) | attempted-admin | 2014-3120 | URL | ||
| 44691 | PUA-ADWARE Win.Adware.Clover outbound connection (more info ...) | misc-activity | URL | |||
| 44692 | INDICATOR-OBFUSCATION CoinHive cryptocurrency mining attempt (more info ...) | misc-attack | URL | |||
| 44693 | INDICATOR-OBFUSCATION CoinHive cryptocurrency mining attempt (more info ...) | misc-attack | URL | |||
| 44697 | MALWARE-CNC SquirrelMail directory traversal attempt (more info ...) | web-application-attack | 2006-2842 | URL | ||
| 44698 | SERVER-WEBAPP Internal field separator use in HTTP URI attempt (more info ...) | web-application-attack | ||||
| 44699 | SERVER-WEBAPP Internal field separator use in HTTP URI attempt (more info ...) | web-application-attack | ||||
| 44702 | POLICY-OTHER Inedo BuildMaster web server login with default credentials attempt (more info ...) | policy-violation | URL | |||
| 44713 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0464 attack attempt (more info ...) | policy-violation | 2017-12114 | URL | ||
| 44714 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0464 attack attempt (more info ...) | policy-violation | 2017-12118 | URL | ||
| 44715 | SERVER-OTHER Oracle GoldenGate Collector process remote start attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44716 | SERVER-OTHER Oracle GoldenGate arbitrary file write attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44717 | SERVER-OTHER Oracle GoldenGate Collector process remote start attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44718 | SERVER-OTHER Oracle GoldenGate arbitrary file write attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44719 | SERVER-OTHER Oracle GoldenGate arbitrary file write attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44720 | SERVER-OTHER Oracle GoldenGate arbitrary file write attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44721 | SERVER-OTHER Oracle GoldenGate Manager process arbitrary file execution attempt (more info ...) | policy-violation | 2016-0451 | URL | ||
| 44753 | MALWARE-CNC Win.Trojan.Stimilina variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44756 | SERVER-OTHER NTP crypto-NAK denial of service attempt (more info ...) | denial-of-service | 2016-4957 | URL | ||
| 44757 | FILE-OTHER LibYAML yaml_parser_scan_uri_escapes heap buffer overflow attempt (more info ...) | attempted-user | 2014-2525 | |||
| 44758 | FILE-OTHER LibYAML yaml_parser_scan_uri_escapes heap buffer overflow attempt (more info ...) | attempted-user | 2014-2525 | |||
| 44759 | FILE-OTHER LibYAML yaml_parser_scan_uri_escapes heap buffer overflow attempt (more info ...) | attempted-user | 2014-2525 | |||
| 44760 | MALWARE-CNC Win.Trojan.Reyptson ransomware download (more info ...) | trojan-activity | URL | |||
| 44761 | MALWARE-CNC Win.Trojan.Reyptson ransomware download (more info ...) | trojan-activity | URL | |||
| 44762 | MALWARE-CNC Win.Trojan.KopiLuwak variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 44763 | MALWARE-CNC Win.Trojan.KopiLuwak variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 44768 | MALWARE-CNC Win.Trojan.Silence outbound request (more info ...) | attempted-admin | URL | |||
| 44769 | MALWARE-CNC Win.Trojan.Silence inbound download (more info ...) | attempted-admin | URL | |||
| 44770 | MALWARE-CNC Win.Trojan.Silence cnc module download (more info ...) | attempted-admin | URL | |||
| 44771 | MALWARE-CNC Win.Trojan.Silence monitoring module download (more info ...) | attempted-admin | URL | |||
| 44772 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Datper (more info ...) | trojan-activity | URL | |||
| 44773 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Datper (more info ...) | trojan-activity | URL | |||
| 44774 | MALWARE-CNC Win.Trojan.xxmm variant initial outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44775 | MALWARE-CNC Win.Trojan.xxmm variant initial outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44776 | MALWARE-CNC Win.Trojan.xxmm variant initial outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44777 | MALWARE-CNC Win.Trojan.xxmm variant initial outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44778 | MALWARE-CNC Win.Trojan.xxmm variant initial outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44779 | MALWARE-CNC Win.Trojan.xxmm variant initial outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44780 | MALWARE-CNC Win.Trojan.Locky outbound callout (more info ...) | trojan-activity | URL | |||
| 44781 | MALWARE-CNC Win.Trojan.Locky outbound callout (more info ...) | trojan-activity | URL | |||
| 44782 | MALWARE-CNC Win.Trojan.Locky outbound callout (more info ...) | trojan-activity | URL | |||
| 44783 | FILE-IDENTIFY UltraPlayer USK file buffer overflow attempt (more info ...) | misc-activity | ||||
| 44784 | FILE-IDENTIFY UltraPlayer USK file buffer overflow attempt (more info ...) | misc-activity | ||||
| 44785 | FILE-IDENTIFY UltraPlayer USK file buffer overflow attempt (more info ...) | misc-activity | ||||
| 44786 | FILE-IDENTIFY UltraPlayer USK file buffer overflow attempt (more info ...) | misc-activity | ||||
| 44787 | MALWARE-CNC Win.Trojan.Godzilla outbound connection (more info ...) | trojan-activity | URL | |||
| 44788 | MALWARE-CNC Win.Trojan.Nymaim variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44789 | MALWARE-CNC Win.Trojan.Nymaim variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44790 | SERVER-WEBAPP MikroTik RouterOS cross site request forgery attempt (more info ...) | policy-violation | 2015-2350 | 73013 | ||
| 44791 | MALWARE-CNC Win.Trojan.Retadup variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44855 | POLICY-OTHER TRUFFLEHUNTER TALOS-2017-0480 attack attempt (more info ...) | policy-violation | 2017-12128 | URL | ||
| 44876 | MALWARE-CNC Malicious VBA Dropper outbound connection detected (more info ...) | trojan-activity | ||||
| 44878 | SERVER-OTHER Mako Web Server arbitrary file upload attempt (more info ...) | attempted-user | URL | |||
| 44886 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Trojan.Volgmer (more info ...) | trojan-activity | URL | |||
| 44889 | PUA-TOOLBARS WidgiToolbar toolbar runtime detection (more info ...) | misc-activity | URL | |||
| 44895 | MALWARE-CNC Win.Trojan.CoinMiner inbound connection detected (more info ...) | trojan-activity | URL | |||
| 44896 | MALWARE-CNC Win.Trojan.CoinMiner outbound connection (more info ...) | trojan-activity | URL | |||
| 44897 | MALWARE-CNC Win.Trojan.CoinMiner outbound connection (more info ...) | trojan-activity | URL | |||
| 44898 | MALWARE-CNC Win.Trojan.CoinMiner outbound connection (more info ...) | trojan-activity | URL | |||
| 44899 | MALWARE-CNC Win.Trojan.CoinMiner inbound connection detected (more info ...) | trojan-activity | URL | |||
| 44911 | MALWARE-CNC Osx.Trojan.Fruitfly variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 44943 | MALWARE-CNC Win.Trojan.FallChill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44944 | MALWARE-CNC Win.Trojan.FallChill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44945 | MALWARE-CNC Win.Trojan.FallChill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44946 | MALWARE-CNC Win.Trojan.FallChill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44972 | MALWARE-CNC Win.Trojan.Ramnit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44973 | MALWARE-CNC Win.Trojan.Ramnit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 44979 | FILE-PDF Foxit Reader and PhantomPDF util printf information disclosure attempt (more info ...) | attempted-recon | 2019-13318 | |||
| 44980 | FILE-PDF Foxit Reader and PhantomPDF util printf information disclosure attempt (more info ...) | attempted-recon | 2019-13318 | |||
| 44985 | SERVER-OTHER Galil RIO-47100 denial of service attempt (more info ...) | denial-of-service | 2013-0699 | |||
| 44986 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0486 attack attempt (more info ...) | attempted-dos | 2017-12130 | URL | ||
| 44992 | SERVER-WEBAPP ManageEngine ServiceDesk Plus policy bypass attempt (more info ...) | web-application-attack | 2015-1480 | |||
| 44993 | SERVER-WEBAPP ManageEngine ServiceDesk Plus policy bypass attempt (more info ...) | web-application-attack | 2015-1480 | |||
| 44994 | SERVER-WEBAPP ManageEngine ServiceDesk Plus policy bypass attempt (more info ...) | web-application-attack | 2015-1480 | |||
| 44996 | SERVER-WEBAPP ManageEngine ServiceDesk Plus policy bypass attempt (more info ...) | web-application-attack | 2015-1480 | |||
| 44997 | MALWARE-CNC Legend irc bot cnc attempt (more info ...) | trojan-activity | ||||
| 44998 | MALWARE-CNC Legend irc bot cnc attempt (more info ...) | trojan-activity | ||||
| 44999 | SERVER-WEBAPP Ruby on Rails file inclusion attempt (more info ...) | attempted-user | 2016-0752 | URL | ||
| 45000 | SERVER-WEBAPP Ruby on Rails file inclusion attempt (more info ...) | attempted-user | 2016-0752 | URL | ||
| 45029 | FILE-PDF JPEG2000 image coding style default information disclosure attempt (more info ...) | misc-activity | 2017-16387 | URL | ||
| 45030 | FILE-PDF JPEG2000 image coding style default information disclosure attempt (more info ...) | misc-activity | 2017-16387 | URL | ||
| 45049 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0493 attack attempt (more info ...) | attempted-recon | 2017-14444 | URL | ||
| 45050 | MALWARE-CNC Win.Trojan.IcedId outbound connection (more info ...) | trojan-activity | URL | |||
| 45051 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Tool.SMSBomber (more info ...) | trojan-activity | URL | |||
| 45062 | MALWARE-CNC Win.Trojan.Neuron variant inbound service request detected (more info ...) | trojan-activity | URL | |||
| 45063 | MALWARE-CNC Win.Trojan.Neuron variant inbound service request detected (more info ...) | trojan-activity | URL | |||
| 45064 | MALWARE-CNC Win.Trojan.Neuron variant inbound service request detected (more info ...) | trojan-activity | URL | |||
| 45065 | MALWARE-CNC Win.Trojan.Neuron variant inbound service request detected (more info ...) | trojan-activity | URL | |||
| 45068 | SERVER-OTHER Oracle Identity Manager default login attempt (more info ...) | attempted-admin | 2017-10151 | URL | ||
| 45069 | SERVER-SAMBA Samba write andx command memory leak attempt (more info ...) | attempted-user | 2017-12163 | URL | ||
| 45070 | SERVER-SAMBA Samba write and close command memory leak attempt (more info ...) | attempted-user | 2017-12163 | URL | ||
| 45072 | SERVER-SAMBA Samba write command memory leak attempt (more info ...) | attempted-user | 2017-12163 | URL | ||
| 45078 | SERVER-WEBAPP TP-Link WR1043ND router cross site request forgery attempt (more info ...) | web-application-attack | 2013-2645 | |||
| 45079 | SERVER-WEBAPP TP-Link WR1043ND router cross site request forgery attempt (more info ...) | web-application-attack | 2013-2645 | |||
| 45082 | SERVER-WEBAPP Ruby on Rails log file manipulation attempt (more info ...) | attempted-recon | 2016-0752 | URL | ||
| 45086 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0494 attack attempt (more info ...) | attempted-admin | 2017-14445 | URL | ||
| 45087 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0495 attack attempt (more info ...) | attempted-admin | 2017-14446 | URL | ||
| 45090 | MALWARE-CNC Win.Backdoor.StoneDrill server selection outbound connection (more info ...) | trojan-activity | URL | |||
| 45091 | MALWARE-CNC Win.Backdoor.StoneDrill login outbound connection (more info ...) | trojan-activity | URL | |||
| 45092 | MALWARE-CNC Win.Backdoor.StoneDrill get commands outbound connection (more info ...) | trojan-activity | URL | |||
| 45095 | MALWARE-CNC Win.Ransomware.Gibon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45096 | MALWARE-CNC Win.Ransomware.Gibon variant inbound connection (more info ...) | trojan-activity | URL | |||
| 45097 | MALWARE-CNC Win.Downloader.SnatchLoader variant inbound connection (more info ...) | trojan-activity | URL | |||
| 45098 | MALWARE-CNC Win.Downloader.SnatchLoader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45104 | MALWARE-CNC Win.Malware.Recam variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45107 | SERVER-OTHER Fatek Automation PLC WinProladder buffer overflow attempt (more info ...) | attempted-user | 2016-8377 | 94938 | ||
| 45111 | SERVER-WEBAPP OrientDB database query attempt (more info ...) | attempted-recon | 2017-11467 | URL | ||
| 45157 | SERVER-OTHER SSDP M-SEARCH ssdp-all potential amplified distributed denial-of-service attempt (more info ...) | attempted-dos | 2013-5211 | URL | ||
| 45191 | PROTOCOL-TELNET TippingPoint IPS telnet login failure xss attempt (more info ...) | misc-attack | ||||
| 45194 | MALWARE-CNC Win.Trojan.FileCryptor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45195 | SERVER-WEBAPP Zavio IP Cameras command injection attempt (more info ...) | web-application-attack | 2013-2570 | 60188 | URL | |
| 45196 | SERVER-WEBAPP Zavio IP Cameras command injection attempt (more info ...) | web-application-attack | 2013-2570 | 60188 | URL | |
| 45197 | SERVER-WEBAPP Zavio IP Cameras command injection attempt (more info ...) | web-application-attack | 2013-2570 | 60188 | URL | |
| 45200 | SERVER-OTHER limited RSA ciphersuite list - possible Bleichenbacher SSL attack attempt (more info ...) | attempted-recon | 2017-6168 | URL | ||
| 45204 | SERVER-WEBAPP ActiveCalendar css cross site scripting attempt (more info ...) | web-application-attack | 2007-1111 | |||
| 45205 | SERVER-OTHER HP Data Protector Express DtbClsLogin buffer overflow attempt (more info ...) | attempted-user | 2010-3007 | 43105 | ||
| 45207 | PROTOCOL-SCADA WelinTech Kingview History Server denial of service attempt (more info ...) | attempted-dos | URL | |||
| 45208 | MALWARE-CNC Win.Trojan.VEye2 remote access tool download (more info ...) | trojan-activity | URL | |||
| 45209 | MALWARE-CNC Win.Trojan.VEye2 remote access tool download (more info ...) | trojan-activity | URL | |||
| 45220 | SERVER-OTHER TRUFFLEHUNTER TALOS-2017-0507 attack attempt (more info ...) | attempted-admin | 2017-14459 | URL | ||
| 45221 | MALWARE-CNC Win.Trojan.Nautilus outbound call (more info ...) | trojan-activity | URL | |||
| 45222 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0508 attack attempt (more info ...) | attempted-recon | 2017-14460 | URL | ||
| 45223 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2017-0508 attack attempt (more info ...) | attempted-recon | 2017-14460 | URL | ||
| 45226 | SERVER-WEBAPP FreePBX recording interface file upload code execution attempt (more info ...) | web-application-attack | 2010-3490 | 43454 | ||
| 45227 | SERVER-OTHER Docker Rancher Server remote code execution attempt (more info ...) | attempted-user | URL | |||
| 45228 | SERVER-OTHER Medal Of Honor Allied Assault getinfo buffer overflow attempt (more info ...) | attempted-user | 2004-0735 | 10743 | ||
| 45229 | MALWARE-CNC User-Agent known malicious user-agent string - SocStealer (more info ...) | trojan-activity | URL | |||
| 45230 | MALWARE-CNC User-Agent known malicious user-agent string - SocStealer (more info ...) | trojan-activity | URL | |||
| 45231 | MALWARE-CNC Win.Trojan.DDEDownloader variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 45232 | MALWARE-CNC Win.Trojan.CactusTorch download attempt detected (more info ...) | attempted-admin | URL | |||
| 45233 | PROTOCOL-SCADA Schneider Modicon Quantum modbus stop command attempt (more info ...) | misc-activity | URL | |||
| 45234 | PROTOCOL-SCADA Schneider Modicon Quantum modbus start command attempt (more info ...) | misc-activity | URL | |||
| 45239 | MALWARE-CNC Win.Malware.Freenki variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45249 | SERVER-WEBAPP UAParser.js library regular expression denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45251 | MALWARE-CNC Win.Ransomware.Spider variant download attempt detected (more info ...) | trojan-activity | URL | |||
| 45252 | MALWARE-CNC Win.Ransomware.Spider variant download attempt detected (more info ...) | trojan-activity | URL | |||
| 45256 | BROWSER-OTHER IBM Notes denial of service attempt (more info ...) | denial-of-service | 2017-1130 | 100632 | URL | |
| 45257 | BROWSER-OTHER IBM Notes denial of service attempt (more info ...) | denial-of-service | 2017-1130 | 100632 | URL | |
| 45260 | MALWARE-CNC Win.Backdoor.Triton Triton ICS malware upload attempt (more info ...) | trojan-activity | URL | |||
| 45262 | SERVER-WEBAPP Google App Engine open redirect attempt (more info ...) | web-application-attack | URL | |||
| 45263 | SERVER-WEBAPP CMS Made Simple server side template injection attempt (more info ...) | web-application-attack | 2017-16783 | |||
| 45264 | SERVER-WEBAPP CMS Made Simple server side template injection attempt (more info ...) | web-application-attack | 2017-16783 | |||
| 45302 | BROWSER-OTHER Multiple browser long unicode string denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45303 | BROWSER-OTHER Multiple browser long unicode string denial of service attempt (more info ...) | denial-of-service | URL | |||
| 45305 | FILE-IMAGE Qt library BMP image parser heap overflow exploit attempt (more info ...) | attempted-user | 2004-0691 | |||
| 45306 | FILE-IMAGE Qt library BMP image parser heap overflow exploit attempt (more info ...) | attempted-user | 2004-0691 | |||
| 45317 | SERVER-WEBAPP Chipmunk Guestbook cross site scripting attempt (more info ...) | attempted-user | 2006-0069 | |||
| 45320 | SERVER-WEBAPP Dahua DVR serial number query attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45321 | SERVER-WEBAPP Dahua DVR firmware version query attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45322 | SERVER-WEBAPP Dahua DVR channel information query attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45323 | SERVER-WEBAPP Dahua DVR email configuration download attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45326 | SERVER-WEBAPP Dahua DVR user group information query attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45327 | SERVER-WEBAPP Dahua DVR NAS configuration download attempt (more info ...) | attempted-recon | 2013-6117 | 63742 | ||
| 45329 | SERVER-WEBAPP Dahua DVR clear logs request attempt (more info ...) | misc-activity | 2013-6117 | 63742 | ||
| 45330 | SERVER-WEBAPP raSMP User-Agent XSS injection attempt (more info ...) | web-application-attack | 2006-0084 | 16138 | ||
| 45331 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45332 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45333 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45334 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45335 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45336 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45337 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45338 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45339 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45340 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45341 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45342 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45343 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45344 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45352 | MALWARE-CNC PowerShell Empire HTTP listener response (more info ...) | trojan-activity | URL | |||
| 45373 | SERVER-WEBAPP Trend Micro Smart Protection Server directory traversal attempt (more info ...) | web-application-attack | 2017-14095 | 102275 | URL | |
| 45380 | SERVER-OTHER Sixnet SixView Manager directory traversal attempt (more info ...) | attempted-admin | 2014-2976 | |||
| 45381 | SERVER-WEBAPP Symantec Endpoint Protection cross site scripting attempt (more info ...) | web-application-attack | 2014-3438 | |||
| 45382 | SERVER-WEBAPP Huawei router command injection attempt (more info ...) | web-application-attack | ||||
| 45385 | OS-OTHER Mac OS X setuid privilege esclatation exploit attempt (more info ...) | attempted-admin | 2007-0345 | |||
| 45386 | OS-OTHER Mac OS X setuid privilege esclatation exploit attempt (more info ...) | attempted-admin | 2007-0345 | |||
| 45400 | MALWARE-CNC Osx.Trojan.OceanLotus outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45417 | POLICY-OTHER Stratum mining protocol outbound connection attempt (more info ...) | policy-violation | URL | |||
| 45420 | SERVER-WEBAPP Drupal HTTP Strict Transport Security module security bypass attempt (more info ...) | web-application-attack | 2015-5505 | URL | ||
| 45422 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0512 attack attempt (more info ...) | misc-activity | 2018-3834 | URL | ||
| 45423 | PROTOCOL-SCADA MMS Confirmed-RequestPDU (more info ...) | protocol-command-decode | URL | |||
| 45424 | PROTOCOL-SCADA MMS Confirmed-ResponsePDU (more info ...) | protocol-command-decode | URL | |||
| 45425 | PROTOCOL-SCADA MMS Confirmed-ErrorPDU (more info ...) | protocol-command-decode | URL | |||
| 45426 | PROTOCOL-SCADA MMS UnconfirmedPDU (more info ...) | protocol-command-decode | URL | |||
| 45427 | PROTOCOL-SCADA MMS RejectPDU (more info ...) | protocol-command-decode | URL | |||
| 45428 | PROTOCOL-SCADA MMS Cancel-RequestPDU (more info ...) | protocol-command-decode | URL | |||
| 45429 | PROTOCOL-SCADA MMS Cancel-ResponsePDU (more info ...) | protocol-command-decode | URL | |||
| 45430 | PROTOCOL-SCADA MMS Cancel-ErrorPDU (more info ...) | protocol-command-decode | URL | |||
| 45431 | PROTOCOL-SCADA MMS Initiate-RequestPDU (more info ...) | protocol-command-decode | URL | |||
| 45432 | PROTOCOL-SCADA MMS Initiate-ResponsePDU (more info ...) | protocol-command-decode | URL | |||
| 45433 | PROTOCOL-SCADA MMS Initiate-ErrorPDU (more info ...) | protocol-command-decode | URL | |||
| 45434 | PROTOCOL-SCADA MMS Conclude-RequestPDU (more info ...) | protocol-command-decode | URL | |||
| 45435 | PROTOCOL-SCADA MMS Conclude-ResponsePDU (more info ...) | protocol-command-decode | URL | |||
| 45436 | PROTOCOL-SCADA MMS Conclude-ErrorPDU (more info ...) | protocol-command-decode | URL | |||
| 45440 | SERVER-OTHER HP LoadRunner remote command execution attempt (more info ...) | attempted-admin | 2010-1549 | URL | ||
| 45442 | SERVER-OTHER Hewlett Packard Enterprise Intelligent Management Center FileDownloadServlet information disclosure attempt (more info ...) | attempted-recon | 2017-5797 | |||
| 45454 | SERVER-WEBAPP PostfixAdmin protected alias deletion attempt (more info ...) | policy-violation | 2017-5930 | 96142 | URL | |
| 45455 | EXPLOIT-KIT Rig Exploit Kit URI redirect attempt (more info ...) | attempted-user | ||||
| 45468 | MALWARE-CNC SambaCry ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 45469 | MALWARE-CNC SambaCry ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 45470 | MALWARE-CNC SambaCry ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 45471 | MALWARE-CNC SambaCry ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 45472 | MALWARE-CNC SambaCry ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 45473 | MALWARE-CNC SambaCry ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 45477 | MALWARE-CNC Win.Backdoor.Triton Triton ICS malware transfer attempt (more info ...) | trojan-activity | URL | |||
| 45478 | MALWARE-CNC Win.Backdoor.Triton Triton ICS malware transfer attempt (more info ...) | trojan-activity | URL | |||
| 45483 | MALWARE-CNC Pdf.Phishing.Agent variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 45499 | SERVER-OTHER ISC DHCPD remote denial of service attempt (more info ...) | attempted-dos | 2017-3144 | URL | ||
| 45510 | MALWARE-CNC Win.Trojan.Rokrat file upload attempt (more info ...) | trojan-activity | URL | |||
| 45514 | BROWSER-IE toStaticHTML CSS import XSS exploit attempt (more info ...) | attempted-user | 2010-3324 | URL | ||
| 45527 | EXPLOIT-KIT Rig Exploit Kit URI redirect attempt (more info ...) | attempted-user | ||||
| 45528 | EXPLOIT-KIT Rig Exploit Kit URI redirect attempt (more info ...) | attempted-user | ||||
| 45529 | EXPLOIT-KIT Rig Exploit Kit URI redirect attempt (more info ...) | attempted-user | ||||
| 45530 | EXPLOIT-KIT Rig Exploit Kit URI redirect attempt (more info ...) | attempted-user | ||||
| 45531 | EXPLOIT-KIT Rig Exploit Kit URI redirect attempt (more info ...) | attempted-user | ||||
| 45533 | FILE-OTHER Ghostscript rsdparams type confusion attempt (more info ...) | attempted-user | 2017-8291 | 98476 | URL | |
| 45534 | FILE-OTHER Ghostscript rsdparams type confusion attempt (more info ...) | attempted-user | 2017-8291 | 98476 | URL | |
| 45535 | FILE-OTHER Ghostscript eqproc type confusion attempt (more info ...) | attempted-user | 2017-8291 | 98476 | URL | |
| 45536 | FILE-OTHER Ghostscript eqproc type confusion attempt (more info ...) | attempted-user | 2017-8291 | 98476 | URL | |
| 45540 | SERVER-ORACLE Oracle Database Server mdsys.md2.sdo_code_size buffer overflow attempt (more info ...) | attempted-user | 2004-1774 | 13145 | ||
| 45541 | FILE-OTHER WinAce TAR file directory traversal attempt (more info ...) | attempted-user | 2006-0981 | |||
| 45542 | FILE-OTHER WinAce TAR file directory traversal attempt (more info ...) | attempted-user | 2006-0981 | |||
| 45543 | FILE-OTHER WinAce RAR file directory traversal attempt (more info ...) | attempted-user | 2006-0981 | |||
| 45544 | FILE-OTHER WinAce RAR file directory traversal attempt (more info ...) | attempted-user | 2006-0981 | |||
| 45545 | MALWARE-CNC Osx.Trojan.SHLayer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45551 | MALWARE-CNC Win.Trojan.Velso ransomware download (more info ...) | trojan-activity | URL | |||
| 45552 | MALWARE-CNC Win.Trojan.Velso ransomware download (more info ...) | trojan-activity | URL | |||
| 45560 | MALWARE-CNC Win.Trojan.LockPoS outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45561 | MALWARE-CNC Win.Trojan.LockPoS outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45562 | MALWARE-CNC Win.Trojan.LockPoS outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45566 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45567 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45568 | SERVER-SAMBA Samba LDAP Server libldb denial of service attempt (more info ...) | denial-of-service | 2015-3223 | |||
| 45569 | SERVER-WEBAPP Squid host header cache poisoning attempt (more info ...) | attempted-user | 2016-4553 | URL | ||
| 45571 | SERVER-OTHER Commvault Communications Service command injection attempt (more info ...) | attempted-admin | URL | |||
| 45574 | MALWARE-CNC Win.Trojan.xxmm second stage configuration download attempt (more info ...) | trojan-activity | URL | |||
| 45587 | SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (more info ...) | denial-of-service | 2012-5875 | |||
| 45588 | SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (more info ...) | denial-of-service | 2012-5875 | |||
| 45589 | SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (more info ...) | denial-of-service | 2012-5875 | |||
| 45590 | SERVER-OTHER Firefly Media Server malformed HTTP request denial of service attempt (more info ...) | denial-of-service | 2012-5875 | |||
| 45604 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0524 attack attempt (more info ...) | denial-of-service | 2018-3841 | URL | ||
| 45605 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0519 attack attempt (more info ...) | attempted-recon | 2018-3837 | URL | ||
| 45606 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0519 attack attempt (more info ...) | attempted-recon | 2018-3837 | URL | ||
| 45607 | MALWARE-CNC Win.Trojan.Rokrat variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 45610 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0523 attack attempt (more info ...) | attempted-admin | 2018-3840 | URL | ||
| 45611 | PROTOCOL-SNMP Cambium cnPilot SNMP request with read-only community string attempt (more info ...) | attempted-recon | 2017-5262 | URL | ||
| 45618 | PROTOCOL-SNMP Cambium ePMP SNMP request with read-only community string attempt (more info ...) | attempted-recon | 2017-7922 | 99083 | URL | |
| 45638 | SERVER-MAIL SqWebMail print_header_ua cross site scripting attempt (more info ...) | attempted-admin | 2004-0591 | |||
| 45639 | SERVER-MAIL SqWebMail print_header_ua cross site scripting attempt (more info ...) | attempted-admin | 2004-0591 | |||
| 45642 | MALWARE-CNC Vbs.Trojan.Agent outbound connection (more info ...) | trojan-activity | URL | |||
| 45643 | MALWARE-CNC Vbs.Trojan.Agent inbound payload download (more info ...) | trojan-activity | URL | |||
| 45644 | MALWARE-CNC Vbs.Trojan.Agent inbound payload download (more info ...) | trojan-activity | URL | |||
| 45645 | MALWARE-CNC Vbs.Trojan.Agent inbound payload download (more info ...) | trojan-activity | URL | |||
| 45646 | MALWARE-CNC Vbs.Trojan.Agent outbound system information disclosure (more info ...) | trojan-activity | URL | |||
| 45647 | MALWARE-CNC Doc.Dropper.Lazarus initial download (more info ...) | trojan-activity | URL | |||
| 45648 | MALWARE-CNC Doc.Dropper.Lazarus initial download (more info ...) | trojan-activity | URL | |||
| 45651 | MALWARE-CNC Win.Trojan.Vermin outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45652 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0526 attack attempt (more info ...) | attempted-user | 2018-3843 | URL | ||
| 45653 | FILE-PDF TRUFFLEHUNTER TALOS-2018-0526 attack attempt (more info ...) | attempted-user | 2018-3843 | URL | ||
| 45658 | MALWARE-CNC Win.Trojan.Agent outbound connection (more info ...) | trojan-activity | URL | |||
| 45675 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45693 | SERVER-OTHER NTP crypto-NAK denial of service attempt (more info ...) | denial-of-service | 2016-4957 | URL | ||
| 45694 | MALWARE-CNC Win.Ransomware.GandCrab outbound connection (more info ...) | trojan-activity | URL | |||
| 45738 | SERVER-OTHER ISC BIND malformed data channel authentication message denial of service attempt (more info ...) | attempted-dos | 2016-1285 | URL | ||
| 45745 | SERVER-OTHER CloudMe Sync Client stack buffer overflow attempt (more info ...) | attempted-user | 2018-6892 | URL | ||
| 45746 | SERVER-OTHER CloudMe Sync Client stack buffer overflow attempt (more info ...) | attempted-user | 2018-6892 | |||
| 45747 | SERVER-OTHER CloudMe Sync Client stack buffer overflow attempt (more info ...) | attempted-user | 2018-6892 | |||
| 45754 | MALWARE-CNC Win.Trojan.Saturn initial download (more info ...) | trojan-activity | URL | |||
| 45755 | MALWARE-CNC Win.Trojan.Saturn initial download (more info ...) | trojan-activity | URL | |||
| 45756 | SERVER-OTHER Squid HTTP Accept Encoding response header denial of service attempt (more info ...) | denial-of-service | 2016-3948 | URL | ||
| 45757 | SERVER-OTHER Squid HTTP Vary response header denial of service attempt (more info ...) | denial-of-service | 2016-3948 | URL | ||
| 45758 | POLICY-OTHER AutomationDirect Point Of View guest login attempt (more info ...) | attempted-user | URL | |||
| 45759 | POLICY-OTHER AutomationDirect Point Of View built-in function WebGetFile usage attempt (more info ...) | attempted-user | URL | |||
| 45771 | MALWARE-CNC Win.Trojan.CannibalRAT initial outbound connection (more info ...) | trojan-activity | URL | |||
| 45772 | MALWARE-CNC Win.Trojan.CannibalRAT outbound reporting attempt (more info ...) | trojan-activity | URL | |||
| 45773 | MALWARE-CNC Win.Trojan.CannibalRAT outbound upload attempt (more info ...) | trojan-activity | URL | |||
| 45816 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Ransomware.Thanatos (more info ...) | trojan-activity | URL | |||
| 45826 | MALWARE-CNC Win.Trojan.Smominru outbound call (more info ...) | trojan-activity | URL | |||
| 45827 | MALWARE-CNC Win.Trojan.Smominru outbound call (more info ...) | trojan-activity | URL | |||
| 45829 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0535 attack attempt (more info ...) | attempted-dos | 2018-3852 | URL | ||
| 45834 | SERVER-WEBAPP /bin/sh access (more info ...) | web-application-attack | ||||
| 45835 | SERVER-ORACLE Oracle Application Test Suite server authentication bypass attempt (more info ...) | attempted-admin | 2016-0492 | 81158 | URL | |
| 45836 | SERVER-ORACLE Oracle Application Test Suite server authentication bypass attempt (more info ...) | attempted-admin | 2016-0492 | 81158 | URL | |
| 45853 | SERVER-OTHER Fatek Automation PLC WinProladder buffer overflow attempt (more info ...) | attempted-user | 2016-8377 | 94938 | ||
| 45871 | PROTOCOL-SCADA IntegraXor 6x denial of service attempt (more info ...) | attempted-dos | URL | |||
| 45886 | SERVER-WEBAPP Potential Misfortune Cookie probe attempt (more info ...) | attempted-admin | 2014-9222 | 71744 | ||
| 45892 | FILE-OTHER ZIP file directory traversal attempt (more info ...) | attempted-user | 2021-20022 | URL | ||
| 45893 | FILE-OTHER ZIP file directory traversal attempt (more info ...) | attempted-user | 2021-20022 | URL | ||
| 45894 | FILE-OTHER ZIP file directory traversal attempt (more info ...) | attempted-user | 2021-20022 | URL | ||
| 45895 | FILE-OTHER ZIP file directory traversal attempt (more info ...) | attempted-user | 2021-20022 | URL | ||
| 45909 | MALWARE-CNC CobaltStrike trial version inbound beacon response (more info ...) | trojan-activity | URL | |||
| 45910 | MALWARE-CNC Cobalt Strike outbound beacon command result (more info ...) | trojan-activity | URL | |||
| 45919 | EXPLOIT-KIT Sundown/Terror EK landing page attempt (more info ...) | attempted-user | ||||
| 45921 | EXPLOIT-KIT Terror EK resource access attempt (more info ...) | attempted-user | ||||
| 45929 | MALWARE-CNC Win.Trojan.Dridex initial file download (more info ...) | trojan-activity | URL | |||
| 45930 | MALWARE-CNC Win.Trojan.Dridex initial file download (more info ...) | trojan-activity | URL | |||
| 45931 | MALWARE-CNC Win.Trojan.Dridex initial file download (more info ...) | trojan-activity | URL | |||
| 45932 | MALWARE-CNC Win.Trojan.Dridex initial file download (more info ...) | trojan-activity | URL | |||
| 45933 | FILE-EXECUTABLE Binutils objdump integer overflow attempt (more info ...) | denial-of-service | 2018-6543 | |||
| 45934 | FILE-EXECUTABLE Binutils objdump integer overflow attempt (more info ...) | denial-of-service | 2018-6543 | |||
| 45942 | SERVER-OTHER Memcached DDoS reflective attempt (more info ...) | attempted-dos | 2018-1000115 | URL | ||
| 45943 | MALWARE-CNC known malicious SSL certificate - Odinaff C&C (more info ...) | trojan-activity | URL | |||
| 45944 | MALWARE-CNC known malicious SSL certificate - Odinaff C&C (more info ...) | trojan-activity | URL | |||
| 45945 | MALWARE-CNC Win.Trojan.DarkSky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45946 | MALWARE-CNC Win.Trojan.OilRig variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45947 | MALWARE-CNC Win.Trojan.OilRig variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45948 | MALWARE-CNC Win.Trojan.OilRig variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 45959 | SERVER-WEBAPP ZEIT Next.js /_next namespace directory traversal attempt (more info ...) | web-application-attack | 2018-6184 | URL | ||
| 45960 | MALWARE-CNC Win.Trojan.Silverstar outbound connection (more info ...) | trojan-activity | URL | |||
| 45961 | MALWARE-CNC Win.Trojan.Revenge RAT initial outbound connection (more info ...) | trojan-activity | URL | |||
| 45962 | MALWARE-CNC Win.Trojan.Revenge RAT inbound heartbeat check (more info ...) | trojan-activity | URL | |||
| 45963 | MALWARE-CNC Win.Trojan.UDPOS outbound command and control IP address check (more info ...) | trojan-activity | URL | |||
| 45964 | MALWARE-CNC Win.Trojan.UDPOS outbound system information disclousre (more info ...) | trojan-activity | URL | |||
| 45966 | MALWARE-CNC Win.Trojan.UDPOS outbound heartbeat (more info ...) | trojan-activity | URL | |||
| 45967 | MALWARE-CNC Win.Trojan.UDPOS outbound data exfiltration (more info ...) | trojan-activity | URL | |||
| 45968 | MALWARE-CNC Win.Trojan.UDPOS outbound data exfiltration (more info ...) | trojan-activity | URL | |||
| 45969 | SERVER-WEBAPP SugarCRM cross site scripting attempt (more info ...) | web-application-attack | 2018-5715 | |||
| 45970 | SERVER-WEBAPP SugarCRM cross site scripting attempt (more info ...) | web-application-attack | 2018-5715 | |||
| 45972 | MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 45973 | MALWARE-CNC Win.Trojan.Chafer malicious communication attempt (more info ...) | trojan-activity | URL | |||
| 45979 | MALWARE-CNC MultiOS.Trojan.OSCelestial variant outbound connection (more info ...) | trojan-activity | URL | |||
| 45980 | MALWARE-CNC MultiOS.Trojan.OSCelestial variant inbound connection (more info ...) | trojan-activity | URL | |||
| 45983 | POLICY-OTHER Sandvine PacketLogic http redirection attempt (more info ...) | misc-activity | URL | |||
| 45995 | SERVER-WEBAPP CoreOS etcd service private keys listing attempt (more info ...) | attempted-recon | URL | |||
| 45996 | SERVER-WEBAPP CoreOS etcd service private keys listing attempt (more info ...) | attempted-recon | URL | |||
| 46023 | OS-OTHER FreeBSD sctp6_ctlinput null pointer dereference attempt (more info ...) | attempted-dos | 2016-1879 | URL | ||
| 46031 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100500 (more info ...) | misc-activity | ||||
| 46032 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100501 (more info ...) | misc-activity | ||||
| 46033 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100502 (more info ...) | misc-activity | ||||
| 46034 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100503 (more info ...) | misc-activity | ||||
| 46035 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100504 (more info ...) | misc-activity | ||||
| 46036 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100505 (more info ...) | misc-activity | ||||
| 46037 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100506 (more info ...) | misc-activity | ||||
| 46038 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100507 (more info ...) | misc-activity | ||||
| 46039 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100508 (more info ...) | misc-activity | ||||
| 46040 | SERVER-WEBAPP Dell EMC Storage Manager EmConfigMigration servlet directory traversal attempt (more info ...) | web-application-attack | 2017-14384 | 103467 | URL | |
| 46047 | MALWARE-CNC Win.Trojan.Mobef variant outbound connection attempt (more info ...) | attempted-user | URL | |||
| 46048 | MALWARE-CNC Win.Trojan.Gen variant outbound communication (more info ...) | trojan-activity | URL | |||
| 46049 | MALWARE-CNC Win.Trojan.Fosniw variant connection attempt (more info ...) | trojan-activity | URL | |||
| 46050 | MALWARE-CNC Win.Trojan.CrossRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46051 | MALWARE-CNC Win.Trojan.Bandook/Anbacas outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46052 | MALWARE-CNC User-Agent known malicious user-agent string Uploador - Win.Trojan.CrossRAT (more info ...) | trojan-activity | URL | |||
| 46065 | MALWARE-CNC Win.Ransomware.Sigma outbound connection (more info ...) | trojan-activity | URL | |||
| 46066 | MALWARE-CNC Win.Trojan.yty second stage downloader initial outbound connection (more info ...) | trojan-activity | URL | |||
| 46067 | MALWARE-CNC Win.Trojan.yty plugin downloader initial outbound connection (more info ...) | trojan-activity | URL | |||
| 46068 | MALWARE-CNC Win.Trojan.yty module download request (more info ...) | trojan-activity | URL | |||
| 46069 | MALWARE-CNC Win.Trojan.yty module request (more info ...) | trojan-activity | URL | |||
| 46070 | MALWARE-CNC Win.Trojan.yty file exfiltration outbound request (more info ...) | trojan-activity | URL | |||
| 46072 | FILE-OTHER Python lib wave.py wav zero channel denial of service attempt (more info ...) | attempted-user | 2017-18207 | URL | ||
| 46073 | FILE-OTHER Python lib wave.py wav zero channel denial of service attempt (more info ...) | attempted-user | 2017-18207 | URL | ||
| 46077 | FILE-IMAGE Gifsicle gifread double-free attempt (more info ...) | attempted-user | 2017-18120 | |||
| 46078 | FILE-IMAGE Gifsicle gifread double-free attempt (more info ...) | denial-of-service | 2017-18120 | |||
| 46090 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0549 attack attempt (more info ...) | policy-violation | 2018-3867 | URL | ||
| 46094 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0550 attack attempt (more info ...) | attempted-user | 2018-3868 | URL | ||
| 46098 | PROTOCOL-OTHER Routing Information Protocol version 1 potential amplified distributed denial of service attempt (more info ...) | attempted-dos | URL | |||
| 46099 | MALWARE-CNC Win.Trojan.Modimer Trojanized MediaGet outbound connection (more info ...) | trojan-activity | URL | |||
| 46112 | SERVER-WEBAPP Advantech WebAccess directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46113 | SERVER-WEBAPP Advantech WebAccess directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46114 | SERVER-WEBAPP Advantech WebAccess directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 46129 | MALWARE-CNC Win.Trojan.HW32 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46134 | MALWARE-CNC Win.Trojan.Krodown variant connection attempt (more info ...) | trojan-activity | URL | |||
| 46135 | MALWARE-CNC Win.Trojan.Krodown variant connection attempt (more info ...) | trojan-activity | URL | |||
| 46136 | MALWARE-CNC Win.Trojan.Banbra variant outbound connection (more info ...) | trojan-activity | ||||
| 46137 | MALWARE-CNC Win.Trojan.Cidox variant outbound connection attempt (more info ...) | trojan-activity | ||||
| 46138 | MALWARE-CNC Win.Ransomware.Bandarchor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46139 | MALWARE-CNC Win.Ransomware.Bandarchor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46140 | MALWARE-CNC Win.Ransomware.Bandarchor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46141 | MALWARE-CNC Win.Ransomware.Bandarchor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46143 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (more info ...) | attempted-user | 2019-5051 | URL | ||
| 46144 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (more info ...) | attempted-user | 2019-5051 | URL | ||
| 46145 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (more info ...) | attempted-user | 2019-5051 | URL | ||
| 46146 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0553 attack attempt (more info ...) | attempted-user | 2019-5051 | URL | ||
| 46147 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0552 attack attempt (more info ...) | attempted-user | 2018-3870 | URL | ||
| 46148 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0552 attack attempt (more info ...) | attempted-user | 2018-3870 | URL | ||
| 46156 | MALWARE-CNC Coldroot RAT outbound connection (more info ...) | trojan-activity | URL | |||
| 46190 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0567 attack attempt (more info ...) | misc-activity | ||||
| 46191 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0567 attack attempt (more info ...) | attempted-admin | 2018-3892 | URL | ||
| 46202 | MALWARE-CNC Win.Downloader.Wannaminer malicious Powershell download attempt (more info ...) | trojan-activity | URL | |||
| 46203 | MALWARE-CNC Win.Downloader.Wannamine malicious Powershell download attempt (more info ...) | trojan-activity | URL | |||
| 46210 | MALWARE-CNC Win.Trojan.Blackshades variant outbound communication (more info ...) | trojan-activity | URL | |||
| 46217 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0557 attack attempt (more info ...) | policy-violation | 2018-3880 | URL | ||
| 46235 | MALWARE-CNC Dofoil outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46236 | MALWARE-CNC Dofoil file download attempt (more info ...) | trojan-activity | URL | |||
| 46238 | MALWARE-CNC Win.Trojan.Rarog outbound communication attempt (more info ...) | trojan-activity | ||||
| 46239 | MALWARE-CNC Win.Trojan.Rarog outbound communication attempt (more info ...) | trojan-activity | ||||
| 46240 | MALWARE-CNC Win.Trojan.Rarog user-agent outbound communication attempt (more info ...) | trojan-activity | ||||
| 46249 | MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46250 | MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46251 | MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46252 | MALWARE-CNC Win.Trojan.Rovnix outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46253 | MALWARE-CNC Win.Trojan.Rovnix file upload attempt (more info ...) | trojan-activity | URL | |||
| 46268 | MALWARE-CNC Win.Downloader.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 46270 | MALWARE-CNC Win.Downloader.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 46284 | MALWARE-CNC Win.Trojan.Bandios user agent outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 46285 | MALWARE-CNC Win.Trojan.Bandios inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46286 | MALWARE-CNC Win.Trojan.Bandios inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46287 | SERVER-WEBAPP Linksys E series denial of service attempt (more info ...) | denial-of-service | ||||
| 46294 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0572 attack attempt (more info ...) | misc-activity | ||||
| 46295 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0572 attack attempt (more info ...) | attempted-admin | 2018-3900 | URL | ||
| 46297 | SERVER-WEBAPP QNAP VioStor NVR and QNAP NAS command injection attempt (more info ...) | web-application-attack | 2013-0143 | |||
| 46298 | SERVER-WEBAPP QNAP VioStor NVR and QNAP NAS command injection attempt (more info ...) | web-application-attack | 2013-0143 | |||
| 46299 | SERVER-WEBAPP QNAP VioStor NVR and QNAP NAS command injection attempt (more info ...) | web-application-attack | 2013-0143 | |||
| 46300 | SERVER-WEBAPP QNAP VioStor NVR and QNAP NAS command injection attempt (more info ...) | web-application-attack | 2013-0143 | |||
| 46312 | SERVER-WEBAPP Netgear WNR2000 information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 46313 | SERVER-WEBAPP Netgear WNR2000 information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 46314 | SERVER-WEBAPP Netgear WNR2000 information disclosure attempt (more info ...) | attempted-recon | URL | |||
| 46317 | SERVER-OTHER NETGEAR TelnetEnable attempt (more info ...) | attempted-admin | ||||
| 46318 | SERVER-OTHER NETGEAR TelnetEnable attempt (more info ...) | attempted-admin | ||||
| 46320 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0576 attack attempt (more info ...) | policy-violation | 2018-3906 | URL | ||
| 46335 | SERVER-OTHER QNAP QTS hard coded credential access attempt (more info ...) | default-login-attempt | 2015-7261 | |||
| 46339 | MALWARE-CNC Win.Ransomware.Matrix outbound connection (more info ...) | trojan-activity | URL | |||
| 46341 | SERVER-WEBAPP Akeeba Kickstart cross site request forgery attempt (more info ...) | web-application-attack | 2014-7229 | |||
| 46342 | SERVER-OTHER QNAP QTS cross site request forgery attempt (more info ...) | attempted-admin | 2013-0144 | |||
| 46344 | SERVER-WEBAPP ManageEngine ServiceDesk directory traversal attempt (more info ...) | web-application-attack | 2017-11512 | |||
| 46345 | SERVER-WEBAPP ManageEngine ServiceDesk directory traversal attempt (more info ...) | web-application-attack | 2017-11512 | |||
| 46346 | SERVER-WEBAPP ManageEngine ServiceDesk directory traversal attempt (more info ...) | web-application-attack | 2017-11512 | |||
| 46353 | SERVER-WEBAPP ManageEngine ServiceDesk download-file directory traversal attempt (more info ...) | web-application-attack | 2017-11511 | |||
| 46354 | SERVER-WEBAPP ManageEngine ServiceDesk download-file directory traversal attempt (more info ...) | web-application-attack | 2017-11511 | |||
| 46355 | SERVER-WEBAPP ManageEngine ServiceDesk download-file directory traversal attempt (more info ...) | web-application-attack | 2017-11511 | |||
| 46356 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46357 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46358 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46359 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46360 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46361 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46362 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46363 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46364 | MALWARE-CNC Andr.Trojan.Wroba outbound connection (more info ...) | trojan-activity | URL | |||
| 46373 | PROTOCOL-OTHER CLDAP potential reflected distributed denial of service attempt (more info ...) | attempted-dos | URL | |||
| 46374 | PROTOCOL-OTHER CLDAP potential reflected distributed denial of service attempt (more info ...) | attempted-dos | URL | |||
| 46375 | SERVER-OTHER DualDesk v20 Proxy.exe long string denial of service attempt (more info ...) | attempted-dos | 2018-7583 | |||
| 46376 | SERVER-OTHER libgd heap-overflow attempt (more info ...) | web-application-attack | 2016-3074 | |||
| 46378 | MALWARE-CNC Win.Trojan.Dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46381 | INDICATOR-COMPROMISE Potential data exfiltration through Google form submission (more info ...) | misc-activity | URL | |||
| 46387 | SERVER-OTHER Multiple Vendors NTP zero-origin timestamp denial of service attempt (more info ...) | attempted-dos | 2018-7185 | URL | ||
| 46390 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0577 attack attempt (more info ...) | web-application-attack | 2018-3909 | URL | ||
| 46391 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0577 attack attempt (more info ...) | web-application-attack | 2018-3909 | URL | ||
| 46392 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0577 attack attempt (more info ...) | web-application-attack | 2018-3909 | URL | ||
| 46395 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0578 attack attempt (more info ...) | web-application-attack | 2018-3918 | URL | ||
| 46406 | MALWARE-CNC Bitvote miner kernel driver outbound request attempt (more info ...) | trojan-activity | URL | |||
| 46407 | MALWARE-CNC Bitvote miner kernel driver payload download attempt (more info ...) | trojan-activity | URL | |||
| 46408 | SERVER-WEBAPP Moodle PoodLL Filter plugin cross site scripting attempt (more info ...) | web-application-attack | 2017-5945 | 96212 | ||
| 46416 | MALWARE-CNC Win.Spyware.Autoit outbound connection (more info ...) | trojan-activity | URL | |||
| 46417 | SERVER-OTHER X.509 IPAddressFamily extension buffer overread attempt (more info ...) | attempted-recon | 2017-3735 | |||
| 46418 | SERVER-OTHER X.509 IPAddressFamily extension buffer overread attempt (more info ...) | attempted-recon | 2017-3735 | |||
| 46421 | MALWARE-CNC Win.Trojan.Kraens delivery attempt (more info ...) | trojan-activity | URL | |||
| 46422 | MALWARE-CNC Win.Trojan.Kraens delivery attempt (more info ...) | trojan-activity | URL | |||
| 46423 | MALWARE-CNC Win.Trojan.Kraens initial outbound request (more info ...) | trojan-activity | URL | |||
| 46433 | MALWARE-CNC Win.Adware.Doyo initial connection (more info ...) | trojan-activity | URL | |||
| 46434 | MALWARE-CNC Win.Adware.Doyo client outbound connection (more info ...) | trojan-activity | URL | |||
| 46435 | MALWARE-CNC Vbs.Downloader.Kryptik known malicious user-agent string (more info ...) | trojan-activity | URL | |||
| 46436 | MALWARE-CNC Vbs.Downloader.Agent inbound connection (more info ...) | trojan-activity | URL | |||
| 46437 | MALWARE-CNC Vbs.Downloader.Agent inbound connection (more info ...) | trojan-activity | URL | |||
| 46438 | MALWARE-CNC Vbs.Downloader.Agent inbound connection (more info ...) | trojan-activity | URL | |||
| 46439 | MALWARE-CNC Vbs.Downloader.Agent inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46443 | BROWSER-OTHER HTTP encoding header evasion attempt (more info ...) | policy-violation | ||||
| 46444 | BROWSER-OTHER HTTP encoding header evasion attempt (more info ...) | policy-violation | ||||
| 46447 | POLICY-OTHER TP-Link device reboot attempt (more info ...) | misc-activity | URL | |||
| 46448 | POLICY-OTHER TP-Link device enable remote management attempt (more info ...) | misc-activity | URL | |||
| 46450 | SERVER-WEBAPP Elasticsearch snapshot directory traversal attempt (more info ...) | web-application-attack | 2015-5531 | 75935 | ||
| 46454 | SERVER-WEBAPP Node.js zlib createDeflateRaw denial of service attempt (more info ...) | denial-of-service | 2017-14919 | |||
| 46475 | MALWARE-CNC Win.Trojan.SquirtDanger get module list outbound request (more info ...) | trojan-activity | URL | |||
| 46476 | MALWARE-CNC Win.Trojan.SquirtDanger inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46477 | MALWARE-CNC Win.Trojan.SquirtDanger inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46478 | MALWARE-CNC Win.Trojan.SquirtDanger inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46479 | MALWARE-CNC Win.Trojan.SquirtDanger inbound delivery attempt (more info ...) | trojan-activity | URL | |||
| 46482 | MALWARE-CNC Installation Keylogger Osx.Trojan.Mokes data exfiltration (more info ...) | trojan-activity | URL | |||
| 46485 | SERVER-WEBAPP TwonkyMedia server directory listing attempt (more info ...) | web-application-attack | 2018-7171 | |||
| 46487 | MALWARE-CNC Win.Trojan.Ammy heartbeat (more info ...) | trojan-activity | ||||
| 46488 | MALWARE-CNC Win.Trojan.Ammy download attempt (more info ...) | trojan-activity | ||||
| 46495 | SERVER-OTHER HTTP request smuggling attempt (more info ...) | web-application-activity | 2015-3183 | |||
| 46500 | POLICY-OTHER Docker API ContainerCreate request detected (more info ...) | policy-violation | 2018-0262 | URL | ||
| 46501 | MALWARE-CNC Win.Trojan.Agent outbound request (more info ...) | trojan-activity | URL | |||
| 46502 | MALWARE-CNC Win.Trojan.Agent outbound request (more info ...) | trojan-activity | URL | |||
| 46518 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router remote telnet enable attempt (more info ...) | policy-violation | 2018-1146 | |||
| 46519 | SERVER-WEBAPP Belkin N750 F9K1103 wireless router remote telnet enable attempt (more info ...) | policy-violation | 2018-1146 | |||
| 46523 | SERVER-OTHER malicious HTML file transfer attempt (more info ...) | misc-activity | ||||
| 46533 | SERVER-WEBAPP DHCP cross site scripting attempt (more info ...) | attempted-user | 2014-0615 | |||
| 46543 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0591 attack attempt (more info ...) | attempted-admin | 2018-3925 | URL | ||
| 46566 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100510 (more info ...) | misc-activity | ||||
| 46568 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100512 (more info ...) | misc-activity | ||||
| 46570 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100514 (more info ...) | misc-activity | ||||
| 46572 | SERVER-OTHER TRUFFLEHUNTER SFVRT-1009 attack attempt 100516 (more info ...) | misc-activity | ||||
| 46574 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46575 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46576 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46577 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46578 | MALWARE-CNC Win.Trojan.Banload malicious system information disclosure (more info ...) | trojan-activity | URL | |||
| 46579 | MALWARE-CNC Win.Trojan.Banload malicious system information disclosure (more info ...) | trojan-activity | URL | |||
| 46580 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46581 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46582 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46583 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46584 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46585 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46586 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46587 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46588 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46589 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46590 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46591 | MALWARE-CNC Win.Trojan.Banload malicious file download (more info ...) | trojan-activity | URL | |||
| 46608 | MALWARE-CNC Win.Trojan.Blackshades variant outbound communication (more info ...) | trojan-activity | URL | |||
| 46609 | MALWARE-CNC Win.Trojan.BlackIce variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46611 | MALWARE-CNC Win.Trojan.Banload second stage download request (more info ...) | trojan-activity | ||||
| 46612 | MALWARE-CNC Win.Trojan.Unruy outbound callout (more info ...) | trojan-activity | ||||
| 46628 | MALWARE-CNC Rubella Macro Builder generated payload (more info ...) | trojan-activity | URL | |||
| 46629 | MALWARE-CNC Rubella Macro Builder generated payload (more info ...) | trojan-activity | URL | |||
| 46630 | MALWARE-CNC Rubella Macro Builder generated payload (more info ...) | trojan-activity | URL | |||
| 46631 | MALWARE-CNC Rubella Macro Builder generated payload (more info ...) | trojan-activity | URL | |||
| 46636 | MALWARE-CNC Win.Ransomware.Gandcrab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46640 | INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (more info ...) | trojan-activity | URL | |||
| 46641 | INDICATOR-COMPROMISE Win.Worm.Brontok outbound HTTP request attempt (more info ...) | trojan-activity | URL | |||
| 46642 | MALWARE-CNC Win.Worm.Brontok user-agent outbound connection (more info ...) | trojan-activity | URL | |||
| 46661 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0594 attack attempt (more info ...) | policy-violation | 2018-3927 | URL | ||
| 46663 | INDICATOR-COMPROMISE Outbound telize.com geo-IP location connection attempt (more info ...) | trojan-activity | URL | |||
| 46664 | INDICATOR-COMPROMISE Outbound freegeoip.net geo-IP location connection attempt (more info ...) | trojan-activity | URL | |||
| 46679 | INDICATOR-COMPROMISE Request for external IP address detected (more info ...) | trojan-activity | ||||
| 46700 | MALWARE-CNC Osx.Downloader.Crossrider outbound download request (more info ...) | trojan-activity | URL | |||
| 46742 | MALWARE-CNC Win.Trojan.Dropper malicious script download attempt (more info ...) | trojan-activity | URL | |||
| 46743 | MALWARE-CNC Win.Trojan.Dropper initial outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46744 | MALWARE-CNC Win.Trojan.Dropper malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 46747 | MALWARE-CNC Win.Trojan.Qarallax outbound connection (more info ...) | trojan-activity | URL | |||
| 46748 | MALWARE-CNC Win.Trojan.Qarallax outbound connection (more info ...) | trojan-activity | URL | |||
| 46779 | SERVER-WEBAPP Nagios XI database settings modification attempt (more info ...) | web-application-attack | 2018-8734 | |||
| 46780 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0595 attack attempt (more info ...) | attempted-dos | 2018-3928 | URL | ||
| 46785 | MALWARE-CNC Win.Downloader.Zebrocy known malicious user-agent string (more info ...) | trojan-activity | URL | |||
| 46786 | MALWARE-CNC Win.Downloader.Zebrocy initial outbound request (more info ...) | trojan-activity | URL | |||
| 46787 | MALWARE-CNC Andr.Trojan.ZooPark outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46788 | MALWARE-CNC Andr.Trojan.ZooPark outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46789 | MALWARE-CNC Andr.Trojan.ZooPark outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46790 | MALWARE-CNC Andr.Trojan.ZooPark outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46792 | MALWARE-CNC Outbound malicious vbscript attempt (more info ...) | attempted-user | ||||
| 46795 | MALWARE-CNC Dharma ransomware dropper initial outbound connection (more info ...) | trojan-activity | URL | |||
| 46796 | MALWARE-CNC Dharma ransomware dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 46818 | MALWARE-CNC Win.Ransomware.Satan outbound connection (more info ...) | trojan-activity | URL | |||
| 46820 | MALWARE-CNC Win.Downloader.QuantLoader variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46821 | MALWARE-CNC Win.Trojan.N40 variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46824 | SERVER-WEBAPP DotNetNuke DreamSlider arbitrary file download attempt (more info ...) | web-application-attack | ||||
| 46827 | MALWARE-CNC Win.Trojan.Dunihi outbound connection (more info ...) | trojan-activity | URL | |||
| 46836 | MALWARE-CNC Win.Dropper.Vega variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 46837 | MALWARE-CNC Win.Dropper.Vega variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 46838 | MALWARE-CNC Win.Trojan.Vega variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 46839 | MALWARE-CNC Win.Trojan.RedLeaves variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46842 | MALWARE-CNC GPON botnet outbound communication (more info ...) | trojan-activity | 2018-10561 | URL | ||
| 46853 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1036 attack attempt (more info ...) | trojan-activity | ||||
| 46870 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0602 attack attempt (more info ...) | attempted-dos | 2018-3935 | URL | ||
| 46871 | MALWARE-CNC Win.Dropper.NavRat payload download (more info ...) | trojan-activity | URL | |||
| 46872 | MALWARE-CNC Win.Trojan.CowerSnail command and control response detected (more info ...) | trojan-activity | URL | |||
| 46873 | MALWARE-CNC Win.Trojan.CowerSnail initial outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 46878 | SERVER-OTHER BMC Server Automation RSCD Agent remote code execution attempt (more info ...) | attempted-user | 2016-1543 | |||
| 46879 | SERVER-OTHER BMC Server Automation RSCD Agent remote code execution attempt (more info ...) | attempted-user | 2016-1543 | URL | ||
| 46880 | SERVER-OTHER BMC Server Automation RSCD Agent remote code execution attempt (more info ...) | attempted-user | 2016-1543 | |||
| 46881 | SERVER-WEBAPP Elasticsearch directory traversal attempt (more info ...) | web-application-attack | 2015-3337 | |||
| 46885 | MALWARE-CNC Win.Trojan.Joanap variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46894 | MALWARE-CNC Vbs.Worm.SysinfY2X outbound beacon (more info ...) | trojan-activity | URL | |||
| 46895 | MALWARE-CNC Win.Trojan.Nocturnal outbound connection (more info ...) | trojan-activity | URL | |||
| 46896 | SERVER-WEBAPP Joomla component GeoContent typename parameter cross site scripting attempt (more info ...) | attempted-user | ||||
| 46900 | BROWSER-OTHER invalid final chunk size evasion attempt (more info ...) | misc-activity | ||||
| 46901 | BROWSER-OTHER http chunked transfer encoding flowbit attempt (more info ...) | misc-activity | ||||
| 46902 | BROWSER-OTHER invalid final chunk size evasion attempt (more info ...) | misc-activity | ||||
| 46915 | FILE-MULTIMEDIA VideoLAN VLC Media Player abc file parts heap integer overflow attempt (more info ...) | attempted-user | 2013-4233 | |||
| 46916 | FILE-MULTIMEDIA VideoLAN VLC Media Player abc file parts heap integer overflow attempt (more info ...) | attempted-user | 2013-4233 | |||
| 46922 | MALWARE-CNC Win.Trojan.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46936 | MALWARE-CNC Win.Trojan.Dropper outbound connection (more info ...) | trojan-activity | URL | |||
| 46946 | MALWARE-CNC Js.Downloader.Cryptojacking miner download attempt (more info ...) | trojan-activity | URL | |||
| 46959 | MALWARE-CNC Win.Trojan.DarkSeoul variant payload download (more info ...) | trojan-activity | URL | |||
| 46963 | MALWARE-CNC Win.Adware.Taplika toolbar download attempt (more info ...) | trojan-activity | URL | |||
| 46964 | MALWARE-CNC Win.Trojan.Ammyy RAT outbound connection (more info ...) | trojan-activity | URL | |||
| 46966 | MALWARE-CNC Win.Trojan.Danabot outbound connection (more info ...) | trojan-activity | URL | |||
| 46967 | MALWARE-CNC Win.Trojan.Danabot outbound connection (more info ...) | trojan-activity | URL | |||
| 46968 | MALWARE-CNC Win.Trojan.Danabot outbound connection (more info ...) | trojan-activity | URL | |||
| 46969 | MALWARE-CNC Win.Trojan.Autophyte dropper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46970 | MALWARE-CNC Win.Trojan.Autophyte RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 46981 | MALWARE-CNC Win.Trojan.Orcus RAT inbound SSL certificate (more info ...) | trojan-activity | URL | |||
| 46984 | MALWARE-CNC Win.Trojan.Yoban RAT outbound connection (more info ...) | trojan-activity | URL | |||
| 46985 | MALWARE-CNC Win.Trojan.Yoban RAT outbound connection (more info ...) | trojan-activity | URL | |||
| 47005 | MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (more info ...) | trojan-activity | URL | |||
| 47006 | MALWARE-CNC Win.Trojan.SocketPlayer outbound connection (more info ...) | trojan-activity | URL | |||
| 47007 | SERVER-WEBAPP Spring Web Flow arbitrary code exeuction attempt (more info ...) | attempted-user | 2017-4971 | |||
| 47016 | MALWARE-CNC Win.Spyware.Invisimole CnC outbound connection (more info ...) | trojan-activity | URL | |||
| 47024 | INDICATOR-COMPROMISE Request for external IP address detected (more info ...) | policy-violation | URL | |||
| 47025 | MALWARE-CNC Win.Trojan.Syndicasec variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47026 | MALWARE-CNC Win.Trojan.Agent variant outbound connection detected (more info ...) | trojan-activity | ||||
| 47027 | MALWARE-CNC Win.Trojan.Agent variant outbound connection detected (more info ...) | trojan-activity | ||||
| 47030 | MALWARE-CNC Win.Malware.Innaput variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47034 | EXPLOIT-KIT Sundown/Terror/Grandsoft/Magnitude exploit kit landing page detected (more info ...) | attempted-user | ||||
| 47035 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0622 attack attempt (more info ...) | policy-violation | 2018-4010 | URL | ||
| 47036 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0622 attack attempt (more info ...) | policy-violation | 2018-4010 | URL | ||
| 47038 | SERVER-WEBAPP TheWebForum cross site scripting attempt (more info ...) | attempted-user | 2006-0134 | 16161 | ||
| 47043 | INDICATOR-COMPROMISE Atvise SCADA user enumeration attempt (more info ...) | attempted-recon | URL | |||
| 47044 | INDICATOR-COMPROMISE Atvise SCADA privilege escalation attempt (more info ...) | attempted-admin | URL | |||
| 47047 | FILE-OTHER FreeBSD bspatch utility remote code execution attempt (more info ...) | attempted-user | 2014-9862 | |||
| 47048 | FILE-OTHER FreeBSD bspatch utility remote code execution attempt (more info ...) | attempted-user | 2014-9862 | |||
| 47051 | MALWARE-CNC Win.Trojan.ICLoader outbound connection (more info ...) | trojan-activity | URL | |||
| 47067 | MALWARE-CNC Win.Trojan.TechSupportScam installed binary outbound connection (more info ...) | trojan-activity | URL | |||
| 47068 | MALWARE-CNC Win.Trojan.TechSupportScam installed binary outbound connection (more info ...) | trojan-activity | URL | |||
| 47069 | MALWARE-CNC Win.Trojan.TechSupportScam installed binary outbound connection (more info ...) | trojan-activity | URL | |||
| 47070 | POLICY-OTHER Arris VAP2500 default credentials authentication attempt (more info ...) | policy-violation | URL | |||
| 47073 | MALWARE-CNC Win.Trojan.Smokeloader outbound response (more info ...) | trojan-activity | URL | |||
| 47076 | MALWARE-CNC Powershell PRB backdoor initial outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 47086 | MALWARE-CNC Win.Trojan.TYPEFRAME malware download attempt (more info ...) | trojan-activity | URL | |||
| 47087 | MALWARE-CNC Win.Trojan.TYPEFRAME malware download attempt (more info ...) | trojan-activity | URL | |||
| 47088 | MALWARE-CNC Win.Trojan.TYPEFRAME malware download attempt (more info ...) | trojan-activity | URL | |||
| 47089 | MALWARE-CNC Win.Trojan.TYPEFRAME malware download attempt (more info ...) | trojan-activity | URL | |||
| 47090 | MALWARE-CNC Win.Trojan.TYPEFRAME malware download attempt (more info ...) | trojan-activity | URL | |||
| 47093 | PUA-ADWARE Win.Adware.Pbot variant outbound connection (more info ...) | misc-activity | URL | |||
| 47094 | PUA-ADWARE Win.Adware.Pbot variant outbound connection (more info ...) | misc-activity | URL | |||
| 47095 | PUA-ADWARE Win.Adware.Pbot variant outbound connection (more info ...) | misc-activity | URL | |||
| 47115 | SERVER-MAIL Zerofont phishing attempt (more info ...) | attempted-user | URL | |||
| 47116 | SERVER-MAIL Zerofont phishing attempt (more info ...) | attempted-user | URL | |||
| 47143 | FILE-OTHER Multiple Products SGI ZSIZE handling buffer overflow attempt (more info ...) | attempted-user | 2019-7124 | 19507 | URL | |
| 47144 | FILE-OTHER Multiple Products SGI ZSIZE handling buffer overflow attempt (more info ...) | attempted-user | 2019-7124 | 19507 | URL | |
| 47146 | POLICY-OTHER Siemens SICAM PAS hard coded factory account usage attempt (more info ...) | attempted-user | 2016-8567 | |||
| 47147 | MALWARE-CNC Win.Trojan.Ursnif malicious file download (more info ...) | trojan-activity | URL | |||
| 47148 | MALWARE-CNC Win.Trojan.Ursnif malicious file download (more info ...) | trojan-activity | URL | |||
| 47177 | MALWARE-CNC Win.Trojan.NukeSped RAT variant outbound communication (more info ...) | trojan-activity | URL | |||
| 47178 | MALWARE-CNC Win.Trojan.NukeSped RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47229 | SERVER-WEBAPP Oracle PeopleSoft information disclosure attempt (more info ...) | attempted-user | 2017-3548 | |||
| 47235 | MALWARE-CNC Win.Trojan.Bankshot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47241 | MALWARE-CNC Win.Trojan.Mylobot additional payload download (more info ...) | trojan-activity | URL | |||
| 47242 | MALWARE-CNC Win.Trojan.Mylobot additional payload download (more info ...) | trojan-activity | URL | |||
| 47243 | MALWARE-CNC Win.Trojan.Mylobot inbound connection (more info ...) | trojan-activity | URL | |||
| 47244 | MALWARE-CNC Win.Malware.Ramnit outbound REGISTER_BOT beacon (more info ...) | trojan-activity | URL | |||
| 47264 | MALWARE-CNC Win.Trojan.ICLoader outbound connection (more info ...) | trojan-activity | URL | |||
| 47265 | MALWARE-CNC Win.Trojan.ICLoader outbound connection (more info ...) | trojan-activity | URL | |||
| 47295 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0635 attack attempt (more info ...) | attempted-recon | 2018-3970 | URL | ||
| 47296 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0635 attack attempt (more info ...) | attempted-recon | 2018-3970 | URL | ||
| 47299 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47300 | MALWARE-CNC Win.Trojan.Remcos variant inbound payload download (more info ...) | trojan-activity | URL | |||
| 47301 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47302 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47303 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47304 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47305 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47320 | MALWARE-CNC Js.Trojan.Agent JS Sniffer beacon connection (more info ...) | trojan-activity | ||||
| 47321 | MALWARE-CNC Js.Trojan.Agent JS Sniffer outbound connection (more info ...) | trojan-activity | ||||
| 47322 | MALWARE-CNC Js.Trojan.Agent JS Sniffer outbound connection (more info ...) | trojan-activity | ||||
| 47323 | MALWARE-CNC Js.Trojan.Agent JS Sniffer outbound connection (more info ...) | trojan-activity | ||||
| 47324 | MALWARE-CNC Js.Trojan.Agent JS Sniffer compromised website (more info ...) | trojan-activity | ||||
| 47325 | MALWARE-CNC Js.Trojan.Agent JS Sniffer compromised website (more info ...) | trojan-activity | ||||
| 47327 | MALWARE-CNC Win.Trojan.Luoxk malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 47338 | MALWARE-CNC Win.Trojan.ARS VBS loader outbound connection (more info ...) | trojan-activity | URL | |||
| 47339 | MALWARE-CNC Win.Trojan.AZORult variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47373 | MALWARE-CNC Win.Coinminer.PyroMineIoT outbound connection (more info ...) | trojan-activity | URL | |||
| 47374 | MALWARE-CNC Win.Coinminer.PyroMineIoT outbound connection (more info ...) | trojan-activity | URL | |||
| 47375 | MALWARE-CNC Win.Coinminer.PyroMineIoT outbound connection (more info ...) | trojan-activity | URL | |||
| 47376 | MALWARE-CNC Win.Coinminer.PyroMineIoT outbound connection (more info ...) | trojan-activity | URL | |||
| 47386 | SERVER-WEBAPP Oracle WebLogic Server unauthenticated modified JSP access attempt (more info ...) | attempted-recon | 2018-2894 | 104763 | URL | |
| 47387 | SERVER-WEBAPP Oracle WebLogic Server potential unauthenticated reconnaissance attempt (more info ...) | attempted-recon | 2018-2894 | 104763 | URL | |
| 47388 | SERVER-WEBAPP Oracle WebLogic Server potential precursor to keystore attack attempt (more info ...) | attempted-recon | 2018-2894 | 104763 | URL | |
| 47414 | MALWARE-CNC Osx.Trojan.Calisto outbound connection (more info ...) | trojan-activity | URL | |||
| 47415 | MALWARE-CNC Osx.Trojan.Calisto outbound connection (more info ...) | trojan-activity | URL | |||
| 47419 | SERVER-WEBAPP Easy Hosting Control Panel cross site scripting attempt (more info ...) | attempted-user | 2018-6361 | |||
| 47420 | MALWARE-CNC Win.Trojan.Kuping variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47421 | SERVER-WEBAPP Joomla Core com_fields cross site scripting attempt (more info ...) | attempted-user | 2018-6377 | |||
| 47422 | FILE-OTHER SAP GUI ABAP code arbitrary dll-load attempt (more info ...) | attempted-user | 2017-6950 | URL | ||
| 47425 | SERVER-WEBAPP Raptr Plays.tv unauthenticated remote arbitrary file execution attempt (more info ...) | attempted-admin | 2018-6546 | |||
| 47427 | MALWARE-CNC Win.Trojan.Mapoyun variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 47430 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (more info ...) | attempted-recon | URL | |||
| 47431 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (more info ...) | attempted-recon | URL | |||
| 47432 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (more info ...) | attempted-recon | URL | |||
| 47433 | FILE-IMAGE TRUFFLEHUNTER TALOS-2018-0644 attack attempt (more info ...) | attempted-recon | URL | |||
| 47434 | MALWARE-CNC Win.Coinminer.HiddenShock variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47435 | MALWARE-CNC Win.Dropper.IcedID payload download (more info ...) | trojan-activity | URL | |||
| 47436 | MALWARE-CNC Win.Dropper.IcedID outbound connection (more info ...) | trojan-activity | URL | |||
| 47442 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0647 attack attempt (more info ...) | attempted-dos | 2018-3979 | URL | ||
| 47443 | BROWSER-OTHER TRUFFLEHUNTER TALOS-2018-0647 attack attempt (more info ...) | attempted-dos | 2018-3979 | URL | ||
| 47444 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47445 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47446 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47447 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47448 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47449 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47450 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47451 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47452 | MALWARE-CNC Win.Trojan.Gorgon outbound connection (more info ...) | trojan-activity | URL | |||
| 47471 | SERVER-WEBAPP Advantech WebAccess gmicons.asp picfile arbitrary file upload attempt (more info ...) | attempted-admin | 2017-16736 | URL | ||
| 47472 | SERVER-WEBAPP Advantech WebAccess gmicons.asp directory traversal attempt (more info ...) | web-application-attack | 2017-16736 | URL | ||
| 47473 | SERVER-WEBAPP Kodi playlist creation persistent cross site scripting attempt (more info ...) | attempted-user | 2018-8831 | |||
| 47494 | SERVER-WEBAPP Easy File Sharing stack buffer overflow attempt (more info ...) | attempted-user | 2018-9059 | |||
| 47505 | MALWARE-CNC Py.Malware.EvilOSX 404 Error Page Payload/Command Delivery (more info ...) | trojan-activity | URL | |||
| 47511 | MALWARE-CNC Win32.Backdoor.Ropindo variant outbound post detected (more info ...) | trojan-activity | URL | |||
| 47525 | MALWARE-CNC Win.Trojan.Grobios outbound connection (more info ...) | trojan-activity | URL | |||
| 47526 | MALWARE-CNC Win.Trojan.Grobios C2 inbound server command (more info ...) | trojan-activity | URL | |||
| 47541 | SERVER-MAIL EHLO user overflow attempt (more info ...) | attempted-admin | 2018-6789 | 13772 | ||
| 47546 | MALWARE-CNC Win.Trojan.Keywsec variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 47547 | MALWARE-CNC Win.Trojan.Keywsec variant post-compromise outbound request detected (more info ...) | trojan-activity | URL | |||
| 47548 | MALWARE-CNC Win.Trojan.Keywsec variant outbound request for malicious dll exe and js detected (more info ...) | trojan-activity | URL | |||
| 47549 | SERVER-WEBAPP Easy Hosting Control Panel action cross site scripting attempt (more info ...) | attempted-user | 2018-6362 | |||
| 47557 | MALWARE-CNC Win.Trojan.PLEAD downloader outbound connection (more info ...) | trojan-activity | URL | |||
| 47567 | MALWARE-CNC Win.Trojan.Zegost variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47578 | SERVER-WEBAPP NetGain Systems Enterprise Manager directory traversal attempt (more info ...) | web-application-attack | 2017-16603 | |||
| 47581 | SERVER-WEBAPP GitStack unauthenticated REST API add user attempt (more info ...) | policy-violation | 2018-5955 | |||
| 47582 | SERVER-WEBAPP GitStack unauthenticated REST API repository modification attempt (more info ...) | policy-violation | 2018-5955 | |||
| 47583 | SERVER-WEBAPP GitStack unauthenticated REST API repository modification attempt (more info ...) | policy-violation | 2018-5955 | |||
| 47584 | SERVER-WEBAPP Dolibarr Carte cross site scripting attempt (more info ...) | attempted-user | 2018-10095 | |||
| 47585 | SERVER-OTHER ntpq decode array buffer overflow attempt (more info ...) | attempted-user | 2018-7183 | URL | ||
| 47586 | FILE-OTHER Info-ZIP UnZip heap buffer overflow attempt (more info ...) | attempted-user | 2018-1000035 | |||
| 47587 | FILE-OTHER Info-ZIP UnZip heap buffer overflow attempt (more info ...) | attempted-user | 2018-1000035 | |||
| 47588 | SERVER-WEBAPP Subsonic Subscribe to Podcast cross site scripting attempt (more info ...) | attempted-user | 2017-9414 | |||
| 47589 | SERVER-WEBAPP Subsonic Subscribe to Podcast cross site scripting attempt (more info ...) | attempted-user | 2017-9414 | |||
| 47590 | SERVER-WEBAPP Subsonic Subscribe to Podcast cross site scripting attempt (more info ...) | attempted-user | 2017-9414 | |||
| 47593 | MALWARE-CNC Fake PDFEscape font pack cryptominer (more info ...) | trojan-activity | ||||
| 47594 | MALWARE-CNC Fake PDFEscape font pack cryptominer (more info ...) | trojan-activity | ||||
| 47600 | MALWARE-CNC Win.Trojan.Waldek variant initial outbound connection detected (more info ...) | trojan-activity | ||||
| 47601 | MALWARE-CNC Win.Trojan.Betabot variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 47602 | MALWARE-CNC Win.Trojan.AzoRult variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 47607 | SERVER-WEBAPP Advantech WebAccess Dashboard Viewer arbitrary file upload attempt (more info ...) | web-application-attack | URL | |||
| 47608 | SERVER-WEBAPP Advantech WebAccess Dashboard Viewer arbitrary file upload attempt (more info ...) | web-application-attack | URL | |||
| 47609 | SERVER-WEBAPP Advantech WebAccess Dashboard Viewer arbitrary file upload attempt (more info ...) | web-application-attack | URL | |||
| 47610 | SERVER-WEBAPP Advantech WebAccess Dashboard Viewer arbitrary file upload attempt (more info ...) | web-application-attack | URL | |||
| 47611 | FILE-OTHER Easy MPEG to DVD Burner buffer overflow attempt (more info ...) | attempted-user | ||||
| 47612 | FILE-OTHER Easy MPEG to DVD Burner buffer overflow attempt (more info ...) | attempted-user | ||||
| 47616 | MALWARE-CNC Win.Trojan.Emotet variant download (more info ...) | trojan-activity | URL | |||
| 47617 | MALWARE-CNC Win.Trojan.Emotet variant download (more info ...) | trojan-activity | URL | |||
| 47618 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47619 | SERVER-WEBAPP Symfony HttpFoundation component potential security bypass attempt (more info ...) | web-application-attack | 2018-14773 | URL | ||
| 47620 | SERVER-WEBAPP Symfony HttpFoundation component potential security bypass attempt (more info ...) | web-application-attack | 2018-14773 | URL | ||
| 47621 | MALWARE-CNC Win.Ransomware.Princess variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 47627 | MALWARE-CNC Win.Trojan.KeyPass variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 47633 | POLICY-OTHER Accelerite Endpoint Management default credentials login attempt (more info ...) | policy-violation | URL | |||
| 47650 | MALWARE-CNC Win.Trojan.Marap outbound beacon detected (more info ...) | trojan-activity | URL | |||
| 47662 | SERVER-WEBAPP Cogent DataHub ASP script injection attempt (more info ...) | attempted-admin | ||||
| 47663 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0653 attack attempt (more info ...) | attempted-admin | 2018-3985 | URL | ||
| 47670 | SERVER-WEBAPP LSIS wXP arbitrary file upload attempt (more info ...) | attempted-admin | ||||
| 47677 | SERVER-WEBAPP Dell SonicWall Scrutinizer hidden webmin credentials login attempt (more info ...) | default-login-attempt | ||||
| 47678 | MALWARE-CNC Win.Trojan.Torpplar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47692 | MALWARE-CNC Win.Ransomware.Shrug2 outbound connection (more info ...) | trojan-activity | URL | |||
| 47693 | SERVER-WEBAPP Manage Engine Recovery Manager cross site scripting attempt (more info ...) | attempted-user | 2018-9163 | URL | ||
| 47694 | SERVER-WEBAPP Manage Engine Recovery Manager cross site scripting attempt (more info ...) | attempted-user | 2018-9163 | URL | ||
| 47695 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Downloader.Powload (more info ...) | trojan-activity | URL | |||
| 47696 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Downloader.Powload (more info ...) | trojan-activity | URL | |||
| 47697 | MALWARE-CNC User-Agent known malicious user-agent string - Win.Downloader.Powload (more info ...) | trojan-activity | URL | |||
| 47701 | MALWARE-CNC Win.Backdoor.Iniduoh variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47708 | MALWARE-CNC Win.Trojan.Fallchill variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47723 | MALWARE-CNC Andr.Trojan.MysteryBot outbound connection (more info ...) | trojan-activity | URL | |||
| 47724 | SERVER-OTHER Memcached DDoS attempt (more info ...) | attempted-dos | 2018-1000115 | URL | ||
| 47725 | SERVER-OTHER Memcached DDoS attempt (more info ...) | attempted-dos | 2018-1000115 | URL | ||
| 47726 | SERVER-OTHER Memcached DDoS attempt (more info ...) | attempted-dos | 2018-1000115 | URL | ||
| 47766 | MALWARE-CNC Win.Ransomware.GandCrab outbound connection (more info ...) | trojan-activity | URL | |||
| 47767 | SERVER-WEBAPP ClipBucket file_uploader command injection attempt (more info ...) | web-application-attack | 2018-7664 | |||
| 47773 | MALWARE-CNC Win32.Backdoor.Turla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47790 | SERVER-WEBAPP Trend Micro Email Encryption Gateway cross site scripting attempt (more info ...) | attempted-user | 2018-6227 | |||
| 47791 | SERVER-WEBAPP Trend Micro Email Encryption Gateway cross site scripting attempt (more info ...) | attempted-user | 2018-6227 | |||
| 47792 | SERVER-WEBAPP Trend Micro Email Encryption Gateway cross site scripting attempt (more info ...) | attempted-user | 2018-6226 | |||
| 47793 | SERVER-WEBAPP Trend Micro Email Encryption Gateway cross site scripting attempt (more info ...) | attempted-user | 2018-6226 | |||
| 47820 | SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (more info ...) | denial-of-service | 2017-3730 | |||
| 47821 | SERVER-OTHER OpenSSL invalid Diffie-Hellman parameter NULL pointer dereference attempt (more info ...) | denial-of-service | 2017-3730 | |||
| 47822 | MALWARE-CNC Win.Trojan.njrat njRAT trojan outbound attempt (more info ...) | trojan-activity | URL | |||
| 47823 | MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (more info ...) | trojan-activity | URL | |||
| 47824 | MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (more info ...) | trojan-activity | URL | |||
| 47825 | MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (more info ...) | trojan-activity | URL | |||
| 47826 | MALWARE-CNC Win.Trojan.njrat njRAT trojan variant download (more info ...) | trojan-activity | URL | |||
| 47835 | MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (more info ...) | trojan-activity | URL | |||
| 47836 | MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (more info ...) | trojan-activity | URL | |||
| 47837 | MALWARE-CNC Win.Trojan.DownloadGuide variant outbound traffic (more info ...) | trojan-activity | URL | |||
| 47860 | MALWARE-CNC Andr.Trojan.Xamaria variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47876 | MALWARE-CNC Andr.Trojan.AnubisCrypt variant outbound post detected (more info ...) | trojan-activity | URL | |||
| 47877 | MALWARE-CNC Andr.Trojan.AnubisCrypt variant outbound post detected (more info ...) | trojan-activity | URL | |||
| 47882 | FILE-OTHER Ghostscript -dSAFER sandbox bypass attempt (more info ...) | attempted-admin | 2018-16509 | |||
| 47895 | BROWSER-PLUGINS Tor Browser 7.x NoScript secure mode bypass attempt (more info ...) | attempted-user | URL | |||
| 47896 | SERVER-OTHER Alt-N MDaemon buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 47897 | SERVER-OTHER Alt-N MDaemon buffer overflow attempt (more info ...) | attempted-admin | URL | |||
| 47898 | MALWARE-CNC Win.Trojan.OilRig variant outbound connection (more info ...) | attempted-user | URL | |||
| 47899 | MALWARE-CNC Win.Trojan.OilRig variant outbound connection (more info ...) | attempted-user | URL | |||
| 47900 | MALWARE-CNC Win.Trojan.OilRig variant outbound connection (more info ...) | attempted-user | URL | |||
| 47901 | MALWARE-CNC Win.Trojan.CobInt outbound connection (more info ...) | trojan-activity | URL | |||
| 47902 | MALWARE-CNC Win.Trojan.CobInt outbound connection (more info ...) | trojan-activity | URL | |||
| 47903 | MALWARE-CNC Win.Trojan.CobInt outbound connection (more info ...) | attempted-user | URL | |||
| 47904 | MALWARE-CNC Win.Trojan.CobInt outbound connection (more info ...) | trojan-activity | URL | |||
| 47905 | MALWARE-CNC Win.Trojan.CobInt outbound connection (more info ...) | trojan-activity | URL | |||
| 47906 | MALWARE-CNC Win.Trojan.CobInt outbound connection (more info ...) | trojan-activity | URL | |||
| 47934 | MALWARE-CNC Win.Trojan.MSDownloader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 47935 | MALWARE-CNC Win.Trojan.MSDownloader variant download (more info ...) | trojan-activity | URL | |||
| 47936 | MALWARE-CNC Win.Trojan.MSDownloader variant download (more info ...) | trojan-activity | URL | |||
| 48022 | MALWARE-CNC Win.Ransomware.Viro variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48024 | MALWARE-CNC Win.Trojan.PyLocky outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48025 | MALWARE-CNC BabaYaga inbound connection (more info ...) | trojan-activity | URL | |||
| 48026 | MALWARE-CNC BabaYaga outbound connection (more info ...) | trojan-activity | URL | |||
| 48027 | MALWARE-CNC BabaYaga outbound connection (more info ...) | trojan-activity | URL | |||
| 48028 | MALWARE-CNC Win.Trojan.Turla outbound connection (more info ...) | trojan-activity | URL | |||
| 48035 | MALWARE-CNC Win.Trojan.AcridRain outbound connection (more info ...) | trojan-activity | URL | |||
| 48036 | MALWARE-CNC Win.Trojan.AcridRain outbound connection (more info ...) | trojan-activity | URL | |||
| 48079 | MALWARE-CNC Win.Trojan.Ramnit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48080 | MALWARE-CNC Win.Trojan.Ramnit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48081 | MALWARE-CNC Win.Trojan.Ramnit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48082 | MALWARE-CNC Win.Trojan.Agent download attempt (more info ...) | trojan-activity | URL | |||
| 48083 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48084 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48085 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48086 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48087 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48088 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48089 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48090 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48091 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48092 | MALWARE-CNC Win.Trojan.MirageFox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48093 | MALWARE-CNC Win.Trojan.MirageFox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48094 | SERVER-WEBAPP SAP Internet Transaction Server directory traversal attempt (more info ...) | web-application-attack | 2003-0748 | 8516 | ||
| 48095 | SERVER-WEBAPP SAP Internet Transaction Server directory traversal attempt (more info ...) | web-application-attack | 2003-0748 | 8516 | ||
| 48096 | SERVER-WEBAPP SAP Internet Transaction Server directory traversal attempt (more info ...) | web-application-attack | 2003-0748 | 8516 | ||
| 48114 | SERVER-OTHER Delta Industrial Automation Robot DRAStudio Arbitrary File Disclosure attempt (more info ...) | attempted-user | URL | |||
| 48115 | MALWARE-CNC Win.Trojan.ITranslator variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48116 | MALWARE-CNC Win.Trojan.ITranslator variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48117 | MALWARE-CNC Win.Trojan.ITranslator variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48118 | MALWARE-CNC Win.Trojan.ITranslator variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48119 | MALWARE-CNC Win.Trojan.ITranslator variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48120 | MALWARE-CNC Win.Trojan.ITranslator variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48121 | SERVER-OTHER LSIS wXP Denial of Service attempt (more info ...) | denial-of-service | URL | |||
| 48127 | SERVER-OTHER Reliance SCADA Control Server Denial of Service attempt (more info ...) | attempted-user | URL | |||
| 48140 | MALWARE-CNC Win.Downloader.XAgent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48144 | FILE-OTHER McAfee True Key dll-load exploit attempt (more info ...) | attempted-admin | 2018-6661 | URL | ||
| 48145 | FILE-OTHER McAfee True Key dll-load exploit attempt (more info ...) | attempted-admin | 2018-6661 | URL | ||
| 48146 | MALWARE-BACKDOOR Rebhip variant runtime detection (more info ...) | trojan-activity | URL | |||
| 48147 | MALWARE-CNC Win.Worm.Redhip variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48148 | MALWARE-CNC Win.Worm.Redhip variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48149 | MALWARE-CNC Win.Worm.Redhip variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48150 | MALWARE-CNC Win.Worm.Redhip variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48151 | MALWARE-CNC JS.Trojan.Generic malicious file download (more info ...) | trojan-activity | URL | |||
| 48152 | MALWARE-CNC JS.Trojan.Generic malicious file download (more info ...) | trojan-activity | URL | |||
| 48153 | MALWARE-CNC JS.Trojan.Generic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48154 | MALWARE-CNC JS.Trojan.Generic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48155 | MALWARE-CNC JS.Trojan.Generic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48156 | MALWARE-CNC JS.Trojan.Generic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48157 | MALWARE-CNC JS.Trojan.Generic variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48158 | FILE-OTHER WECON LeviStudio UMP file stack buffer overflow attempt (more info ...) | attempted-user | 2018-10602 | |||
| 48167 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-user | ||||
| 48168 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-user | ||||
| 48169 | SERVER-OTHER HPE Intelligent Management Center imcwlandm buffer overflow attempt (more info ...) | attempted-user | ||||
| 48175 | MALWARE-CNC Win.Trojan.GhostPuppet malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 48176 | MALWARE-CNC Win.Trojan.GhostPuppet malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 48197 | MALWARE-CNC Win.Trojan.Datper variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 48198 | MALWARE-CNC Win.Trojan.Datper variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 48199 | MALWARE-CNC Win.Trojan.Emdivi variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 48202 | MALWARE-CNC Andr.Trojan.Xamaria variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48203 | MALWARE-CNC Andr.Trojan.Xamaria variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48209 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0693 attack attempt (more info ...) | attempted-recon | URL | |||
| 48210 | FILE-OTHER TRUFFLEHUNTER TALOS-2018-0693 attack attempt (more info ...) | attempted-recon | URL | |||
| 48213 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2018-0694 attack attempt (more info ...) | attempted-user | 2018-4022 | URL | ||
| 48214 | FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2018-0694 attack attempt (more info ...) | attempted-user | 2018-4022 | URL | ||
| 48222 | FILE-PDF Foxit Reader and PhantomPDF use after free exploitation attempt (more info ...) | attempted-user | ||||
| 48223 | FILE-PDF Foxit Reader and PhantomPDF use after free exploitation attempt (more info ...) | attempted-user | ||||
| 48249 | SERVER-OTHER GP ProEX WinGP Runtime directory traversal attempt (more info ...) | attempted-user | URL | |||
| 48250 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0697 attack attempt (more info ...) | attempted-dos | 2018-4025 | URL | ||
| 48251 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0699 attack attempt (more info ...) | attempted-dos | 2018-4027 | URL | ||
| 48253 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0698 attack attempt (more info ...) | attempted-dos | 2018-4026 | URL | ||
| 48254 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0696 attack attempt (more info ...) | attempted-dos | 2018-4024 | URL | ||
| 48255 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0695 attack attempt (more info ...) | attempted-admin | 2018-4023 | URL | ||
| 48258 | MALWARE-CNC Win.Trojan.Octopus outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48259 | MALWARE-CNC Win.Trojan.Octopus outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48260 | MALWARE-CNC Win.Trojan.Octopus outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48261 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0703 attack attempt (more info ...) | attempted-admin | 2018-4031 | URL | ||
| 48262 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0703 attack attempt (more info ...) | attempted-admin | 2018-4031 | URL | ||
| 48276 | MALWARE-CNC Win.Trojan.Felixroot variant command-and-control communication attempt (more info ...) | trojan-activity | URL | |||
| 48277 | MALWARE-CNC Win.Trojan.Felixroot variant download attempt (more info ...) | trojan-activity | URL | |||
| 48278 | MALWARE-CNC Win.Trojan.Felixroot variant download attempt (more info ...) | trojan-activity | URL | |||
| 48279 | MALWARE-CNC Rtf.Trojan.Felixroot variant download attempt (more info ...) | trojan-activity | URL | |||
| 48280 | MALWARE-CNC Rtf.Trojan.Felixroot variant download attempt (more info ...) | trojan-activity | URL | |||
| 48287 | MALWARE-CNC Win.Trojan.FormBook variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 48288 | MALWARE-CNC Win.Trojan.FormBook variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 48295 | FILE-OTHER out-of-bounds write attempt with malicious MAR file detected (more info ...) | misc-activity | 2018-12379 | URL | ||
| 48296 | FILE-OTHER out-of-bounds write attempt with malicious MAR file detected (more info ...) | misc-activity | 2018-12379 | URL | ||
| 48299 | MALWARE-CNC Win.Trojan.Telebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48300 | MALWARE-CNC Win.Trojan.Telebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48301 | MALWARE-CNC Win.Trojan.Telebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48302 | MALWARE-CNC Win.Trojan.Telebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48307 | MALWARE-CNC Win.Doc.GrayEnergy malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 48308 | MALWARE-CNC Win.Doc.GrayEnergy malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 48355 | MALWARE-CNC Win.Trojan.Banking download attempt initiated (more info ...) | trojan-activity | URL | |||
| 48356 | MALWARE-CNC Win.Trojan.Banking download attempt initiated (more info ...) | trojan-activity | URL | |||
| 48395 | MALWARE-CNC Win.Trojan.Zebrocy outbound connection (more info ...) | trojan-activity | URL | |||
| 48396 | MALWARE-CNC Win.Trojan.Zebrocy outbound connection (more info ...) | trojan-activity | URL | |||
| 48397 | MALWARE-CNC Win.Trojan.Zebrocy TLS server hello attempt (more info ...) | trojan-activity | URL | |||
| 48402 | MALWARE-CNC Win.Trojan.Emotet variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48422 | MALWARE-CNC Win.Trojan.Bondupdater outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48429 | MALWARE-CNC Win.Trojan.Cannon outbound connection (more info ...) | trojan-activity | URL | |||
| 48430 | MALWARE-CNC Win.Trojan.Cannon outbound connection (more info ...) | trojan-activity | URL | |||
| 48431 | MALWARE-CNC Win.Trojan.Zebrocy outbound connection (more info ...) | trojan-activity | URL | |||
| 48432 | MALWARE-CNC Win.Trojan.Zebrocy outbound connection (more info ...) | trojan-activity | URL | |||
| 48435 | MALWARE-CNC Win.Trojan.OlympicDestroyer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48436 | MALWARE-CNC Win.Trojan.OlympicDestroyer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48437 | MALWARE-CNC Win.Trojan.12percent ransomware generator download (more info ...) | trojan-activity | ||||
| 48438 | MALWARE-CNC Win.Trojan.12percent ransomware generator download (more info ...) | trojan-activity | ||||
| 48439 | INDICATOR-COMPROMISE Request for external IP address/location detected (more info ...) | trojan-activity | ||||
| 48446 | MALWARE-CNC Win.Trojan.Sofacy outbound connection (more info ...) | trojan-activity | URL | |||
| 48447 | MALWARE-CNC Win.Trojan.Sofacy outbound connection (more info ...) | trojan-activity | URL | |||
| 48448 | SERVER-WEBAPP Drupal open redirect external URL injection attempt (more info ...) | attempted-admin | URL | |||
| 48449 | MALWARE-CNC Win.Trojan.Exaramel outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48450 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0729 attack attempt (more info ...) | attempted-user | 2018-4055 | URL | ||
| 48451 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0729 attack attempt (more info ...) | attempted-user | 2018-4055 | URL | ||
| 48452 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0728 attack attempt (more info ...) | attempted-user | 2018-4054 | URL | ||
| 48453 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2018-0728 attack attempt (more info ...) | attempted-user | 2018-4054 | URL | ||
| 48458 | SERVER-OTHER TRUFFLEHUNTER TALOS-2018-0733 attack attempt (more info ...) | attempted-admin | 2018-4059 | URL | ||
| 48461 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48462 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48463 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48464 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48465 | MALWARE-CNC Js.Worm.Bondat inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48466 | MALWARE-CNC Win.Trojan.tRat variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48467 | MALWARE-CNC Win.Trojan.tRat variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48476 | MALWARE-CNC Win.Trojan.Carrotbat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48477 | MALWARE-CNC Win.Trojan.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48478 | MALWARE-CNC Win.Trojan.Agent outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48480 | MALWARE-CNC Win.Trojan.Carrotbat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48485 | SERVER-WEBAPP Loytec LWEB-900 directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 48497 | MALWARE-CNC 4th Stage Oilrig CNC connection attempt (more info ...) | trojan-activity | URL | |||
| 48498 | MALWARE-CNC 2nd Stage Oilrig CNC connection attempt (more info ...) | trojan-activity | URL | |||
| 48499 | MALWARE-CNC Win.Trojan.ZeusPanda outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48503 | MALWARE-CNC Win.Trojan.Hancitor outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48504 | MALWARE-CNC Win.Trojan.ZeusPanda outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48505 | MALWARE-CNC Win.Trojan.Ursnif outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48506 | MALWARE-CNC Win.Trojan.ZeusPanda outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48507 | MALWARE-CNC Win.Trojan.ZeusPanda outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48508 | MALWARE-CNC Win.Trojan.ZeusPanda outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 48521 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0739 attack attempt (more info ...) | attempted-recon | URL | |||
| 48526 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0740 attack attempt (more info ...) | attempted-recon | URL | |||
| 48527 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0737 attack attempt (more info ...) | attempted-dos | URL | |||
| 48528 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2018-0736 attack attempt (more info ...) | attempted-dos | URL | |||
| 48552 | MALWARE-CNC Win.Trojan.Azorult outbound connection (more info ...) | trojan-activity | URL | |||
| 48558 | MALWARE-CNC Win.Trojan.Dofoil variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48559 | MALWARE-CNC Win.Trojan.Powermud variant outbound connection (more info ...) | trojan-activity | ||||
| 48560 | MALWARE-CNC Win.Trojan.Powermud variant outbound connection (more info ...) | trojan-activity | ||||
| 48561 | MALWARE-CNC Win.Trojan.Powermud variant outbound connection (more info ...) | trojan-activity | ||||
| 48562 | MALWARE-CNC Win.Trojan.Powermud variant outbound connection (more info ...) | trojan-activity | ||||
| 48568 | MALWARE-CNC Osx.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48588 | MALWARE-CNC Doc.Downloader.Cannon payload download attempt (more info ...) | trojan-activity | ||||
| 48589 | MALWARE-CNC Doc.Downloader.Cannon payload download attempt (more info ...) | trojan-activity | URL | |||
| 48590 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 48591 | MALWARE-CNC Doc.Downloader.Cannon payload download attempt (more info ...) | trojan-activity | URL | |||
| 48592 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound cnc connection (more info ...) | trojan-activity | ||||
| 48618 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0747 attack attempt (more info ...) | policy-violation | 2018-4062 | URL | ||
| 48620 | POLICY-OTHER TRUFFLEHUNTER TALOS-2018-0754 attack attempt (more info ...) | policy-violation | 2018-4069 | URL | ||
| 48635 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2018-0753 attack attempt (more info ...) | attempted-recon | 2018-4068 | URL | ||
| 48721 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48722 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48723 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48724 | MALWARE-CNC Win.Trojan.Occamy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48732 | MALWARE-CNC Win.Trojan.Zekapab variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48764 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48765 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48766 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48767 | MALWARE-CNC Win.Trojan.Zebrocy variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 48791 | MALWARE-CNC Vbs.Trojan.Agent inbound payload download (more info ...) | trojan-activity | URL | |||
| 48792 | MALWARE-CNC Vbs.Trojan.Agent inbound payload download (more info ...) | trojan-activity | URL | |||
| 48818 | MALWARE-CNC Js.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | ||||
| 48819 | MALWARE-CNC Js.Trojan.Agent variant inbound payload download (more info ...) | trojan-activity | ||||
| 48820 | MALWARE-CNC Win.Ransomware.Criakl variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48821 | MALWARE-CNC Win.Trojan.Uppercut variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48822 | MALWARE-CNC Win.Trojan.Uppercut inbound payload download (more info ...) | trojan-activity | URL | |||
| 48823 | POLICY-OTHER C-More Programming Simulator denial of service attempt (more info ...) | attempted-dos | URL | |||
| 48844 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48845 | MALWARE-CNC Osx.Trojan.WindTail outbound connection (more info ...) | trojan-activity | URL | |||
| 48846 | MALWARE-CNC Osx.Trojan.WindTail outbound connection (more info ...) | trojan-activity | URL | |||
| 48847 | MALWARE-CNC Osx.Trojan.WindTail outbound connection (more info ...) | trojan-activity | URL | |||
| 48854 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0758 attack attempt (more info ...) | attempted-dos | 2019-5010 | URL | ||
| 48855 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0758 attack attempt (more info ...) | attempted-dos | 2019-5010 | URL | ||
| 48857 | MALWARE-CNC Win.Trojan.L0rdix send client settings attempt (more info ...) | trojan-activity | URL | |||
| 48858 | MALWARE-CNC Win.Trojan.L0rdix send system log attempt (more info ...) | trojan-activity | URL | |||
| 48859 | MALWARE-CNC MuddyWater variant malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 48860 | MALWARE-CNC MuddyWater variant malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 48861 | INDICATOR-OBFUSCATION Potential Z-WASP malicious URL obfuscation attempt (more info ...) | misc-activity | URL | |||
| 48862 | INDICATOR-OBFUSCATION Potential Z-WASP malicious URL obfuscation attempt (more info ...) | misc-activity | URL | |||
| 48863 | INDICATOR-OBFUSCATION Potential Z-WASP malicious URL obfuscation attempt (more info ...) | misc-activity | URL | |||
| 48864 | INDICATOR-OBFUSCATION Potential Z-WASP malicious URL obfuscation attempt (more info ...) | misc-activity | URL | |||
| 48865 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48866 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48867 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48868 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48872 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | ||||
| 48873 | MALWARE-CNC Win.Trojan.BitterRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48874 | MALWARE-CNC Win.Trojan.BitterRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48875 | MALWARE-CNC Win.Trojan.BitterRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48876 | MALWARE-CNC Win.Trojan.BitterRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48877 | MALWARE-CNC Win.Trojan.BitterRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48878 | MALWARE-CNC Win.Trojan.BitterRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48879 | MALWARE-CNC Win.Trojan.FlawedGrace outbound connection (more info ...) | trojan-activity | URL | |||
| 48880 | MALWARE-CNC Win.Trojan.FlawedGrace outbound connection (more info ...) | trojan-activity | URL | |||
| 48881 | MALWARE-CNC Win.Trojan.FlawedGrace outbound connection (more info ...) | trojan-activity | URL | |||
| 48882 | MALWARE-CNC Win.Trojan.FlawedGrace outbound connection (more info ...) | trojan-activity | URL | |||
| 48883 | MALWARE-CNC Win.Trojan.ServHelper outbound connection (more info ...) | trojan-activity | URL | |||
| 48884 | MALWARE-CNC Win.Trojan.ServHelper outbound connection (more info ...) | trojan-activity | URL | |||
| 48885 | MALWARE-CNC Win.Trojan.ServHelper outbound connection (more info ...) | trojan-activity | URL | |||
| 48886 | MALWARE-CNC Win.Trojan.FlawedGrace outbound connection (more info ...) | trojan-activity | URL | |||
| 48887 | MALWARE-CNC Win.Trojan.ServHelper outbound connection (more info ...) | trojan-activity | URL | |||
| 48895 | POLICY-SPAM Potential phishing attack - Web Open Font Format evasion attempt (more info ...) | policy-violation | URL | |||
| 48904 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48907 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48908 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 48937 | FILE-IMAGE Imagemagick XBM tranformation information leak attempt (more info ...) | attempted-recon | 2018-16323 | |||
| 48940 | MALWARE-CNC Win.Trojan.TA505 malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 48941 | MALWARE-CNC Win.Trojan.TA505 malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 48975 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0767 attack attempt (more info ...) | attempted-dos | URL | |||
| 48976 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0769 attack attempt (more info ...) | attempted-recon | URL | |||
| 48977 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0770 attack attempt (more info ...) | attempted-dos | URL | |||
| 48978 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0768 attack attempt (more info ...) | attempted-dos | URL | |||
| 48979 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0764 attack attempt (more info ...) | attempted-dos | URL | |||
| 48980 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0766 attack attempt (more info ...) | attempted-dos | URL | |||
| 48981 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0765 attack attempt (more info ...) | attempted-dos | URL | |||
| 48982 | MALWARE-CNC Win.Ransomware.MongoLock outbound connection (more info ...) | trojan-activity | URL | |||
| 48984 | PROTOCOL-SCADA PCOM Identification ASCII request (more info ...) | attempted-recon | URL | |||
| 48985 | PROTOCOL-SCADA PCOM Init Device ASCII request (more info ...) | attempted-dos | URL | |||
| 48986 | PROTOCOL-SCADA PCOM Set UnitID ASCII request (more info ...) | attempted-recon | URL | |||
| 48987 | PROTOCOL-SCADA PCOM Get UnitID ASCII request (more info ...) | attempted-recon | URL | |||
| 48988 | PROTOCOL-SCADA PCOM Read Inputs ASCII request (more info ...) | attempted-recon | URL | |||
| 48989 | PROTOCOL-SCADA PCOM Set RTC ASCII request (more info ...) | attempted-recon | URL | |||
| 48990 | PROTOCOL-SCADA PCOM Read Ouputs ASCII request (more info ...) | attempted-recon | URL | |||
| 48991 | PROTOCOL-SCADA PCOM Read System Bits ASCII request (more info ...) | attempted-recon | URL | |||
| 48992 | PROTOCOL-SCADA PCOM Read Memory Integers ASCII request (more info ...) | attempted-recon | URL | |||
| 48993 | PROTOCOL-SCADA PCOM Read Memory Longs ASCII request (more info ...) | attempted-recon | URL | |||
| 48994 | PROTOCOL-SCADA PCOM Write System Integers ASCII request (more info ...) | attempted-recon | URL | |||
| 48995 | PROTOCOL-SCADA PCOM Write System Bits ASCII request (more info ...) | attempted-recon | URL | |||
| 48996 | PROTOCOL-SCADA PCOM Read System Longs ASCII request (more info ...) | attempted-recon | URL | |||
| 48997 | PROTOCOL-SCADA PCOM Read System Integers ASCII request (more info ...) | attempted-recon | URL | |||
| 48998 | PROTOCOL-SCADA PCOM Read Memory Bits ASCII request (more info ...) | attempted-recon | URL | |||
| 48999 | PROTOCOL-SCADA PCOM Write Ouputs ASCII request (more info ...) | attempted-recon | URL | |||
| 49000 | PROTOCOL-SCADA PCOM Stop Device ASCII request (more info ...) | attempted-dos | URL | |||
| 49001 | PROTOCOL-SCADA PCOM Start Device ASCII request (more info ...) | attempted-dos | URL | |||
| 49002 | PROTOCOL-SCADA PCOM Write System Longs ASCII request (more info ...) | attempted-recon | URL | |||
| 49003 | PROTOCOL-SCADA PCOM Get RTC ASCII request (more info ...) | attempted-recon | URL | |||
| 49004 | PROTOCOL-SCADA PCOM Write Memory Bits ASCII request (more info ...) | attempted-recon | URL | |||
| 49005 | PROTOCOL-SCADA PCOM Reset Device ASCII request (more info ...) | attempted-dos | URL | |||
| 49006 | PROTOCOL-SCADA PCOM Write Memory Longs ASCII request (more info ...) | attempted-recon | URL | |||
| 49007 | PROTOCOL-SCADA PCOM Write Memory Integers ASCII request (more info ...) | attempted-recon | URL | |||
| 49009 | PROTOCOL-SCADA PCOM Set UnitID ASCII reply (more info ...) | attempted-recon | URL | |||
| 49010 | PROTOCOL-SCADA PCOM Get RTC ASCII reply (more info ...) | attempted-recon | URL | |||
| 49011 | PROTOCOL-SCADA PCOM Identification ASCII reply (more info ...) | attempted-recon | URL | |||
| 49012 | PROTOCOL-SCADA PCOM Write Data Table binary request (more info ...) | attempted-recon | URL | |||
| 49013 | PROTOCOL-SCADA PCOM Get UnitID ASCII reply (more info ...) | attempted-recon | URL | |||
| 49014 | PROTOCOL-SCADA PCOM Read Data Table binary request (more info ...) | attempted-recon | URL | |||
| 49015 | PROTOCOL-SCADA PCOM Get PLC Name binary request (more info ...) | attempted-recon | URL | |||
| 49016 | PROTOCOL-SCADA PCOM Set RTC ASCII reply (more info ...) | attempted-recon | URL | |||
| 49017 | PROTOCOL-SCADA PCOM Read Inputs ASCII reply (more info ...) | attempted-recon | URL | |||
| 49018 | PROTOCOL-SCADA PCOM Read System Bits ASCII reply (more info ...) | attempted-recon | URL | |||
| 49019 | PROTOCOL-SCADA PCOM Read Longs ASCII reply (more info ...) | attempted-recon | URL | |||
| 49020 | PROTOCOL-SCADA PCOM Read System Integers ASCII reply (more info ...) | attempted-recon | URL | |||
| 49021 | PROTOCOL-SCADA PCOM Read Ouputs ASCII reply (more info ...) | attempted-recon | URL | |||
| 49022 | PROTOCOL-SCADA PCOM Read Memory Bits ASCII reply (more info ...) | attempted-recon | URL | |||
| 49023 | PROTOCOL-SCADA PCOM Read Memory Integers ASCII reply (more info ...) | attempted-recon | URL | |||
| 49024 | PROTOCOL-SCADA PCOM Write Memory Bits ASCII reply (more info ...) | attempted-recon | URL | |||
| 49025 | PROTOCOL-SCADA PCOM Write System Integers ASCII reply (more info ...) | attempted-recon | URL | |||
| 49026 | PROTOCOL-SCADA PCOM Write System Bits ASCII reply (more info ...) | attempted-recon | URL | |||
| 49027 | PROTOCOL-SCADA PCOM Write Ouputs ASCII reply (more info ...) | attempted-recon | URL | |||
| 49028 | PROTOCOL-SCADA PCOM Write Memory Integers ASCII reply (more info ...) | attempted-recon | URL | |||
| 49029 | PROTOCOL-SCADA PCOM Write Longs ASCII reply (more info ...) | attempted-recon | URL | |||
| 49031 | PROTOCOL-SCADA PCOM Get PLC Name binary reply (more info ...) | attempted-recon | URL | |||
| 49032 | PROTOCOL-SCADA PCOM Write Data Table binary reply (more info ...) | attempted-recon | URL | |||
| 49033 | PROTOCOL-SCADA PCOM Read Data Table binary reply (more info ...) | attempted-recon | URL | |||
| 49034 | MALWARE-CNC Win.Trojan.Qakbot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49035 | MALWARE-CNC Win.Trojan.Qakbot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49047 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0763 attack attempt (more info ...) | attempted-admin | URL | |||
| 49050 | PROTOCOL-SCADA Siemens SIMATIC S7-1500 remote denial of service attempt (more info ...) | attempted-dos | 2016-3963 | URL | ||
| 49051 | SERVER-OTHER Ewon router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49052 | SERVER-OTHER Moxa router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49053 | SERVER-OTHER Moxa router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49054 | SERVER-OTHER Moxa router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49055 | SERVER-OTHER Moxa router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49056 | SERVER-OTHER Moxa router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49057 | SERVER-OTHER Moxa router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49058 | SERVER-OTHER Sierra Wireless router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49059 | SERVER-OTHER Sierra Wireless router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49060 | SERVER-OTHER Sierra Wireless router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49061 | SERVER-OTHER Sierra Wireless router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49062 | SERVER-OTHER Sierra Wireless router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49063 | SERVER-OTHER Sierra Wireless router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49064 | SERVER-OTHER Westermo router default credential login attempt (more info ...) | attempted-user | URL | |||
| 49068 | MALWARE-CNC Win.Doc.Dropper GandCrab ramsomware download attempt (more info ...) | trojan-activity | URL | |||
| 49069 | MALWARE-CNC Win.Doc.Dropper GandCrab ramsomware download attempt (more info ...) | trojan-activity | URL | |||
| 49087 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0775 attack attempt (more info ...) | policy-violation | 2019-5017 | URL | ||
| 49091 | MALWARE-CNC Win.Trojan.Dragonok variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49092 | MALWARE-CNC Win.Trojan.Dragonok variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49093 | SERVER-WEBAPP Coaster CMS stored cross site scripting attempt (more info ...) | attempted-user | 2018-17876 | URL | ||
| 49101 | MALWARE-CNC Win.Trojan.Qealler outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49102 | MALWARE-CNC Win.Trojan.Qealler outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49103 | MALWARE-CNC Win.Trojan.Qealler outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49104 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49105 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49106 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49107 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49108 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49109 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49110 | MALWARE-CNC Osx.Trojan.DarthMiner variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49215 | MALWARE-CNC Win.Trojan.Keymarble malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49216 | MALWARE-CNC Win.Trojan.Keymarble malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49217 | MALWARE-CNC Win.Trojan.Keymarble malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49218 | MALWARE-CNC Win.Trojan.Keymarble malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49219 | MALWARE-CNC Win.Dropper.Brusha malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 49220 | MALWARE-CNC Win.Dropper.Brusha malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 49221 | MALWARE-CNC Win.Dropper.Brusha malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 49222 | MALWARE-CNC Win.Dropper.Brusha malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 49223 | MALWARE-CNC Win.Dropper.Brusha malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 49224 | MALWARE-CNC Win.Dropper.Brusha malicious payload download attempt (more info ...) | trojan-activity | URL | |||
| 49291 | FILE-OTHER WinRAR ACE remote code execution attempt (more info ...) | attempted-user | 2018-20250 | URL | ||
| 49292 | FILE-OTHER WinRAR ACE remote code execution attempt (more info ...) | attempted-user | 2018-20250 | URL | ||
| 49297 | FILE-OTHER IBM Lotus Notes LZH Attachment Viewer buffer overflow attempt (more info ...) | attempted-user | 2011-1213 | 48018 | ||
| 49304 | SERVER-OTHER Google Golang GET command injection attempt (more info ...) | attempted-user | 2018-7187 | |||
| 49319 | SERVER-WEBAPP CentOS Web Panel persistent cross site scripting attempt (more info ...) | attempted-user | 2019-7646 | URL | ||
| 49320 | SERVER-WEBAPP CentOS Web Panel persistent cross site scripting attempt (more info ...) | attempted-user | 2019-7646 | URL | ||
| 49321 | SERVER-WEBAPP CentOS Web Panel persistent cross site scripting attempt (more info ...) | attempted-user | 2019-7646 | URL | ||
| 49322 | SERVER-WEBAPP CentOS Web Panel persistent cross site scripting attempt (more info ...) | attempted-user | 2019-7646 | URL | ||
| 49326 | SERVER-WEBAPP Rockwell Automation Allen-Bradley PowerMonitor 1000 cross site scripting attempt (more info ...) | attempted-user | 2018-19615 | |||
| 49327 | MALWARE-CNC Win.Ransomware.Crytekk variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49328 | MALWARE-CNC Win.Ransomware.Crytekk variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49329 | MALWARE-CNC Win.Ransomware.Crytekk variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49330 | MALWARE-CNC Win.Ransomware.Crytekk variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 49331 | MALWARE-CNC Win.Trojan.Arescrypt malicious ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 49332 | MALWARE-CNC Win.Trojan.Arescrypt malicious ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 49351 | MALWARE-CNC Win.Trojan.FrameworkPoS variant outbound connection attempt (more info ...) | trojan-activity | ||||
| 49352 | MALWARE-CNC Win.Trojan.FrameworkPoS malicious executable download attempt (more info ...) | trojan-activity | ||||
| 49353 | MALWARE-CNC Win.Trojan.FrameworkPoS malicious executable download attempt (more info ...) | trojan-activity | ||||
| 49354 | MALWARE-CNC Win.Trojan.KerrDown variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49355 | MALWARE-CNC Win.Trojan.KerrDown variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49356 | MALWARE-CNC Win.Trojan.KerrDown download attempt (more info ...) | trojan-activity | URL | |||
| 49357 | MALWARE-CNC Win.Trojan.KerrDown download attempt (more info ...) | trojan-activity | URL | |||
| 49358 | MALWARE-CNC Win.Trojan.KerrDown download attempt (more info ...) | trojan-activity | URL | |||
| 49359 | MALWARE-CNC Win.Trojan.KerrDown download attempt (more info ...) | trojan-activity | URL | |||
| 49366 | INDICATOR-COMPROMISE Windows SMBv1 information disclosure attempt (more info ...) | attempted-recon | 2019-0703 | URL | ||
| 49367 | INDICATOR-COMPROMISE Windows SMBv2 information disclosure attempt (more info ...) | attempted-recon | 2019-0703 | URL | ||
| 49370 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0788 attack attempt (more info ...) | policy-violation | 2019-5027 | URL | ||
| 49373 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0789 attack attempt (more info ...) | policy-violation | 2019-5028 | URL | ||
| 49396 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49397 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49398 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49408 | SERVER-WEBAPP Simple Scada directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49409 | FILE-OTHER Elipse Software Elipse32 dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 49410 | FILE-OTHER Elipse Software Elipse32 dll-load exploit attempt (more info ...) | attempted-user | URL | |||
| 49416 | SERVER-OTHER Samsung Integrated Management System Data Management Server hardcoded credentials attempt (more info ...) | default-login-attempt | ||||
| 49417 | SERVER-OTHER Samsung Integrated Management System Data Management Server hardcoded credentials attempt (more info ...) | default-login-attempt | ||||
| 49424 | MALWARE-CNC Win.Trojan.Danabot download attempt (more info ...) | trojan-activity | URL | |||
| 49425 | MALWARE-CNC Win.Trojan.Danabot download attempt (more info ...) | trojan-activity | URL | |||
| 49429 | SERVER-WEBAPP MyBB Bans List Extension cross site scripting attempt (more info ...) | attempted-user | 2018-14724 | URL | ||
| 49430 | SERVER-WEBAPP MyBB Bans List Extension cross site scripting attempt (more info ...) | attempted-user | 2018-14724 | URL | ||
| 49433 | SERVER-WEBAPP Sitecom Home Storage Center directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49434 | SERVER-WEBAPP Sitecom Home Storage Center directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49435 | SERVER-WEBAPP Sitecom Home Storage Center directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49436 | POLICY-OTHER Linksys WAP610N command injection attempt (more info ...) | successful-admin | URL | |||
| 49437 | FILE-OTHER Schneider Electric GP-Pro EX ParseAPI heap buffer overflow attempt (more info ...) | attempted-user | 2016-2290 | URL | ||
| 49438 | SERVER-OTHER QNX Neutrino qconn unauthenticated command execution attempt (more info ...) | attempted-admin | URL | |||
| 49439 | SERVER-OTHER Interactive Graphical SCADA System arbitrary file read attempt (more info ...) | attempted-recon | URL | |||
| 49440 | SERVER-OTHER SCADA DataRate remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 49441 | SERVER-OTHER SCADA DataRate remote code execution attempt (more info ...) | attempted-admin | URL | |||
| 49466 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | ||||
| 49467 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | ||||
| 49468 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49469 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49470 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49471 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49472 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | ||||
| 49473 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49474 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | ||||
| 49475 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49476 | MALWARE-CNC Win.Trojan.RisingSun variant outbound connection (more info ...) | trojan-activity | ||||
| 49477 | MALWARE-CNC Doc.Dropper.RisingSun variant download attempt (more info ...) | trojan-activity | URL | |||
| 49478 | MALWARE-CNC Doc.Dropper.RisingSun variant download attempt (more info ...) | trojan-activity | URL | |||
| 49479 | MALWARE-CNC Doc.Dropper.RisingSun variant download attempt (more info ...) | trojan-activity | URL | |||
| 49480 | SERVER-OTHER IBM solidDB denial of service attempt (more info ...) | attempted-dos | 2010-4056 | |||
| 49481 | SERVER-OTHER Sagem Fast 3304-V1 denial of service attempt (more info ...) | attempted-dos | ||||
| 49484 | SERVER-OTHER Western Digital MyNet unauthenticated configuration disclosure attempt (more info ...) | attempted-recon | 2013-5006 | |||
| 49485 | SERVER-OTHER IBM solidDB denial of service attempt (more info ...) | attempted-dos | 2010-4055 | |||
| 49490 | SERVER-WEBAPP QNAP Zip Upload command injection attempt (more info ...) | web-application-attack | ||||
| 49491 | SERVER-WEBAPP QNAP Zip Upload command injection attempt (more info ...) | web-application-attack | ||||
| 49492 | SERVER-WEBAPP QNAP Zip Upload command injection attempt (more info ...) | web-application-attack | ||||
| 49493 | SERVER-WEBAPP QNAP Zip Upload command injection attempt (more info ...) | web-application-attack | ||||
| 49506 | POLICY-OTHER Thomson TWG850-4 unauthenticated backup download attempt (more info ...) | attempted-recon | ||||
| 49507 | MALWARE-CNC Win.Trojan.Shade malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49508 | MALWARE-CNC Win.Trojan.Shade malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49521 | POLICY-OTHER Sagem Fast Router default credentials login attempt (more info ...) | default-login-attempt | ||||
| 49523 | SERVER-WEBAPP Zyxel ZyWALL information disclosure attempt (more info ...) | attempted-recon | ||||
| 49533 | MALWARE-CNC Win.Ransomware.Yatron variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49534 | MALWARE-CNC Win.Ransomware.Yatron variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49544 | MALWARE-CNC Win.Trojan.IcedID variant post-config websocket outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49548 | MALWARE-CNC Win.Trojan.AZORult variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 49553 | MALWARE-CNC Win.Trojan.IcedID variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 49554 | SERVER-OTHER OpenMRS getExactPatients.action information disclosure attempt (more info ...) | attempted-admin | URL | |||
| 49555 | INDICATOR-COMPROMISE AutoBase Studio project remote code execution attempt (more info ...) | attempted-user | URL | |||
| 49556 | INDICATOR-COMPROMISE AutoBase Studio project remote code execution attempt (more info ...) | attempted-user | URL | |||
| 49558 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49559 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49560 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49561 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49562 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49563 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49564 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49565 | FILE-PDF Cool PDF Reader buffer overflow attempt (more info ...) | attempted-user | 2012-4914 | |||
| 49566 | MALWARE-CNC Win.Trojan.FlawedAmmyy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49567 | MALWARE-CNC Doc.Downloader.FlawedAmmyy download attempt (more info ...) | trojan-activity | URL | |||
| 49568 | MALWARE-CNC Doc.Downloader.FlawedAmmyy download attempt (more info ...) | trojan-activity | URL | |||
| 49571 | MALWARE-CNC Win.Trojan.Fakewmi variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49572 | MALWARE-CNC Win.Trojan.Fakewmi variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49575 | FILE-IMAGE SketchUp BMP RLE8 parsing buffer overflow attempt (more info ...) | attempted-user | 2013-3663 | |||
| 49576 | FILE-IMAGE SketchUp BMP RLE8 parsing buffer overflow attempt (more info ...) | attempted-user | 2013-3663 | |||
| 49577 | SERVER-WEBAPP ElectronJS Exodus remote code execution attempt (more info ...) | attempted-user | 2018-1000006 | URL | ||
| 49578 | SERVER-WEBAPP ElectronJS Exodus remote code execution attempt (more info ...) | attempted-user | 2018-1000006 | URL | ||
| 49579 | SERVER-WEBAPP ElectronJS Exodus remote code execution attempt (more info ...) | attempted-user | 2018-1000006 | URL | ||
| 49580 | SERVER-WEBAPP ElectronJS Exodus remote code execution attempt (more info ...) | attempted-user | 2018-1000006 | URL | ||
| 49581 | SERVER-WEBAPP ElectronJS Exodus remote code execution attempt (more info ...) | attempted-user | 2018-1000006 | URL | ||
| 49582 | SERVER-WEBAPP ElectronJS Exodus remote code execution attempt (more info ...) | attempted-user | 2018-1000006 | URL | ||
| 49592 | MALWARE-CNC Win.Trojan.SectorA05 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49593 | MALWARE-CNC Win.Trojan.SectorA05 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49594 | MALWARE-CNC Win.Trojan.SectorA05 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49595 | MALWARE-CNC Win.Trojan.SectorA05 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 49596 | MALWARE-CNC Win.Trojan.GlobeImposter malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49597 | MALWARE-CNC Win.Trojan.GlobeImposter malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 49601 | SERVER-OTHER Century Star SCADA directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 49602 | SERVER-OTHER Century Star SCADA directory traversal attempt (more info ...) | attempted-admin | URL | |||
| 49623 | MALWARE-CNC Win.Trojan.Redaman outbound connection (more info ...) | trojan-activity | URL | |||
| 49624 | MALWARE-CNC Win.Trojan.Redaman outbound connection (more info ...) | trojan-activity | URL | |||
| 49625 | MALWARE-CNC Win.Trojan.Redaman outbound connection (more info ...) | trojan-activity | URL | |||
| 49632 | SERVER-OTHER Atvise SCADA arbitrary file disclosure attempt (more info ...) | web-application-attack | URL | |||
| 49633 | SERVER-OTHER Atvise SCADA arbitrary file disclosure attempt (more info ...) | web-application-attack | URL | |||
| 49634 | SERVER-OTHER Atvise SCADA arbitrary file disclosure attempt (more info ...) | web-application-attack | URL | |||
| 49652 | SERVER-OTHER ipTime G104BE directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 49653 | MALWARE-CNC Win.Trojan.Rietspoof variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49665 | SERVER-WEBAPP DirectAdmin admin account creation attempt (more info ...) | attempted-admin | 2019-9625 | |||
| 49676 | MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt (more info ...) | trojan-activity | URL | |||
| 49677 | MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt (more info ...) | trojan-activity | URL | |||
| 49678 | MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt (more info ...) | trojan-activity | URL | |||
| 49679 | MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt (more info ...) | trojan-activity | URL | |||
| 49680 | MALWARE-CNC Win.Ransomware.Lockergoga binary download attempt (more info ...) | trojan-activity | URL | |||
| 49681 | MALWARE-CNC Android.Trojan.Banking outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 49682 | MALWARE-CNC Android.Trojan.Banking command-and-control communication attempt (more info ...) | trojan-activity | URL | |||
| 49772 | MALWARE-CNC Win.Trojan.Imminent variant inbound response (more info ...) | trojan-activity | URL | |||
| 49773 | MALWARE-CNC Win.Trojan.Imminent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49774 | MALWARE-CNC Win.Trojan.Imminent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 49777 | MALWARE-CNC Win.Trojan.HawkEye variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 49778 | MALWARE-CNC Win.Trojan.HawkEye variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 49779 | MALWARE-CNC Win.Trojan.HawkEye variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 49780 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0806 attack attempt (more info ...) | attempted-dos | URL | |||
| 49781 | FILE-OTHER Go binary dll-load exploit attempt (more info ...) | attempted-user | 2019-9634 | URL | ||
| 49782 | FILE-OTHER Go binary dll-load exploit attempt (more info ...) | attempted-user | 2019-9634 | URL | ||
| 49783 | FILE-OTHER Go binary dll-load exploit attempt (more info ...) | attempted-user | 2019-9634 | URL | ||
| 49784 | FILE-OTHER Go binary dll-load exploit attempt (more info ...) | attempted-user | 2019-9634 | URL | ||
| 49785 | FILE-OTHER Go binary dll-load exploit attempt (more info ...) | attempted-user | 2019-9634 | URL | ||
| 49786 | FILE-OTHER Go binary bll-load exploit attempt (more info ...) | attempted-user | 2019-9634 | URL | ||
| 49787 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2019-0807 attack attempt (more info ...) | attempted-dos | URL | |||
| 49788 | MALWARE-CNC Win.Trojan.Zacinlo outbound connection (more info ...) | trojan-activity | URL | |||
| 49789 | MALWARE-CNC Win.Trojan.Zacinlo outbound connection (more info ...) | trojan-activity | URL | |||
| 49790 | MALWARE-CNC Win.Trojan.Zacinlo outbound connection (more info ...) | trojan-activity | URL | |||
| 49797 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0798 attack attempt (more info ...) | attempted-user | 2019-5035 | URL | ||
| 49798 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0798 attack attempt (more info ...) | attempted-user | 2019-5035 | URL | ||
| 49801 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (more info ...) | attempted-user | 2019-5037 | URL | ||
| 49802 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0800 attack attempt (more info ...) | attempted-user | 2019-5037 | URL | ||
| 49803 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (more info ...) | attempted-dos | 2019-5036 | URL | ||
| 49804 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0799 attack attempt (more info ...) | attempted-dos | 2019-5036 | URL | ||
| 49813 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (more info ...) | attempted-user | 2019-5039 | URL | ||
| 49814 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (more info ...) | attempted-user | 2019-5039 | URL | ||
| 49815 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (more info ...) | attempted-user | 2019-5039 | URL | ||
| 49816 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0802 attack attempt (more info ...) | attempted-user | 2019-5039 | URL | ||
| 49843 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (more info ...) | attempted-recon | 2019-5034 | URL | ||
| 49844 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0797 attack attempt (more info ...) | attempted-recon | 2019-5034 | URL | ||
| 49854 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0803 attack attempt (more info ...) | attempted-recon | 2019-5040 | URL | ||
| 49855 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0803 attack attempt (more info ...) | attempted-recon | 2019-5040 | URL | ||
| 49856 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0801 attack attempt (more info ...) | attempted-user | 2019-5038 | URL | ||
| 49857 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0801 attack attempt (more info ...) | attempted-user | 2019-5038 | URL | ||
| 49860 | POLICY-OTHER TP-Link TL-WA850RE remote reboot attempt (more info ...) | policy-violation | 2018-12694 | URL | ||
| 49872 | SERVER-OTHER Drager X-Dock dxmanager denial of service attempt (more info ...) | attempted-dos | ||||
| 49880 | SERVER-OTHER Corosync 2.3+ with sha1 integer overflow attempt detected (more info ...) | misc-attack | 2018-1084 | URL | ||
| 49881 | SERVER-OTHER Corosync 2.3+ with md5 integer overflow attempt detected (more info ...) | misc-attack | 2018-1084 | URL | ||
| 49882 | SERVER-OTHER Corosync 2.3+ with sha256 integer overflow attempt detected (more info ...) | misc-attack | 2018-1084 | URL | ||
| 49883 | SERVER-OTHER Corosync 2.3+ with sha384 integer overflow attempt detected (more info ...) | misc-attack | 2018-1084 | URL | ||
| 49884 | SERVER-OTHER Corosync 2.3+ with sha512 integer overflow attempt detected (more info ...) | misc-attack | 2018-1084 | URL | ||
| 49910 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0816 attack attempt (more info ...) | attempted-user | 2019-5047 | URL | ||
| 49911 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0816 attack attempt (more info ...) | attempted-user | 2019-5047 | URL | ||
| 49913 | MALWARE-CNC Win.Malware.JasperLoader file download request (more info ...) | trojan-activity | URL | |||
| 49914 | MALWARE-CNC Win.Downloader.JasperLoader outbound connection (more info ...) | trojan-activity | URL | |||
| 49915 | MALWARE-CNC Win.Downloader.JasperLoader outbound connection (more info ...) | trojan-activity | URL | |||
| 49916 | MALWARE-CNC Win.Malware.JasperLoader update request (more info ...) | trojan-activity | URL | |||
| 49919 | SERVER-WEBAPP generic session fixation attempt (more info ...) | attempted-recon | URL | |||
| 49920 | SERVER-WEBAPP generic cross site scripting via url attempt (more info ...) | attempted-recon | URL | |||
| 49928 | SERVER-WEBAPP Multiple products HTML5 ping DDoS attempt (more info ...) | denial-of-service | URL | |||
| 49937 | SERVER-WEBAPP Tenda Wireless N150 Router cross-site request forgery attempt (more info ...) | attempted-admin | 2015-5996 | URL | ||
| 49938 | SERVER-WEBAPP Tenda Wireless N150 Router cross-site request forgery attempt (more info ...) | attempted-admin | 2015-5996 | URL | ||
| 49941 | MALWARE-CNC Win.Trojan.Qakbot variant outbound connection attempt (more info ...) | trojan-activity | ||||
| 49948 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0817 attack attempt (more info ...) | attempted-user | 2019-5048 | URL | ||
| 49949 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0817 attack attempt (more info ...) | attempted-user | 2019-5048 | URL | ||
| 49952 | MALWARE-CNC Win.Downloader.AutoIt outbound connection (more info ...) | trojan-activity | URL | |||
| 49953 | MALWARE-CNC Win.Downloader.AutoIt outbound connection (more info ...) | trojan-activity | URL | |||
| 49954 | MALWARE-CNC Js.Trojan.Agent JS Sniffer compromised website (more info ...) | trojan-activity | URL | |||
| 49955 | MALWARE-CNC Js.Trojan.Agent JS Sniffer compromised website (more info ...) | trojan-activity | URL | |||
| 49956 | MALWARE-CNC Js.Trojan.Agent JS Sniffer outbound connection (more info ...) | trojan-activity | URL | |||
| 49957 | MALWARE-CNC Js.Trojan.Agent JS Sniffer compromised website (more info ...) | trojan-activity | URL | |||
| 49978 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0818 attack attempt (more info ...) | attempted-user | 2019-5049 | URL | ||
| 49979 | FILE-OTHER TRUFFLEHUNTER TALOS-2019-0818 attack attempt (more info ...) | attempted-user | 2019-5049 | URL | ||
| 49982 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0822 attack attempt (more info ...) | policy-violation | URL | |||
| 49983 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0827 attack attempt (more info ...) | policy-violation | URL | |||
| 50008 | MALWARE-CNC Win.Doc.Dropper SectorB06 malicious rtf dropper download attempt (more info ...) | trojan-activity | 2018-0798 | URL | ||
| 50009 | MALWARE-CNC Win.Doc.Dropper SectorB06 malicious rtf dropper download attempt (more info ...) | trojan-activity | 2018-0798 | URL | ||
| 50010 | MALWARE-CNC Win.Trojan.SectorB06 malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50011 | MALWARE-CNC Win.Trojan.SectorB06 malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50012 | MALWARE-CNC Win.Trojan.SectorB06 malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50013 | MALWARE-CNC Win.Trojan.SectorB06 malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50028 | PUA-ADWARE Osx.Adware.TotalAdviseSearch variant download attempt (more info ...) | misc-activity | ||||
| 50029 | PUA-ADWARE Osx.Adware.TotalAdviseSearch variant download attempt (more info ...) | misc-activity | ||||
| 50030 | SERVER-WEBAPP Dojo Toolkit SDK cross site scripting attempt (more info ...) | attempted-user | 2010-2275 | URL | ||
| 50031 | SERVER-WEBAPP Dojo Toolkit SDK cross site scripting attempt (more info ...) | attempted-user | 2010-2275 | URL | ||
| 50032 | SERVER-WEBAPP Dojo Toolkit SDK cross site scripting attempt (more info ...) | attempted-user | 2010-2275 | URL | ||
| 50035 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0821 attack attempt (more info ...) | attempted-user | 2019-5052 | URL | ||
| 50036 | FILE-IMAGE TRUFFLEHUNTER TALOS-2019-0821 attack attempt (more info ...) | attempted-user | 2019-5052 | URL | ||
| 50038 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0819 attack attempt (more info ...) | attempted-user | 2019-5050 | URL | ||
| 50039 | FILE-PDF TRUFFLEHUNTER TALOS-2019-0819 attack attempt (more info ...) | attempted-user | 2019-5050 | URL | ||
| 50040 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0831 attack attempt (more info ...) | attempted-dos | 2019-5054 | URL | ||
| 50048 | MALWARE-CNC Win.Dropper.Fareit variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50049 | MALWARE-CNC Win.Dropper.FormBook variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50050 | MALWARE-CNC Win.Trojan.Pirpi malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50051 | MALWARE-CNC Win.Trojan.Pirpi malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50052 | MALWARE-CNC Win.Trojan.Pirpi malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50053 | MALWARE-CNC Win.Trojan.Pirpi malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50054 | MALWARE-CNC Win.Trojan.HTran malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50055 | MALWARE-CNC Win.Trojan.HTran malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50056 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50057 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50058 | MALWARE-CNC Win.Trojan.Filensfer malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50059 | MALWARE-CNC Win.Trojan.Filensfer malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50060 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50061 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50062 | MALWARE-CNC Win.Trojan.Filensfer malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50063 | MALWARE-CNC Win.Trojan.Filensfer malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50064 | MALWARE-CNC Win.Trojan.Filensfer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50067 | MALWARE-CNC Win.Trojan.CrackXTSR variant outbound response attempt (more info ...) | trojan-activity | URL | |||
| 50092 | MALWARE-CNC Win.Trojan.Filensfer connection attempt (more info ...) | trojan-activity | ||||
| 50107 | MALWARE-CNC Win.Trojan.Agent variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50108 | MALWARE-CNC Win.Trojan.Agent variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50109 | MALWARE-CNC Win.Trojan.Agent variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50110 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0836 attack attempt (more info ...) | web-application-attack | URL | |||
| 50111 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0839 attack attempt (more info ...) | attempted-recon | URL | |||
| 50114 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2019-0833 attack attempt (more info ...) | web-application-attack | URL | |||
| 50125 | MALWARE-CNC Win.Trojan.Kpot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50138 | MALWARE-CNC Win.Dropper.ELECTRICFISH variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50145 | SERVER-WEBAPP CAS Server LDAP authentication bypass attempt (more info ...) | attempted-user | 2015-1169 | URL | ||
| 50148 | SERVER-WEBAPP SirsiDynix e-Library cross site scripting attempt (more info ...) | attempted-user | 2018-20503 | URL | ||
| 50149 | SERVER-WEBAPP SirsiDynix e-Library cross site scripting attempt (more info ...) | attempted-user | 2018-20503 | URL | ||
| 50154 | MALWARE-CNC Win.Malware.JasperLoader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50155 | MALWARE-CNC Win.Download.JasperLoader variant initial stage download request (more info ...) | trojan-activity | URL | |||
| 50156 | MALWARE-CNC Win.Malware.JasperLoader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50157 | MALWARE-CNC Win.Download.JasperLoader variant file download request (more info ...) | trojan-activity | URL | |||
| 50158 | MALWARE-CNC Win.Download.JasperLoader variant file download request (more info ...) | trojan-activity | URL | |||
| 50159 | MALWARE-CNC Win.Download.JasperLoader variant initial stage download request (more info ...) | trojan-activity | URL | |||
| 50160 | BROWSER-WEBKIT Apple Webkit SVGTextLayoutAttributes use-after-free attempt (more info ...) | attempted-user | 2018-4318 | URL | ||
| 50161 | BROWSER-WEBKIT Apple Webkit SVGTextLayoutAttributes use-after-free attempt (more info ...) | attempted-user | 2018-4318 | URL | ||
| 50172 | SERVER-WEBAPP Allied Telesis 8100L cross site scripting attempt (more info ...) | attempted-user | 2018-20503 | |||
| 50173 | SERVER-WEBAPP Allied Telesis 8100L cross site scripting attempt (more info ...) | attempted-user | 2018-20503 | |||
| 50177 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50178 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50179 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50180 | MALWARE-CNC Win.Trojan.Buckeye malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50191 | BROWSER-WEBKIT Apple Webkit updateMinimumColumnHeight use-after-free attempt (more info ...) | attempted-user | 2018-4323 | URL | ||
| 50192 | BROWSER-WEBKIT Apple Webkit updateMinimumColumnHeight use-after-free attempt (more info ...) | attempted-user | 2018-4323 | URL | ||
| 50193 | POLICY-OTHER Intel AMT IDE Redirection session establishment attempt (more info ...) | policy-violation | URL | |||
| 50200 | MALWARE-CNC Win.Trojan.Remexi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50201 | MALWARE-CNC Win.Trojan.Remexi variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50203 | MALWARE-CNC Win.Trojan.OceanLotus variant outbound connection (more info ...) | trojan-activity | ||||
| 50204 | MALWARE-CNC Win.Trojan.OceanLotus variant outbound connection (more info ...) | trojan-activity | ||||
| 50215 | MALWARE-CNC Win.Trojan.Reaver malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50216 | MALWARE-CNC Win.Trojan.Reaver variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 50217 | MALWARE-CNC Win.Trojan.Reaver malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50218 | MALWARE-CNC Win.Trojan.Reaver malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50219 | MALWARE-CNC Win.Trojan.Reaver malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 50258 | MALWARE-CNC Win.Downloader.TeamBot outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50259 | MALWARE-CNC Win.Trojan.TeamBot outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50260 | MALWARE-CNC Win.Downloader.TeamBot additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50261 | MALWARE-CNC Win.Trojan.TeamBot outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50262 | MALWARE-CNC Win.Downloader.TeamBot additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50263 | MALWARE-CNC Win.Trojan.TeamBot outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50264 | MALWARE-CNC Win.Downloader.TeamBot outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50300 | MALWARE-CNC Win.Trojan.TRITON attack tool outbound connection (more info ...) | trojan-activity | ||||
| 50301 | MALWARE-CNC Win.Trojan.TRITON attack tool outbound connection (more info ...) | trojan-activity | ||||
| 50302 | MALWARE-CNC Win.Trojan.TRITON attack tool outbound connection (more info ...) | trojan-activity | URL | |||
| 50303 | MALWARE-CNC Win.Trojan.TRITON attack tool outbound connection (more info ...) | trojan-activity | URL | |||
| 50306 | SERVER-WEBAPP OpenDreamBox 2.0.0 Plugin WebAdmin command injection attempt (more info ...) | web-application-attack | 2017-14135 | |||
| 50380 | MALWARE-CNC Win.Trojan.PlugX variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50381 | MALWARE-CNC Win.Trojan.Quasar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50382 | MALWARE-CNC Win.Trojan.Quasar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50383 | MALWARE-CNC Win.Trojan.Quasar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50384 | POLICY-OTHER Remote Command Executor remote administration tool use attempt (more info ...) | policy-violation | URL | |||
| 50385 | POLICY-OTHER Remote Command Executor remote administration tool use attempt (more info ...) | policy-violation | URL | |||
| 50386 | MALWARE-CNC MultiOS.Backdoor.Antak webshell access attempt (more info ...) | trojan-activity | URL | |||
| 50387 | MALWARE-CNC MultiOS.Backdoor.Antak webshell communication attempt (more info ...) | trojan-activity | URL | |||
| 50388 | MALWARE-CNC MultiOS.Backdoor.Antak webshell communication attempt (more info ...) | trojan-activity | URL | |||
| 50389 | MALWARE-CNC MultiOS.Backdoor.Termite communication attempt (more info ...) | trojan-activity | URL | |||
| 50415 | SERVER-WEBAPP Infomir Ministra authentication bypass attempt (more info ...) | web-application-attack | URL | |||
| 50416 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50417 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50418 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50419 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50420 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50421 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50422 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50423 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 50424 | MALWARE-CNC User-Agent known malicious user agent - BURAN - Win.Trojan.Buran (more info ...) | trojan-activity | URL | |||
| 50425 | MALWARE-CNC Win.Trojan.Buran malicious Buran ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 50426 | MALWARE-CNC Win.Trojan.Buran malicious Buran ransomware download attempt (more info ...) | trojan-activity | URL | |||
| 50429 | MALWARE-CNC Andr.Spyware.Reptilicus variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50430 | MALWARE-CNC Andr.Spyware.Reptilicus variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50431 | MALWARE-CNC Andr.Spyware.Reptilicus variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50432 | MALWARE-CNC Andr.Spyware.Reptilicus variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50433 | MALWARE-CNC Andr.Spyware.Reptilicus variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50434 | MALWARE-CNC Andr.Spyware.Reptilicus variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50435 | MALWARE-CNC Andr.Spyware.iSpyoo variant post-compromise outbound connection (more info ...) | trojan-activity | URL | |||
| 50436 | MALWARE-CNC Andr.Spyware.iSpyoo variant post-compromise outbound connection (more info ...) | trojan-activity | URL | |||
| 50437 | MALWARE-CNC Andr.Spyware.iSpyoo variant post-compromise outbound connection (more info ...) | trojan-activity | URL | |||
| 50438 | MALWARE-CNC Andr.Spyware.iSpyoo variant post-compromise outbound connection (more info ...) | trojan-activity | URL | |||
| 50439 | MALWARE-CNC Andr.Spyware.iSpyoo variant post-compromise outbound connection (more info ...) | trojan-activity | URL | |||
| 50440 | MALWARE-CNC Win.Malware.Ramnit inbound VERIFY_HOST response (more info ...) | trojan-activity | URL | |||
| 50445 | MALWARE-CNC Win.Downloader.TeamBot additional payload download attempt (more info ...) | trojan-activity | URL | |||
| 50446 | MALWARE-CNC Win.Downloader.TeamBot outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50451 | FILE-OTHER VMWare OVF Tool format string exploit attempt (more info ...) | attempted-user | 2012-3569 | 56468 | URL | |
| 50453 | FILE-IMAGE Directshow GIF logical width overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 50454 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 50480 | MALWARE-CNC Andr.Spyware.Catwatchful variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50481 | MALWARE-CNC Andr.Spyware.Catwatchful variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50482 | MALWARE-CNC Andr.Spyware.Catwatchful variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50483 | MALWARE-CNC Andr.Spyware.Catwatchful client app variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50484 | MALWARE-CNC Andr.Spyware.Catwatchful client app variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50493 | MALWARE-CNC Andr.Spyware.AppSpy variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50494 | MALWARE-CNC Andr.Spyware.AppSpy variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 50497 | MALWARE-CNC Win.Trojan.Waterbug variant outbound connection (more info ...) | trojan-activity | ||||
| 50498 | MALWARE-CNC Win.Trojan.Netwire variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 50501 | MALWARE-CNC Win.Coinminer.Vools variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50516 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0849 attack attempt (more info ...) | attempted-dos | 2019-5061 | URL | ||
| 50520 | MALWARE-CNC Doc.Malware.HWPRokrat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50521 | MALWARE-CNC Doc.Malware.HWPRokrat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50523 | MALWARE-CNC Win.Trojan.Scranos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50524 | MALWARE-CNC Win.Trojan.Scranos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50525 | MALWARE-CNC Win.Trojan.Scranos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50526 | MALWARE-CNC Win.Trojan.Scranos variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 50527 | MALWARE-CNC Win.Trojan.Scranos variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 50528 | MALWARE-CNC Win.Trojan.Scranos variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 50529 | MALWARE-CNC Win.Trojan.Scranos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50530 | MALWARE-CNC Win.Trojan.Scranos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50531 | MALWARE-CNC Win.Trojan.Scranos variant outbound attempt (more info ...) | trojan-activity | URL | |||
| 50532 | MALWARE-CNC Win.Trojan.Scranos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50621 | MALWARE-CNC Win.Coinminer.Vools variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50623 | FILE-OTHER ZIP file directory traversal attempt (more info ...) | attempted-user | 2019-1889 | URL | ||
| 50624 | FILE-OTHER ZIP file directory traversal attempt (more info ...) | attempted-user | 2019-1889 | URL | ||
| 50634 | MALWARE-CNC Win.Ransomware.Matrix variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50635 | MALWARE-CNC Win.Ransomware.Matrix variant download attempt (more info ...) | trojan-activity | URL | |||
| 50636 | MALWARE-CNC Win.Ransomware.Matrix variant download attempt (more info ...) | trojan-activity | URL | |||
| 50654 | SERVER-WEBAPP Sitefinity WCMS cross site scripting attempt (more info ...) | attempted-user | 2018-17054 | URL | ||
| 50655 | SERVER-WEBAPP Sitefinity WCMS cross site scripting attempt (more info ...) | attempted-user | 2018-17056 | URL | ||
| 50656 | SERVER-WEBAPP Sitefinity WCMS cross-site scripting attempt (more info ...) | attempted-user | 2018-17056 | URL | ||
| 50657 | SERVER-WEBAPP Sitefinity WCMS cross site scripting attempt (more info ...) | attempted-user | 2018-17054 | URL | ||
| 50658 | SERVER-WEBAPP Sitefinity WCMS arbitrary file upload attempt (more info ...) | attempted-user | 2018-17055 | URL | ||
| 50686 | MALWARE-CNC Win.Trojan.Swizzor variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 50689 | MALWARE-CNC Win.Trojan.RoyalRoad APT campaign outbound connection (more info ...) | trojan-activity | URL | |||
| 50698 | MALWARE-CNC Win.Trojan.Beapy variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 50699 | MALWARE-CNC Win.Trojan.Beapy variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50700 | MALWARE-CNC Win.Trojan.Beapy variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50701 | MALWARE-CNC Win.Trojan.Beapy variant payload download attempt (more info ...) | trojan-activity | ||||
| 50702 | MALWARE-CNC Win.Trojan.Beapy variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50703 | MALWARE-CNC Win.Trojan.Beapy variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 50715 | MALWARE-CNC Win.Trojan.Trickbot sample download attempt (more info ...) | trojan-activity | URL | |||
| 50716 | MALWARE-CNC Win.Trojan.Plurox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50717 | MALWARE-CNC Win.Trojan.Plurox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50734 | MALWARE-CNC Andr.Trojan.Anubis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50735 | MALWARE-CNC Andr.Trojan.Anubis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50736 | MALWARE-CNC Andr.Trojan.Anubis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50737 | MALWARE-CNC Andr.Trojan.Anubis variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50770 | PROTOCOL-OTHER TRUFFLEHUNTER TALOS-2019-0854 attack attempt (more info ...) | attempted-recon | 2019-5065 | URL | ||
| 50771 | MALWARE-CNC Win.Trojan.Azorult outbound connection (more info ...) | trojan-activity | URL | |||
| 50780 | POLICY-OTHER InduSoft Web Studio DBProcessCall remote connection open attempt (more info ...) | policy-violation | 2019-6545 | |||
| 50781 | SERVER-OTHER InduSoft Web Studio remote code execution attempt (more info ...) | attempted-admin | 2019-6545 | |||
| 50799 | MALWARE-CNC Win.Trojan.SoftCell variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50800 | MALWARE-CNC Win.Trojan.Ratsnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50804 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0866 attack attempt (more info ...) | policy-violation | URL | |||
| 50805 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0868 attack attempt (more info ...) | policy-violation | URL | |||
| 50871 | SERVER-OTHER Quagga telnet CLI buffer overflow attempt (more info ...) | denial-of-service | 2017-5495 | |||
| 50880 | SERVER-WEBAPP awstats.pl configdir command injection attempt (more info ...) | web-application-attack | 2005-0116 | |||
| 50881 | SERVER-WEBAPP awstats.pl configdir command injection attempt (more info ...) | web-application-attack | 2005-0116 | |||
| 50882 | SERVER-WEBAPP awstats.pl configdir command injection attempt (more info ...) | web-application-attack | 2005-0116 | |||
| 50886 | SERVER-WEBAPP HPE System Management Homepage cross site scripting attempt (more info ...) | attempted-user | 2017-12544 | URL | ||
| 50887 | SERVER-WEBAPP HPE System Management Homepage cross site scripting attempt (more info ...) | attempted-user | 2017-12544 | URL | ||
| 50901 | SERVER-OTHER OpenBSD ISAKMP denial of service attempt (more info ...) | denial-of-service | 2004-0222 | |||
| 50912 | SERVER-WEBAPP Subsonic Subscribe to Podcast cross site scripting attempt (more info ...) | attempted-user | 2017-9414 | |||
| 50913 | SERVER-OTHER nfs-utils TCP connection termination denial-of-service attempt (more info ...) | denial-of-service | 2004-1014 | |||
| 50914 | SERVER-OTHER Blue Coat BCAAA buffer overflow attempt (more info ...) | attempted-admin | 2011-5124 | URL | ||
| 50915 | SERVER-WEBAPP Belkin N150 abitrary file read attempt (more info ...) | web-application-attack | 2014-2962 | |||
| 50916 | SERVER-WEBAPP Belkin N150 abitrary file read attempt (more info ...) | web-application-attack | 2014-2962 | |||
| 50917 | SERVER-WEBAPP Belkin N150 abitrary file read attempt (more info ...) | web-application-attack | 2014-2962 | |||
| 50918 | SERVER-WEBAPP Git client path validation command execution attempt (more info ...) | attempted-user | 2014-9390 | |||
| 50921 | SERVER-WEBAPP Oracle 9i Application Server OWA_UTIL information disclosure attempt (more info ...) | web-application-attack | 2002-0560 | URL | ||
| 50934 | MALWARE-CNC Win.Malware.Lookback outbound connection to a known URI path (more info ...) | trojan-activity | URL | |||
| 50935 | MALWARE-CNC Win.Malware.Lookback outbound connection (more info ...) | trojan-activity | URL | |||
| 50944 | FILE-OTHER VideoLAN VLC media player out-of-bounds read attempt (more info ...) | attempted-user | 2018-19857 | URL | ||
| 50945 | FILE-OTHER VideoLAN VLC media player out-of-bounds read attempt (more info ...) | attempted-user | 2018-19857 | URL | ||
| 50946 | SERVER-OTHER GnuTLS x509 certificate validation policy bypass attempt (more info ...) | attempted-user | 2014-0092 | |||
| 50958 | SERVER-OTHER Chicken of the VNC ServerInit denial of service attempt (more info ...) | denial-of-service | 2007-0756 | |||
| 50965 | FILE-MULTIMEDIA MPlayer SMI file buffer overflow attempt (more info ...) | attempted-user | 49149 | |||
| 50975 | FILE-OTHER OMRON CX-One arbitrary code execution attempt (more info ...) | attempted-user | 2018-18993 | URL | ||
| 50976 | FILE-OTHER OMRON CX-One arbitrary code execution attempt (more info ...) | attempted-user | 2018-18993 | URL | ||
| 50989 | MALWARE-CNC Win.Dropper.Clipbanker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 50997 | SERVER-OTHER Network Time Server denial of service attempt (more info ...) | denial-of-service | 2018-7658 | |||
| 51017 | PROTOCOL-OTHER Losant Arduino MQTT Client buffer overflow attempt (more info ...) | attempted-user | 2018-17614 | URL | ||
| 51018 | SERVER-OTHER DualDesk v20 Proxy.exe long string denial of service attempt (more info ...) | attempted-dos | 2018-7583 | |||
| 51024 | FILE-IDENTIFY Embedded Open Type Font file attachment detected (more info ...) | misc-activity | ||||
| 51031 | SERVER-WEBAPP Symantec Endpoint Protection cross site scripting attempt (more info ...) | web-application-attack | 2014-3438 | |||
| 51032 | SERVER-WEBAPP Symantec Endpoint Protection cross site scripting attempt (more info ...) | attempted-user | 2014-3438 | |||
| 51033 | MALWARE-CNC Win.Dropper.Clipbanker file download attempt (more info ...) | trojan-activity | URL | |||
| 51042 | SERVER-OTHER ZeroMQ libzmq pointer overflow attempt (more info ...) | attempted-user | 2019-6250 | URL | ||
| 51043 | MALWARE-CNC Win.Trojan.Lazarus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51044 | MALWARE-CNC Win.Trojan.Lazarus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51047 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51048 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51049 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51050 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51051 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51052 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51053 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51054 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51055 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51056 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51057 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51058 | FILE-OTHER Gitlab directory traversal attempt (more info ...) | attempted-user | 2018-14364 | URL | ||
| 51072 | FILE-OTHER CA Products AV Engine CHM file handling denial of service attempt (more info ...) | attempted-dos | 2007-3875 | |||
| 51073 | FILE-OTHER CA Products AV Engine CHM file handling denial of service attempt (more info ...) | attempted-dos | 2007-3875 | |||
| 51094 | FILE-IMAGE Multiple products JBIG compressed TIFF buffer overflow attempt (more info ...) | attempted-user | 2018-18557 | |||
| 51095 | FILE-IMAGE Multiple products JBIG compressed TIFF buffer overflow attempt (more info ...) | attempted-user | 2018-18557 | |||
| 51096 | FILE-IMAGE Multiple products JBIG compressed TIFF buffer overflow attempt (more info ...) | attempted-user | 2018-18557 | |||
| 51097 | FILE-IMAGE Multiple products JBIG compressed TIFF buffer overflow attempt (more info ...) | attempted-user | 2018-18557 | |||
| 51104 | PROTOCOL-OTHER Eclipse MQTT Message Broker Topic denial of service attempt (more info ...) | denial-of-service | 2017-7650 | |||
| 51111 | OS-OTHER VxWorks TCP URG memory corruption attempt (more info ...) | attempted-admin | 2019-12261 | URL | ||
| 51112 | MALWARE-CNC Win.Spyware.StrongPity outbound connection (more info ...) | trojan-activity | URL | |||
| 51113 | MALWARE-CNC Win.Spyware.StrongPity outbound connection (more info ...) | trojan-activity | URL | |||
| 51114 | MALWARE-CNC Win.Spyware.StrongPity outbound connection (more info ...) | trojan-activity | URL | |||
| 51115 | MALWARE-CNC Win.Spyware.StrongPity outbound connection (more info ...) | trojan-activity | URL | |||
| 51116 | MALWARE-CNC Win.Spyware.StrongPity outbound connection (more info ...) | trojan-activity | URL | |||
| 51117 | MALWARE-CNC Win.Coinminer.PCASTLE outbound connection (more info ...) | trojan-activity | URL | |||
| 51128 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51129 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51130 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51131 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51132 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51133 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51134 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51135 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51136 | MALWARE-CNC Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51137 | MALWARE-CNC edit Andr.Spyware.SpyPhoneApp variant post-compromise outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51141 | SERVER-OTHER Oracle Tuxedo Jolt server heap overflow attempt (more info ...) | attempted-user | 2017-10278 | |||
| 51144 | SERVER-OTHER ISC BIND multiple ENDS Key Tag options denial of service attempt (more info ...) | denial-of-service | 2018-5744 | |||
| 51145 | SERVER-OTHER HPE Intelligent Management Center 10001 buffer overflow attempt (more info ...) | attempted-user | 2018-7115 | |||
| 51146 | SERVER-WEBAPP FasterXML Jackson Databind unsafe deserialization attempt (more info ...) | attempted-user | 2018-7489 | |||
| 51148 | SERVER-WEBAPP ManageEngine Desktop Central cross site scripting attempt (more info ...) | attempted-user | 2018-16833 | |||
| 51149 | SERVER-WEBAPP ManageEngine Desktop Central cross site scripting attempt (more info ...) | attempted-user | 2018-16833 | |||
| 51174 | SERVER-WEBAPP vCard Create Card cross site scripting attempt (more info ...) | attempted-user | 2006-1230 | |||
| 51175 | SERVER-WEBAPP vCard Create Card cross site scripting attempt (more info ...) | attempted-user | 2006-1230 | |||
| 51176 | SERVER-WEBAPP vCard Toprated cross site scripting attempt (more info ...) | attempted-user | 2006-1230 | |||
| 51177 | SERVER-WEBAPP vCard Toprated cross site scripting attempt (more info ...) | attempted-user | 2006-1230 | |||
| 51178 | SERVER-WEBAPP vCard New Card cross site scripting attempt (more info ...) | attempted-user | 2006-1230 | |||
| 51179 | SERVER-WEBAPP vCard New Card cross site scripting attempt (more info ...) | attempted-user | 2006-1230 | |||
| 51181 | SERVER-OTHER NTPsec ntp_control out-of-bounds read attempt (more info ...) | attempted-user | 2019-6444 | URL | ||
| 51191 | FILE-OTHER OMRON CX-One MCI file stack buffer overflow attempt (more info ...) | attempted-user | 2018-7541 | URL | ||
| 51192 | FILE-OTHER OMRON CX-One MCI file stack buffer overflow attempt (more info ...) | attempted-user | 2018-7541 | URL | ||
| 51209 | SERVER-WEBAPP Forum Livre busca2.asp cross site scripting attempt (more info ...) | attempted-user | 2007-0589 | URL | ||
| 51210 | SERVER-WEBAPP Forum Livre busca2.asp cross site scripting attempt (more info ...) | attempted-user | 2007-0589 | URL | ||
| 51215 | SERVER-OTHER OpenSSL DTLS zero-length fragments denial of service attempt (more info ...) | attempted-dos | 2014-3507 | |||
| 51217 | FILE-OTHER Omron CX-On Project file parsing heap buffer overflow attempt (more info ...) | attempted-user | 2018-8834 | |||
| 51218 | FILE-OTHER Omron CX-On Project file parsing heap buffer overflow attempt (more info ...) | attempted-user | 2018-8834 | |||
| 51219 | OS-OTHER OpenBSD TCP Timestamp handling denial of service attempt (more info ...) | denial-of-service | 2005-0740 | |||
| 51234 | SERVER-OTHER Advantech WebAccess Viewdll1 buffer overflow attempt (more info ...) | attempted-user | 2018-8845 | |||
| 51235 | FILE-OTHER VCFtools crafted VCF remote code execution attempt (more info ...) | attempted-user | 2018-11130 | URL | ||
| 51236 | FILE-OTHER VCFtools crafted VCF remote code execution attempt (more info ...) | attempted-user | 2018-11130 | URL | ||
| 51237 | SERVER-OTHER BlackIce ISS ICQ parser buffer overflow attempt (more info ...) | attempted-admin | 2004-0362 | URL | ||
| 51264 | SERVER-WEBAPP Open-AudIT Community Store cross site scripting attempt (more info ...) | attempted-user | 2018-14493 | URL | ||
| 51265 | SERVER-WEBAPP Open-AudIT Community Store cross site scripting attempt (more info ...) | attempted-user | 2018-14493 | URL | ||
| 51281 | SERVER-WEBAPP Webadmin history parameter cross site scripting attempt (more info ...) | attempted-user | 2018-19191 | URL | ||
| 51282 | SERVER-WEBAPP Webadmin history parameter cross site scripting attempt (more info ...) | attempted-user | 2018-19191 | URL | ||
| 51283 | SERVER-WEBAPP Webadmin history parameter cross site scripting attempt (more info ...) | web-application-attack | 2018-9250 | URL | ||
| 51284 | FILE-IMAGE Nokia N95 JPG parsing denial of service attempt (more info ...) | attempted-user | URL | |||
| 51285 | FILE-IMAGE Nokia N95 JPG parsing denial of service attempt (more info ...) | attempted-user | URL | |||
| 51286 | SERVER-OTHER LCDproc parse_all_client_messages buffer overflow attempt (more info ...) | attempted-admin | 2004-1915 | |||
| 51290 | OS-MOBILE Google Android Kernel local denial of service attempt (more info ...) | denial-of-service | 2013-1773 | URL | ||
| 51291 | OS-MOBILE Google Android Kernel local denial of service attempt (more info ...) | denial-of-service | 2013-1773 | URL | ||
| 51296 | PROTOCOL-OTHER Colloquy INVITE request format string DoS attempt (more info ...) | attempted-user | 2007-0344 | URL | ||
| 51297 | PROTOCOL-OTHER Colloquy INVITE request format string DoS attempt (more info ...) | attempted-user | 2007-0344 | URL | ||
| 51301 | SERVER-OTHER Exim malformed BDAT code execution attempt (more info ...) | attempted-admin | 2017-16943 | |||
| 51309 | MALWARE-CNC Win.Trojan.Pistacchietto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51312 | SERVER-WEBAPP WSO2 Carbon persistent cross site scripting attempt (more info ...) | attempted-user | 2018-8716 | URL | ||
| 51319 | SERVER-OTHER Mosca MQTT broker regular expression denial of service attempt (more info ...) | denial-of-service | 2018-11615 | |||
| 51320 | MALWARE-CNC Win.Trojan.BlackMoon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51331 | SERVER-WEBAPP GoAhead Embedded Web Server use after free attempt (more info ...) | attempted-admin | 2019-5096 | URL | ||
| 51332 | SERVER-WEBAPP GoAhead Embedded Web Server use after free attempt (more info ...) | attempted-admin | 2019-5096 | URL | ||
| 51342 | MALWARE-CNC User-Agent known malicious user-agent string - Nemty (more info ...) | trojan-activity | URL | |||
| 51347 | SERVER-OTHER OpenSSL TLS anomalous ascii session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51348 | SERVER-OTHER OpenSSL TLS anomalous ascii session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51349 | SERVER-OTHER OpenSSL TLS anomalous ascii session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51350 | SERVER-OTHER OpenSSL TLS anomalous ascii session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51351 | SERVER-OTHER OpenSSL TLS anomalous ascii client session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51352 | SERVER-OTHER OpenSSL TLS anomalous ascii client session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51353 | SERVER-OTHER OpenSSL TLS anomalous ascii client session ticket (more info ...) | attempted-dos | 2014-3567 | URL | ||
| 51359 | SERVER-OTHER OpenSSL DTLS duplicate record denial of service attempt (more info ...) | denial-of-service | 2015-0206 | |||
| 51360 | MALWARE-CNC Win.Ransomware.LooCipher variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51400 | SERVER-OTHER Heimdal KDC malformed as-req denial of service attempt (more info ...) | denial-of-service | 2017-17439 | URL | ||
| 51441 | SERVER-WEBAPP Laquis SCADA Nome command injection attempt (more info ...) | web-application-attack | 2018-18996 | |||
| 51442 | SERVER-WEBAPP Laquis SCADA Nome command injection attempt (more info ...) | web-application-attack | 2018-18996 | |||
| 51443 | SERVER-WEBAPP Laquis SCADA Nome command injection attempt (more info ...) | web-application-attack | 2018-18996 | |||
| 51444 | SERVER-WEBAPP Laquis SCADA Nome command injection attempt (more info ...) | web-application-attack | 2018-18996 | |||
| 51471 | POLICY-OTHER Supermicro BMC Virtual Media service default credentials use attempt (more info ...) | policy-violation | URL | |||
| 51478 | SERVER-OTHER NFS server /etc/passwd symlink creation attempt (more info ...) | misc-activity | 2019-11538 | |||
| 51495 | PROTOCOL-VOIP SIP Torture negative Content-Length attempt (more info ...) | misc-activity | URL | |||
| 51501 | PROTOCOL-VOIP SIP Torture overly large Warning header value attempt (more info ...) | misc-activity | URL | |||
| 51502 | PROTOCOL-VOIP SIP Torture invalid Date header time zone attempt (more info ...) | misc-activity | URL | |||
| 51503 | PROTOCOL-VOIP SIP Torture overly large Expires header value attempt (more info ...) | misc-activity | URL | |||
| 51505 | PROTOCOL-VOIP SIP Torture overly large CSeq header value attempt (more info ...) | misc-activity | URL | |||
| 51506 | PROTOCOL-VOIP SIP Torture invalid Proxy-Require header value attempt (more info ...) | misc-activity | URL | |||
| 51514 | PROTOCOL-VOIP SIP Torture overly large CSeq header value attempt (more info ...) | misc-activity | URL | |||
| 51532 | MALWARE-CNC Win.Trojan.BlackRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51533 | MALWARE-CNC Win.Trojan.BlackRAT variant inbound connection (more info ...) | trojan-activity | URL | |||
| 51539 | INDICATOR-SHELLCODE BSD x86 reverse connect shell (more info ...) | shellcode-detect | ||||
| 51540 | INDICATOR-SHELLCODE BSD x86 reverse connect shell (more info ...) | shellcode-detect | ||||
| 51541 | MALWARE-CNC Win.Trojan.ModularInstaller variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51542 | MALWARE-CNC Win.Trojan.ModularInstaller variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51543 | MALWARE-CNC Win.Trojan.ModularInstaller variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51544 | MALWARE-CNC Win.Trojan.ModularInstaller variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51545 | MALWARE-CNC Win.Trojan.ModularInstaller variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51546 | MALWARE-CNC Win.Trojan.ModularInstaller variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51548 | MALWARE-CNC Win.Malware.Divergent variant outbound connection (more info ...) | trojan-activity | ||||
| 51549 | MALWARE-CNC Win.Malware.Divergent variant outbound connection (more info ...) | trojan-activity | ||||
| 51550 | MALWARE-CNC Win.Malware.Divergent variant outbound connection (more info ...) | trojan-activity | ||||
| 51551 | MALWARE-CNC Win.Malware.Divergent variant outbound connection (more info ...) | trojan-activity | ||||
| 51552 | MALWARE-CNC Win.Malware.Divergent variant outbound connection (more info ...) | trojan-activity | ||||
| 51559 | SERVER-WEBAPP Ignite Realtime Openfire cross site scripting attempt (more info ...) | attempted-user | 2018-11688 | URL | ||
| 51560 | SERVER-WEBAPP Ignite Realtime Openfire cross site scripting attempt (more info ...) | attempted-user | 2018-11688 | URL | ||
| 51583 | SERVER-WEBAPP Lighttpd url-path-2f-decode denial of service attempt (more info ...) | web-application-attack | 2019-11072 | URL | ||
| 51593 | MALWARE-CNC Win.Adware.BrowserAssistant variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51634 | MALWARE-CNC Win.Trojan.Ordinypt malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51635 | MALWARE-CNC Win.Trojan.Ordinypt malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51636 | MALWARE-CNC Win.Trojan.Amadey botnet outbound connection (more info ...) | trojan-activity | URL | |||
| 51642 | MALWARE-CNC Osx.Trojan.Gmera variant outbound connection (more info ...) | trojan-activity | URL | |||
| 51650 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0898 attack attempt (more info ...) | policy-violation | 2019-5107 | URL | ||
| 51651 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0896 attack attempt (more info ...) | policy-violation | 2019-5104 | URL | ||
| 51654 | POLICY-OTHER InduSoft Web Studio MTCheckFileFunctionsTimeout remote code execution attempt (more info ...) | policy-violation | 2018-17914 | |||
| 51655 | SERVER-WEBAPP B-net Software cross site scripting attempt (more info ...) | attempted-user | 2006-0078 | |||
| 51656 | SERVER-WEBAPP B-net Software cross site scripting attempt (more info ...) | attempted-user | 2006-0078 | |||
| 51657 | SERVER-WEBAPP B-net Software cross site scripting attempt (more info ...) | attempted-user | 2006-0078 | |||
| 51658 | SERVER-WEBAPP Responsive FileManager directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 51659 | SERVER-WEBAPP Responsive FileManager directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 51660 | SERVER-WEBAPP Responsive FileManager cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 51661 | SERVER-WEBAPP Responsive FileManager directory traversal attempt (more info ...) | web-application-attack | URL | |||
| 51664 | SERVER-WEBAPP Cesanta Mongoose buffer overflow attempt (more info ...) | web-application-attack | 2019-12951 | URL | ||
| 51670 | MALWARE-CNC Win.Trojan.Silence variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51671 | MALWARE-CNC Win.Trojan.Silence variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 51672 | MALWARE-CNC Andr.Trojan.Moonshine outbound connection (more info ...) | trojan-activity | URL | |||
| 51685 | SERVER-OTHER Symantec AMS Intel handler service overly large size1 dos attempt (more info ...) | attempted-dos | 2010-3268 | |||
| 51720 | MALWARE-CNC Win.Trojan.Alreay malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51721 | MALWARE-CNC Win.Trojan.Alreay malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51722 | MALWARE-CNC Win.Trojan.Alreay malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51723 | MALWARE-CNC Win.Trojan.Alreay malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 51725 | SERVER-WEBAPP HAProxy H2 Frame heap memory corruption attempt (more info ...) | web-application-attack | 2018-10184 | |||
| 51726 | MALWARE-CNC Win.Trojan.Silence variant proxy connection detected (more info ...) | trojan-activity | URL | |||
| 51727 | MALWARE-CNC Win.Trojan.Silence variant proxy connection detected (more info ...) | trojan-activity | URL | |||
| 51743 | PROTOCOL-VOIP SIP Torture overly-large SIP response code attempt (more info ...) | misc-activity | ||||
| 51744 | PROTOCOL-VOIP SIP Torture request missing Call-ID header attempt (more info ...) | misc-activity | ||||
| 51745 | PROTOCOL-VOIP SIP Torture request invalid Content-Length attempt (more info ...) | misc-activity | ||||
| 51756 | PROTOCOL-VOIP SIP Torture overly large Warning header value attempt (more info ...) | misc-activity | URL | |||
| 51758 | PROTOCOL-VOIP SIP Torture invalid Proxy-Require header value attempt (more info ...) | misc-activity | URL | |||
| 51764 | PROTOCOL-VOIP SIP Torture request URI with atypical scheme attempt (more info ...) | misc-activity | URL | |||
| 51765 | PROTOCOL-VOIP SIP Torture overly large CSeq header value attempt (more info ...) | misc-activity | URL | |||
| 51766 | PROTOCOL-VOIP SIP Torture overly large Expires header value attempt (more info ...) | misc-activity | URL | |||
| 51768 | PROTOCOL-VOIP SIP Torture overly large CSeq header value attempt (more info ...) | misc-activity | URL | |||
| 51769 | PROTOCOL-VOIP SIP Torture unknown URI scheme in Contact field attempt (more info ...) | misc-activity | URL | |||
| 51770 | PROTOCOL-VOIP SIP Torture request Max-Forwards header of zero attempt (more info ...) | misc-activity | URL | |||
| 51771 | PROTOCOL-VOIP SIP Torture unknown Content-Type attempt (more info ...) | misc-activity | URL | |||
| 51772 | PROTOCOL-VOIP SIP Torture request missing Call-ID header attempt (more info ...) | misc-activity | ||||
| 51773 | PROTOCOL-VOIP SIP Torture request invalid Content-Length attempt (more info ...) | misc-activity | ||||
| 51774 | PROTOCOL-VOIP SIP Torture overly-large SIP response code attempt (more info ...) | misc-activity | ||||
| 51779 | SERVER-WEBAPP generic cross-site scripting attempt (more info ...) | web-application-attack | ||||
| 51908 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51909 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51910 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51911 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51912 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51913 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51914 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51915 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51916 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51917 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51918 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51919 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51920 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51921 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51922 | MALWARE-CNC Andr.Trojan.Gustuff variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 51948 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0918 attack attempt (more info ...) | policy-violation | URL | |||
| 51962 | SERVER-OTHER multiple products HTTP GET request buffer overflow attempt (more info ...) | attempted-user | 2012-5876 | |||
| 51963 | SERVER-OTHER multiple products HTTP GET request buffer overflow attempt (more info ...) | attempted-user | 2012-5876 | |||
| 51964 | SERVER-OTHER multiple products HTTP OPTIONS request buffer overflow attempt (more info ...) | attempted-user | 2012-5876 | |||
| 51965 | SERVER-OTHER Multiple products HTTP referer header buffer overflow attempt (more info ...) | attempted-user | 2012-5876 | |||
| 51969 | MALWARE-TOOLS Win.Trojan.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 51970 | MALWARE-TOOLS Win.Trojan.Emotet variant download attempt (more info ...) | trojan-activity | URL | |||
| 51971 | MALWARE-CNC Win.Trojan.Emotet variant outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 51984 | SERVER-MAIL Mail.app AppleSingleDouble command execution attempt (more info ...) | attempted-user | 2016-0395 | |||
| 51985 | SERVER-MAIL Mail.app AppleSingleDouble command execution attempt (more info ...) | attempted-user | 2016-0395 | |||
| 52004 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 52005 | MALWARE-CNC Win.Trojan.OceanLotus variant download attempt (more info ...) | trojan-activity | URL | |||
| 52006 | SERVER-OTHER Eclipse Mosquitto MQTT SUBSCRIBE request topic parsing buffer overflow attempt (more info ...) | attempted-user | 2019-11779 | |||
| 52012 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0927 attack attempt (more info ...) | policy-violation | 2019-5138 | URL | ||
| 52024 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0932 attack attempt (more info ...) | attempted-user | 2019-5143 | URL | ||
| 52025 | SERVER-OTHER TRUFFLEHUNTER TALOS-2019-0932 attack attempt (more info ...) | attempted-user | 2019-5143 | URL | ||
| 52029 | MALWARE-CNC Win.Trojan.Emotet variant outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 52042 | SERVER-OTHER OpenSSL ECDH malformed Client Hello denial of service attempt (more info ...) | denial-of-service | 2011-3210 | |||
| 52063 | FILE-OTHER PowerShell Empire python launcher download attempt (more info ...) | trojan-activity | ||||
| 52064 | FILE-OTHER PowerShell Empire python launcher download attempt (more info ...) | trojan-activity | ||||
| 52078 | SERVER-OTHER ISC BIND DHCP client DNAME resource record parsing denial of service attempt (more info ...) | attempted-user | 2016-8864 | |||
| 52086 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0944 attack attempt (more info ...) | policy-violation | 2019-5153 | URL | ||
| 52087 | PROTOCOL-VOIP SIP Torture request embedded linear white space in URI attempt (more info ...) | misc-activity | URL | |||
| 52089 | PROTOCOL-VOIP SIP Torture request overly large Warning header value attempt (more info ...) | misc-activity | URL | |||
| 52090 | PROTOCOL-VOIP SIP Torture request overly large CSeq header value attempt (more info ...) | misc-activity | URL | |||
| 52091 | PROTOCOL-VOIP SIP Torture request embedded linear white space in URI attempt (more info ...) | misc-activity | URL | |||
| 52092 | PROTOCOL-VOIP SIP Torture request missing transaction identifier attempt (more info ...) | misc-activity | URL | |||
| 52093 | PROTOCOL-VOIP SIP Torture request overly large CSeq header value attempt (more info ...) | misc-activity | URL | |||
| 52094 | PROTOCOL-VOIP SIP Torture request overly large Warning header value attempt (more info ...) | misc-activity | URL | |||
| 52112 | SERVER-WEBAPP Git client path validation command execution attempt (more info ...) | attempted-user | 2014-9390 | |||
| 52113 | FILE-OTHER Oracle Outside-In library CorelDRAW parsing integer overflow attempt (more info ...) | attempted-user | 2011-2264 | |||
| 52114 | FILE-OTHER Oracle Outside-In library CorelDRAW parsing integer overflow attempt (more info ...) | attempted-user | 2011-2264 | |||
| 52132 | FILE-OTHER Libmspack cabd_sys_read_block off-by-one heap overflow attempt (more info ...) | attempted-user | 2018-18584 | URL | ||
| 52133 | FILE-OTHER Libmspack cabd_sys_read_block off-by-one heap overflow attempt (more info ...) | attempted-user | 2018-18584 | URL | ||
| 52148 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | attempted-user | URL | |||
| 52149 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | attempted-user | URL | |||
| 52204 | PROTOCOL-SCADA MMS Confirmed-RequestPDU informationReport message (more info ...) | protocol-command-decode | URL | |||
| 52235 | SERVER-WEBAPP Wget HTTP non-200 negative chunk-size buffer overflow attempt (more info ...) | web-application-attack | 2017-13089 | 101592 | URL | |
| 52238 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0954 attack attempt (more info ...) | policy-violation | 2019-5161 | URL | ||
| 52252 | MALWARE-CNC Win.Adware.DomaIQ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52253 | FILE-OTHER libexpat internal entity heap over-read attempt (more info ...) | attempted-user | 2019-15903 | |||
| 52254 | FILE-OTHER libexpat internal entity heap over-read attempt (more info ...) | attempted-user | 2019-15903 | |||
| 52255 | MALWARE-CNC Win.Trojan.PowerShell variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52256 | MALWARE-CNC Win.Trojan.Dridex variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52258 | MALWARE-CNC Win.Trojan.Dridex variant inbound connection (more info ...) | trojan-activity | URL | |||
| 52260 | MALWARE-CNC Js.Trojan.FakeUpdate outbound connection (more info ...) | trojan-activity | URL | |||
| 52262 | MALWARE-CNC Win.Trojan.Dridex variant inbound connection (more info ...) | trojan-activity | URL | |||
| 52263 | MALWARE-CNC Win.Trojan.Dridex variant inbound connection (more info ...) | trojan-activity | URL | |||
| 52264 | MALWARE-CNC Win.Trojan.Dridex variant inbound connection (more info ...) | trojan-activity | URL | |||
| 52274 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0951 attack attempt (more info ...) | policy-violation | 2019-5159 | URL | ||
| 52275 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0951 attack attempt (more info ...) | policy-violation | 2019-5159 | URL | ||
| 52278 | SERVER-WEBAPP Shenzhen TVT Digital Technology API OS command injection attempt (more info ...) | attempted-admin | URL | |||
| 52280 | POLICY-OTHER Shenzhen TVT Digital Technology API OS admin default credentials login attempt (more info ...) | attempted-admin | URL | |||
| 52281 | POLICY-OTHER Shenzhen TVT Digital Technology API OS telnet root default credentials login attempt (more info ...) | attempted-admin | URL | |||
| 52282 | POLICY-OTHER Shenzhen TVT Digital Technology API OS telnet root default credentials login attempt (more info ...) | attempted-admin | URL | |||
| 52287 | SERVER-OTHER Hummingbird InetD LPD buffer overflow attempt (more info ...) | attempted-user | 2005-1815 | |||
| 52291 | SERVER-WEBAPP MDaemon auto responder remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52292 | SERVER-WEBAPP MDaemon auto responder remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52293 | SERVER-WEBAPP MDaemon auto responder remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52294 | SERVER-WEBAPP MDaemon auto responder remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52295 | SERVER-WEBAPP MDaemon auto responder remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52296 | SERVER-WEBAPP MDaemon auto responder remote code execution attempt (more info ...) | attempted-user | URL | |||
| 52306 | FILE-IMAGE Mutiple products libpng extra row heap overflow attempt (more info ...) | attempted-user | 2010-1205 | |||
| 52307 | FILE-IMAGE Mutiple products libpng extra row heap overflow attempt (more info ...) | attempted-user | 2010-1205 | |||
| 52308 | MALWARE-CNC Win.Trojan.Ursnif malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 52309 | MALWARE-CNC Win.Trojan.Ursnif malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 52310 | MALWARE-CNC Win.Trojan.Ursnif malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 52311 | MALWARE-CNC Win.Trojan.Ursnif malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 52312 | FILE-IMAGE Imagemagick XBM tranformation information leak attempt (more info ...) | attempted-recon | 2018-16323 | |||
| 52319 | FILE-OTHER VLC Media Player malformed APE buffer overflow attempt (more info ...) | attempted-admin | 2012-0904 | |||
| 52327 | PROTOCOL-VOIP SIP Torture request missing transaction identifier attempt (more info ...) | misc-activity | URL | |||
| 52328 | SERVER-WEBAPP Asus RT-N10 Repeater Mode command injection attempt (more info ...) | web-application-attack | URL | |||
| 52329 | SERVER-WEBAPP Asus RT-N10 Repeater Mode command injection attempt (more info ...) | web-application-attack | URL | |||
| 52336 | MALWARE-CNC Win.Trojan.Hoplight variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 52337 | MALWARE-CNC Win.Trojan.Hoplight variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 52343 | SERVER-OTHER ISC BIND deny-answer-aliases denial of service attempt (more info ...) | denial-of-service | 2018-5740 | |||
| 52344 | SERVER-OTHER ISC BIND deny-answer-aliases denial of service attempt (more info ...) | denial-of-service | 2018-5740 | |||
| 52370 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 52371 | PROTOCOL-SCADA Siemens SIMATIC WinCC flexible runtime stack buffer overflow attempt (more info ...) | attempted-admin | 2011-4875 | URL | ||
| 52372 | SERVER-OTHER Alt-N MDaemon default credentials login attempt (more info ...) | attempted-admin | URL | |||
| 52393 | SERVER-OTHER LibVNCServer file transfer extension heap buffer overflow attempt (more info ...) | attempted-user | 2018-15127 | URL | ||
| 52394 | SERVER-OTHER LibVNCServer file transfer extension heap buffer overflow attempt (more info ...) | attempted-user | 2018-15127 | URL | ||
| 52395 | SERVER-OTHER LibVNCServer file transfer extension heap buffer overflow attempt (more info ...) | attempted-user | 2018-15127 | URL | ||
| 52396 | SERVER-OTHER LibVNCServer file transfer extension heap buffer overflow attempt (more info ...) | attempted-user | 2018-15127 | URL | ||
| 52397 | SERVER-OTHER LibVNCServer file transfer extension heap buffer overflow attempt (more info ...) | attempted-user | 2018-15127 | URL | ||
| 52398 | FILE-IMAGE Foxit Reader malformed GIF LZW minimum code size memory corruption attempt (more info ...) | denial-of-service | 2015-2790 | |||
| 52399 | FILE-IMAGE Foxit Reader malformed GIF LZW minimum code size memory corruption attempt (more info ...) | denial-of-service | 2015-2790 | |||
| 52407 | POLICY-OTHER TRUFFLEHUNTER TALOS-2019-0961 attack attempt (more info ...) | policy-violation | 2019-5186 | URL | ||
| 52445 | MALWARE-CNC Doc.Malware.Gamaredon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52450 | SERVER-OTHER Multiple products HTTP Host header buffer overflow attempt (more info ...) | attempted-user | 2020-8450 | URL | ||
| 52451 | MALWARE-CNC Win.Ransomware.Zeppelin outbound communication (more info ...) | trojan-activity | URL | |||
| 52501 | SERVER-OTHER ZeroMQ libzmq pointer overflow attempt (more info ...) | attempted-user | 2019-6250 | URL | ||
| 52514 | SERVER-WEBAPP Chimera Web Portal System cross site scripting attempt (more info ...) | attempted-user | 2006-0136 | 16113 | ||
| 52515 | SERVER-WEBAPP Chimera Web Portal System cross site scripting attempt (more info ...) | attempted-user | 2006-0136 | 16113 | ||
| 52548 | MALWARE-CNC Win.Trojan.XpertRAT inbound connection (more info ...) | trojan-activity | URL | |||
| 52549 | MALWARE-CNC Win.Trojan.XpertRAT outbound connection (more info ...) | trojan-activity | URL | |||
| 52612 | MALWARE-CNC Win.Trojan.AgentTesla variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 52613 | MALWARE-CNC Win.Trojan.AgentTesla variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 52614 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection detected (more info ...) | trojan-activity | URL | |||
| 52623 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52624 | MALWARE-CNC Win.Trojan.Agent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 52625 | SERVER-OTHER OpenSSL anonymous ECDH denial of service attempt (more info ...) | attempted-dos | 2014-3470 | |||
| 52626 | SERVER-OTHER OpenSSL anonymous ECDH denial of service attempt (more info ...) | attempted-dos | 2014-3470 | |||
| 52636 | POLICY-OTHER HTTP PUT request for Default.aspx attempt (more info ...) | misc-activity | ||||
| 52665 | MALWARE-OTHER Win.Packed.Nymaim-7542552-1 download attempt (more info ...) | trojan-activity | URL | |||
| 52844 | MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 52845 | MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 52846 | MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 52847 | MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 52848 | MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 52849 | MALWARE-CNC Win.Trojan.COMRat outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 53010 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1003 attack attempt (more info ...) | policy-violation | 2020-6081 | URL | ||
| 53015 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0987 attack attempt (more info ...) | attempted-user | 2020-6064 | URL | ||
| 53016 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0987 attack attempt (more info ...) | attempted-user | 2020-6064 | URL | ||
| 53017 | SERVER-WEBAPP NeoFrag CMS database information disclosure attempt (more info ...) | misc-attack | URL | |||
| 53021 | MALWARE-OTHER Win.Packed.Agen-7564562-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53025 | MALWARE-OTHER Win.Trojan.VBGeneric-7564971-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53029 | MALWARE-OTHER Win.Dropper.NetWire-7565106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53031 | MALWARE-CNC Win.Malware.Loda RAT beacon detected (more info ...) | trojan-activity | URL | |||
| 53032 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (more info ...) | attempted-user | 2020-6063 | URL | ||
| 53033 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (more info ...) | attempted-user | 2020-6063 | URL | ||
| 53034 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (more info ...) | attempted-user | 2020-6063 | URL | ||
| 53035 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0986 attack attempt (more info ...) | attempted-user | 2020-6063 | URL | ||
| 53036 | FILE-PDF TRUFFLEHUNTER TALOS-2020-0997 attack attempt (more info ...) | attempted-user | 2020-6074 | URL | ||
| 53037 | FILE-PDF TRUFFLEHUNTER TALOS-2020-0997 attack attempt (more info ...) | attempted-user | 2020-6074 | URL | ||
| 53038 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (more info ...) | attempted-user | 2020-6066 | URL | ||
| 53039 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (more info ...) | attempted-user | 2020-6066 | URL | ||
| 53040 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (more info ...) | attempted-user | 2020-6066 | URL | ||
| 53041 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (more info ...) | attempted-user | 2020-6066 | URL | ||
| 53042 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (more info ...) | attempted-user | 2020-6066 | URL | ||
| 53043 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-0990 attack attempt (more info ...) | attempted-user | 2020-6066 | URL | ||
| 53044 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-0984 attack attempt (more info ...) | attempted-admin | 2020-6061 | URL | ||
| 53045 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-0985 attack attempt (more info ...) | attempted-dos | 2020-6062 | URL | ||
| 53069 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1011 attack attempt (more info ...) | policy-violation | 2020-6091 | URL | ||
| 53070 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1011 attack attempt (more info ...) | policy-violation | 2020-6091 | URL | ||
| 53081 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1010 attack attempt (more info ...) | policy-violation | 2020-6090 | URL | ||
| 53102 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1002 attack attempt (more info ...) | attempted-dos | 2020-6079 | URL | ||
| 53103 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1002 attack attempt (more info ...) | attempted-dos | 2020-6080 | URL | ||
| 53107 | MALWARE-OTHER Win.Trojan.Snake malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53108 | MALWARE-CNC Win.Trojan.Emotet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53112 | MALWARE-TOOLS Win.Dropper.WiryJMPer variant download attempt (more info ...) | trojan-activity | URL | |||
| 53113 | MALWARE-TOOLS Win.Dropper.WiryJMPer variant download attempt (more info ...) | trojan-activity | URL | |||
| 53140 | MALWARE-CNC Doc.Downloader.Carrotball variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53141 | MALWARE-CNC Win.Downloader.Carrotball variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53147 | MALWARE-CNC Win.Downloader.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 53152 | MALWARE-CNC Win.Trojan.CrimsonRAT outbound connection (more info ...) | trojan-activity | URL | |||
| 53153 | MALWARE-CNC Win.Trojan.CrimsonRAT inbound command (more info ...) | trojan-activity | URL | |||
| 53154 | MALWARE-CNC Win.Trojan.ObliqueRAT outbound connection (more info ...) | trojan-activity | URL | |||
| 53155 | MALWARE-CNC Win.Trojan.ObliqueRAT outbound connection (more info ...) | trojan-activity | URL | |||
| 53199 | BROWSER-PLUGINS HP Sprinter Tidestone Formula One DefaultFontName buffer overflow attempt (more info ...) | attempted-user | 2014-2638 | |||
| 53200 | BROWSER-PLUGINS HP Sprinter Tidestone Formula One DefaultFontName buffer overflow attempt (more info ...) | attempted-user | 2014-2638 | |||
| 53201 | BROWSER-PLUGINS HP Sprinter Tidestone Formula One DefaultFontName buffer overflow attempt (more info ...) | attempted-user | 2014-2638 | |||
| 53202 | BROWSER-PLUGINS HP Sprinter Tidestone Formula One DefaultFontName buffer overflow attempt (more info ...) | attempted-user | 2014-2638 | |||
| 53204 | INDICATOR-OBFUSCATION Win.Dropper.Vivin download attempt (more info ...) | trojan-activity | URL | |||
| 53205 | INDICATOR-OBFUSCATION Win.Dropper.Vivin download attempt (more info ...) | trojan-activity | URL | |||
| 53210 | MALWARE-OTHER Win.Trojan.AZORult malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53211 | MALWARE-OTHER Win.Trojan.AZORult malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53225 | MALWARE-OTHER Win.Dropper.NetWire-7594896-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53226 | MALWARE-OTHER Win.Dropper.NetWire-7594962-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53227 | MALWARE-OTHER Win.Dropper.NetWire-7594897-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53228 | MALWARE-OTHER Win.Dropper.NetWire-7594996-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53229 | MALWARE-OTHER Win.Dropper.NetWire-7594931-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53230 | MALWARE-OTHER Win.Dropper.NetWire-7594932-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53231 | MALWARE-OTHER Win.Dropper.NetWire-7594898-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53232 | MALWARE-OTHER Win.Dropper.NetWire-7594964-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53233 | MALWARE-OTHER Win.Dropper.NetWire-7594899-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53234 | MALWARE-OTHER Win.Dropper.NetWire-7594998-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53235 | MALWARE-OTHER Win.Dropper.NetWire-7594965-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53236 | MALWARE-OTHER Win.Dropper.NetWire-7594933-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53237 | MALWARE-OTHER Win.Dropper.NetWire-7594999-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53238 | MALWARE-OTHER Win.Dropper.NetWire-7594966-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53239 | MALWARE-OTHER Win.Dropper.NetWire-7595000-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53240 | MALWARE-OTHER Win.Dropper.NetWire-7594967-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53243 | MALWARE-OTHER Win.Dropper.NetWire-7594977-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53244 | MALWARE-OTHER Win.Dropper.NetWire-7594972-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53259 | MALWARE-OTHER Win.Dropper.NetWire-7594928-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53265 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1014 attack attempt (more info ...) | attempted-user | 2020-6093 | URL | ||
| 53266 | FILE-PDF TRUFFLEHUNTER TALOS-2020-1014 attack attempt (more info ...) | attempted-user | 2020-6093 | URL | ||
| 53267 | MALWARE-OTHER Win.Dropper.NetWire-7594994-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53270 | MALWARE-OTHER Win.Packed.Generic-7596403-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53271 | MALWARE-OTHER Win.Worm.Zeroll-7596404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53272 | MALWARE-OTHER Win.Packed.Gamarue-7596406-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53273 | MALWARE-OTHER Win.Dropper.NetWire-7597058-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53275 | MALWARE-OTHER Win.Worm.Zeroll-7596408-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53277 | MALWARE-OTHER Win.Worm.Zeroll-7596409-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53279 | MALWARE-OTHER Win.Packed.Generic-7596410-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53282 | MALWARE-OTHER Win.Worm.Zeroll-7596435-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53287 | MALWARE-OTHER Win.Worm.Zeroll-7596437-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53295 | MALWARE-OTHER Win.Packed.Generic-7596391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53297 | MALWARE-OTHER Win.Trojan.Zbot-7597775-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53301 | MALWARE-OTHER Win.Dropper.Zbot-7596393-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53309 | MALWARE-OTHER Win.Packed.Generic-7596397-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53310 | MALWARE-OTHER Win.Trojan.Xtrat-7597778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53313 | MALWARE-OTHER Win.Packed.Generic-7596398-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53314 | MALWARE-OTHER Win.Keylogger.Banbra-7597779-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53317 | MALWARE-OTHER Win.Packed.Generic-7596399-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53320 | MALWARE-OTHER Win.Dropper.NetWire-7597054-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53322 | MALWARE-OTHER Win.Dropper.Leer-7597784-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53324 | MALWARE-OTHER Win.Dropper.NetWire-7597089-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53325 | MALWARE-OTHER Win.Worm.Szq7apnib-7597786-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53327 | MALWARE-OTHER Win.Malware.Midie-7597854-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53339 | MALWARE-CNC Win.Trojan.Ftcode variant download attempt (more info ...) | trojan-activity | URL | |||
| 53352 | MALWARE-CNC Win.Trojan.AZORult variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53353 | MALWARE-CNC Win.Worm.Emotet WiFi Spreader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53354 | MALWARE-CNC Win.Worm.Emotet WiFi Spreader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53360 | MALWARE-TOOLS Win.Worm.Emotet WiFi Spreader variant download attempt (more info ...) | trojan-activity | URL | |||
| 53362 | MALWARE-OTHER Win.Downloader.Upatre-7599441-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53363 | MALWARE-OTHER Win.Downloader.Upatre-7600019-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53367 | MALWARE-CNC Win.Trojan.Mozart outbound CNC connection (more info ...) | trojan-activity | URL | |||
| 53368 | MALWARE-CNC Win.Trojan.Mozart outbound CNC connection (more info ...) | trojan-activity | URL | |||
| 53369 | MALWARE-CNC Win.Trojan.Mozart outbound CNC connection (more info ...) | trojan-activity | URL | |||
| 53370 | MALWARE-CNC Win.Trojan.Mozart outbound CNC connection (more info ...) | trojan-activity | URL | |||
| 53371 | MALWARE-CNC Win.Trojan.Mozart outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53372 | MALWARE-CNC Win.Trojan.Mozart outbound CNC connection (more info ...) | trojan-activity | URL | |||
| 53373 | MALWARE-CNC Win.Trojan.Mozart outbound CNC connection (more info ...) | trojan-activity | URL | |||
| 53379 | MALWARE-OTHER Win.Dropper.Drooptroop-7604355-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53397 | MALWARE-TOOLS Win.Trojan.Generic variant download attempt (more info ...) | trojan-activity | URL | |||
| 53399 | MALWARE-TOOLS Win.Malware.Generic variant download attempt (more info ...) | trojan-activity | URL | |||
| 53437 | MALWARE-CNC Win.Trojan.Parallax variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53438 | MALWARE-CNC Win.Trojan.Parallax variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53439 | MALWARE-CNC Win.Trojan.Parallax variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53440 | MALWARE-CNC Win.Trojan.Parallax variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53441 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1020 attack attempt (more info ...) | attempted-dos | URL | |||
| 53442 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1021 attack attempt (more info ...) | attempted-dos | URL | |||
| 53443 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1022 attack attempt (more info ...) | attempted-dos | URL | |||
| 53444 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1023 attack attempt (more info ...) | attempted-dos | URL | |||
| 53445 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1024 attack attempt (more info ...) | attempted-dos | URL | |||
| 53484 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1025 attack attempt (more info ...) | attempted-dos | URL | |||
| 53504 | FILE-OTHER TAR file directory traversal attempt (more info ...) | attempted-user | 2020-3383 | URL | ||
| 53513 | MALWARE-OTHER Win.Dropper.XtremeRAT-7641498-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53514 | MALWARE-OTHER Win.Dropper.XtremeRAT-7641498-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53515 | MALWARE-OTHER Win.Downloader.Upatre-7640443-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53516 | MALWARE-OTHER Win.Downloader.Upatre-7640443-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53540 | POLICY-OTHER NetSupport Manager outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 53541 | MALWARE-CNC Doc.Trojan.Agent variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53542 | MALWARE-CNC Doc.Trojan.Agent variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53543 | MALWARE-CNC Doc.Trojan.Agent variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53544 | MALWARE-CNC Win.Trojan.Agent variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 53555 | MALWARE-OTHER Win.Downloader.Zbot-7647437-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53556 | MALWARE-OTHER Win.Downloader.Zbot-7647437-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53557 | SERVER-OTHER Codesys V3 Gateway denial of service attempt (more info ...) | attempted-dos | 2020-7052 | |||
| 53559 | MALWARE-OTHER Win.Trojan.Generickdz-7648973-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53560 | MALWARE-OTHER Win.Trojan.Generickdz-7648973-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53579 | PROTOCOL-VOIP Asterisk Manager Interface Originate action arbitrary command execution attempt (more info ...) | attempted-user | 2019-18610 | |||
| 53582 | INDICATOR-COMPROMISE RTF document with Equation and BITSAdmin download attempt (more info ...) | trojan-activity | ||||
| 53583 | INDICATOR-COMPROMISE RTF document with Equation and BITSAdmin download attempt (more info ...) | trojan-activity | ||||
| 53584 | MALWARE-CNC Win.Trojan.FormBook variant outbound connection (more info ...) | trojan-activity | ||||
| 53587 | MALWARE-CNC Win.Trojan.hacktool CheckAdmin tool download attempt (more info ...) | trojan-activity | URL | |||
| 53588 | MALWARE-CNC Win.Trojan.hacktool CheckAdmin tool download attempt (more info ...) | trojan-activity | URL | |||
| 53597 | MALWARE-OTHER Win.Ransomware.Hiddentears-7648972-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53598 | MALWARE-OTHER Win.Ransomware.Hiddentears-7648972-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53603 | MALWARE-OTHER Win.Packed.Razy-7649790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53604 | MALWARE-OTHER Win.Packed.Razy-7649790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53605 | MALWARE-OTHER Win.Dropper.Gozi-7647568-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53606 | MALWARE-OTHER Win.Dropper.Gozi-7647568-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53607 | MALWARE-OTHER Win.Trojan.Usteal-7652807-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53608 | MALWARE-OTHER Win.Trojan.Usteal-7652807-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53609 | MALWARE-OTHER Win.Packed.Aak5d3ci-7652809-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53610 | MALWARE-OTHER Win.Packed.Aak5d3ci-7652809-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53611 | MALWARE-OTHER Win.Packed.Acv93xci-7652812-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53612 | MALWARE-OTHER Win.Packed.Acv93xci-7652812-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53615 | MALWARE-OTHER Win.Dropper.Upatre-7659504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53616 | MALWARE-OTHER Win.Dropper.Upatre-7659504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53617 | MALWARE-OTHER Win.Dropper.Upatre-7659544-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53618 | MALWARE-OTHER Win.Dropper.Upatre-7659544-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53631 | MALWARE-CNC Win.Trojan.Panda variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 53648 | MALWARE-CNC Win.Trojan.WildPressure variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 53662 | MALWARE-OTHER Win.Trojan.MedusaLocker malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 53691 | MALWARE-OTHER Win.Trojan.PoetRAT malicious document download attempt (more info ...) | trojan-activity | URL | |||
| 53692 | MALWARE-CNC Win.Ransomware.Hiddentears variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53693 | MALWARE-CNC Win.Ransomware.Hiddentears variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53694 | MALWARE-CNC Win.Ransomware.Hiddentears variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53695 | MALWARE-OTHER Win.Malware.Reconyc-7663171-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53696 | MALWARE-OTHER Win.Malware.Reconyc-7663171-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53703 | MALWARE-OTHER Win.Dropper.Gepys-7667037-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53704 | MALWARE-OTHER Win.Dropper.Gepys-7667037-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53705 | MALWARE-OTHER Win.Worm.Vobfus-7667850-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53706 | MALWARE-OTHER Win.Worm.Vobfus-7667850-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53709 | MALWARE-OTHER Win.Worm.Vobfus-7670131-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53710 | MALWARE-OTHER Win.Worm.Vobfus-7670131-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53711 | MALWARE-OTHER Win.Packed.Zbot-7671047-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53712 | MALWARE-OTHER Win.Packed.Zbot-7671047-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53715 | MALWARE-OTHER Win.Dropper.Kuluoz-7671762-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53716 | MALWARE-OTHER Win.Dropper.Kuluoz-7671762-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53717 | MALWARE-OTHER Win.Dropper.XtremeRAT-7672139-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53718 | MALWARE-OTHER Win.Dropper.XtremeRAT-7672139-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53719 | MALWARE-OTHER Win.Worm.Vobfus-7672805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53720 | MALWARE-OTHER Win.Worm.Vobfus-7672805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53721 | MALWARE-OTHER Win.Trojan.Sdbot-7674653-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53722 | MALWARE-OTHER Win.Trojan.Sdbot-7674653-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53723 | MALWARE-OTHER Win.Worm.Vobfus-7674660-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53724 | MALWARE-OTHER Win.Worm.Vobfus-7674660-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53725 | MALWARE-OTHER Win.Trojan.Sdbot-7674650-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53726 | MALWARE-OTHER Win.Trojan.Sdbot-7674650-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53727 | FILE-OTHER Visual Studio Code Python extension arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 53728 | FILE-OTHER Visual Studio Code Python extension arbitrary code execution attempt (more info ...) | attempted-user | URL | |||
| 53736 | MALWARE-OTHER Win.Trojan.Zbot-7678962-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53737 | MALWARE-OTHER Win.Trojan.Zbot-7678962-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53749 | MALWARE-CNC Andr.Trojan.Basbanke variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53750 | MALWARE-CNC Andr.Trojan.Basbanke variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53755 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1051 attack attempt (more info ...) | attempted-dos | URL | |||
| 53756 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1051 attack attempt (more info ...) | attempted-dos | URL | |||
| 53763 | MALWARE-OTHER Win.Trojan.Generic-7679561-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53764 | MALWARE-OTHER Win.Trojan.Generic-7679561-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53765 | MALWARE-OTHER Win.Downloader.Kuluoz-7684621-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53766 | MALWARE-OTHER Win.Downloader.Kuluoz-7684621-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53767 | MALWARE-OTHER Win.Dropper.DarkKomet-7685267-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53768 | MALWARE-OTHER Win.Dropper.DarkKomet-7685267-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53770 | MALWARE-OTHER Win.Dropper.Emotet-7691064-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53771 | MALWARE-OTHER Win.Dropper.Emotet-7691064-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53772 | MALWARE-OTHER Win.Packed.Generickdz-7691284-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53773 | MALWARE-OTHER Win.Packed.Generickdz-7691284-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53774 | MALWARE-OTHER Win.Trojan.Cryptolocker-7691287-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53775 | MALWARE-OTHER Win.Trojan.Cryptolocker-7691287-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53776 | MALWARE-OTHER Win.Dropper.Kuluoz-7696245-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53777 | MALWARE-OTHER Win.Dropper.Kuluoz-7696245-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53780 | MALWARE-OTHER Win.Packed.Barys-7699954-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53781 | MALWARE-OTHER Win.Packed.Barys-7699954-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53792 | MALWARE-CNC Win.Malware.Remcos variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 53801 | MALWARE-OTHER Win.Dropper.Dorkbot-7725478-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53802 | MALWARE-OTHER Win.Dropper.Dorkbot-7725478-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53803 | MALWARE-OTHER Win.Packed.Kuluoz-7725577-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53804 | MALWARE-OTHER Win.Packed.Kuluoz-7725577-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53805 | MALWARE-OTHER Win.Packed.Upatre-7725946-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53806 | MALWARE-OTHER Win.Packed.Upatre-7725946-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53807 | MALWARE-OTHER Win.Downloader.Auqxpmli-7727237-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53808 | MALWARE-OTHER Win.Downloader.Auqxpmli-7727237-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53809 | MALWARE-OTHER Win.Downloader.Auqxpmli-7727238-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53810 | MALWARE-OTHER Win.Downloader.Auqxpmli-7727238-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53811 | MALWARE-OTHER Win.Keylogger.Multibanker-7729242-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53812 | MALWARE-OTHER Win.Keylogger.Multibanker-7729242-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53813 | MALWARE-OTHER Win.Worm.Dorkbot-7729710-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53814 | MALWARE-OTHER Win.Worm.Dorkbot-7729710-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53815 | MALWARE-OTHER Win.Packed.Zeroaccess-7730394-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53816 | MALWARE-OTHER Win.Packed.Zeroaccess-7730394-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53817 | MALWARE-OTHER Win.Packed.Zusy-7730667-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53818 | MALWARE-OTHER Win.Packed.Zusy-7730667-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53819 | MALWARE-OTHER Win.Packed.Zeroaccess-7730732-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53820 | MALWARE-OTHER Win.Packed.Zeroaccess-7730732-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53821 | MALWARE-OTHER Win.Packed.Zeroaccess-7730819-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53822 | MALWARE-OTHER Win.Packed.Zeroaccess-7730819-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53823 | MALWARE-OTHER Win.Trojan.Gh0stRAT-7737919-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53824 | MALWARE-OTHER Win.Trojan.Gh0stRAT-7737919-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53827 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7751494-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53828 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7751494-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53829 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7752290-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53830 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7752290-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53833 | MALWARE-OTHER Win.Dropper.Cerber-7752430-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53834 | MALWARE-OTHER Win.Dropper.Cerber-7752430-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53838 | MALWARE-OTHER Win.Trojan.Maze variant download attempt (more info ...) | trojan-activity | URL | |||
| 53839 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1059 attack attempt (more info ...) | policy-violation | URL | |||
| 53840 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1060 attack attempt (more info ...) | policy-violation | URL | |||
| 53841 | MALWARE-CNC Win.Malware.Agent variant outbound cnc connection attempt (more info ...) | trojan-activity | ||||
| 53842 | MALWARE-OTHER Win.Packed.Zusy-7752919-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53843 | MALWARE-OTHER Win.Packed.Zusy-7752919-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53848 | MALWARE-OTHER Win.Packed.Clipbanker-7764305-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53849 | MALWARE-OTHER Win.Packed.Clipbanker-7764305-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53852 | MALWARE-OTHER Win.Packed.Razy-7767366-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53853 | MALWARE-OTHER Win.Packed.Razy-7767366-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53856 | MALWARE-CNC Embedded.Exploit.Hoaxcalls variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53861 | MALWARE-CNC Win.Trojan.Astaroth outbound beacon (more info ...) | trojan-activity | URL | |||
| 53872 | MALWARE-OTHER Win.Ransomware.Petr-7770233-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53873 | MALWARE-OTHER Win.Ransomware.Petr-7770233-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53874 | MALWARE-OTHER Win.Dropper.Ursnif-7770520-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53875 | MALWARE-OTHER Win.Dropper.Ursnif-7770520-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53880 | INDICATOR-OBFUSCATION Executable packed with EnigmaProtector detected (more info ...) | policy-violation | URL | |||
| 53881 | INDICATOR-OBFUSCATION Executable packed with EnigmaProtector detected (more info ...) | policy-violation | URL | |||
| 53883 | MALWARE-OTHER Win.Packed.Ursnif-7770512-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53884 | MALWARE-OTHER Win.Packed.Ursnif-7770512-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53886 | MALWARE-OTHER Win.Dropper.Bifrost-7776555-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53887 | MALWARE-OTHER Win.Dropper.Bifrost-7776555-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53892 | MALWARE-OTHER Win.Worm.Worpof-7779679-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53893 | MALWARE-OTHER Win.Worm.Worpof-7779679-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53894 | MALWARE-OTHER Win.Packed.Zeroaccess-7779785-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53895 | MALWARE-OTHER Win.Packed.Zeroaccess-7779785-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53896 | MALWARE-OTHER Win.Packed.Zeroaccess-7779786-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53897 | MALWARE-OTHER Win.Packed.Zeroaccess-7779786-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53898 | MALWARE-OTHER Win.Packed.Zeroaccess-7779787-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53899 | MALWARE-OTHER Win.Packed.Zeroaccess-7779787-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53900 | MALWARE-OTHER Win.Packed.Zeroaccess-7779788-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53901 | MALWARE-OTHER Win.Packed.Zeroaccess-7779788-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53902 | MALWARE-OTHER PUA.Win.Downloader.Loadmoney-7779808-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53903 | MALWARE-OTHER PUA.Win.Downloader.Loadmoney-7779808-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53904 | MALWARE-OTHER Win.Ransomware.Cerber-7780045-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53905 | MALWARE-OTHER Win.Ransomware.Cerber-7780045-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53906 | MALWARE-OTHER Win.Dropper.Nitol-7780618-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53907 | MALWARE-OTHER Win.Dropper.Nitol-7780618-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53908 | MALWARE-OTHER Win.Dropper.Bunitu-7780594-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53909 | MALWARE-OTHER Win.Dropper.Bunitu-7780594-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53912 | MALWARE-OTHER Win.Packed.Mikey-7782296-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53913 | MALWARE-OTHER Win.Packed.Mikey-7782296-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53914 | MALWARE-OTHER Win.Trojan.Zusy-7782261-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53915 | MALWARE-OTHER Win.Trojan.Zusy-7782261-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53934 | MALWARE-OTHER Win.Trojan.Zusy-7779639-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53935 | MALWARE-OTHER Win.Trojan.Zusy-7779639-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53936 | MALWARE-OTHER Win.Malware.Zusy-7781049-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53937 | MALWARE-OTHER Win.Malware.Zusy-7781049-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53946 | MALWARE-OTHER Win.Ransomware.Cerber-7782997-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53947 | MALWARE-OTHER Win.Ransomware.Cerber-7782997-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53956 | MALWARE-CNC Win.Malware.Agent variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53957 | MALWARE-CNC Win.Malware.Agent variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 53958 | MALWARE-CNC Win.Malware.Agent variant outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 53961 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7783851-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53962 | MALWARE-OTHER Win.Dropper.Gh0stRAT-7783851-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53963 | MALWARE-OTHER Win.Dropper.Kuluoz-7784064-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53964 | MALWARE-OTHER Win.Dropper.Kuluoz-7784064-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53971 | MALWARE-CNC Win.Trojan.Andariel outbound connection attempt (more info ...) | trojan-activity | ||||
| 53981 | MALWARE-OTHER Win.Packed.Palevo-7785322-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53982 | MALWARE-OTHER Win.Packed.Palevo-7785322-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53986 | MALWARE-OTHER Win.Malware.Bstx-7792801-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53987 | MALWARE-OTHER Win.Malware.Bstx-7792801-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53988 | MALWARE-OTHER Win.Dropper.Cerber-7792881-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53989 | MALWARE-OTHER Win.Dropper.Cerber-7792881-0 download attempt (more info ...) | trojan-activity | URL | |||
| 53994 | MALWARE-CNC Win.Trojan.WINNTI variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53995 | MALWARE-CNC Win.Trojan.WINNTI variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53996 | MALWARE-CNC Win.Malware.Hancitor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 53998 | MALWARE-CNC Win.Malware.Hancitor variant inbound connection (more info ...) | trojan-activity | URL | |||
| 53999 | MALWARE-CNC Win.Malware.Hancitor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54000 | MALWARE-CNC Win.Malware.Hancitor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54001 | MALWARE-OTHER Win.Worm.Refpron-7794056-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54002 | MALWARE-OTHER Win.Worm.Refpron-7794056-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54009 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1071 attack attempt (more info ...) | policy-violation | URL | |||
| 54014 | MALWARE-CNC Win.Malware.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54017 | MALWARE-OTHER Win.Packed.Dorkbot-7847299-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54018 | MALWARE-OTHER Win.Packed.Dorkbot-7847299-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54019 | MALWARE-CNC Win.Trojan.ApolloZeus Loader beaconing attempt (more info ...) | trojan-activity | URL | |||
| 54021 | MALWARE-CNC Win.Trojan.Andariel outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54029 | MALWARE-CNC Win.Malware.Rifdoor outbound cnc registration attempt (more info ...) | trojan-activity | URL | |||
| 54035 | MALWARE-OTHER Win.Dropper.Fareitvb-7861078-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54036 | MALWARE-OTHER Win.Dropper.Fareitvb-7861078-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54040 | MALWARE-CNC Win.Trojan.Evilnum variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54041 | MALWARE-CNC Win.Trojan.Evilnum variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54042 | MALWARE-CNC Win.Trojan.Evilnum variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54043 | MALWARE-CNC Win.Trojan.Evilnum variant inbound connection (more info ...) | trojan-activity | URL | |||
| 54046 | MALWARE-CNC Win.Malware.Qealler variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54053 | MALWARE-CNC Win.Trojan.Copperhedge outbound connection (more info ...) | trojan-activity | URL | |||
| 54054 | MALWARE-CNC Win.Trojan.Copperhedge outbound connection (more info ...) | trojan-activity | URL | |||
| 54055 | MALWARE-CNC Win.Trojan.Copperhedge outbound connection (more info ...) | trojan-activity | URL | |||
| 54057 | MALWARE-OTHER Win.Trojan.BlackNET variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54058 | MALWARE-CNC Win.Trojan.Blacknet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54059 | MALWARE-CNC Win.Trojan.Blacknet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54060 | MALWARE-CNC Win.Trojan.Blacknet variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54062 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54063 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54064 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54065 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54066 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54067 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54068 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54069 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54070 | MALWARE-OTHER Win.Trojan.TrickBot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54080 | INDICATOR-COMPROMISE Win.Trojan.TrickBot variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54081 | MALWARE-CNC Win.Trojan.Ursnif variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 54082 | MALWARE-CNC Win.Trojan.Ursnif variant outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 54087 | MALWARE-OTHER Win.Dropper.Zeus-7945000-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54088 | MALWARE-OTHER Win.Dropper.Zeus-7945000-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54102 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54103 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54104 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54105 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54106 | MALWARE-OTHER Win.Trojan.Mokes malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54107 | MALWARE-CNC Win.Trojan.Mokes variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54118 | MALWARE-OTHER Win.Trojan.Ircbot-7910553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54119 | MALWARE-OTHER Win.Trojan.Ircbot-7910553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54165 | MALWARE-OTHER Win.Ransomware.Razy-7997331-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54166 | MALWARE-OTHER Win.Ransomware.Razy-7997331-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54167 | MALWARE-OTHER Win.Malware.Genpack-7998106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54168 | MALWARE-OTHER Win.Malware.Genpack-7998106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54175 | INDICATOR-COMPROMISE Cobalt Strike default signed applet attack URI (more info ...) | trojan-activity | URL | |||
| 54176 | MALWARE-OTHER Win.Ircbot.Zusy-8002902-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54177 | MALWARE-OTHER Win.Ircbot.Zusy-8002902-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54178 | MALWARE-OTHER Win.Ircbot.Zusy-8002903-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54179 | MALWARE-OTHER Win.Ircbot.Zusy-8002903-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54183 | INDICATOR-COMPROMISE Cobalt Strike default smart applet attack URI (more info ...) | trojan-activity | URL | |||
| 54185 | MALWARE-OTHER Win.Packed.Samas-7998113-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54186 | MALWARE-OTHER Win.Packed.Samas-7998113-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54199 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54200 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54201 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54202 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54203 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54204 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54205 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54206 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54207 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54208 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54209 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54210 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54211 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54212 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54213 | MALWARE-CNC Win.Trojan.Trickbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54220 | MALWARE-OTHER PUA.Win.Packed.Amg0fxii-8010198-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54221 | MALWARE-OTHER PUA.Win.Packed.Amg0fxii-8010198-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54222 | SERVER-ORACLE Oracle iPlanet admin panel image injection attempt (more info ...) | web-application-attack | 2020-9314 | URL | ||
| 54223 | SERVER-ORACLE Oracle iPlanet admin panel image injection CSRF attempt (more info ...) | web-application-attack | 2020-9314 | URL | ||
| 54224 | SERVER-ORACLE Oracle iPlanet admin panel image injection attempt (more info ...) | web-application-attack | 2020-9314 | URL | ||
| 54225 | SERVER-ORACLE Oracle iPlanet admin panel image injection CSRF attempt (more info ...) | web-application-attack | 2020-9314 | URL | ||
| 54234 | SERVER-WEBAPP TerraMaster NAS cross site scripting attempt (more info ...) | attempted-user | 2018-13334 | URL | ||
| 54235 | SERVER-WEBAPP TerraMaster NAS cross site scripting attempt (more info ...) | attempted-user | 2018-13334 | URL | ||
| 54284 | MALWARE-OTHER Win.Dropper.NetWire-8014470-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54285 | MALWARE-OTHER Win.Dropper.NetWire-8014470-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54286 | MALWARE-OTHER Win.Worm.Vobfus-8014472-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54287 | MALWARE-OTHER Win.Worm.Vobfus-8014472-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54288 | MALWARE-OTHER Win.Worm.Vobfus-8014473-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54289 | MALWARE-OTHER Win.Worm.Vobfus-8014473-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54291 | MALWARE-OTHER Doc.Trojan.AZORult phishing document download attempt (more info ...) | trojan-activity | URL | |||
| 54292 | MALWARE-OTHER Doc.Trojan.AZORult phishing document download attempt (more info ...) | trojan-activity | URL | |||
| 54293 | MALWARE-CNC Win.Trojan.Neutrino variant payload download (more info ...) | trojan-activity | URL | |||
| 54294 | MALWARE-CNC Win.Trojan.AZORult variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54295 | MALWARE-CNC Win.Trojan.AZORult variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54298 | MALWARE-OTHER Win.Dropper.Tinba-8025802-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54299 | MALWARE-OTHER Win.Dropper.Tinba-8025802-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54302 | MALWARE-OTHER Win.Dropper.Kuluoz-8027829-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54303 | MALWARE-OTHER Win.Dropper.Kuluoz-8027829-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54316 | MALWARE-OTHER Win.Downloader.Jqht-8069377-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54317 | MALWARE-OTHER Win.Downloader.Jqht-8069377-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54318 | MALWARE-CNC Win.Trojan.Azorult variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54357 | MALWARE-CNC Win.Trojan.Sarwent variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54373 | MALWARE-OTHER Win.Trojan.IndigoDrop variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54375 | MALWARE-OTHER Win.Trojan.IndigoDrop variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54376 | MALWARE-OTHER Win.Trojan.IndigoDrop variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54381 | MALWARE-OTHER Win.Dropper.Vidar-8170701-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54382 | MALWARE-OTHER Win.Dropper.Vidar-8170701-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54384 | MALWARE-OTHER Win.Trojan.Qbot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54386 | MALWARE-OTHER Win.Trojan.Qbot malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54394 | MALWARE-CNC Win.Trojan.Banload variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54395 | MALWARE-OTHER Win.Trojan.Shiz-8295940-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54396 | MALWARE-OTHER Win.Trojan.Shiz-8295940-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54397 | MALWARE-OTHER Win.Trojan.Barys-8338518-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54398 | MALWARE-OTHER Win.Trojan.Barys-8338518-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54401 | MALWARE-CNC Win.Trojan.Valak malicious outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54402 | MALWARE-CNC Win.Trojan.Valak malicious outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54403 | MALWARE-CNC Win.Trojan.Valak malicious outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54404 | MALWARE-CNC Win.Trojan.Valak malicious outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54419 | MALWARE-OTHER Win.Dropper.NetWire-8356485-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54420 | MALWARE-OTHER Win.Dropper.NetWire-8356485-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54421 | MALWARE-CNC Win.Trojan.TroyStealer outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54434 | MALWARE-OTHER Win.Malware.Midie-8568669-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54435 | MALWARE-OTHER Win.Malware.Midie-8568669-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54440 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (more info ...) | attempted-admin | 2020-13509 | URL | ||
| 54441 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (more info ...) | attempted-admin | 2020-13509 | URL | ||
| 54442 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (more info ...) | attempted-admin | 2020-13510 | URL | ||
| 54443 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (more info ...) | attempted-admin | 2020-13510 | URL | ||
| 54444 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (more info ...) | attempted-admin | 2020-13511 | URL | ||
| 54445 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1110 attack attempt (more info ...) | attempted-admin | 2020-13511 | URL | ||
| 54446 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (more info ...) | attempted-admin | 2020-13512 | URL | ||
| 54447 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (more info ...) | attempted-admin | 2020-13512 | URL | ||
| 54448 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (more info ...) | attempted-admin | 2020-13513 | URL | ||
| 54449 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (more info ...) | attempted-admin | 2020-13513 | URL | ||
| 54450 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (more info ...) | attempted-admin | 2020-13514 | URL | ||
| 54451 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1111 attack attempt (more info ...) | attempted-admin | 2020-13514 | URL | ||
| 54452 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1112 attack attempt (more info ...) | attempted-admin | 2020-13515 | URL | ||
| 54453 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1112 attack attempt (more info ...) | attempted-admin | 2020-13515 | URL | ||
| 54454 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1113 attack attempt (more info ...) | attempted-admin | 2020-13516 | URL | ||
| 54455 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1113 attack attempt (more info ...) | attempted-admin | 2020-13516 | URL | ||
| 54456 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1114 attack attempt (more info ...) | attempted-admin | 2020-13517 | URL | ||
| 54457 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1114 attack attempt (more info ...) | attempted-admin | 2020-13517 | URL | ||
| 54458 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1115 attack attempt (more info ...) | attempted-admin | 2020-13518 | URL | ||
| 54459 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1115 attack attempt (more info ...) | attempted-admin | 2020-13518 | URL | ||
| 54460 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1116 attack attempt (more info ...) | attempted-admin | 2020-13519 | URL | ||
| 54461 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1116 attack attempt (more info ...) | attempted-admin | 2020-13519 | URL | ||
| 54494 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1100 attack attempt (more info ...) | attempted-dos | 2020-6154 | URL | ||
| 54496 | MALWARE-CNC Win.Trojan.NetSupportManager outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 54499 | MALWARE-CNC Win.Ransomware.Maze variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54500 | MALWARE-CNC Win.Ransomware.Maze variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54503 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1117 attack attempt (more info ...) | attempted-dos | URL | |||
| 54504 | OS-OTHER TRUFFLEHUNTER TALOS-2020-1117 attack attempt (more info ...) | attempted-dos | URL | |||
| 54505 | MALWARE-OTHER Win.Malware.Generic-8798012-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54506 | MALWARE-OTHER Win.Malware.Generic-8798012-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54507 | MALWARE-OTHER Win.Malware.Genpack-8799099-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54508 | MALWARE-OTHER Win.Malware.Genpack-8799099-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54554 | MALWARE-CNC Win.Trojan.Ursnif variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54555 | MALWARE-CNC Win.Trojan.Ursnif variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54578 | SERVER-OTHER Multiple products RAR archive decompression buffer overflow attempt (more info ...) | attempted-user | 2005-4438 | |||
| 54594 | MALWARE-OTHER Win.Dropper.Ap0calypseRAT-8992619-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54595 | MALWARE-OTHER Win.Dropper.Ap0calypseRAT-8992619-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54609 | SERVER-OTHER Hummingbird InetD LPD buffer overflow attempt (more info ...) | attempted-user | 2005-1815 | |||
| 54610 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54611 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54612 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54626 | MALWARE-CNC Vbs.Trojan.Dridex variant payload outbound download attempt (more info ...) | trojan-activity | URL | |||
| 54627 | MALWARE-CNC Vbs.Trojan.Dridex variant payload inbound download attempt (more info ...) | trojan-activity | URL | |||
| 54628 | MALWARE-CNC Vbs.Trojan.Dridex variant payload inbound download attempt (more info ...) | trojan-activity | URL | |||
| 54632 | MALWARE-OTHER Win.Dropper.QQpass-9093595-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54633 | MALWARE-OTHER Win.Dropper.QQpass-9093595-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54634 | MALWARE-OTHER Win.Dropper.QQpass-9102183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54635 | MALWARE-OTHER Win.Dropper.QQpass-9102183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54640 | MALWARE-OTHER Win.Trojan.Hackbit malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54642 | MALWARE-OTHER Win.Trojan.Hackbit malicious dropper download attempt (more info ...) | trojan-activity | URL | |||
| 54651 | MALWARE-OTHER Win.Dropper.Nanocore-9025522-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54652 | MALWARE-OTHER Win.Dropper.Nanocore-9025522-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54653 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9107742-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54654 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9107742-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54657 | MALWARE-OTHER Win.Dropper.Bunitu-9128889-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54658 | MALWARE-OTHER Win.Dropper.Bunitu-9128889-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54659 | MALWARE-OTHER Win.Dropper.Bunitu-9127509-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54660 | MALWARE-OTHER Win.Dropper.Bunitu-9127509-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54661 | MALWARE-OTHER Win.Ransomware.Cerber-9130272-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54662 | MALWARE-OTHER Win.Ransomware.Cerber-9130272-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54663 | MALWARE-OTHER Win.Ransomware.Cerber-9130422-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54664 | MALWARE-OTHER Win.Ransomware.Cerber-9130422-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54667 | FILE-OTHER TAR file directory traversal attempt (more info ...) | attempted-user | 2020-3383 | URL | ||
| 54678 | MALWARE-OTHER Win.Ransomware.Cerber-9204933-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54679 | MALWARE-OTHER Win.Ransomware.Cerber-9204933-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54707 | MALWARE-OTHER Win.Packed.Agentb-9219640-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54708 | MALWARE-OTHER Win.Packed.Agentb-9219640-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54711 | MALWARE-OTHER Win.Dropper.Zeus-9220292-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54712 | MALWARE-OTHER Win.Dropper.Zeus-9220292-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54717 | MALWARE-OTHER Win.Packed.Zeroaccess-9220863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54718 | MALWARE-OTHER Win.Packed.Zeroaccess-9220863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54721 | MALWARE-OTHER Win.Downloader.Banload-9221778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54722 | MALWARE-OTHER Win.Downloader.Banload-9221778-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54725 | MALWARE-OTHER Win.Dropper.SpyEye-9225535-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54726 | MALWARE-OTHER Win.Dropper.SpyEye-9225535-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54748 | MALWARE-OTHER Win.Ransomware.Nephilim variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54751 | MALWARE-OTHER Win.Ransomware.Nephilim variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54752 | MALWARE-OTHER Win.Ransomware.Nephilim variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 54758 | MALWARE-OTHER Win.Dropper.Ap0calypseRAT-9216554-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54759 | MALWARE-OTHER Win.Dropper.Ap0calypseRAT-9216554-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54760 | MALWARE-OTHER Win.Malware.Midie-9242514-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54761 | MALWARE-OTHER Win.Malware.Midie-9242514-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54762 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1135 attack attempt (more info ...) | policy-violation | 2020-13527 | URL | ||
| 54763 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1135 attack attempt (more info ...) | policy-violation | 2020-13527 | URL | ||
| 54764 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1135 attack attempt (more info ...) | policy-violation | 2020-13527 | URL | ||
| 54769 | MALWARE-OTHER Win.Dropper.Nanocore-9253782-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54770 | MALWARE-OTHER Win.Dropper.Nanocore-9253782-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54773 | SERVER-WEBAPP TerraMaster NAS URL reflected cross site scripting attempt (more info ...) | attempted-user | 2018-13329 | |||
| 54774 | SERVER-WEBAPP TerraMaster NAS URL reflected cross site scripting attempt (more info ...) | attempted-user | 2018-13329 | |||
| 54775 | MALWARE-OTHER Win.Malware.Johnnie-9294701-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54776 | MALWARE-OTHER Win.Malware.Johnnie-9294701-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54779 | MALWARE-OTHER Win.Worm.Ircbot-9310443-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54780 | MALWARE-OTHER Win.Worm.Ircbot-9310443-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54801 | MALWARE-CNC Win.Trojan.Taidoor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 54802 | MALWARE-OTHER Win.Trojan.Poison-9371279-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54803 | MALWARE-OTHER Win.Trojan.Poison-9371279-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54804 | MALWARE-OTHER Win.Trojan.Emotet-9371545-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54805 | MALWARE-OTHER Win.Trojan.Emotet-9371545-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54806 | MALWARE-OTHER Win.Packed.Zeroaccess-9371729-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54807 | MALWARE-OTHER Win.Packed.Zeroaccess-9371729-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54810 | MALWARE-OTHER Win.Malware.Fdld-9371797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54811 | MALWARE-OTHER Win.Malware.Fdld-9371797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54812 | MALWARE-OTHER Win.Dropper.Kuluoz-9372655-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54813 | MALWARE-OTHER Win.Dropper.Kuluoz-9372655-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54828 | MALWARE-CNC Win.Trojan.RDAT EWS cnc outbound communication (more info ...) | trojan-activity | URL | |||
| 54831 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1142 attack attempt (more info ...) | policy-violation | 2020-13529 | URL | ||
| 54838 | MALWARE-OTHER Win.Dropper.Vundo-9406789-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54839 | MALWARE-OTHER Win.Dropper.Vundo-9406789-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54840 | MALWARE-OTHER Win.Trojan.Zeroaccess-9406344-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54841 | MALWARE-OTHER Win.Trojan.Zeroaccess-9406344-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54842 | MALWARE-OTHER Win.Packed.Zeus-9415830-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54843 | MALWARE-OTHER Win.Packed.Zeus-9415830-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54844 | MALWARE-OTHER Win.Packed.Atraps-9427196-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54845 | MALWARE-OTHER Win.Packed.Atraps-9427196-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54846 | MALWARE-OTHER Win.Packed.Atraps-9427203-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54847 | MALWARE-OTHER Win.Packed.Atraps-9427203-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54850 | MALWARE-OTHER Win.Dropper.Remcos-9446016-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54851 | MALWARE-OTHER Win.Dropper.Remcos-9446016-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54852 | MALWARE-OTHER Win.Dropper.Remcos-9446018-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54853 | MALWARE-OTHER Win.Dropper.Remcos-9446018-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54854 | MALWARE-OTHER Win.Trojan.Nebuler-9446495-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54855 | MALWARE-OTHER Win.Trojan.Nebuler-9446495-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54856 | MALWARE-OTHER Win.Trojan.Ircbot-9446722-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54857 | MALWARE-OTHER Win.Trojan.Ircbot-9446722-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54858 | MALWARE-OTHER Win.Dropper.QQpass-9454056-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54859 | MALWARE-OTHER Win.Dropper.QQpass-9454056-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54860 | MALWARE-OTHER Win.Dropper.QQpass-9455117-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54861 | MALWARE-OTHER Win.Dropper.QQpass-9455117-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54862 | MALWARE-OTHER Win.Malware.Tiny-9467540-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54863 | MALWARE-OTHER Win.Malware.Tiny-9467540-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54864 | MALWARE-OTHER Win.Malware.Tiny-9467542-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54865 | MALWARE-OTHER Win.Malware.Tiny-9467542-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54868 | MALWARE-OTHER Win.Malware.Zusy-9480629-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54869 | MALWARE-OTHER Win.Malware.Zusy-9480629-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54870 | MALWARE-OTHER PUA.Win.Tool.Procpatcher-9481109-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54871 | MALWARE-OTHER PUA.Win.Tool.Procpatcher-9481109-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54872 | MALWARE-OTHER Win.Malware.Midie-9497741-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54873 | MALWARE-OTHER Win.Malware.Midie-9497741-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54876 | MALWARE-OTHER Win.Ransomware.Spora-9525060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54877 | MALWARE-OTHER Win.Ransomware.Spora-9525060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54878 | MALWARE-OTHER Win.Packed.Zeroaccess-9525066-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54879 | MALWARE-OTHER Win.Packed.Zeroaccess-9525066-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54880 | MALWARE-CNC Win.Malware.Duri variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 54891 | MALWARE-CNC Win.Trojan.GoldenSpy variant outbound beaconing attempt (more info ...) | trojan-activity | URL | |||
| 54892 | MALWARE-CNC Win.Trojan.GoldenSpy variant outbound beaconing attempt (more info ...) | trojan-activity | URL | |||
| 54893 | MALWARE-CNC Win.Trojan.GoldenSpy variant outbound beaconing attempt (more info ...) | trojan-activity | URL | |||
| 54900 | MALWARE-OTHER Win.Packed.Emotet-9527878-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54901 | MALWARE-OTHER Win.Packed.Emotet-9527878-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54905 | MALWARE-OTHER Win.Trojan.Dridex malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54908 | MALWARE-OTHER Win.Trojan.Dridex malicious file download attempt (more info ...) | trojan-activity | URL | |||
| 54909 | MALWARE-OTHER Win.Trojan.Dridex malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 54924 | MALWARE-OTHER Win.Malware.Emotet-9620982-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54925 | MALWARE-OTHER Win.Malware.Emotet-9620982-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54928 | MALWARE-OTHER Win.Malware.Midie-9622173-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54929 | MALWARE-OTHER Win.Malware.Midie-9622173-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54930 | MALWARE-OTHER Win.Malware.Midie-9622177-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54931 | MALWARE-OTHER Win.Malware.Midie-9622177-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54932 | MALWARE-OTHER Win.Malware.Midie-9622157-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54933 | MALWARE-OTHER Win.Malware.Midie-9622157-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54934 | MALWARE-OTHER Win.Virus.Wapomi-9623880-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54935 | MALWARE-OTHER Win.Virus.Wapomi-9623880-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54936 | MALWARE-OTHER Win.Malware.Zusy-9623918-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54937 | MALWARE-OTHER Win.Malware.Zusy-9623918-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54940 | MALWARE-OTHER Win.Downloader.Upatre-9624358-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54941 | MALWARE-OTHER Win.Downloader.Upatre-9624358-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54942 | MALWARE-OTHER Win.Downloader.Upatre-9624093-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54943 | MALWARE-OTHER Win.Downloader.Upatre-9624093-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54944 | MALWARE-OTHER Win.Malware.Midie-9624674-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54945 | MALWARE-OTHER Win.Malware.Midie-9624674-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54948 | MALWARE-OTHER Win.Malware.Genpack-9625450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54949 | MALWARE-OTHER Win.Malware.Genpack-9625450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54952 | MALWARE-OTHER Win.Malware.Genpack-9625456-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54953 | MALWARE-OTHER Win.Malware.Genpack-9625456-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54954 | MALWARE-OTHER Win.Malware.Genpack-9625465-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54955 | MALWARE-OTHER Win.Malware.Genpack-9625465-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54956 | MALWARE-OTHER Win.Malware.Tiny-9625603-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54957 | MALWARE-OTHER Win.Malware.Tiny-9625603-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54958 | MALWARE-OTHER Win.Malware.Zusy-9625604-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54959 | MALWARE-OTHER Win.Malware.Zusy-9625604-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54960 | MALWARE-OTHER Win.Malware.Upatre-9626207-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54961 | MALWARE-OTHER Win.Malware.Upatre-9626207-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54966 | MALWARE-OTHER Win.Malware.Upatre-9628660-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54967 | MALWARE-OTHER Win.Malware.Upatre-9628660-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54968 | MALWARE-OTHER PUA.Win.File.Zegost-9629018-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54969 | MALWARE-OTHER PUA.Win.File.Zegost-9629018-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54970 | MALWARE-OTHER Win.Malware.Midie-9628903-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54971 | MALWARE-OTHER Win.Malware.Midie-9628903-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54972 | MALWARE-OTHER Win.Malware.Midie-9628909-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54973 | MALWARE-OTHER Win.Malware.Midie-9628909-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54976 | MALWARE-OTHER Win.Packed.Razy-9629621-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54977 | MALWARE-OTHER Win.Packed.Razy-9629621-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54978 | MALWARE-OTHER Win.Trojan.Delf-9629623-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54979 | MALWARE-OTHER Win.Trojan.Delf-9629623-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54982 | MALWARE-OTHER Win.Trojan.Razy-9629407-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54983 | MALWARE-OTHER Win.Trojan.Razy-9629407-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54984 | MALWARE-OTHER Win.Packed.Virlock-9629553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54985 | MALWARE-OTHER Win.Packed.Virlock-9629553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54988 | MALWARE-OTHER Win.Packed.Upantix-9631864-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54989 | MALWARE-OTHER Win.Packed.Upantix-9631864-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54992 | MALWARE-OTHER Win.Packed.Upantix-9631863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54993 | MALWARE-OTHER Win.Packed.Upantix-9631863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54996 | MALWARE-OTHER Win.Malware.Zusy-9632958-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54997 | MALWARE-OTHER Win.Malware.Zusy-9632958-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54998 | MALWARE-OTHER Win.Malware.Blackmoon-9632943-0 download attempt (more info ...) | trojan-activity | URL | |||
| 54999 | MALWARE-OTHER Win.Malware.Blackmoon-9632943-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55002 | MALWARE-OTHER Win.Packed.Trickbot-9633223-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55003 | MALWARE-OTHER Win.Packed.Trickbot-9633223-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55004 | MALWARE-OTHER Win.Packed.Trickbot-9633236-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55005 | MALWARE-OTHER Win.Packed.Trickbot-9633236-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55006 | MALWARE-OTHER Win.Downloader.Upatre-9633079-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55007 | MALWARE-OTHER Win.Downloader.Upatre-9633079-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55008 | MALWARE-OTHER Win.Worm.Cynic-9634045-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55009 | MALWARE-OTHER Win.Worm.Cynic-9634045-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55010 | MALWARE-OTHER Win.Malware.Blackmoon-9634189-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55011 | MALWARE-OTHER Win.Malware.Blackmoon-9634189-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55014 | MALWARE-OTHER Win.Packed.Razy-9634380-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55015 | MALWARE-OTHER Win.Packed.Razy-9634380-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55019 | MALWARE-OTHER Win.Packed.Upatre-9635731-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55020 | MALWARE-OTHER Win.Packed.Upatre-9635731-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55021 | MALWARE-OTHER Win.Malware.Upatre-9635944-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55022 | MALWARE-OTHER Win.Malware.Upatre-9635944-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55023 | MALWARE-OTHER Win.Malware.Upatre-9635959-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55024 | MALWARE-OTHER Win.Malware.Upatre-9635959-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55029 | MALWARE-OTHER Win.Malware.Razy-9636401-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55030 | MALWARE-OTHER Win.Malware.Razy-9636401-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55033 | MALWARE-OTHER Win.Malware.Ipamor-9637309-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55034 | MALWARE-OTHER Win.Malware.Ipamor-9637309-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55038 | MALWARE-OTHER Win.Malware.Dropperx-9637493-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55039 | MALWARE-OTHER Win.Malware.Dropperx-9637493-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55040 | MALWARE-OTHER Win.Downloader.Upatre-9638383-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55041 | MALWARE-OTHER Win.Downloader.Upatre-9638383-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55042 | MALWARE-OTHER Win.Malware.Zusy-9638741-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55043 | MALWARE-OTHER Win.Malware.Zusy-9638741-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55046 | MALWARE-OTHER Win.Malware.Genpack-9638414-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55047 | MALWARE-OTHER Win.Malware.Genpack-9638414-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55048 | MALWARE-OTHER Win.Malware.Genpack-9638419-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55049 | MALWARE-OTHER Win.Malware.Genpack-9638419-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55052 | MALWARE-OTHER Win.Malware.Agentb-9639796-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55053 | MALWARE-OTHER Win.Malware.Agentb-9639796-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55054 | MALWARE-OTHER Win.Malware.Upatre-9641287-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55055 | MALWARE-OTHER Win.Malware.Upatre-9641287-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55056 | MALWARE-OTHER Win.Worm.Sytro-9640596-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55057 | MALWARE-OTHER Win.Worm.Sytro-9640596-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55058 | MALWARE-OTHER Win.Malware.Midie-9642391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55059 | MALWARE-OTHER Win.Malware.Midie-9642391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55060 | MALWARE-OTHER Win.Worm.Sytro-9644119-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55061 | MALWARE-OTHER Win.Worm.Sytro-9644119-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55062 | MALWARE-OTHER Win.Malware.Upantix-9644504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55063 | MALWARE-OTHER Win.Malware.Upantix-9644504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55064 | MALWARE-OTHER Win.Malware.Upantix-9644516-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55065 | MALWARE-OTHER Win.Malware.Upantix-9644516-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55066 | MALWARE-OTHER Win.Malware.Razy-9644138-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55067 | MALWARE-OTHER Win.Malware.Razy-9644138-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55068 | MALWARE-OTHER Win.Malware.Nitol-9644345-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55069 | MALWARE-OTHER Win.Malware.Nitol-9644345-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55072 | MALWARE-OTHER Win.Tool.Zusy-9645231-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55073 | MALWARE-OTHER Win.Tool.Zusy-9645231-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55074 | MALWARE-OTHER Win.Packed.Razy-9645233-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55075 | MALWARE-OTHER Win.Packed.Razy-9645233-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55076 | MALWARE-OTHER Win.Malware.Zusy-9645326-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55077 | MALWARE-OTHER Win.Malware.Zusy-9645326-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55080 | MALWARE-OTHER Win.Malware.Zusy-9645329-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55081 | MALWARE-OTHER Win.Malware.Zusy-9645329-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55082 | MALWARE-OTHER Win.Malware.Zusy-9645330-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55083 | MALWARE-OTHER Win.Malware.Zusy-9645330-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55084 | MALWARE-OTHER Win.Packed.Razy-9645384-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55085 | MALWARE-OTHER Win.Packed.Razy-9645384-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55086 | MALWARE-OTHER Win.Malware.Bqrf-9645595-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55087 | MALWARE-OTHER Win.Malware.Bqrf-9645595-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55088 | MALWARE-OTHER Win.Downloader.Upatre-9645450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55089 | MALWARE-OTHER Win.Downloader.Upatre-9645450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55090 | MALWARE-OTHER Win.Packed.Mikey-9645700-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55091 | MALWARE-OTHER Win.Packed.Mikey-9645700-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55092 | MALWARE-OTHER Win.Malware.Zusy-9645872-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55093 | MALWARE-OTHER Win.Malware.Zusy-9645872-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55094 | MALWARE-OTHER Win.Malware.Midie-9646220-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55095 | MALWARE-OTHER Win.Malware.Midie-9646220-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55096 | MALWARE-OTHER PUA.Win.Tool.Kuaizip-9646234-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55097 | MALWARE-OTHER PUA.Win.Tool.Kuaizip-9646234-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55098 | MALWARE-OTHER Win.Malware.Blackmoon-9649168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55099 | MALWARE-OTHER Win.Malware.Blackmoon-9649168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55100 | MALWARE-OTHER Win.Packed.Generickdz-9651402-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55101 | MALWARE-OTHER Win.Packed.Generickdz-9651402-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55102 | MALWARE-OTHER Win.Packed.Urausy-9652317-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55103 | MALWARE-OTHER Win.Packed.Urausy-9652317-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55108 | MALWARE-OTHER Win.Malware.Zusy-9652796-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55109 | MALWARE-OTHER Win.Malware.Zusy-9652796-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55116 | MALWARE-OTHER Win.Malware.Azzf-9653274-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55117 | MALWARE-OTHER Win.Malware.Azzf-9653274-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55118 | MALWARE-OTHER Win.Malware.Azzo-9653275-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55119 | MALWARE-OTHER Win.Malware.Azzo-9653275-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55120 | MALWARE-OTHER Win.Malware.Midie-9653298-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55121 | MALWARE-OTHER Win.Malware.Midie-9653298-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55122 | MALWARE-OTHER Win.Malware.Dexter-9654223-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55123 | MALWARE-OTHER Win.Malware.Dexter-9654223-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55126 | MALWARE-OTHER Win.Trojan.Powerspider-9654501-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55127 | MALWARE-OTHER Win.Trojan.Powerspider-9654501-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55128 | MALWARE-OTHER Win.Malware.Ulise-9654608-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55129 | MALWARE-OTHER Win.Malware.Ulise-9654608-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55130 | MALWARE-OTHER Win.Trojan.Farfli-9654634-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55131 | MALWARE-OTHER Win.Trojan.Farfli-9654634-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55132 | MALWARE-OTHER Win.Downloader.Upatre-9655576-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55133 | MALWARE-OTHER Win.Downloader.Upatre-9655576-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55136 | MALWARE-OTHER Win.Malware.Urelas-9655843-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55137 | MALWARE-OTHER Win.Malware.Urelas-9655843-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55138 | MALWARE-CNC Win.Trojan.Pioneer outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 55147 | MALWARE-OTHER PUA.Win.Adware.Burden-9681817-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55148 | MALWARE-OTHER PUA.Win.Adware.Burden-9681817-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55149 | MALWARE-OTHER Win.Trojan.Generickdz-9681016-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55150 | MALWARE-OTHER Win.Trojan.Generickdz-9681016-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55151 | MALWARE-OTHER Win.Malware.Upatre-9683280-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55152 | MALWARE-OTHER Win.Malware.Upatre-9683280-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55153 | MALWARE-OTHER Win.Downloader.Upatre-9683289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55154 | MALWARE-OTHER Win.Downloader.Upatre-9683289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55155 | MALWARE-OTHER Win.Malware.Upatre-9683300-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55156 | MALWARE-OTHER Win.Malware.Upatre-9683300-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55157 | MALWARE-OTHER Win.Packed.Generickdz-9684939-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55158 | MALWARE-OTHER Win.Packed.Generickdz-9684939-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55159 | MALWARE-OTHER Win.Malware.Midie-9684412-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55160 | MALWARE-OTHER Win.Malware.Midie-9684412-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55163 | MALWARE-OTHER Win.Packed.Urausy-9732721-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55164 | MALWARE-OTHER Win.Packed.Urausy-9732721-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55165 | MALWARE-OTHER Win.Malware.Midie-9732633-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55166 | MALWARE-OTHER Win.Malware.Midie-9732633-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55167 | MALWARE-OTHER Win.Malware.Upantix-9732988-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55168 | MALWARE-OTHER Win.Malware.Upantix-9732988-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55171 | MALWARE-OTHER Win.Trojan.Fugrafa-9733007-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55172 | MALWARE-OTHER Win.Trojan.Fugrafa-9733007-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55175 | MALWARE-OTHER Win.Malware.Midie-9733145-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55176 | MALWARE-OTHER Win.Malware.Midie-9733145-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55181 | MALWARE-OTHER Win.Malware.Upatre-9733416-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55182 | MALWARE-OTHER Win.Malware.Upatre-9733416-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55183 | MALWARE-OTHER Win.Trojan.Trustezeb-9733534-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55184 | MALWARE-OTHER Win.Trojan.Trustezeb-9733534-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55185 | MALWARE-OTHER Win.Dropper.Urausy-9733639-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55186 | MALWARE-OTHER Win.Dropper.Urausy-9733639-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55189 | MALWARE-OTHER Win.Dropper.Urausy-9733671-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55190 | MALWARE-OTHER Win.Dropper.Urausy-9733671-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55191 | MALWARE-OTHER Win.Malware.Midie-9733689-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55192 | MALWARE-OTHER Win.Malware.Midie-9733689-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55201 | MALWARE-OTHER Win.Packed.Zbot-9733739-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55202 | MALWARE-OTHER Win.Packed.Zbot-9733739-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55205 | MALWARE-CNC Win.Trojan.SoreFang initial outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 55211 | MALWARE-OTHER Win.Ransomware.Urausy-9734874-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55212 | MALWARE-OTHER Win.Ransomware.Urausy-9734874-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55213 | MALWARE-OTHER Win.Packed.Midie-9739435-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55214 | MALWARE-OTHER Win.Packed.Midie-9739435-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55215 | MALWARE-OTHER Win.Malware.Delf-9739875-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55216 | MALWARE-OTHER Win.Malware.Delf-9739875-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55221 | MALWARE-OTHER Win.Packed.Virlock-9743340-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55222 | MALWARE-OTHER Win.Packed.Virlock-9743340-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55225 | MALWARE-OTHER Win.Virus.Wapomi-9751900-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55226 | MALWARE-OTHER Win.Virus.Wapomi-9751900-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55227 | MALWARE-OTHER Win.Ransomware.Hiddentear-9752356-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55228 | MALWARE-OTHER Win.Ransomware.Hiddentear-9752356-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55229 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9752404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55230 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9752404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55231 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9752406-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55232 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9752406-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55233 | MALWARE-OTHER Win.Trojan.Generic-9752335-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55234 | MALWARE-OTHER Win.Trojan.Generic-9752335-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55235 | MALWARE-OTHER PUA.Win.Adware.Xetapp-9752373-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55236 | MALWARE-OTHER PUA.Win.Adware.Xetapp-9752373-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55237 | MALWARE-OTHER Win.Keylogger.Ursu-9752377-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55238 | MALWARE-OTHER Win.Keylogger.Ursu-9752377-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55239 | MALWARE-OTHER Win.Trojan.Fugrafa-9752450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55240 | MALWARE-OTHER Win.Trojan.Fugrafa-9752450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55243 | MALWARE-OTHER Win.Trojan.Elzob-9752485-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55244 | MALWARE-OTHER Win.Trojan.Elzob-9752485-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55245 | MALWARE-OTHER Win.Malware.Awdfvxk-9752552-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55246 | MALWARE-OTHER Win.Malware.Awdfvxk-9752552-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55247 | MALWARE-OTHER Win.Malware.Trojanx-9752983-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55248 | MALWARE-OTHER Win.Malware.Trojanx-9752983-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55249 | MALWARE-OTHER Win.Malware.Tiny-9752957-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55250 | MALWARE-OTHER Win.Malware.Tiny-9752957-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55251 | MALWARE-OTHER Win.Malware.Ulise-9752577-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55252 | MALWARE-OTHER Win.Malware.Ulise-9752577-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55253 | MALWARE-OTHER Win.Trojan.Emotet-9753016-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55254 | MALWARE-OTHER Win.Trojan.Emotet-9753016-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55255 | MALWARE-OTHER PUA.Win.Adware.Linkury-9752549-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55256 | MALWARE-OTHER PUA.Win.Adware.Linkury-9752549-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55257 | MALWARE-OTHER Win.Malware.Xga5jam-9753060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55258 | MALWARE-OTHER Win.Malware.Xga5jam-9753060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55259 | MALWARE-OTHER Win.Downloader.Karagany-9753243-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55260 | MALWARE-OTHER Win.Downloader.Karagany-9753243-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55261 | MALWARE-OTHER Win.Trojan.Urausy-9753337-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55262 | MALWARE-OTHER Win.Trojan.Urausy-9753337-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55263 | MALWARE-OTHER Win.Malware.Cerbu-9753116-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55264 | MALWARE-OTHER Win.Malware.Cerbu-9753116-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55265 | MALWARE-OTHER Win.Trojan.Reveton-9753409-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55266 | MALWARE-OTHER Win.Trojan.Reveton-9753409-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55271 | MALWARE-OTHER PUA.Win.Downloader.Softcnapp-9753183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55272 | MALWARE-OTHER PUA.Win.Downloader.Softcnapp-9753183-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55273 | MALWARE-OTHER Win.Ransomware.Hlux-9753302-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55274 | MALWARE-OTHER Win.Ransomware.Hlux-9753302-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55275 | MALWARE-OTHER Win.Malware.Razy-9753125-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55276 | MALWARE-OTHER Win.Malware.Razy-9753125-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55279 | MALWARE-OTHER Win.Packed.Karagany-9753308-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55280 | MALWARE-OTHER Win.Packed.Karagany-9753308-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55281 | MALWARE-OTHER Win.Trojan.Zegost-9753424-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55282 | MALWARE-OTHER Win.Trojan.Zegost-9753424-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55283 | MALWARE-OTHER Win.Trojan.Bublik-9753310-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55284 | MALWARE-OTHER Win.Trojan.Bublik-9753310-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55285 | MALWARE-OTHER Win.Ransomware.Zusy-9753315-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55286 | MALWARE-OTHER Win.Ransomware.Zusy-9753315-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55287 | MALWARE-OTHER PUA.Win.File.Razy-9753095-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55288 | MALWARE-OTHER PUA.Win.File.Razy-9753095-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55289 | MALWARE-OTHER PUA.Win.File.Razy-9753096-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55290 | MALWARE-OTHER PUA.Win.File.Razy-9753096-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55291 | MALWARE-OTHER Win.Trojan.Bublik-9753317-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55292 | MALWARE-OTHER Win.Trojan.Bublik-9753317-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55293 | MALWARE-OTHER Win.Trojan.Bublik-9753312-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55294 | MALWARE-OTHER Win.Trojan.Bublik-9753312-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55295 | MALWARE-OTHER PUA.Win.File.Razy-9753099-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55296 | MALWARE-OTHER PUA.Win.File.Razy-9753099-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55297 | MALWARE-OTHER PUA.Win.File.Razy-9753100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55298 | MALWARE-OTHER PUA.Win.File.Razy-9753100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55299 | MALWARE-OTHER PUA.Win.File.Razy-9753102-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55300 | MALWARE-OTHER PUA.Win.File.Razy-9753102-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55301 | MALWARE-OTHER Win.Malware.Razy-9753197-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55302 | MALWARE-OTHER Win.Malware.Razy-9753197-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55303 | MALWARE-OTHER PUA.Win.File.Razy-9753103-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55304 | MALWARE-OTHER PUA.Win.File.Razy-9753103-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55307 | MALWARE-OTHER Win.Dropper.Urausy-9753391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55308 | MALWARE-OTHER Win.Dropper.Urausy-9753391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55309 | MALWARE-OTHER Win.Packed.Kovter-9753452-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55310 | MALWARE-OTHER Win.Packed.Kovter-9753452-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55311 | MALWARE-OTHER Win.Trojan.Farfli-9753454-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55312 | MALWARE-OTHER Win.Trojan.Farfli-9753454-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55313 | MALWARE-OTHER Win.Trojan.Urausy-9753468-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55314 | MALWARE-OTHER Win.Trojan.Urausy-9753468-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55315 | MALWARE-OTHER Win.Trojan.Redosdru-9753542-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55316 | MALWARE-OTHER Win.Trojan.Redosdru-9753542-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55319 | MALWARE-OTHER Win.Trojan.Poison-9753599-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55320 | MALWARE-OTHER Win.Trojan.Poison-9753599-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55321 | MALWARE-OTHER Win.Ransomware.Generickdz-9753680-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55322 | MALWARE-OTHER Win.Ransomware.Generickdz-9753680-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55323 | MALWARE-OTHER Win.Packed.Zbot-9753857-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55324 | MALWARE-OTHER Win.Packed.Zbot-9753857-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55325 | MALWARE-OTHER Win.Ransomware.Reveton-9753942-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55326 | MALWARE-OTHER Win.Ransomware.Reveton-9753942-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55331 | MALWARE-OTHER Win.Trojan.Zusy-9754178-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55332 | MALWARE-OTHER Win.Trojan.Zusy-9754178-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55333 | MALWARE-OTHER Win.Worm.Palevo-9754103-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55334 | MALWARE-OTHER Win.Worm.Palevo-9754103-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55335 | MALWARE-OTHER PUA.Win.Tool.Patcher-9753989-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55336 | MALWARE-OTHER PUA.Win.Tool.Patcher-9753989-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55337 | MALWARE-OTHER Win.Packed.Upatre-9754286-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55338 | MALWARE-OTHER Win.Packed.Upatre-9754286-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55339 | MALWARE-OTHER Win.Packed.Fareit-9754219-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55340 | MALWARE-OTHER Win.Packed.Fareit-9754219-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55341 | MALWARE-OTHER Win.Dropper.Reveton-9754019-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55342 | MALWARE-OTHER Win.Dropper.Reveton-9754019-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55343 | MALWARE-OTHER Win.Malware.Magania-9754156-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55344 | MALWARE-OTHER Win.Malware.Magania-9754156-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55345 | MALWARE-OTHER Win.Dropper.Urausy-9754318-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55346 | MALWARE-OTHER Win.Dropper.Urausy-9754318-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55347 | MALWARE-OTHER Win.Dropper.Zbot-9754356-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55348 | MALWARE-OTHER Win.Dropper.Zbot-9754356-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55351 | MALWARE-OTHER Win.Packed.Zbot-9754450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55352 | MALWARE-OTHER Win.Packed.Zbot-9754450-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55353 | MALWARE-OTHER Win.Trojan.Barys-9754805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55354 | MALWARE-OTHER Win.Trojan.Barys-9754805-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55355 | MALWARE-OTHER Win.Malware.Tiny-9754577-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55356 | MALWARE-OTHER Win.Malware.Tiny-9754577-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55359 | MALWARE-OTHER Win.Dropper.Zbot-9754812-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55360 | MALWARE-OTHER Win.Dropper.Zbot-9754812-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55361 | MALWARE-OTHER Win.Trojan.Battdil-9755096-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55362 | MALWARE-OTHER Win.Trojan.Battdil-9755096-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55363 | MALWARE-OTHER Win.Trojan.Zbot-9755097-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55364 | MALWARE-OTHER Win.Trojan.Zbot-9755097-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55367 | MALWARE-OTHER Win.Ransomware.Urausy-9754748-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55368 | MALWARE-OTHER Win.Ransomware.Urausy-9754748-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55369 | MALWARE-OTHER PUA.Win.Adware.Kranet-9754977-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55370 | MALWARE-OTHER PUA.Win.Adware.Kranet-9754977-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55371 | MALWARE-OTHER Win.Trojan.Farfli-9754465-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55372 | MALWARE-OTHER Win.Trojan.Farfli-9754465-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55373 | MALWARE-OTHER Win.Packed.Generickdz-9754466-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55374 | MALWARE-OTHER Win.Packed.Generickdz-9754466-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55375 | MALWARE-OTHER Win.Packed.Upatre-9754980-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55376 | MALWARE-OTHER Win.Packed.Upatre-9754980-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55377 | MALWARE-OTHER PUA.Win.Adware.Linkury-9755039-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55378 | MALWARE-OTHER PUA.Win.Adware.Linkury-9755039-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55379 | MALWARE-OTHER Win.Malware.Presenoker-9754467-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55380 | MALWARE-OTHER Win.Malware.Presenoker-9754467-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55383 | MALWARE-OTHER Win.Packed.Hlux-9754904-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55384 | MALWARE-OTHER Win.Packed.Hlux-9754904-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55385 | MALWARE-OTHER Win.Packed.Zbot-9754905-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55386 | MALWARE-OTHER Win.Packed.Zbot-9754905-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55387 | MALWARE-OTHER Win.Packed.Hlux-9754909-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55388 | MALWARE-OTHER Win.Packed.Hlux-9754909-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55389 | MALWARE-OTHER PUA.Win.Adware.Kranet-9754985-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55390 | MALWARE-OTHER PUA.Win.Adware.Kranet-9754985-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55391 | MALWARE-OTHER Win.Malware.Ponmocup-9754986-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55392 | MALWARE-OTHER Win.Malware.Ponmocup-9754986-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55393 | MALWARE-OTHER Win.Dropper.Tofsee-9754919-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55394 | MALWARE-OTHER Win.Dropper.Tofsee-9754919-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55399 | MALWARE-OTHER Win.Trojan.Urausy-9754492-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55400 | MALWARE-OTHER Win.Trojan.Urausy-9754492-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55401 | MALWARE-OTHER Win.Dropper.Urausy-9754785-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55402 | MALWARE-OTHER Win.Dropper.Urausy-9754785-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55403 | MALWARE-OTHER Win.Trojan.Aqaatbp-9754496-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55404 | MALWARE-OTHER Win.Trojan.Aqaatbp-9754496-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55405 | MALWARE-OTHER Win.Trojan.Istartsurf-9755079-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55406 | MALWARE-OTHER Win.Trojan.Istartsurf-9755079-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55407 | MALWARE-OTHER PUA.Win.Adware.Istartsurf-9755081-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55408 | MALWARE-OTHER PUA.Win.Adware.Istartsurf-9755081-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55409 | MALWARE-OTHER Win.Trojan.Lurk-9754564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55410 | MALWARE-OTHER Win.Trojan.Lurk-9754564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55413 | MALWARE-OTHER Win.Trojan.Winwebsec-9754570-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55414 | MALWARE-OTHER Win.Trojan.Winwebsec-9754570-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55415 | MALWARE-OTHER Win.Trojan.Battdil-9755088-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55416 | MALWARE-OTHER Win.Trojan.Battdil-9755088-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55417 | MALWARE-OTHER Win.Trojan.Zbot-9755091-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55418 | MALWARE-OTHER Win.Trojan.Zbot-9755091-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55419 | MALWARE-OTHER Win.Dropper.Zeus-9755181-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55420 | MALWARE-OTHER Win.Dropper.Zeus-9755181-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55421 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9755251-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55422 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9755251-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55425 | MALWARE-OTHER Win.Dropper.Zeus-9755634-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55426 | MALWARE-OTHER Win.Dropper.Zeus-9755634-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55429 | MALWARE-OTHER Win.Dropper.DarkKomet-9755779-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55430 | MALWARE-OTHER Win.Dropper.DarkKomet-9755779-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55431 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9755640-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55432 | MALWARE-OTHER Win.Dropper.Gh0stRAT-9755640-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55433 | MALWARE-OTHER Win.Dropper.DarkKomet-9755764-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55434 | MALWARE-OTHER Win.Dropper.DarkKomet-9755764-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55435 | MALWARE-OTHER Win.Dropper.XtremeRAT-9756061-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55436 | MALWARE-OTHER Win.Dropper.XtremeRAT-9756061-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55437 | MALWARE-OTHER Win.Trojan.Lockscreen-9756656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55438 | MALWARE-OTHER Win.Trojan.Lockscreen-9756656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55439 | MALWARE-OTHER Win.Ransomware.Urausy-9756790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55440 | MALWARE-OTHER Win.Ransomware.Urausy-9756790-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55441 | MALWARE-OTHER Win.Packed.Upatre-9756930-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55442 | MALWARE-OTHER Win.Packed.Upatre-9756930-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55443 | MALWARE-OTHER Win.Trojan.Generickdz-9756791-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55444 | MALWARE-OTHER Win.Trojan.Generickdz-9756791-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55445 | MALWARE-OTHER Win.Trojan.Zbot-9756755-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55446 | MALWARE-OTHER Win.Trojan.Zbot-9756755-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55451 | MALWARE-OTHER Win.Dropper.Reveton-9756813-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55452 | MALWARE-OTHER Win.Dropper.Reveton-9756813-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55453 | MALWARE-OTHER Win.Trojan.Zbot-9756766-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55454 | MALWARE-OTHER Win.Trojan.Zbot-9756766-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55455 | MALWARE-OTHER Win.Trojan.Generickdz-9756770-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55456 | MALWARE-OTHER Win.Trojan.Generickdz-9756770-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55461 | MALWARE-OTHER Win.Packed.Fareit-9756837-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55462 | MALWARE-OTHER Win.Packed.Fareit-9756837-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55463 | MALWARE-OTHER Win.Downloader.Upatre-9756916-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55464 | MALWARE-OTHER Win.Downloader.Upatre-9756916-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55465 | MALWARE-OTHER Win.Malware.Deepscan-9757176-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55466 | MALWARE-OTHER Win.Malware.Deepscan-9757176-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55471 | MALWARE-OTHER Win.Malware.Ursu-9757272-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55472 | MALWARE-OTHER Win.Malware.Ursu-9757272-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55473 | MALWARE-OTHER Win.Packed.Ursu-9757277-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55474 | MALWARE-OTHER Win.Packed.Ursu-9757277-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55475 | MALWARE-OTHER Win.Ransomware.Ransomer-9757261-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55476 | MALWARE-OTHER Win.Ransomware.Ransomer-9757261-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55477 | MALWARE-OTHER PUA.Win.Adware.Kranet-9757293-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55478 | MALWARE-OTHER PUA.Win.Adware.Kranet-9757293-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55483 | MALWARE-OTHER Win.Trojan.Zusy-9757564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55484 | MALWARE-OTHER Win.Trojan.Zusy-9757564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55485 | MALWARE-OTHER Win.Dropper.Reveton-9757590-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55486 | MALWARE-OTHER Win.Dropper.Reveton-9757590-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55487 | MALWARE-OTHER Win.Packed.Urausy-9757600-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55488 | MALWARE-OTHER Win.Packed.Urausy-9757600-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55493 | MALWARE-OTHER Win.Packed.Zbot-9757645-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55494 | MALWARE-OTHER Win.Packed.Zbot-9757645-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55495 | MALWARE-OTHER Win.Packed.Zbot-9757656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55496 | MALWARE-OTHER Win.Packed.Zbot-9757656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55497 | MALWARE-OTHER Win.Dropper.Urausy-9757745-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55498 | MALWARE-OTHER Win.Dropper.Urausy-9757745-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55503 | MALWARE-OTHER Win.Packed.Ramnit-9757820-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55504 | MALWARE-OTHER Win.Packed.Ramnit-9757820-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55509 | MALWARE-OTHER Win.Packed.Urausy-9758012-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55510 | MALWARE-OTHER Win.Packed.Urausy-9758012-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55511 | MALWARE-OTHER Win.Packed.Urausy-9758052-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55512 | MALWARE-OTHER Win.Packed.Urausy-9758052-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55513 | MALWARE-OTHER Win.Packed.Urausy-9758013-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55514 | MALWARE-OTHER Win.Packed.Urausy-9758013-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55515 | MALWARE-OTHER Win.Ransomware.Urausy-9758053-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55516 | MALWARE-OTHER Win.Ransomware.Urausy-9758053-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55517 | MALWARE-OTHER Win.Trojan.Tinba-9758102-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55518 | MALWARE-OTHER Win.Trojan.Tinba-9758102-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55523 | MALWARE-OTHER Win.Malware.Tinba-9758106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55524 | MALWARE-OTHER Win.Malware.Tinba-9758106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55525 | MALWARE-OTHER Win.Ransomware.Urausy-9758117-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55526 | MALWARE-OTHER Win.Ransomware.Urausy-9758117-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55527 | MALWARE-OTHER Win.Packed.Zbot-9757974-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55528 | MALWARE-OTHER Win.Packed.Zbot-9757974-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55529 | MALWARE-OTHER Win.Packed.Zbot-9757870-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55530 | MALWARE-OTHER Win.Packed.Zbot-9757870-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55531 | MALWARE-OTHER Win.Dropper.Urausy-9758048-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55532 | MALWARE-OTHER Win.Dropper.Urausy-9758048-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55533 | MALWARE-OTHER Win.Trojan.Winwebsec-9758126-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55534 | MALWARE-OTHER Win.Trojan.Winwebsec-9758126-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55535 | MALWARE-OTHER Win.Ransomware.Urausy-9758127-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55536 | MALWARE-OTHER Win.Ransomware.Urausy-9758127-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55539 | MALWARE-OTHER Win.Trojan.Spyeye-9758171-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55540 | MALWARE-OTHER Win.Trojan.Spyeye-9758171-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55541 | MALWARE-OTHER Win.Malware.Agen-9758186-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55542 | MALWARE-OTHER Win.Malware.Agen-9758186-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55545 | MALWARE-OTHER Win.Trojan.Urausy-9758291-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55546 | MALWARE-OTHER Win.Trojan.Urausy-9758291-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55547 | MALWARE-OTHER Win.Trojan.Urausy-9758294-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55548 | MALWARE-OTHER Win.Trojan.Urausy-9758294-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55549 | MALWARE-OTHER Win.Trojan.Zegost-9758347-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55550 | MALWARE-OTHER Win.Trojan.Zegost-9758347-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55551 | MALWARE-OTHER Win.Malware.Regrun-9758329-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55552 | MALWARE-OTHER Win.Malware.Regrun-9758329-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55555 | MALWARE-OTHER Win.Packed.Manna-9758481-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55556 | MALWARE-OTHER Win.Packed.Manna-9758481-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55559 | MALWARE-OTHER Win.Packed.Zbot-9758572-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55560 | MALWARE-OTHER Win.Packed.Zbot-9758572-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55561 | MALWARE-OTHER Win.Dropper.Urausy-9758579-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55562 | MALWARE-OTHER Win.Dropper.Urausy-9758579-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55563 | MALWARE-OTHER Win.Trojan.Farfli-9758633-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55564 | MALWARE-OTHER Win.Trojan.Farfli-9758633-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55565 | MALWARE-OTHER Win.Trojan.Plugx-9758632-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55566 | MALWARE-OTHER Win.Trojan.Plugx-9758632-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55567 | MALWARE-OTHER Win.Trojan.Magania-9758831-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55568 | MALWARE-OTHER Win.Trojan.Magania-9758831-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55569 | MALWARE-OTHER Win.Dropper.Urausy-9758586-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55570 | MALWARE-OTHER Win.Dropper.Urausy-9758586-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55571 | MALWARE-OTHER Win.Dropper.Zbot-9758839-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55572 | MALWARE-OTHER Win.Dropper.Zbot-9758839-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55573 | MALWARE-OTHER Win.Trojan.Farfli-9758840-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55574 | MALWARE-OTHER Win.Trojan.Farfli-9758840-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55575 | MALWARE-OTHER Win.Trojan.Farfli-9758597-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55576 | MALWARE-OTHER Win.Trojan.Farfli-9758597-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55577 | MALWARE-OTHER Win.Trojan.Fusing-9758602-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55578 | MALWARE-OTHER Win.Trojan.Fusing-9758602-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55579 | MALWARE-OTHER Win.Packed.Zbot-9758659-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55580 | MALWARE-OTHER Win.Packed.Zbot-9758659-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55581 | MALWARE-OTHER Win.Trojan.Zegost-9758623-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55582 | MALWARE-OTHER Win.Trojan.Zegost-9758623-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55583 | MALWARE-OTHER Win.Dropper.Ngrbot-9758910-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55584 | MALWARE-OTHER Win.Dropper.Ngrbot-9758910-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55585 | MALWARE-OTHER Win.Packed.Upatre-9758965-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55586 | MALWARE-OTHER Win.Packed.Upatre-9758965-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55587 | MALWARE-OTHER Win.Downloader.Banload-9758978-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55588 | MALWARE-OTHER Win.Downloader.Banload-9758978-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55591 | MALWARE-OTHER Win.Keylogger.Emotet-9759052-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55592 | MALWARE-OTHER Win.Keylogger.Emotet-9759052-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55593 | MALWARE-OTHER Win.Malware.Smartfortress-9759254-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55594 | MALWARE-OTHER Win.Malware.Smartfortress-9759254-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55595 | MALWARE-OTHER Win.Packed.Fareit-9759311-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55596 | MALWARE-OTHER Win.Packed.Fareit-9759311-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55597 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9759168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55598 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9759168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55599 | MALWARE-OTHER Win.Packed.Urausy-9759316-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55600 | MALWARE-OTHER Win.Packed.Urausy-9759316-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55601 | MALWARE-OTHER Win.Downloader.Jrcx-9759211-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55602 | MALWARE-OTHER Win.Downloader.Jrcx-9759211-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55603 | MALWARE-OTHER Win.Packed.Kovter-9759186-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55604 | MALWARE-OTHER Win.Packed.Kovter-9759186-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55607 | MALWARE-OTHER Win.Worm.Gamarue-9759120-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55608 | MALWARE-OTHER Win.Worm.Gamarue-9759120-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55609 | MALWARE-OTHER Win.Ransomware.Zusy-9759193-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55610 | MALWARE-OTHER Win.Ransomware.Zusy-9759193-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55611 | MALWARE-OTHER Win.Malware.Rincux-9759478-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55612 | MALWARE-OTHER Win.Malware.Rincux-9759478-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55615 | MALWARE-OTHER Win.Packed.Generickdz-9759456-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55616 | MALWARE-OTHER Win.Packed.Generickdz-9759456-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55617 | MALWARE-OTHER Win.Packed.Reveton-9759474-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55618 | MALWARE-OTHER Win.Packed.Reveton-9759474-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55623 | MALWARE-OTHER Win.Packed.Zpack-9759629-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55624 | MALWARE-OTHER Win.Packed.Zpack-9759629-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55625 | MALWARE-OTHER Win.Trojan.Zbot-9759650-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55626 | MALWARE-OTHER Win.Trojan.Zbot-9759650-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55627 | MALWARE-OTHER Win.Dropper.Urausy-9759663-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55628 | MALWARE-OTHER Win.Dropper.Urausy-9759663-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55629 | MALWARE-OTHER Win.Trojan.Generic-9759774-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55630 | MALWARE-OTHER Win.Trojan.Generic-9759774-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55631 | MALWARE-OTHER Win.Trojan.Ircbot-9759926-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55632 | MALWARE-OTHER Win.Trojan.Ircbot-9759926-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55635 | MALWARE-OTHER Win.Malware.Syddldg-9759963-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55636 | MALWARE-OTHER Win.Malware.Syddldg-9759963-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55641 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (more info ...) | attempted-user | 2020-13541 | URL | ||
| 55642 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (more info ...) | attempted-user | 2020-13541 | URL | ||
| 55643 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (more info ...) | attempted-user | 2020-13541 | URL | ||
| 55644 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (more info ...) | attempted-user | 2020-13541 | URL | ||
| 55645 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (more info ...) | attempted-user | 2020-13541 | URL | ||
| 55646 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1151 attack attempt (more info ...) | attempted-user | 2020-13541 | URL | ||
| 55649 | MALWARE-OTHER Win.Packed.Reveton-9759981-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55650 | MALWARE-OTHER Win.Packed.Reveton-9759981-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55651 | MALWARE-OTHER Win.Packed.Zeroaccess-9760099-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55652 | MALWARE-OTHER Win.Packed.Zeroaccess-9760099-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55653 | MALWARE-OTHER Win.Packed.Zeroaccess-9760103-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55654 | MALWARE-OTHER Win.Packed.Zeroaccess-9760103-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55657 | MALWARE-OTHER Win.Packed.Zbot-9760150-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55658 | MALWARE-OTHER Win.Packed.Zbot-9760150-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55659 | MALWARE-OTHER Win.Downloader.Karagany-9760168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55660 | MALWARE-OTHER Win.Downloader.Karagany-9760168-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55661 | MALWARE-OTHER Win.Trojan.Zeroaccess-9760197-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55662 | MALWARE-OTHER Win.Trojan.Zeroaccess-9760197-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55663 | MALWARE-OTHER PUA.Win.File.Neobar-9760284-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55664 | MALWARE-OTHER PUA.Win.File.Neobar-9760284-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55665 | MALWARE-OTHER Win.Trojan.Pcclient-9760332-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55666 | MALWARE-OTHER Win.Trojan.Pcclient-9760332-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55667 | MALWARE-OTHER Win.Malware.Farfli-9760391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55668 | MALWARE-OTHER Win.Malware.Farfli-9760391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55669 | MALWARE-OTHER Win.Trojan.Zbot-9760447-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55670 | MALWARE-OTHER Win.Trojan.Zbot-9760447-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55673 | MALWARE-OTHER Win.Dropper.Urausy-9760560-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55674 | MALWARE-OTHER Win.Dropper.Urausy-9760560-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55675 | MALWARE-OTHER Win.Malware.Dalexis-9760553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55676 | MALWARE-OTHER Win.Malware.Dalexis-9760553-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55677 | MALWARE-OTHER Win.Packed.Urausy-9760556-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55678 | MALWARE-OTHER Win.Packed.Urausy-9760556-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55679 | MALWARE-OTHER Win.Trojan.Zbot-9760594-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55680 | MALWARE-OTHER Win.Trojan.Zbot-9760594-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55681 | MALWARE-OTHER Win.Trojan.Farfli-9760677-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55682 | MALWARE-OTHER Win.Trojan.Farfli-9760677-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55685 | MALWARE-OTHER Win.Trojan.Slenfbot-9760649-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55686 | MALWARE-OTHER Win.Trojan.Slenfbot-9760649-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55687 | MALWARE-OTHER Win.Trojan.Elzob-9760696-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55688 | MALWARE-OTHER Win.Trojan.Elzob-9760696-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55689 | MALWARE-OTHER Win.Trojan.Pakes-9760698-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55690 | MALWARE-OTHER Win.Trojan.Pakes-9760698-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55691 | MALWARE-OTHER Win.Packed.Zbot-9760798-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55692 | MALWARE-OTHER Win.Packed.Zbot-9760798-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55693 | MALWARE-OTHER Win.Malware.Magania-9760939-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55694 | MALWARE-OTHER Win.Malware.Magania-9760939-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55697 | MALWARE-OTHER Win.Packed.Zeroaccess-9761006-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55698 | MALWARE-OTHER Win.Packed.Zeroaccess-9761006-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55699 | MALWARE-OTHER Win.Dropper.Urausy-9761062-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55700 | MALWARE-OTHER Win.Dropper.Urausy-9761062-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55701 | MALWARE-OTHER Win.Dropper.Urausy-9761063-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55702 | MALWARE-OTHER Win.Dropper.Urausy-9761063-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55705 | MALWARE-OTHER Win.Packed.Cryptowall-9761312-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55706 | MALWARE-OTHER Win.Packed.Cryptowall-9761312-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55707 | MALWARE-OTHER Win.Packed.Urausy-9761337-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55708 | MALWARE-OTHER Win.Packed.Urausy-9761337-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55727 | MALWARE-OTHER Win.Malware.Magania-9761427-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55728 | MALWARE-OTHER Win.Malware.Magania-9761427-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55731 | MALWARE-OTHER Win.Trojan.Generickdz-9761624-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55732 | MALWARE-OTHER Win.Trojan.Generickdz-9761624-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55733 | MALWARE-OTHER Win.Packed.Zeroaccess-9761753-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55734 | MALWARE-OTHER Win.Packed.Zeroaccess-9761753-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55735 | MALWARE-OTHER Win.Packed.Zeroaccess-9762029-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55736 | MALWARE-OTHER Win.Packed.Zeroaccess-9762029-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55737 | MALWARE-OTHER Win.Trojan.Ircbot-9762035-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55738 | MALWARE-OTHER Win.Trojan.Ircbot-9762035-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55739 | MALWARE-OTHER Win.Keylogger.Zeroaccess-9762049-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55740 | MALWARE-OTHER Win.Keylogger.Zeroaccess-9762049-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55744 | MALWARE-OTHER PUA.Win.Adware.Eorezo-9762085-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55745 | MALWARE-OTHER PUA.Win.Adware.Eorezo-9762085-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55746 | MALWARE-OTHER Win.Malware.Trojanx-9762074-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55747 | MALWARE-OTHER Win.Malware.Trojanx-9762074-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55750 | MALWARE-OTHER Win.Packed.Zeroaccess-9762111-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55751 | MALWARE-OTHER Win.Packed.Zeroaccess-9762111-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55752 | MALWARE-OTHER Win.Dropper.Urausy-9762145-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55753 | MALWARE-OTHER Win.Dropper.Urausy-9762145-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55756 | MALWARE-OTHER Win.Malware.Magania-9762150-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55757 | MALWARE-OTHER Win.Malware.Magania-9762150-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55760 | MALWARE-OTHER Win.Packed.Fareit-9762193-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55761 | MALWARE-OTHER Win.Packed.Fareit-9762193-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55764 | MALWARE-OTHER Win.Ransomware.Generickdz-9762176-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55765 | MALWARE-OTHER Win.Ransomware.Generickdz-9762176-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55766 | MALWARE-OTHER Win.Packed.Zeroaccess-9762177-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55767 | MALWARE-OTHER Win.Packed.Zeroaccess-9762177-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55768 | MALWARE-OTHER Win.Malware.Magania-9762179-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55769 | MALWARE-OTHER Win.Malware.Magania-9762179-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55772 | MALWARE-OTHER Win.Trojan.Zeroaccess-9762336-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55773 | MALWARE-OTHER Win.Trojan.Zeroaccess-9762336-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55774 | MALWARE-OTHER Win.Keylogger.Ardamax-9762361-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55775 | MALWARE-OTHER Win.Keylogger.Ardamax-9762361-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55776 | MALWARE-OTHER Win.Trojan.Variadic-9762514-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55777 | MALWARE-OTHER Win.Trojan.Variadic-9762514-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55781 | MALWARE-OTHER Win.Keylogger.Emotet-9762950-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55782 | MALWARE-OTHER Win.Keylogger.Emotet-9762950-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55783 | MALWARE-OTHER PUA.Win.File.Avira-9762997-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55784 | MALWARE-OTHER PUA.Win.File.Avira-9762997-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55785 | MALWARE-OTHER Win.Malware.Zusy-9763167-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55786 | MALWARE-OTHER Win.Malware.Zusy-9763167-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55787 | MALWARE-OTHER Win.Packed.Emotet-9763169-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55788 | MALWARE-OTHER Win.Packed.Emotet-9763169-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55791 | MALWARE-OTHER Win.Trojan.Farfli-9763835-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55792 | MALWARE-OTHER Win.Trojan.Farfli-9763835-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55813 | SERVER-OTHER Symantec Endpoint Protection tamper protection bypass attempt (more info ...) | attempted-user | 2017-6331 | |||
| 55814 | SERVER-OTHER Symantec Endpoint Protection tamper protection bypass attempt (more info ...) | attempted-user | 2017-6331 | |||
| 55821 | SERVER-WEBAPP Ruby on Rails command injection attempt (more info ...) | web-application-attack | 2020-8163 | URL | ||
| 55841 | MALWARE-CNC Win.Trojan.Uppercut inbound payload download (more info ...) | trojan-activity | URL | |||
| 55846 | MALWARE-OTHER Win.Malware.Delf-9768673-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55847 | MALWARE-OTHER Win.Malware.Delf-9768673-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55848 | MALWARE-OTHER Win.Malware.Delf-9768956-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55849 | MALWARE-OTHER Win.Malware.Delf-9768956-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55850 | MALWARE-OTHER Win.Malware.Auqyqcbi-9769106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55851 | MALWARE-OTHER Win.Malware.Auqyqcbi-9769106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55856 | MALWARE-OTHER Win.Packed.Ulise-9769434-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55857 | MALWARE-OTHER Win.Packed.Ulise-9769434-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55858 | MALWARE-OTHER Win.Malware.Agen-9769447-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55859 | MALWARE-OTHER Win.Malware.Agen-9769447-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55865 | MALWARE-OTHER Win.Packed.Bulz-9769773-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55866 | MALWARE-OTHER Win.Packed.Bulz-9769773-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55869 | MALWARE-OTHER Win.Keylogger.Emotet-9769987-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55870 | MALWARE-OTHER Win.Keylogger.Emotet-9769987-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55871 | MALWARE-OTHER Win.Malware.Zusy-9770089-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55872 | MALWARE-OTHER Win.Malware.Zusy-9770089-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55873 | MALWARE-OTHER Win.Keylogger.Emotet-9770097-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55874 | MALWARE-OTHER Win.Keylogger.Emotet-9770097-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55877 | MALWARE-OTHER Win.Worm.Drolnux-9770173-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55878 | MALWARE-OTHER Win.Worm.Drolnux-9770173-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55879 | MALWARE-OTHER Win.Packed.Zbot-9770611-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55880 | MALWARE-OTHER Win.Packed.Zbot-9770611-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55881 | MALWARE-OTHER Win.Ransomware.Cerber-9770992-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55882 | MALWARE-OTHER Win.Ransomware.Cerber-9770992-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55883 | MALWARE-OTHER Win.Packed.Cutwail-9771166-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55884 | MALWARE-OTHER Win.Packed.Cutwail-9771166-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55885 | MALWARE-OTHER Win.Downloader.Upatre-9771263-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55886 | MALWARE-OTHER Win.Downloader.Upatre-9771263-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55887 | MALWARE-OTHER Win.Ransomware.Reveton-9771413-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55888 | MALWARE-OTHER Win.Ransomware.Reveton-9771413-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55891 | MALWARE-OTHER Win.Malware.Kovter-9771867-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55892 | MALWARE-OTHER Win.Malware.Kovter-9771867-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55895 | MALWARE-OTHER Win.Worm.Vobfus-9772275-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55896 | MALWARE-OTHER Win.Worm.Vobfus-9772275-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55897 | MALWARE-OTHER Win.Trojan.Fakesysdef-9772554-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55898 | MALWARE-OTHER Win.Trojan.Fakesysdef-9772554-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55899 | MALWARE-OTHER Win.Packed.Razy-9772677-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55900 | MALWARE-OTHER Win.Packed.Razy-9772677-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55901 | MALWARE-OTHER Win.Packed.Zbot-9772681-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55902 | MALWARE-OTHER Win.Packed.Zbot-9772681-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55903 | MALWARE-OTHER Win.Malware.Sdyn-9772921-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55904 | MALWARE-OTHER Win.Malware.Sdyn-9772921-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55905 | MALWARE-OTHER Win.Trojan.Generic-9773106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55906 | MALWARE-OTHER Win.Trojan.Generic-9773106-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55907 | MALWARE-OTHER Win.Packed.Zbot-9773294-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55908 | MALWARE-OTHER Win.Packed.Zbot-9773294-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55909 | MALWARE-OTHER Win.Malware.Battdil-9773289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55910 | MALWARE-OTHER Win.Malware.Battdil-9773289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55911 | MALWARE-OTHER Win.Malware.Battdil-9773282-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55912 | MALWARE-OTHER Win.Malware.Battdil-9773282-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55913 | MALWARE-OTHER Win.Packed.Ramnit-9773470-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55914 | MALWARE-OTHER Win.Packed.Ramnit-9773470-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55915 | MALWARE-OTHER PUA.Win.File.Neobar-9773833-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55916 | MALWARE-OTHER PUA.Win.File.Neobar-9773833-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55926 | MALWARE-CNC Win.Dropper.LemonDuck variant outbound connection (more info ...) | trojan-activity | URL | |||
| 55927 | MALWARE-CNC Win.Dropper.LemonDuck variant script download attempt (more info ...) | trojan-activity | URL | |||
| 55928 | MALWARE-CNC Win.Dropper.LemonDuck variant script download attempt (more info ...) | trojan-activity | URL | |||
| 55929 | MALWARE-OTHER Win.Keylogger.Emotet-9774504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55930 | MALWARE-OTHER Win.Keylogger.Emotet-9774504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55931 | MALWARE-CNC Win.Trojan.Emotet variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 55934 | MALWARE-OTHER Win.Malware.Ulise-9774716-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55935 | MALWARE-OTHER Win.Malware.Ulise-9774716-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55938 | MALWARE-OTHER Win.Tool.Shadowbrokers-9775051-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55939 | MALWARE-OTHER Win.Tool.Shadowbrokers-9775051-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55940 | MALWARE-OTHER Win.Malware.Upatre-9775385-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55941 | MALWARE-OTHER Win.Malware.Upatre-9775385-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55944 | MALWARE-OTHER Win.Malware.Buzus-9775511-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55945 | MALWARE-OTHER Win.Malware.Buzus-9775511-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55948 | MALWARE-OTHER Win.Trojan.Ramnit-9775593-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55949 | MALWARE-OTHER Win.Trojan.Ramnit-9775593-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55952 | MALWARE-OTHER Win.Trojan.Generic-9775770-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55953 | MALWARE-OTHER Win.Trojan.Generic-9775770-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55954 | MALWARE-OTHER Win.Malware.Zusy-9776100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55955 | MALWARE-OTHER Win.Malware.Zusy-9776100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55956 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9776340-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55957 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9776340-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55958 | MALWARE-OTHER Win.Malware.Scar-9776391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55959 | MALWARE-OTHER Win.Malware.Scar-9776391-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55960 | MALWARE-OTHER Win.Ransomware.Zbot-9776404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55961 | MALWARE-OTHER Win.Ransomware.Zbot-9776404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55962 | MALWARE-OTHER Win.Ransomware.Upatre-9776436-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55963 | MALWARE-OTHER Win.Ransomware.Upatre-9776436-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55964 | MALWARE-OTHER Win.Malware.Upatre-9776419-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55965 | MALWARE-OTHER Win.Malware.Upatre-9776419-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55966 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9776406-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55967 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9776406-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55968 | MALWARE-OTHER Win.Malware.Upatre-9776422-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55969 | MALWARE-OTHER Win.Malware.Upatre-9776422-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55970 | MALWARE-OTHER Win.Ransomware.Upatre-9776543-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55971 | MALWARE-OTHER Win.Ransomware.Upatre-9776543-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55972 | MALWARE-OTHER Win.Trojan.Gamarue-9776559-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55973 | MALWARE-OTHER Win.Trojan.Gamarue-9776559-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55976 | MALWARE-OTHER Win.Downloader.Upatre-9776833-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55977 | MALWARE-OTHER Win.Downloader.Upatre-9776833-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55995 | MALWARE-OTHER PUA.Win.Adware.Dotdo-9777352-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55996 | MALWARE-OTHER PUA.Win.Adware.Dotdo-9777352-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55997 | MALWARE-OTHER Win.Worm.Beebone-9777703-0 download attempt (more info ...) | trojan-activity | URL | |||
| 55998 | MALWARE-OTHER Win.Worm.Beebone-9777703-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56003 | MALWARE-CNC Win.Trojan.Emotet variant initial outbound request detected (more info ...) | trojan-activity | URL | |||
| 56004 | SERVER-WEBAPP D-Link Central WiFi Manager CMW 100 cross site scripting attempt (more info ...) | attempted-user | 2019-13374 | URL | ||
| 56010 | MALWARE-OTHER Win.Trojan.Generic-9778253-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56011 | MALWARE-OTHER Win.Trojan.Generic-9778253-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56014 | MALWARE-OTHER Win.Packed.Vundo-9779004-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56015 | MALWARE-OTHER Win.Packed.Vundo-9779004-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56016 | MALWARE-OTHER Win.Packed.Vundo-9779009-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56017 | MALWARE-OTHER Win.Packed.Vundo-9779009-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56022 | MALWARE-OTHER Win.Packed.Razy-9779199-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56023 | MALWARE-OTHER Win.Packed.Razy-9779199-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56024 | MALWARE-OTHER Win.Ransomware.Cerber-9779208-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56025 | MALWARE-OTHER Win.Ransomware.Cerber-9779208-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56026 | MALWARE-OTHER Win.Malware.Cdtq-9779262-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56027 | MALWARE-OTHER Win.Malware.Cdtq-9779262-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56030 | MALWARE-OTHER Win.Ransomware.Cerber-9779257-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56031 | MALWARE-OTHER Win.Ransomware.Cerber-9779257-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56032 | MALWARE-OTHER Win.Malware.98fa8f-9779729-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56033 | MALWARE-OTHER Win.Malware.98fa8f-9779729-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56034 | MALWARE-OTHER Win.Packed.Upatre-9779721-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56035 | MALWARE-OTHER Win.Packed.Upatre-9779721-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56038 | MALWARE-OTHER Win.Packed.Upatre-9779742-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56039 | MALWARE-OTHER Win.Packed.Upatre-9779742-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56040 | MALWARE-OTHER Win.Packed.Msilperseus-9780360-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56041 | MALWARE-OTHER Win.Packed.Msilperseus-9780360-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56046 | MALWARE-OTHER Win.Dropper.Emotet-9778600-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56047 | MALWARE-OTHER Win.Dropper.Emotet-9778600-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56055 | MALWARE-OTHER Win.Malware.Idyfrid-9780483-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56056 | MALWARE-OTHER Win.Malware.Idyfrid-9780483-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56057 | MALWARE-OTHER Win.Malware.Estiwir-9780493-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56058 | MALWARE-OTHER Win.Malware.Estiwir-9780493-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56061 | MALWARE-OTHER Win.Packed.Tpyn-9780502-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56062 | MALWARE-OTHER Win.Packed.Tpyn-9780502-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56067 | MALWARE-OTHER Win.Malware.Upatre-9780514-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56068 | MALWARE-OTHER Win.Malware.Upatre-9780514-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56073 | MALWARE-OTHER Win.Malware.Agentb-9780545-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56074 | MALWARE-OTHER Win.Malware.Agentb-9780545-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56075 | MALWARE-OTHER Win.Malware.Upatre-9780601-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56076 | MALWARE-OTHER Win.Malware.Upatre-9780601-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56077 | MALWARE-OTHER Win.Malware.Upatre-9780656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56078 | MALWARE-OTHER Win.Malware.Upatre-9780656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56079 | MALWARE-OTHER Win.Malware.Upatre-9780659-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56080 | MALWARE-OTHER Win.Malware.Upatre-9780659-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56081 | MALWARE-CNC Andr.Trojan.Donot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56094 | MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56095 | MALWARE-OTHER Win.Malware.Alyak-9781952-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56098 | MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56099 | MALWARE-OTHER Win.Tool.Patcher-9782697-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56100 | MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56101 | MALWARE-OTHER Win.Malware.Ulise-9782745-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56102 | MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56103 | MALWARE-OTHER Win.Malware.Upatre-9782798-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56104 | MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56105 | MALWARE-OTHER Win.Malware.Xkjdi-9782808-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56106 | MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56107 | MALWARE-OTHER Win.Packed.Clipbanker-9782972-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56108 | MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56109 | MALWARE-OTHER Win.Trojan.Redyms-9783100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56110 | MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56111 | MALWARE-OTHER Win.Malware.Reconyc-9783104-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56112 | MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56113 | MALWARE-OTHER Win.Packed.Razy-9783140-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56116 | MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56117 | MALWARE-OTHER Win.Malware.Nitol-9783298-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56118 | MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56119 | MALWARE-OTHER Win.Downloader.Cosmu-9783404-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56120 | MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56121 | MALWARE-OTHER Win.Malware.Upatre-9783664-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56124 | MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56125 | MALWARE-OTHER Win.Ransomware.Cerber-9783912-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56128 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (more info ...) | attempted-dos | 2020-13559 | URL | ||
| 56129 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2020-1174 attack attempt (more info ...) | attempted-dos | 2020-13559 | URL | ||
| 56137 | POLICY-OTHER TRUFFLEHUNTER TALOS-2020-1173 attack attempt (more info ...) | attempted-recon | URL | |||
| 56139 | MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56140 | MALWARE-OTHER Win.Malware.Czxz-9784395-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56141 | MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56142 | MALWARE-OTHER Win.Ransomware.Zusy-9784403-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56168 | MALWARE-OTHER PUA.Win.Adware.Komodia-9784770-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56169 | MALWARE-OTHER PUA.Win.Adware.Komodia-9784770-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56170 | MALWARE-OTHER Win.Malware.Emotet-9784823-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56171 | MALWARE-OTHER Win.Malware.Emotet-9784823-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56172 | MALWARE-OTHER Win.Malware.Komodia-9784896-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56173 | MALWARE-OTHER Win.Malware.Komodia-9784896-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56174 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9784897-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56175 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9784897-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56176 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9784898-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56177 | MALWARE-OTHER PUA.Win.Adware.Addlyrics-9784898-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56180 | MALWARE-OTHER Win.Malware.Upatre-9784989-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56181 | MALWARE-OTHER Win.Malware.Upatre-9784989-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56182 | MALWARE-OTHER Win.Malware.Ursu-9785115-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56183 | MALWARE-OTHER Win.Malware.Ursu-9785115-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56184 | MALWARE-OTHER Win.Packed.Banload-9785270-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56185 | MALWARE-OTHER Win.Packed.Banload-9785270-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56186 | FILE-OTHER Citrix Gateway executable search order hijack attempt (more info ...) | attempted-admin | 2020-8258 | URL | ||
| 56187 | FILE-OTHER Citrix Gateway executable search order hijack attempt (more info ...) | attempted-admin | 2020-8258 | URL | ||
| 56188 | FILE-OTHER Citrix Gateway executable search order hijack attempt (more info ...) | attempted-admin | 2020-8258 | URL | ||
| 56189 | MALWARE-OTHER Win.Malware.Upatre-9785657-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56190 | MALWARE-OTHER Win.Malware.Upatre-9785657-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56193 | MALWARE-OTHER Win.Malware.Upatre-9785801-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56194 | MALWARE-OTHER Win.Malware.Upatre-9785801-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56195 | MALWARE-OTHER Win.Malware.Ursu-9785971-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56196 | MALWARE-OTHER Win.Malware.Ursu-9785971-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56197 | MALWARE-OTHER Win.Malware.Qbot-9785980-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56198 | MALWARE-OTHER Win.Malware.Qbot-9785980-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56199 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1193 attack attempt (more info ...) | attempted-dos | 2020-13582 | URL | ||
| 56204 | MALWARE-CNC Doc.Dropper.Kimsuky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56205 | MALWARE-CNC Win.Trojan.Kimsuky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56206 | MALWARE-CNC Doc.Dropper.Kimsuky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56207 | MALWARE-CNC Doc.Dropper.Kimsuky variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56214 | MALWARE-OTHER Win.Malware.Zusy-9786645-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56215 | MALWARE-OTHER Win.Malware.Zusy-9786645-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56232 | MALWARE-OTHER Win.Worm.Scar-9787415-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56233 | MALWARE-OTHER Win.Worm.Scar-9787415-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56234 | MALWARE-OTHER Win.Worm.Scar-9787423-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56235 | MALWARE-OTHER Win.Worm.Scar-9787423-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56236 | MALWARE-OTHER Win.Dropper.Nitol-9787439-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56237 | MALWARE-OTHER Win.Dropper.Nitol-9787439-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56238 | MALWARE-OTHER Win.Dropper.Kuluoz-9787440-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56239 | MALWARE-OTHER Win.Dropper.Kuluoz-9787440-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56240 | MALWARE-OTHER Win.Worm.Scar-9787525-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56241 | MALWARE-OTHER Win.Worm.Scar-9787525-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56242 | MALWARE-OTHER Win.Worm.Scar-9787528-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56243 | MALWARE-OTHER Win.Worm.Scar-9787528-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56244 | MALWARE-OTHER Win.Dropper.Nitol-9787572-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56245 | MALWARE-OTHER Win.Dropper.Nitol-9787572-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56246 | MALWARE-OTHER Win.Malware.Cerbu-9789017-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56247 | MALWARE-OTHER Win.Malware.Cerbu-9789017-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56250 | MALWARE-OTHER Win.Packed.Razy-9789215-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56251 | MALWARE-OTHER Win.Packed.Razy-9789215-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56252 | MALWARE-OTHER Win.Malware.Burda-9789442-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56253 | MALWARE-OTHER Win.Malware.Burda-9789442-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56276 | MALWARE-CNC Win.Trojan.Crat variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56278 | MALWARE-OTHER Win.Trojan.Crat malicious document download (more info ...) | trojan-activity | URL | |||
| 56280 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56282 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56283 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56291 | MALWARE-OTHER Win.Trojan.Crat malicious executable download attempt (more info ...) | trojan-activity | URL | |||
| 56292 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56294 | MALWARE-CNC Win.Trojan.Zebrocy variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56297 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1189 attack attempt (more info ...) | attempted-dos | 2020-13578 | URL | ||
| 56298 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1189 attack attempt (more info ...) | attempted-dos | 2020-13578 | URL | ||
| 56307 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1188 attack attempt (more info ...) | attempted-dos | 2020-13577 | URL | ||
| 56308 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1188 attack attempt (more info ...) | attempted-dos | 2020-13577 | URL | ||
| 56313 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56314 | MALWARE-OTHER Win.Trojan.Crat malicious executable download (more info ...) | trojan-activity | URL | |||
| 56315 | MALWARE-OTHER Win.Malware.Ursu-9790943-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56316 | MALWARE-OTHER Win.Malware.Ursu-9790943-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56317 | MALWARE-OTHER PUA.Win.Adware.Amonetize-9791097-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56318 | MALWARE-OTHER PUA.Win.Adware.Amonetize-9791097-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56319 | MALWARE-OTHER Win.Packed.Yifgvsfb-9791273-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56320 | MALWARE-OTHER Win.Packed.Yifgvsfb-9791273-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56321 | POLICY-OTHER IBM Spectrum Protect Plus admin credentials reset attempt (more info ...) | policy-violation | 2020-4208 | URL | ||
| 56328 | MALWARE-OTHER Win.Malware.Zusy-9791863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56329 | MALWARE-OTHER Win.Malware.Zusy-9791863-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56332 | MALWARE-OTHER Win.Trojan.Zbot-9792718-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56333 | MALWARE-OTHER Win.Trojan.Zbot-9792718-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56334 | MALWARE-OTHER PUA.Win.Adware.Ursu-9792860-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56335 | MALWARE-OTHER PUA.Win.Adware.Ursu-9792860-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56336 | MALWARE-OTHER PUA.Win.File.Zusy-9792896-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56337 | MALWARE-OTHER PUA.Win.File.Zusy-9792896-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56338 | MALWARE-OTHER PUA.Win.Adware.Dagava-9793006-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56339 | MALWARE-OTHER PUA.Win.Adware.Dagava-9793006-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56340 | MALWARE-OTHER Win.Malware.Daws-9793378-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56341 | MALWARE-OTHER Win.Malware.Daws-9793378-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56344 | MALWARE-OTHER Win.Malware.Magania-9793638-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56345 | MALWARE-OTHER Win.Malware.Magania-9793638-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56352 | MALWARE-OTHER Win.Malware.Magania-9793788-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56353 | MALWARE-OTHER Win.Malware.Magania-9793788-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56354 | MALWARE-OTHER Win.Malware.Magania-9793953-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56355 | MALWARE-OTHER Win.Malware.Magania-9793953-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56358 | MALWARE-OTHER Win.Trojan.Ulise-9794347-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56359 | MALWARE-OTHER Win.Trojan.Ulise-9794347-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56360 | MALWARE-OTHER PUA.Win.File.Playtech-9794342-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56361 | MALWARE-OTHER PUA.Win.File.Playtech-9794342-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56362 | MALWARE-OTHER Win.Ransomware.Cerber-9794403-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56363 | MALWARE-OTHER Win.Ransomware.Cerber-9794403-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56365 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1183 attack attempt (more info ...) | attempted-user | 2020-13572 | URL | ||
| 56366 | FILE-IMAGE TRUFFLEHUNTER TALOS-2020-1183 attack attempt (more info ...) | attempted-user | 2020-13572 | URL | ||
| 56367 | MALWARE-CNC Win.Trojan.GlitchPOS variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56368 | MALWARE-CNC Win.Trojan.GlitchPOS variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56371 | MALWARE-CNC Win.Trojan.ComRAT variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56372 | MALWARE-CNC Win.Trojan.ComRAT variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56373 | MALWARE-CNC Win.Trojan.ComRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 56376 | MALWARE-CNC Win.Trojan.ComRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 56377 | MALWARE-CNC Win.Trojan.ComRAT variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56378 | MALWARE-CNC Win.Trojan.ComRAT variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 56383 | PROTOCOL-SCADA Advantech DiagAnywhere remote code execution attempt (more info ...) | attempted-user | 2019-18257 | |||
| 56384 | PROTOCOL-SCADA Advantech DiagAnywhere remote code execution attempt (more info ...) | attempted-user | 2019-18257 | |||
| 56385 | PROTOCOL-SCADA Advantech DiagAnywhere remote code execution attempt (more info ...) | attempted-user | 2019-18257 | |||
| 56386 | PROTOCOL-SCADA Advantech DiagAnywhere remote code execution attempt (more info ...) | attempted-user | 2019-18257 | |||
| 56387 | MALWARE-CNC Win.Trojan.Raccoon CNC decryption key response (more info ...) | trojan-activity | ||||
| 56388 | MALWARE-CNC Win.Trojan.Raccoon data exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 56391 | MALWARE-CNC Win.Trojan.Racoon outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56392 | MALWARE-OTHER Win.Packed.Razy-9794567-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56393 | MALWARE-OTHER Win.Packed.Razy-9794567-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56398 | MALWARE-OTHER Win.Malware.Qbot-9794652-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56399 | MALWARE-OTHER Win.Malware.Qbot-9794652-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56400 | MALWARE-OTHER Win.Packed.Razy-9794901-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56401 | MALWARE-OTHER Win.Packed.Razy-9794901-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56402 | MALWARE-OTHER Win.Dropper.Kuluoz-9795078-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56403 | MALWARE-OTHER Win.Dropper.Kuluoz-9795078-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56425 | MALWARE-OTHER Win.Packed.Genpack-9795954-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56426 | MALWARE-OTHER Win.Packed.Genpack-9795954-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56427 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4206 | URL | ||
| 56428 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4206 | URL | ||
| 56429 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4206 | URL | ||
| 56430 | SERVER-WEBAPP IBM Spectrum Protect Plus command injection attempt (more info ...) | web-application-attack | 2020-4206 | URL | ||
| 56446 | EXPLOIT-KIT RIG EK GandCrab page access attempt (more info ...) | attempted-user | ||||
| 56455 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9797289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56456 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9797289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56457 | MALWARE-OTHER Win.Packed.Nwh1dlg-9797380-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56458 | MALWARE-OTHER Win.Packed.Nwh1dlg-9797380-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56459 | MALWARE-OTHER Win.Dropper.Kuluoz-9797422-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56460 | MALWARE-OTHER Win.Dropper.Kuluoz-9797422-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56461 | MALWARE-OTHER Win.Packed.Zbot-9797509-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56462 | MALWARE-OTHER Win.Packed.Zbot-9797509-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56465 | MALWARE-OTHER PUA.Win.Adware.Amonetize-9797769-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56466 | MALWARE-OTHER PUA.Win.Adware.Amonetize-9797769-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56469 | MALWARE-OTHER Win.Trojan.Uztub-9798162-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56470 | MALWARE-OTHER Win.Trojan.Uztub-9798162-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56471 | MALWARE-OTHER Win.Malware.Budt-9798777-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56472 | MALWARE-OTHER Win.Malware.Budt-9798777-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56484 | MALWARE-OTHER Win.Packed.Ursu-9799226-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56485 | MALWARE-OTHER Win.Packed.Ursu-9799226-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56490 | MALWARE-OTHER Win.Packed.Razy-9799256-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56491 | MALWARE-OTHER Win.Packed.Razy-9799256-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56498 | SERVER-WEBAPP Oracle ADF Faces potential ViewState deserialization remote code execution attempt (more info ...) | attempted-user | 2019-2904 | URL | ||
| 56499 | SERVER-WEBAPP Oracle ADF Faces potential ViewState deserialization remote code execution attempt (more info ...) | attempted-user | 2019-2904 | URL | ||
| 56513 | MALWARE-OTHER Win.Dropper.Kuluoz-9800462-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56514 | MALWARE-OTHER Win.Dropper.Kuluoz-9800462-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56517 | MALWARE-OTHER Win.Dropper.Remcos-9801059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56518 | MALWARE-OTHER Win.Dropper.Remcos-9801059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56528 | MALWARE-OTHER Win.Dropper.Emotet-9801895-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56529 | MALWARE-OTHER Win.Dropper.Emotet-9801895-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56530 | MALWARE-CNC Win.Trojan.IcedId outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56535 | MALWARE-OTHER Win.Dropper.Emotet-9802270-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56536 | MALWARE-OTHER Win.Dropper.Emotet-9802270-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56539 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1212 attack attempt (more info ...) | attempted-user | 2020-28589 | URL | ||
| 56540 | FILE-OTHER TRUFFLEHUNTER TALOS-2020-1212 attack attempt (more info ...) | attempted-user | 2020-28589 | URL | ||
| 56564 | MALWARE-CNC Win.Trojan.PowerRatankba variant download attempt (more info ...) | trojan-activity | URL | |||
| 56577 | MALWARE-CNC Lokibot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56596 | MALWARE-CNC MultiOS.Malware.GORAT outbound communications attempt (more info ...) | trojan-activity | URL | |||
| 56597 | MALWARE-CNC MultiOS.Malware.GORAT outbound communications attempt (more info ...) | trojan-activity | URL | |||
| 56598 | MALWARE-CNC Win.Backdoor.CSBundle_Original inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56599 | MALWARE-CNC Win.Backdoor.CSBundle_Original stager outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56600 | MALWARE-CNC Win.Backdoor.CSBundle_Original outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56601 | MALWARE-CNC Win.Backdoor.CSBundle_Original Stager 2 download attempt (more info ...) | trojan-activity | URL | |||
| 56602 | MALWARE-CNC Win.Backdoor.CSBundle_Original Server 3 inbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 56603 | MALWARE-CNC Win.Backdoor.CSBundle_Original outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56605 | MALWARE-CNC Rat.Tool.CSBundleUSATodayServer variant inbound command attempt (more info ...) | trojan-activity | URL | |||
| 56606 | MALWARE-CNC Rat.Tool.CSBundleUSATodayServer variant inbound command attempt (more info ...) | trojan-activity | URL | |||
| 56607 | MALWARE-CNC potential Rat.Tool.CSBundleUSAToday connectivity check (more info ...) | trojan-activity | URL | |||
| 56612 | MALWARE-CNC Rat.Tool.FeyeYelp variant outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 56613 | MALWARE-CNC Rat.Tool.FeyeYelp variant outbound beacon attempt (more info ...) | trojan-activity | URL | |||
| 56615 | MALWARE-CNC Cobalt Strike beacon outbound connection attempt (more info ...) | attempted-user | URL | |||
| 56616 | MALWARE-CNC Cobalt Strike beacon outbound connection attempt (more info ...) | attempted-user | URL | |||
| 56617 | MALWARE-CNC Cobalt Strike beacon inbound connection attempt (more info ...) | attempted-user | URL | |||
| 56618 | MALWARE-OTHER Win.Worm.Waldek-9805060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56619 | MALWARE-OTHER Win.Worm.Waldek-9805060-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56620 | MALWARE-OTHER Win.Dropper.Emotet-9805443-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56621 | MALWARE-OTHER Win.Dropper.Emotet-9805443-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56622 | MALWARE-OTHER Win.Dropper.Bunitu-9805453-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56623 | MALWARE-OTHER Win.Dropper.Bunitu-9805453-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56628 | MALWARE-OTHER Win.Dropper.Ap0calypseRAT-9805570-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56629 | MALWARE-OTHER Win.Dropper.Ap0calypseRAT-9805570-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56630 | MALWARE-OTHER PUA.Win.Adware.Opesup-9805608-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56631 | MALWARE-OTHER PUA.Win.Adware.Opesup-9805608-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56632 | MALWARE-OTHER PUA.Win.File.Ezsoftwareupdater-9805635-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56633 | MALWARE-OTHER PUA.Win.File.Ezsoftwareupdater-9805635-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56634 | MALWARE-OTHER Win.Downloader.Jpbv-9805695-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56635 | MALWARE-OTHER Win.Downloader.Jpbv-9805695-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56640 | MALWARE-OTHER Win.Malware.Zusy-9806564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56641 | MALWARE-OTHER Win.Malware.Zusy-9806564-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56646 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9807047-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56647 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9807047-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56648 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9807045-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56649 | MALWARE-OTHER PUA.Win.Adware.Crossrider-9807045-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56654 | MALWARE-OTHER Win.Dropper.Smalltrojan-9807963-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56655 | MALWARE-OTHER Win.Dropper.Smalltrojan-9807963-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56660 | MALWARE-CNC Win.Backdoor.Sunburst outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56661 | MALWARE-CNC Win.Backdoor.Sunburst outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56662 | MALWARE-CNC Win.Backdoor.Sunburst inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56663 | MALWARE-CNC Win.Backdoor.Sunburst inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56664 | MALWARE-CNC Win.Backdoor.Sunburst inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56665 | MALWARE-CNC Win.Backdoor.Sunburst outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56666 | MALWARE-CNC Win.Backdoor.Sunburst inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56667 | MALWARE-CNC Win.Backdoor.Sunburst inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56668 | MALWARE-CNC Win.Backdoor.Sunburst outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56669 | MALWARE-OTHER Win.Virus.Ramnit-9808983-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56670 | MALWARE-OTHER Win.Virus.Ramnit-9808983-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56673 | MALWARE-OTHER Win.Malware.Magania-9809232-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56674 | MALWARE-OTHER Win.Malware.Magania-9809232-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56675 | MALWARE-OTHER Win.Malware.Magania-9809233-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56676 | MALWARE-OTHER Win.Malware.Magania-9809233-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56677 | MALWARE-OTHER Win.Malware.Magania-9809234-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56678 | MALWARE-OTHER Win.Malware.Magania-9809234-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56679 | MALWARE-OTHER Win.Malware.Magania-9809236-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56680 | MALWARE-OTHER Win.Malware.Magania-9809236-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56681 | MALWARE-OTHER Win.Malware.Magania-9809289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56682 | MALWARE-OTHER Win.Malware.Magania-9809289-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56683 | MALWARE-OTHER Win.Malware.Magania-9809288-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56684 | MALWARE-OTHER Win.Malware.Magania-9809288-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56687 | MALWARE-OTHER Win.Malware.Magania-9809291-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56688 | MALWARE-OTHER Win.Malware.Magania-9809291-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56689 | MALWARE-OTHER Win.Malware.Magania-9809292-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56690 | MALWARE-OTHER Win.Malware.Magania-9809292-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56691 | MALWARE-OTHER Win.Malware.Magania-9809293-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56692 | MALWARE-OTHER Win.Malware.Magania-9809293-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56693 | MALWARE-OTHER Win.Malware.Magania-9809302-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56694 | MALWARE-OTHER Win.Malware.Magania-9809302-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56695 | MALWARE-OTHER Win.Malware.Zusy-9809303-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56696 | MALWARE-OTHER Win.Malware.Zusy-9809303-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56697 | MALWARE-OTHER Win.Malware.Magania-9809310-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56698 | MALWARE-OTHER Win.Malware.Magania-9809310-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56699 | MALWARE-OTHER Win.Malware.Magania-9809311-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56700 | MALWARE-OTHER Win.Malware.Magania-9809311-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56701 | MALWARE-OTHER Win.Trojan.Napolar-9809317-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56702 | MALWARE-OTHER Win.Trojan.Napolar-9809317-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56703 | MALWARE-OTHER Win.Malware.Mikey-9809358-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56704 | MALWARE-OTHER Win.Malware.Mikey-9809358-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56705 | MALWARE-OTHER Win.Malware.Magania-9809405-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56706 | MALWARE-OTHER Win.Malware.Magania-9809405-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56707 | MALWARE-OTHER Win.Malware.Magania-9809423-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56708 | MALWARE-OTHER Win.Malware.Magania-9809423-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56709 | MALWARE-OTHER Win.Malware.Magania-9809425-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56710 | MALWARE-OTHER Win.Malware.Magania-9809425-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56711 | MALWARE-OTHER Win.Malware.Ppatre-9809656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56712 | MALWARE-OTHER Win.Malware.Ppatre-9809656-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56713 | MALWARE-OTHER Win.Malware.Emotet-9809680-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56714 | MALWARE-OTHER Win.Malware.Emotet-9809680-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56715 | MALWARE-OTHER PUA.Win.Adware.Priplut-9809769-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56716 | MALWARE-OTHER PUA.Win.Adware.Priplut-9809769-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56717 | MALWARE-CNC Win.Ransomware.Egregor variant outbound connection (more info ...) | trojan-activity | URL | |||
| 56718 | MALWARE-CNC Win.Trojan.xDLL variant outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56719 | MALWARE-CNC Win.Trojan.xDLL variant outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56720 | SERVER-WEBAPP Citrix ADC and Gateway authentication bypass attempt (more info ...) | web-application-attack | 2020-8193 | URL | ||
| 56729 | SERVER-OTHER TRUFFLEHUNTER TALOS-2020-1217 attack attempt (more info ...) | attempted-admin | 2020-28593 | URL | ||
| 56730 | MALWARE-OTHER Win.Trojan.Fareit-9810681-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56731 | MALWARE-OTHER Win.Trojan.Fareit-9810681-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56734 | MALWARE-OTHER Win.Malware.Pcclient-9811524-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56735 | MALWARE-OTHER Win.Malware.Pcclient-9811524-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56736 | MALWARE-OTHER Win.Malware.Generic-9812011-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56737 | MALWARE-OTHER Win.Malware.Generic-9812011-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56738 | MALWARE-OTHER Win.Malware.Generickdz-9812035-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56739 | MALWARE-OTHER Win.Malware.Generickdz-9812035-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56740 | MALWARE-OTHER Win.Malware.Generickdz-9812036-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56741 | MALWARE-OTHER Win.Malware.Generickdz-9812036-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56742 | MALWARE-OTHER Win.Malware.Generickdz-9812037-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56743 | MALWARE-OTHER Win.Malware.Generickdz-9812037-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56744 | MALWARE-OTHER Win.Malware.Cerbu-9811987-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56745 | MALWARE-OTHER Win.Malware.Cerbu-9811987-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56748 | MALWARE-OTHER Win.Malware.Generickdz-9812114-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56749 | MALWARE-OTHER Win.Malware.Generickdz-9812114-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56750 | MALWARE-OTHER Win.Malware.Generickdz-9812058-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56751 | MALWARE-OTHER Win.Malware.Generickdz-9812058-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56752 | MALWARE-OTHER Win.Malware.Ulise-9812070-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56753 | MALWARE-OTHER Win.Malware.Ulise-9812070-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56754 | MALWARE-OTHER Win.Malware.Generickdz-9812083-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56755 | MALWARE-OTHER Win.Malware.Generickdz-9812083-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56758 | MALWARE-OTHER Win.Packed.Ceeinject-9812597-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56759 | MALWARE-OTHER Win.Packed.Ceeinject-9812597-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56760 | MALWARE-OTHER Win.Malware.Mikey-9812612-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56761 | MALWARE-OTHER Win.Malware.Mikey-9812612-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56762 | MALWARE-OTHER Win.Packed.Upantix-9812630-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56763 | MALWARE-OTHER Win.Packed.Upantix-9812630-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56766 | MALWARE-OTHER Win.Dropper.Shiz-9814645-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56767 | MALWARE-OTHER Win.Dropper.Shiz-9814645-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56768 | MALWARE-CNC Win.Trojan.Supernova Webshell Command and Control attempt (more info ...) | trojan-activity | URL | |||
| 56769 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56770 | MALWARE-CNC Win.Trojan.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56771 | MALWARE-CNC Win.Trojan.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56774 | MALWARE-OTHER Win.Malware.Qbot variant download attempt (more info ...) | trojan-activity | URL | |||
| 56775 | MALWARE-OTHER Win.Malware.Qbot variant download attempt (more info ...) | trojan-activity | URL | |||
| 56778 | SERVER-WEBAPP ARRIS VAP2500 list_mac_address cmb_macaddrfilter command injection attempt (more info ...) | web-application-attack | URL | |||
| 56779 | SERVER-WEBAPP ARRIS VAP2500 list_mac_address cmb_macaddrfilter command injection attempt (more info ...) | web-application-attack | URL | |||
| 56780 | MALWARE-OTHER Win.Dropper.Cerber-9815517-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56781 | MALWARE-OTHER Win.Dropper.Cerber-9815517-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56782 | MALWARE-OTHER Win.Dropper.Bunitu-9815611-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56783 | MALWARE-OTHER Win.Dropper.Bunitu-9815611-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56784 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56785 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56786 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56787 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56788 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56789 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56790 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56791 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56792 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56793 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56794 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56795 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56796 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56798 | MALWARE-CNC Win.Downloader.Qbot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56802 | MALWARE-OTHER Win.Dropper.Kuluoz-9815697-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56803 | MALWARE-OTHER Win.Dropper.Kuluoz-9815697-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56807 | MALWARE-OTHER Win.Malware.Ulise-9815758-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56808 | MALWARE-OTHER Win.Malware.Ulise-9815758-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56811 | MALWARE-OTHER Win.Trojan.Bladabindi-9816601-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56812 | MALWARE-OTHER Win.Trojan.Bladabindi-9816601-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56813 | MALWARE-OTHER Win.Packed.Qbot-9817504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56814 | MALWARE-OTHER Win.Packed.Qbot-9817504-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56817 | MALWARE-OTHER Win.Malware.Quchispy-9818300-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56818 | MALWARE-OTHER Win.Malware.Quchispy-9818300-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56825 | POLICY-OTHER SolarWinds Orion version lookup attempt (more info ...) | attempted-recon | 2020-10148 | URL | ||
| 56832 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2020-1221 attack attempt (more info ...) | attempted-user | 2020-28597 | URL | ||
| 56834 | MALWARE-CNC Win.Trojan.TroubleGrabber outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56835 | MALWARE-CNC Win.Trojan.TroubleGrabber outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56862 | MALWARE-CNC MultiOS.Malware.GORAT outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56863 | MALWARE-CNC MultiOS.Malware.GORAT command and control response attempt (more info ...) | trojan-activity | URL | |||
| 56864 | MALWARE-CNC MultiOS.Malware.GORAT command and control SSL certificate (more info ...) | trojan-activity | URL | |||
| 56886 | EXPLOIT-KIT RIG EK GandCrab page access attempt (more info ...) | attempted-user | ||||
| 56891 | MALWARE-CNC Win.Trojan.BasicPipeShell variant communication attempt (more info ...) | trojan-activity | URL | |||
| 56892 | MALWARE-CNC Win.Trojan.BasicPipeShell variant communication attempt (more info ...) | trojan-activity | URL | |||
| 56893 | FILE-OTHER OpenSSL configuration arbitrary DLL load attempt (more info ...) | attempted-user | 2021-1280 | URL | ||
| 56894 | FILE-OTHER OpenSSL configuration arbitrary DLL load attempt (more info ...) | attempted-user | 2021-1280 | URL | ||
| 56895 | MALWARE-OTHER Win.Packed.Xowgc8j-9819208-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56896 | MALWARE-OTHER Win.Packed.Xowgc8j-9819208-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56897 | MALWARE-OTHER Win.Malware.Mikey-9819490-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56898 | MALWARE-OTHER Win.Malware.Mikey-9819490-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56899 | MALWARE-OTHER Win.Malware.Tiny-9819505-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56900 | MALWARE-OTHER Win.Malware.Tiny-9819505-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56901 | MALWARE-OTHER Win.Malware.Zusy-9819756-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56902 | MALWARE-OTHER Win.Malware.Zusy-9819756-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56903 | MALWARE-OTHER Win.Malware.Mikey-9820100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56904 | MALWARE-OTHER Win.Malware.Mikey-9820100-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56906 | MALWARE-OTHER Win.Packed.Emotet-9821266-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56907 | MALWARE-OTHER Win.Packed.Emotet-9821266-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56908 | MALWARE-OTHER Win.Downloader.Upatre-9821529-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56909 | MALWARE-OTHER Win.Downloader.Upatre-9821529-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56912 | MALWARE-OTHER Win.Malware.Ursu-9821797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56913 | MALWARE-OTHER Win.Malware.Ursu-9821797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56914 | MALWARE-OTHER Win.Malware.Cerbu-9822059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56915 | MALWARE-OTHER Win.Malware.Cerbu-9822059-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56918 | MALWARE-OTHER Win.Malware.Qqpass-9822210-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56919 | MALWARE-OTHER Win.Malware.Qqpass-9822210-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56920 | MALWARE-OTHER Win.Malware.Qqpass-9822211-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56921 | MALWARE-OTHER Win.Malware.Qqpass-9822211-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56922 | MALWARE-OTHER Win.Malware.Qqpass-9822241-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56923 | MALWARE-OTHER Win.Malware.Qqpass-9822241-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56951 | MALWARE-OTHER Win.Packed.Medfos-9822521-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56952 | MALWARE-OTHER Win.Packed.Medfos-9822521-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56964 | MALWARE-OTHER Win.Malware.Kovter-9822841-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56965 | MALWARE-OTHER Win.Malware.Kovter-9822841-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56966 | MALWARE-CNC Win.Trojan.IcedId outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 56969 | MALWARE-OTHER Win.Ransomware.Emotet-9823374-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56970 | MALWARE-OTHER Win.Ransomware.Emotet-9823374-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56975 | MALWARE-OTHER Win.Packed.Upatre-9823510-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56976 | MALWARE-OTHER Win.Packed.Upatre-9823510-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56981 | MALWARE-OTHER Win.Malware.Ulise-9823887-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56982 | MALWARE-OTHER Win.Malware.Ulise-9823887-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56985 | MALWARE-OTHER Win.Malware.Ulise-9823969-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56986 | MALWARE-OTHER Win.Malware.Ulise-9823969-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56987 | MALWARE-CNC Win.Trojan.IcedID variant extra payload download attempt (more info ...) | trojan-activity | URL | |||
| 56988 | MALWARE-CNC Win.Trojan.IcedID variant extra payload download attempt (more info ...) | trojan-activity | URL | |||
| 56991 | MALWARE-CNC Win.Trojan.ElectroRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56992 | MALWARE-CNC Win.Trojan.ElectroRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56993 | MALWARE-CNC Win.Trojan.ElectroRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 56996 | MALWARE-OTHER Win.Trojan.Urelas-9825378-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56997 | MALWARE-OTHER Win.Trojan.Urelas-9825378-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56998 | MALWARE-OTHER Win.Malware.Cowq-9825380-0 download attempt (more info ...) | trojan-activity | URL | |||
| 56999 | MALWARE-OTHER Win.Malware.Cowq-9825380-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57005 | MALWARE-OTHER Win.Packed.Zbot-9825410-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57006 | MALWARE-OTHER Win.Packed.Zbot-9825410-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57009 | MALWARE-OTHER Win.Ransomware.Cerber-9825486-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57010 | MALWARE-OTHER Win.Ransomware.Cerber-9825486-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57019 | MALWARE-OTHER Win.Trojan.Generickdz-9825913-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57020 | MALWARE-OTHER Win.Trojan.Generickdz-9825913-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57021 | MALWARE-OTHER Win.Malware.Ceyc-9825747-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57022 | MALWARE-OTHER Win.Malware.Ceyc-9825747-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57023 | MALWARE-OTHER Win.Ransomware.RansomLock-9825921-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57024 | MALWARE-OTHER Win.Ransomware.RansomLock-9825921-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57025 | MALWARE-OTHER Win.Trojan.Urausy-9825941-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57026 | MALWARE-OTHER Win.Trojan.Urausy-9825941-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57027 | MALWARE-OTHER Win.Malware.Fugrafa-9826021-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57028 | MALWARE-OTHER Win.Malware.Fugrafa-9826021-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57029 | MALWARE-OTHER Win.Trojan.Lockscreen-9826040-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57030 | MALWARE-OTHER Win.Trojan.Lockscreen-9826040-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57033 | MALWARE-OTHER Win.Ransomware.Urausy-9826539-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57034 | MALWARE-OTHER Win.Ransomware.Urausy-9826539-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57035 | MALWARE-OTHER Win.Ransomware.Urausy-9826537-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57036 | MALWARE-OTHER Win.Ransomware.Urausy-9826537-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57037 | MALWARE-OTHER Win.Ransomware.Generickdz-9826546-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57038 | MALWARE-OTHER Win.Ransomware.Generickdz-9826546-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57041 | MALWARE-OTHER Win.Malware.Nymaim-9826797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57042 | MALWARE-OTHER Win.Malware.Nymaim-9826797-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57043 | MALWARE-OTHER Win.Malware.Fugrafa-9826819-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57044 | MALWARE-OTHER Win.Malware.Fugrafa-9826819-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57047 | MALWARE-CNC Win.Trojan.Covicli variant download attempt (more info ...) | trojan-activity | URL | |||
| 57050 | MALWARE-OTHER Win.Packed.Generickdz-9827137-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57051 | MALWARE-OTHER Win.Packed.Generickdz-9827137-0 download attempt (more info ...) | trojan-activity | URL | |||
| 57052 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1232 attack attempt (more info ...) | attempted-user | 2021-21776 | URL | ||
| 57053 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1232 attack attempt (more info ...) | attempted-user | 2021-21776 | URL | ||
| 57054 | INDICATOR-COMPROMISE RTF objdata file download attempt (more info ...) | attempted-user | 2017-11882 | URL | ||
| 57055 | INDICATOR-COMPROMISE RTF objdata file download attempt (more info ...) | misc-activity | 2017-11882 | URL | ||
| 57056 | PROTOCOL-SCADA TRUFFLEHUNTER TALOS-2021-1234 attack attempt (more info ...) | attempted-recon | 2021-21777 | URL | ||
| 57067 | SERVER-OTHER HP Web JetAdmin file write attempt (more info ...) | web-application-activity | 9973 | |||
| 57070 | SERVER-WEBAPP Reprise License Manager diagnostics_doit outputfile directory traversal attempt (more info ...) | web-application-attack | ||||
| 57071 | SERVER-WEBAPP Reprise License Manager diagnostics_doit outputfile directory traversal attempt (more info ...) | web-application-attack | ||||
| 57129 | SERVER-OTHER ElasticSearch information disclosure attempt (more info ...) | policy-violation | 2014-3120 | URL | ||
| 57130 | SERVER-OTHER ElasticSearch information disclosure attempt (more info ...) | policy-violation | 2014-3120 | URL | ||
| 57131 | SERVER-OTHER ElasticSearch information disclosure attempt (more info ...) | policy-violation | 2014-3120 | URL | ||
| 57132 | SERVER-WEBAPP Barcodes Generator cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 57133 | SERVER-WEBAPP Barcodes Generator cross site scripting attempt (more info ...) | attempted-user | URL | |||
| 57141 | MALWARE-OTHER Win.Trojan.Masslogger variant E binary download attempt (more info ...) | attempted-admin | ||||
| 57142 | MALWARE-OTHER Win.Trojan.Masslogger variant F binary download attempt (more info ...) | trojan-activity | ||||
| 57143 | MALWARE-OTHER Win.Trojan.Masslogger variant F binary download attempt (more info ...) | attempted-admin | ||||
| 57144 | MALWARE-OTHER Win.Trojan.Masslogger variant C binary download attempt (more info ...) | attempted-admin | ||||
| 57145 | MALWARE-OTHER Win.Trojan.Masslogger variant G binary download attempt (more info ...) | attempted-admin | ||||
| 57146 | MALWARE-OTHER Win.Trojan.Masslogger variant D binary download attempt (more info ...) | attempted-admin | ||||
| 57147 | MALWARE-OTHER Win.Trojan.Masslogger variant A binary download attempt (more info ...) | trojan-activity | ||||
| 57148 | MALWARE-OTHER Win.Trojan.Masslogger variant G binary download attempt (more info ...) | trojan-activity | ||||
| 57149 | MALWARE-OTHER Win.Trojan.Masslogger variant E binary download attempt (more info ...) | trojan-activity | ||||
| 57150 | MALWARE-OTHER Win.Trojan.Masslogger variant D binary download attempt (more info ...) | trojan-activity | ||||
| 57151 | MALWARE-OTHER Win.Trojan.Masslogger variant C binary download attempt (more info ...) | trojan-activity | ||||
| 57152 | MALWARE-OTHER Win.Trojan.Masslogger variant B binary download attempt (more info ...) | trojan-activity | ||||
| 57153 | MALWARE-OTHER Win.Trojan.Masslogger variant B binary download attempt (more info ...) | attempted-admin | ||||
| 57155 | PROTOCOL-SCADA Real-time Automation Ethernet/IP buffer over flow attempt (more info ...) | attempted-user | 2020-25159 | |||
| 57162 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (more info ...) | attempted-user | 2021-21784 | URL | ||
| 57163 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (more info ...) | attempted-user | 2021-21784 | URL | ||
| 57164 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (more info ...) | attempted-user | 2021-21784 | URL | ||
| 57165 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1248 attack attempt (more info ...) | attempted-user | 2021-21784 | URL | ||
| 57168 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57169 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57170 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57171 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57172 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57173 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57174 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57175 | MALWARE-CNC Win.Backdoor.ObliqueRAT outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57194 | MALWARE-CNC Doc.Dropper.Gamaredon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57195 | MALWARE-CNC Doc.Dropper.Gamaredon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57196 | MALWARE-CNC Win.Dropper.Gamaredon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57203 | MALWARE-CNC Win.Trojan.Stantinko outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57204 | MALWARE-CNC Win.Trojan.Amadey outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57209 | SERVER-WEBAPP Monstra CMS cross site scripting attempt (more info ...) | attempted-user | 2018-16978 | |||
| 57210 | SERVER-WEBAPP Monstra CMS cross site scripting attempt (more info ...) | attempted-user | 2018-16978 | |||
| 57211 | MALWARE-CNC Win.Downloader.Agent variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57212 | MALWARE-CNC Win.Downloader.Agent variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57213 | MALWARE-CNC Win.Downloader.Agent variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57214 | MALWARE-CNC Win.Downloader.Agent variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57215 | MALWARE-CNC Win.Trojan.CrimsonRAT inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57216 | MALWARE-CNC Win.Trojan.CrimsonRAT inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57219 | POLICY-OTHER SAP Solution Manager EEM endpoint external access attempt (more info ...) | policy-violation | 2020-6207 | URL | ||
| 57220 | MALWARE-CNC Win.Trojan.Micropsia variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57221 | MALWARE-CNC Win.Trojan.PyMicropsia variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57235 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57236 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57237 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57238 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57239 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57240 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57247 | MALWARE-OTHER Win.Ransomware.ColdChristmas variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57311 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57312 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57313 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57322 | MALWARE-OTHER Win.Ransomware.DoejoCrypt variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 57341 | MALWARE-CNC Win.Trojan.Patchwork variant beaconing attempt (more info ...) | trojan-activity | URL | |||
| 57342 | MALWARE-CNC Html.Webshell.Hafnium inbound request attempt (more info ...) | trojan-activity | URL | |||
| 57380 | MALWARE-CNC Win.Backdoor.Sunburst outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57405 | MALWARE-CNC Win.Backdoor.Sunburst SUNSHUTTLE variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57416 | MALWARE-CNC Win.Trojan.Raindrop variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57417 | MALWARE-CNC Win.Trojan.Raindrop variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57418 | MALWARE-CNC Win.Trojan.Raindrop variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57419 | MALWARE-CNC Win.Trojan.Raindrop variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57422 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1043 attack attempt (more info ...) | trojan-activity | ||||
| 57431 | MALWARE-CNC Win.Trojan.Remcos variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57450 | SERVER-OTHER F5 WAF/ASM crafted reponse header buffer overflow attempt (more info ...) | attempted-user | 2021-22992 | URL | ||
| 57474 | MALWARE-CNC Win.Malware.LemonDuck variant outbound cnc connection (more info ...) | attempted-user | URL | |||
| 57477 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1282 attack attempt (more info ...) | policy-violation | 2021-21818 | URL | ||
| 57478 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1281 attack attempt (more info ...) | attempted-recon | 2021-21816 | URL | ||
| 57503 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1290 attack attempt (more info ...) | policy-violation | 2021-21830 | URL | ||
| 57504 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1290 attack attempt (more info ...) | policy-violation | 2021-21830 | URL | ||
| 57509 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1286 attack attempt (more info ...) | attempted-user | 2021-21821 | URL | ||
| 57510 | FILE-PDF TRUFFLEHUNTER TALOS-2021-1286 attack attempt (more info ...) | attempted-user | 2021-21821 | URL | ||
| 57551 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57552 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57553 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57554 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57555 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57556 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57557 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57558 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57559 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57560 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57561 | MALWARE-CNC Win.Spyware.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57562 | MALWARE-CNC Win.Trojan.CrimsonRat outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57563 | SERVER-WEBAPP PineApp Mail-SeCure conflivelog.pl install license command injection attempt (more info ...) | web-application-attack | 61472 | |||
| 57564 | SERVER-WEBAPP PineApp Mail-SeCure conflivelog.pl install license command injection attempt (more info ...) | web-application-attack | 61472 | |||
| 57565 | SERVER-WEBAPP PineApp Mail-SeCure conflivelog.pl install license command injection attempt (more info ...) | web-application-attack | 61472 | |||
| 57577 | MALWARE-CNC Win.Trojan.IcedID outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57606 | SERVER-WEBAPP MyBB Visual Editor cross site scripting attempt (more info ...) | attempted-user | 2018-17128 | URL | ||
| 57631 | PUA-OTHER WeChat User-Agent string - MicroMessenger (more info ...) | misc-activity | ||||
| 57632 | PUA-OTHER Known unwanted User-Agent string - LieBaoFast (more info ...) | misc-activity | ||||
| 57633 | PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (more info ...) | misc-activity | ||||
| 57634 | PUA-OTHER Known unwanted User-Agent string - PetalBot (more info ...) | misc-activity | ||||
| 57673 | SERVER-WEBAPP Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (more info ...) | misc-attack | 2008-5457 | |||
| 57674 | SERVER-WEBAPP Oracle BEA WebLogic overlong JESSIONID buffer overflow attempt (more info ...) | misc-attack | 2008-5457 | |||
| 57683 | PROTOCOL-VOIP SIP Torture Retry-After field with overly-large value attempt (more info ...) | misc-activity | URL | |||
| 57684 | PROTOCOL-VOIP SIP Torture Retry-After field with overly-large value attempt (more info ...) | misc-activity | URL | |||
| 57685 | PROTOCOL-VOIP SIP Torture Retry-After field with overly-large value attempt (more info ...) | misc-activity | URL | |||
| 57686 | PROTOCOL-VOIP SIP Torture Retry-After field with overly-large value attempt (more info ...) | misc-activity | URL | |||
| 57714 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57715 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57716 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57717 | MALWARE-CNC Multios.Trojan.NecroBot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57738 | POLICY-OTHER Active Directory Federation Services policy store transfer service request detected (more info ...) | misc-activity | URL | |||
| 57760 | OS-WINDOWS Generic HyperLink buffer overflow attempt (more info ...) | attempted-user | 2017-17099 | 37184 | URL | |
| 57763 | SERVER-OTHER ElasticSearch script remote code execution attempt (more info ...) | attempted-user | 2015-1427 | URL | ||
| 57773 | MALWARE-CNC Win.Trojan.Bazaloader variant outbound request detected (more info ...) | trojan-activity | ||||
| 57780 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57781 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57782 | MALWARE-CNC Win.Backdoor.IPsecHelper outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57807 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1322 attack attempt (more info ...) | policy-violation | 2021-21878 | URL | ||
| 57813 | SERVER-OTHER Citrix NetScaler Gateway DTLS client hello denial of service attempt (more info ...) | attempted-dos | URL | |||
| 57823 | MALWARE-CNC ASPXSpy webshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57824 | MALWARE-CNC ASPXSpy webshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57825 | MALWARE-CNC ASPXSpy webshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57826 | MALWARE-CNC ASPXSpy webshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57827 | MALWARE-CNC ASPXSpy webshell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57828 | MALWARE-CNC ASPXSpy webshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57832 | OS-OTHER Apple macOS Gatekeeper bypass attempt (more info ...) | attempted-user | 2021-30657 | |||
| 57833 | OS-OTHER Apple macOS Gatekeeper bypass attempt (more info ...) | attempted-user | 2021-30657 | |||
| 57842 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57843 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57844 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57845 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57846 | MALWARE-CNC Win.Trojan.ActionRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57847 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57848 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57849 | MALWARE-CNC Win.Trojan.CetaRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 57858 | MALWARE-CNC Win.Downloader.VictoryDll outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57864 | MALWARE-CNC Netfilter rootkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57865 | MALWARE-CNC Netfilter rootkit download attempt (more info ...) | trojan-activity | URL | |||
| 57866 | MALWARE-CNC Netfilter rootkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57867 | MALWARE-CNC Netfilter rootkit download attempt (more info ...) | trojan-activity | URL | |||
| 57868 | MALWARE-CNC Netfilter rootkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57869 | MALWARE-CNC Netfilter rootkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57870 | MALWARE-CNC Netfilter rootkit outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57871 | MALWARE-CNC Netfilter rootkit download attempt (more info ...) | trojan-activity | URL | |||
| 57892 | SERVER-WEBAPP Oracle GlassFish administration console authentication bypass attempt (more info ...) | web-application-attack | 2011-1511 | 47818 | ||
| 57893 | MALWARE-CNC Win.Trojan.TrickBot outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57901 | MALWARE-CNC Doc.Downloader.Emotet variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57918 | SERVER-WEBAPP Hewlett Packard Enterprise Intelligent Management Center MibFileServlet directory traversal attempt (more info ...) | web-application-attack | 2017-12560 | |||
| 57919 | MALWARE-CNC Osx.Trojan.Shlayer second stage download attempt (more info ...) | trojan-activity | URL | |||
| 57920 | MALWARE-CNC Osx.Trojan.Shlayer second stage download attempt (more info ...) | trojan-activity | URL | |||
| 57922 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57923 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57924 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57926 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57927 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57928 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57929 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57930 | MALWARE-CNC Html.Webshell.ASPXSpy inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57934 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1342 attack attempt (more info ...) | attempted-admin | URL | |||
| 57935 | OS-OTHER TRUFFLEHUNTER TALOS-2021-1342 attack attempt (more info ...) | attempted-admin | URL | |||
| 57940 | MALWARE-CNC Win.Trojan.Raccoon outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 57941 | MALWARE-CNC Win.Trojan.Raccoon binary download attempt (more info ...) | trojan-activity | URL | |||
| 57948 | MALWARE-CNC Win.Trojan.Trickbot VNC module outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57949 | MALWARE-CNC Win.Trojan.Trickbot VNC module outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57950 | MALWARE-CNC Win.Trojan.Trickbot VNC module outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57955 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57956 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57957 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57958 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57959 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57960 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57961 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57962 | MALWARE-CNC Aspx.Webshell.Caterpillar inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57973 | MALWARE-CNC Win.Trojan.Uran second stage download attempt (more info ...) | trojan-activity | ||||
| 57974 | MALWARE-CNC Win.Trojan.Uran variant outbound connection (more info ...) | trojan-activity | ||||
| 57975 | MALWARE-CNC Win.Trojan.Raccoon variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 57991 | MALWARE-CNC Win.Trojan.Bandidos outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 57995 | MALWARE-CNC Jsp.Webshell.JspFileBrowser inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58000 | MALWARE-CNC Zloader command and control outbound connection attempt (more info ...) | trojan-activity | ||||
| 58007 | MALWARE-CNC Win.Trojan.Redline variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 58013 | SERVER-OTHER TRUFFLEHUNTER TALOS-2021-1355 attack attempt (more info ...) | attempted-admin | 2021-21903 | URL | ||
| 58015 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1354 attack attempt (more info ...) | protocol-command-decode | 2021-21902 | URL | ||
| 58016 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1354 attack attempt (more info ...) | policy-violation | 2021-21902 | URL | ||
| 58029 | MALWARE-CNC Win.Trojan.Locky outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58030 | MALWARE-CNC Win.Miner.Honeygain outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58031 | MALWARE-CNC Win.Miner.Honeygain outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58032 | MALWARE-CNC Win.Miner.Honeygain outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58033 | MALWARE-CNC Win.Miner.Honeygain outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58044 | PROTOCOL-OTHER OpenLDAP Search Parsing serialNumberAndIssuerCheck integer overflow attempt (more info ...) | denial-of-service | 2020-36221 | URL | ||
| 58045 | PROTOCOL-OTHER OpenLDAP Search Parsing serialNumberAndIssuerCheck integer overflow attempt (more info ...) | denial-of-service | 2020-36221 | URL | ||
| 58060 | MALWARE-CNC Win.Downloader.Pingbed outbound connection (more info ...) | trojan-activity | URL | |||
| 58086 | MALWARE-OTHER Win.Trojan.Aspire variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 58087 | MALWARE-CNC Win.Trojan.njRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58088 | MALWARE-CNC Win.Trojan.Aspire variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58104 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1361 attack attempt (more info ...) | policy-violation | 2021-21913 | URL | ||
| 58105 | MALWARE-CNC Win.Trojan.HolesWarm outbound connection (more info ...) | trojan-activity | URL | |||
| 58106 | MALWARE-CNC Win.Trojan.HolesWarm outbound connection (more info ...) | trojan-activity | URL | |||
| 58107 | MALWARE-CNC Win.Trojan.Turla variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 58116 | MALWARE-CNC Win.Trojan.Ursu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58117 | MALWARE-CNC Win.Trojan.Ursu variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58118 | MALWARE-CNC Win.Dropper.Johnnie variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58119 | MALWARE-CNC Win.Dropper.Johnnie variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58153 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1373 attack attempt (more info ...) | attempted-user | 2021-21943 | URL | ||
| 58154 | FILE-IMAGE TRUFFLEHUNTER TALOS-2021-1373 attack attempt (more info ...) | attempted-user | 2021-21943 | URL | ||
| 58155 | MALWARE-CNC Win.Trojan.Ursnif variant outbound beacon (more info ...) | trojan-activity | URL | |||
| 58160 | INDICATOR-SHELLCODE Metasploit windows/meterpreter stage transfer attempt (more info ...) | shellcode-detect | URL | |||
| 58216 | MALWARE-CNC Banking credential stealer credential exfiltration attempt (more info ...) | attempted-user | ||||
| 58238 | MALWARE-TOOLS Win.Ransomware.BlackMatter variant download attempt (more info ...) | trojan-activity | URL | |||
| 58239 | SERVER-OTHER OpenSSL TLS large handshake out of bounds read attempt (more info ...) | attempted-user | URL | |||
| 58240 | SERVER-OTHER OpenSSL TLS large handshake out of bounds read attempt (more info ...) | attempted-user | URL | |||
| 58241 | SERVER-OTHER OpenSSL TLS large handshake out of bounds read attempt (more info ...) | attempted-user | URL | |||
| 58277 | MALWARE-CNC Xls.Dropper.SquirrelWaffle download attempt (more info ...) | trojan-activity | URL | |||
| 58278 | MALWARE-CNC Xls.Dropper.SquirrelWaffle download attempt (more info ...) | trojan-activity | URL | |||
| 58280 | MALWARE-CNC Doc.Dropper.SquirrelWaffle download attempt (more info ...) | trojan-activity | URL | |||
| 58281 | MALWARE-CNC Win.Dropper.SquirrelWaffle C2 HTTP response (more info ...) | trojan-activity | URL | |||
| 58299 | POLICY-OTHER Alibaba Nacos potential authentication bypass attempt (more info ...) | policy-violation | 2021-29441 | URL | ||
| 58300 | POLICY-OTHER Alibaba Nacos potential authentication bypass attempt (more info ...) | policy-violation | 2021-29441 | URL | ||
| 58301 | POLICY-OTHER Alibaba Nacos potential authentication bypass attempt (more info ...) | policy-violation | 2021-29441 | URL | ||
| 58302 | SERVER-WEBAPP GE MDS PulseNET IntegrationXMLProcessorServlet Write XML external entity injection attempt (more info ...) | web-application-attack | 2018-10613 | |||
| 58307 | SERVER-WEBAPP Trend Micro Control Manager ProductTree XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58354 | SERVER-WEBAPP MailEnable Enterprise Premium unauthenticated XML external entity injection attempt (more info ...) | web-application-attack | 2019-12924 | |||
| 58356 | MALWARE-CNC Win.Trojan.DCRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58357 | MALWARE-CNC Win.Trojan.DCRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58358 | MALWARE-CNC Win.Trojan.Quasar variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58359 | MALWARE-CNC Win.Trojan.DCRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58363 | SERVER-WEBAPP Online Learning Management System 1.0 RCE attempt (more info ...) | attempted-user | ||||
| 58364 | SERVER-WEBAPP Online Learning Management System 1.0 RCE attempt (more info ...) | attempted-user | ||||
| 58374 | SERVER-WEBAPP GE MDS PulseNET MagnumEmulator Servlet XML external entity injection attempt (more info ...) | web-application-attack | 2018-10613 | |||
| 58395 | SERVER-WEBAPP GE MDS PulseNET XmlAdapterServlet XML external entity injection attempt (more info ...) | web-application-attack | 2018-10613 | |||
| 58402 | SERVER-WEBAPP Hewlett Packard Enterprise Network Automation authentication bypass attempt (more info ...) | web-application-attack | 2017-5812 | |||
| 58429 | MALWARE-CNC Win.Trojan.MirrorBlast outbound connection (more info ...) | trojan-activity | URL | |||
| 58430 | MALWARE-CNC Win.Trojan.MirrorBlast outbound connection (more info ...) | trojan-activity | URL | |||
| 58432 | MALWARE-CNC Win.Trojan.MirrorBlast outbound connection (more info ...) | trojan-activity | URL | |||
| 58433 | MALWARE-CNC Win.Trojan.MirrorBlast outbound connection (more info ...) | trojan-activity | URL | |||
| 58448 | MALWARE-CNC Win.Trojan.STRRAT variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 58459 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1401 attack attempt (more info ...) | policy-violation | 2021-40390 | URL | ||
| 58460 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1401 attack attempt (more info ...) | policy-violation | 2021-40390 | URL | ||
| 58461 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1392 attack attempt (more info ...) | policy-violation | 2021-21964 | URL | ||
| 58462 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1392 attack attempt (more info ...) | policy-violation | 2021-21965 | URL | ||
| 58463 | POLICY-OTHER TRUFFLEHUNTER TALOS-2021-1392 attack attempt (more info ...) | policy-violation | 2021-21965 | URL | ||
| 58474 | SERVER-WEBAPP Trend Micro Control Manager TreeUserControl_process_tree_event XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58477 | POLICY-OTHER Quest Foglight Evolve hardcoded credentials login attempt (more info ...) | policy-violation | 2020-8868 | |||
| 58495 | MALWARE-CNC Win.Ransomware.Magniber variant beacon (more info ...) | trojan-activity | URL | |||
| 58497 | MALWARE-CNC Win.Trojan.Kimsuky outbound connection (more info ...) | trojan-activity | URL | |||
| 58498 | MALWARE-CNC Win.Trojan.Kimsuky outbound connection (more info ...) | trojan-activity | URL | |||
| 58526 | MALWARE-CNC Win.Trojan.STRRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58527 | MALWARE-CNC Win.Trojan.STRRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58528 | SERVER-OTHER OpenLDAP IssuerAndThisUpdateCheck integer underflow attempt (more info ...) | attempted-user | 2020-36228 | |||
| 58534 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1405 attack attempt (more info ...) | attempted-user | 2021-40394 | URL | ||
| 58535 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1405 attack attempt (more info ...) | attempted-user | 2021-40394 | URL | ||
| 58536 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1404 attack attempt (more info ...) | attempted-user | 2021-40393 | URL | ||
| 58537 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1404 attack attempt (more info ...) | attempted-user | 2021-40393 | URL | ||
| 58545 | SERVER-WEBAPP Trend Micro Control Manager ProductTree_LeftWindow XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58558 | SERVER-WEBAPP EMC VMAX3 VASA Provider virtual appliance UploadConfigurator arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2017-4997 | |||
| 58564 | MALWARE-CNC Win.Trojan.SquirrelWaffle beacon attempt (more info ...) | trojan-activity | URL | |||
| 58570 | FILE-OTHER MacOS TTC bypass vulnerability exploit upload attempt (more info ...) | attempted-admin | 2021-30713 | |||
| 58582 | POLICY-OTHER Dahua Console NetKeyboard potential authentication bypass attempt (more info ...) | policy-violation | 2021-33044 | |||
| 58583 | POLICY-OTHER Dahua Console NetKeyboard potential authentication bypass attempt (more info ...) | policy-violation | 2021-33044 | |||
| 58584 | POLICY-OTHER Dahua Console Loopback potential authentication bypass attempt (more info ...) | policy-violation | 2021-33045 | |||
| 58585 | POLICY-OTHER Dahua Console Loopback potential authentication bypass attempt (more info ...) | policy-violation | 2021-33045 | |||
| 58590 | SERVER-OTHER OpenLDAP Slapd CancelRequest infinite loop denial of service attempt (more info ...) | attempted-dos | 2020-36227 | URL | ||
| 58591 | SERVER-OTHER OpenLDAP Slapd CancelRequest infinite loop denial of service attempt (more info ...) | attempted-dos | 2020-36227 | URL | ||
| 58597 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1413 attack attempt (more info ...) | attempted-user | 2021-40400 | URL | ||
| 58598 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1413 attack attempt (more info ...) | attempted-user | 2021-40400 | URL | ||
| 58601 | SERVER-WEBAPP Joomla mod_breadcrumbs Title Store cross site scripting attempt (more info ...) | attempted-user | 2021-23124 | |||
| 58602 | SERVER-WEBAPP Joomla mod_breadcrumbs Title Store cross site scripting attempt (more info ...) | attempted-user | 2021-23124 | |||
| 58609 | OS-OTHER Apple macOS kernel memory leak attempt (more info ...) | attempted-admin | 2020-27950 | |||
| 58610 | OS-OTHER Apple macOS kernel memory leak attempt (more info ...) | attempted-admin | 2020-27950 | |||
| 58623 | SERVER-OTHER OpenLDAP slap_parse_user denial of service attempt (more info ...) | attempted-dos | 2020-36222 | |||
| 58624 | SERVER-OTHER OpenLDAP slap_parse_user denial of service attempt (more info ...) | attempted-dos | 2020-36222 | |||
| 58625 | SERVER-OTHER OpenLDAP slap_parse_user denial of service attempt (more info ...) | attempted-dos | 2020-36222 | |||
| 58626 | SERVER-OTHER OpenLDAP slap_parse_user denial of service attempt (more info ...) | attempted-dos | 2020-36222 | |||
| 58627 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1045 attack attempt (more info ...) | trojan-activity | ||||
| 58628 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1045 attack attempt (more info ...) | trojan-activity | ||||
| 58629 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1045 attack attempt (more info ...) | trojan-activity | ||||
| 58630 | FILE-OTHER VMware Fusion privilege escalation attempt (more info ...) | attempted-admin | 2020-3950 | |||
| 58631 | FILE-OTHER VMware Fusion privilege escalation attempt (more info ...) | attempted-admin | 2020-3950 | |||
| 58650 | MALWARE-CNC Win.Backdoor.Magnat outbound connection (more info ...) | trojan-activity | URL | |||
| 58651 | MALWARE-CNC Win.Trojan.MagnatExtension outbound connection (more info ...) | trojan-activity | URL | |||
| 58656 | SERVER-OTHER OpenLDAP slap_parse_user denial of service attempt (more info ...) | attempted-dos | 2020-36222 | |||
| 58657 | SERVER-OTHER OpenLDAP slap_parse_user denial of service attempt (more info ...) | attempted-dos | 2020-36222 | |||
| 58658 | MALWARE-CNC Win.Trojan.DarkSide outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58659 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1417 attack attempt (more info ...) | attempted-recon | 2021-40403 | URL | ||
| 58660 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1417 attack attempt (more info ...) | attempted-recon | 2021-40403 | URL | ||
| 58661 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1417 attack attempt (more info ...) | attempted-recon | 2021-40403 | URL | ||
| 58662 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1417 attack attempt (more info ...) | attempted-recon | 2021-40403 | URL | ||
| 58663 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1417 attack attempt (more info ...) | attempted-recon | 2021-40403 | URL | ||
| 58664 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1417 attack attempt (more info ...) | attempted-recon | 2021-40403 | URL | ||
| 58665 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1415 attack attempt (more info ...) | attempted-user | 2021-40401 | URL | ||
| 58666 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1415 attack attempt (more info ...) | attempted-user | 2021-40401 | URL | ||
| 58667 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1415 attack attempt (more info ...) | attempted-user | 2021-40401 | URL | ||
| 58668 | FILE-OTHER TRUFFLEHUNTER TALOS-2021-1415 attack attempt (more info ...) | attempted-user | 2021-40401 | URL | ||
| 58669 | SERVER-WEBAPP Trend Micro Control Manager ProductTree_TreeManagement1 XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58698 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1423 attack attempt (more info ...) | attempted-dos | 2021-40406 | URL | ||
| 58699 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1423 attack attempt (more info ...) | attempted-dos | 2021-40406 | URL | ||
| 58710 | SERVER-WEBAPP GE MDS PulseNET Servlet XML external entity injection attempt (more info ...) | web-application-attack | 2018-10613 | |||
| 58713 | MALWARE-CNC Asp.Webshell.NewCon2 outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58719 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1421 attack attempt (more info ...) | attempted-dos | 2021-40423 | URL | ||
| 58720 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2021-1421 attack attempt (more info ...) | attempted-dos | 2021-40423 | URL | ||
| 58766 | MALWARE-CNC Rat.Trojan.Nanocore variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58767 | MALWARE-CNC Rat.Trojan.Nanocore variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58768 | MALWARE-CNC Rat.Trojan.Nanocore variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58769 | MALWARE-CNC Rat.Trojan.Nanocore variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58770 | MALWARE-CNC Rat.Trojan.Nanocore variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58771 | MALWARE-CNC Rat.Trojan.Netwire variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58772 | MALWARE-CNC Rat.Trojan.Netwire variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58773 | MALWARE-CNC Rat.Trojan.AsyncRAT variant cnc connection (more info ...) | trojan-activity | URL | |||
| 58777 | MALWARE-CNC Win.Trojan.FormBook outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58778 | MALWARE-CNC Win.Infostealer.RedLine outbound connection (more info ...) | trojan-activity | URL | |||
| 58779 | MALWARE-CNC Win.Infostealer.RedLine outbound connection (more info ...) | trojan-activity | URL | |||
| 58780 | MALWARE-CNC Win.Infostealer.RedLine outbound connection (more info ...) | trojan-activity | URL | |||
| 58781 | MALWARE-CNC Win.Infostealer.RedLine outbound connection (more info ...) | trojan-activity | URL | |||
| 58796 | MALWARE-CNC Win.Backdoor.FatalRat variant beaconing attempt (more info ...) | trojan-activity | URL | |||
| 58835 | MALWARE-CNC Win.Trojan.IcedId outbound connection (more info ...) | trojan-activity | URL | |||
| 58840 | SERVER-WEBAPP Trend Micro Control Manager AdHocQuery_Result XML external entity injection attempt (more info ...) | web-application-attack | ||||
| 58846 | PROTOCOL-OTHER libcurl mqtt use after free attempt (more info ...) | attempted-user | 2021-22945 | URL | ||
| 58852 | MALWARE-CNC Win.Trojan.BazarLoader outbound connection (more info ...) | trojan-activity | URL | |||
| 58865 | MALWARE-CNC Win.Trojan.Beacon outbound connection (more info ...) | trojan-activity | URL | |||
| 58903 | MALWARE-CNC Win.Trojan.Qakbot variant beaconing attempt (more info ...) | trojan-activity | URL | |||
| 58904 | MALWARE-CNC Win.Trojan.Qakbot variant beaconing attempt (more info ...) | trojan-activity | URL | |||
| 58906 | PROTOCOL-SCADA Modbus Write File Record overly large sub request record length attempt (more info ...) | attempted-dos | 2022-20685 | URL | ||
| 58907 | PROTOCOL-SCADA Modbus Write File Record overly large sub request record length attempt (more info ...) | attempted-dos | 2022-20685 | URL | ||
| 58909 | POLICY-OTHER Multiple Products Golang pprof debug access attempt (more info ...) | policy-violation | 2022-20648 | URL | ||
| 58927 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1447 attack attempt (more info ...) | policy-violation | 2022-21134 | URL | ||
| 58937 | MALWARE-CNC Ps1.Malware.MuddyWater outbound cnc connection (more info ...) | trojan-activity | URL | |||
| 58938 | MALWARE-CNC Ps1.Malware.MuddyWater outbound cnc connection (more info ...) | trojan-activity | ||||
| 58941 | FILE-OTHER PEAR Archive TAR symbolic link file overwrite attempt (more info ...) | attempted-user | 2020-36193 | |||
| 58942 | FILE-OTHER PEAR Archive TAR symbolic link file overwrite attempt (more info ...) | attempted-user | 2020-36193 | |||
| 58943 | MALWARE-CNC Win.Malware.Emotet cnc outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 58944 | MALWARE-CNC Win.Ransomware.Conti variant network share readme file detected (more info ...) | trojan-activity | URL | |||
| 58945 | FILE-OTHER PEAR Archive Tar code deserialization attempt (more info ...) | attempted-user | 2020-28949 | URL | ||
| 58946 | FILE-OTHER PEAR Archive Tar code deserialization attempt (more info ...) | attempted-user | 2020-28949 | URL | ||
| 58949 | MALWARE-CNC Win.Trojan.Qakbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 58950 | SERVER-WEBAPP OneDev pre-authentication token leak attempt (more info ...) | attempted-user | 2021-21246 | |||
| 58957 | MALWARE-CNC Win.RAT.AridViper outbound connection (more info ...) | trojan-activity | URL | |||
| 58958 | MALWARE-CNC Win.RAT.AridViper outbound connection (more info ...) | trojan-activity | URL | |||
| 58990 | MALWARE-CNC Win.Trojan.Saintbot variant outbound connection (more info ...) | trojan-activity | ||||
| 58992 | MALWARE-CNC User-Agent known malicious user-agent string - Mirai (more info ...) | trojan-activity | URL | |||
| 59012 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1461 attack attempt (more info ...) | policy-violation | 2022-21184 | URL | ||
| 59014 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2022-1452 attack attempt (more info ...) | attempted-user | 2022-21147 | URL | ||
| 59015 | FILE-EXECUTABLE TRUFFLEHUNTER TALOS-2022-1452 attack attempt (more info ...) | attempted-user | 2022-21147 | URL | ||
| 59034 | SERVER-WEBAPP HiSilicon Video Encoders unauthenticated command injection attempt (more info ...) | web-application-attack | 2020-24217 | |||
| 59061 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1459 attack attempt (more info ...) | policy-violation | 2022-22144 | URL | ||
| 59062 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Suite DetailReportAction directory traversal attempt (more info ...) | web-application-attack | ||||
| 59063 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Suite DetailReportAction directory traversal attempt (more info ...) | web-application-attack | ||||
| 59064 | SERVER-WEBAPP Trend Micro InterScan Messaging Security Suite DetailReportAction directory traversal attempt (more info ...) | web-application-attack | ||||
| 59071 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise license command injection attempt (more info ...) | web-application-attack | ||||
| 59083 | SERVER-WEBAPP D-Link router httpd server directory traversal attempt (more info ...) | web-application-attack | 2018-10822 | |||
| 59089 | SERVER-WEBAPP Trend Micro SafeSync for Enterprise storage API command injection attempt (more info ...) | web-application-attack | ||||
| 59110 | MALWARE-CNC Win.Trojan.Patchwork RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59111 | MALWARE-CNC Win.Trojan.Patchwork RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59112 | MALWARE-CNC Win.Trojan.Patchwork RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59113 | MALWARE-CNC Win.Trojan.Patchwork RAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59116 | PROTOCOL-OTHER Git LFS clone arbitrary code execution attempt (more info ...) | attempted-user | 2021-21300 | URL | ||
| 59117 | PROTOCOL-OTHER Git LFS object request detected (more info ...) | protocol-command-decode | 2021-21300 | URL | ||
| 59130 | MALWARE-TOOLS Bombardier http DoS tool (more info ...) | attempted-dos | URL | |||
| 59133 | MALWARE-CNC Win.Trojan.AgentTesla outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59145 | MALWARE-OTHER Win.Trojan.Redline variant download attempt (more info ...) | trojan-activity | URL | |||
| 59149 | MALWARE-CNC Win.Trojan.Redline variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 59150 | MALWARE-CNC Win.Trojan.Redline variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 59151 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1468 attack attempt (more info ...) | web-application-attack | 2022-21809 | URL | ||
| 59152 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1474 attack attempt (more info ...) | policy-violation | 2022-26020 | URL | ||
| 59153 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1472 attack attempt (more info ...) | policy-violation | 2022-25932 | URL | ||
| 59158 | MALWARE-OTHER Win.Ransomware.HermeticRansom binary download attempt (more info ...) | trojan-activity | URL | |||
| 59159 | MALWARE-OTHER Win.Ransomware.HermeticRansom binary download attempt (more info ...) | trojan-activity | URL | |||
| 59160 | MALWARE-CNC Win.Trojan.Redline variant outbound request detected (more info ...) | trojan-activity | URL | |||
| 59161 | MALWARE-OTHER Win.Ransomware.WhiteBlackCrypt variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59162 | MALWARE-OTHER Win.Ransomware.WhiteBlackCrypt variant binary download attempt (more info ...) | trojan-activity | URL | |||
| 59165 | MALWARE-CNC Win.Malware.SunSeed outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 59166 | MALWARE-CNC Xls.Downloader.SunSeed payload download attempt (more info ...) | trojan-activity | URL | |||
| 59167 | MALWARE-CNC Xls.Downloader.SunSeed payload download attempt (more info ...) | trojan-activity | URL | |||
| 59168 | MALWARE-CNC Win.Malware.SunSeed outbound cnc connection attempt (more info ...) | trojan-activity | URL | |||
| 59169 | MALWARE-CNC Win.Malware.SunSeed payload download attempt attempt (more info ...) | trojan-activity | URL | |||
| 59170 | MALWARE-CNC Win.Malware.SunSeed payload download attempt attempt (more info ...) | trojan-activity | URL | |||
| 59173 | MALWARE-CNC Xls.Downloader.SunSeed payload download attempt (more info ...) | trojan-activity | URL | |||
| 59182 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59183 | MALWARE-OTHER Win.Trojan.WhisperGate download attempt (more info ...) | trojan-activity | URL | |||
| 59202 | MALWARE-CNC Win.Infostealer.Vidar outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59203 | MALWARE-CNC Win.Infostealer.Vidar outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59208 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59209 | MALWARE-CNC Win.Trojan.Ursnif variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59223 | MALWARE-CNC Win.Trojan.TransparentTribe outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59226 | MALWARE-CNC Win.Trojan.MuddyWater outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59227 | MALWARE-CNC Win.Trojan.MuddyWater download attempt (more info ...) | trojan-activity | URL | |||
| 59228 | MALWARE-CNC Win.Trojan.MuddyWater download attempt (more info ...) | trojan-activity | URL | |||
| 59229 | MALWARE-CNC Win.Trojan.MuddyWater outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59230 | MALWARE-CNC Win.Trojan.MuddyWater outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 59231 | SERVER-SAMBA Samba SMB SET_INFO heap overwrite attempt (more info ...) | attempted-user | 2021-44142 | |||
| 59243 | MALWARE-CNC Win.Trojan.Raccoon variant RC4 encrypted outbound request attempt (more info ...) | trojan-activity | URL | |||
| 59252 | MALWARE-CNC Win.Infostealer.PhoenixStealer outbound connection (more info ...) | trojan-activity | URL | |||
| 59253 | MALWARE-CNC Win.Infostealer.PhoenixStealer outbound connection (more info ...) | trojan-activity | URL | |||
| 59275 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1492 attack attempt (more info ...) | policy-violation | 2022-26082 | URL | ||
| 59276 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1492 attack attempt (more info ...) | policy-violation | 2022-26303 | URL | ||
| 59277 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1490 attack attempt (more info ...) | policy-violation | 2022-26082 | URL | ||
| 59278 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1490 attack attempt (more info ...) | policy-violation | 2022-27169 | URL | ||
| 59279 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1490 attack attempt (more info ...) | policy-violation | 2022-26077 | URL | ||
| 59282 | SERVER-WEBAPP Trend Micro Smart Protection Server wcs_bwlists_handler command injection attempt (more info ...) | web-application-attack | ||||
| 59283 | SERVER-WEBAPP Trend Micro Smart Protection Server wcs_bwlists_handler command injection attempt (more info ...) | web-application-attack | ||||
| 59284 | SERVER-WEBAPP Trend Micro Smart Protection Server wcs_bwlists_handler command injection attempt (more info ...) | web-application-attack | ||||
| 59285 | SERVER-WEBAPP Trend Micro Smart Protection Server wcs_bwlists_handler command injection attempt (more info ...) | web-application-attack | ||||
| 59286 | SERVER-WEBAPP Trend Micro Control Manager Widget modDLPTemplateMatch_drildown directory traversal attempt (more info ...) | web-application-attack | ||||
| 59300 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1487 attack attempt (more info ...) | attempted-user | 2022-26061 | URL | ||
| 59301 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1487 attack attempt (more info ...) | attempted-user | 2022-26061 | URL | ||
| 59309 | SERVER-WEBAPP Symantec Web Gateway cross site scripting attempt (more info ...) | attempted-user | 2014-1652 | |||
| 59310 | SERVER-WEBAPP Symantec Web Gateway cross site scripting attempt (more info ...) | attempted-user | 2014-1652 | |||
| 59322 | SERVER-WEBAPP Advantech WISE-PaaS RMM UpgradeMgmt upload_ota arbitrary JSP file upload attempt (more info ...) | attempted-admin | 2019-13551 | |||
| 59332 | SERVER-WEBAPP Car Rental Management System local file inclusion attempt (more info ...) | web-application-attack | 2020-29227 | URL | ||
| 59335 | SERVER-WEBAPP Micro Focus GroupWise Admin Console cross site scripting attempt (more info ...) | attempted-user | 2016-5760 | |||
| 59336 | SERVER-WEBAPP Micro Focus GroupWise Admin Console cross site scripting attempt (more info ...) | web-application-attack | 2016-5760 | |||
| 59337 | SERVER-WEBAPP Micro Focus GroupWise Admin Console cross site scripting attempt (more info ...) | attempted-user | 2016-5760 | |||
| 59338 | SERVER-WEBAPP Micro Focus GroupWise Admin Console cross site scripting attempt (more info ...) | attempted-user | 2016-5760 | |||
| 59345 | SERVER-WEBAPP Oracle E-Business Suite Common Applications Calendar cross site scripting attempt (more info ...) | attempted-user | 2021-2114 | |||
| 59346 | SERVER-WEBAPP Oracle E-Business Suite Common Applications Calendar cross site scripting attempt (more info ...) | attempted-user | 2021-2114 | |||
| 59365 | SERVER-WEBAPP Twitter TwitterServer HistogramQueryHandler cross site scripting attempt (more info ...) | attempted-user | 2020-35774 | URL | ||
| 59366 | SERVER-WEBAPP SolarWinds Orion IPAM cross site scripting attempt (more info ...) | attempted-user | 2012-4939 | |||
| 59367 | SERVER-WEBAPP SolarWinds Orion IPAM cross site scripting attempt (more info ...) | attempted-user | 2012-4939 | |||
| 59406 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1502 attack attempt (more info ...) | policy-violation | 2022-27660 | URL | ||
| 59407 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1504 attack attempt (more info ...) | policy-violation | 2022-27630 | URL | ||
| 59408 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1503 attack attempt (more info ...) | policy-violation | 2022-27633 | URL | ||
| 59409 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1505 attack attempt (more info ...) | policy-violation | 2022-27185 | URL | ||
| 59410 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1507 attack attempt (more info ...) | policy-violation | 2022-26346 | URL | ||
| 59411 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1506 attack attempt (more info ...) | policy-violation | 2022-27178 | URL | ||
| 59412 | SERVER-WEBAPP Jenkins Gitlab Hook Plugin cross site scripting attempt (more info ...) | attempted-user | 2020-2096 | |||
| 59413 | SERVER-WEBAPP Jenkins Gitlab Hook Plugin cross site scripting attempt (more info ...) | attempted-user | 2020-2096 | |||
| 59414 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1495 attack attempt (more info ...) | policy-violation | 2022-26510 | URL | ||
| 59420 | MALWARE-CNC Win.Trojan.GraphSteel outbound connection (more info ...) | trojan-activity | URL | |||
| 59421 | MALWARE-CNC Win.Infostealer.MarsStealer outbound connection (more info ...) | trojan-activity | URL | |||
| 59423 | FILE-OTHER LAquis SCADA LGX report file parsing out-of-bounds write attempt (more info ...) | attempted-user | 2018-18986 | |||
| 59424 | FILE-OTHER LAquis SCADA LGX report arbitrary file write attempt (more info ...) | attempted-user | 2018-18988 | |||
| 59425 | FILE-OTHER LAquis SCADA LGX report arbitrary file write attempt (more info ...) | attempted-user | 2018-18988 | |||
| 59426 | SERVER-WEBAPP Red Hat JBoss BPM Suite Tasks List cross site scripting attempt (more info ...) | web-application-attack | 2017-2674 | |||
| 59427 | SERVER-WEBAPP Red Hat JBoss BPM Suite Tasks List cross site scripting attempt (more info ...) | web-application-attack | 2017-2674 | |||
| 59428 | FILE-OTHER OMRON CX-One CX-Protocol CSCU type confusion attempt (more info ...) | attempted-user | 2018-19027 | |||
| 59429 | FILE-OTHER OMRON CX-One CX-Protocol CSCU type confusion attempt (more info ...) | attempted-user | 2018-19027 | |||
| 59447 | PROTOCOL-SCADA WeCon LeviStudioU HFT font buffer overflow attempt (more info ...) | attempted-admin | 2020-16243 | |||
| 59458 | SERVER-OTHER strongSwan gmp plugin denial of service attempt (more info ...) | attempted-dos | 2017-11185 | |||
| 59459 | SERVER-OTHER strongSwan x509 plugin denial of service attempt (more info ...) | attempted-dos | 2017-9023 | |||
| 59460 | FILE-OTHER GNU Libextractor ZIP file comment out-of-bounds read attempt (more info ...) | attempted-dos | 2018-16430 | |||
| 59461 | FILE-OTHER GNU Libextractor ZIP file comment out-of-bounds read attempt (more info ...) | attempted-dos | 2018-16430 | |||
| 59462 | PROTOCOL-SCADA Rockwell Automation RSLinx Classic buffer overflow attempt (more info ...) | attempted-user | 2019-6553 | |||
| 59464 | SERVER-OTHER Squid Proxy ESI response processing denial of service attempt (more info ...) | attempted-dos | 2016-4555 | |||
| 59469 | FILE-IMAGE JasPer jp2_decode out of bounds read attempt (more info ...) | attempted-user | 2017-9782 | |||
| 59470 | FILE-IMAGE JasPer jp2_decode out of bounds read attempt (more info ...) | attempted-user | 2017-9782 | |||
| 59471 | SERVER-OTHER Qognify Ocularis Event Coordinator insecure deserialization attempt (more info ...) | attempted-admin | 2020-27868 | URL | ||
| 59484 | PROTOCOL-SCADA Schneider Electric IGSS update service arbitrary file read attempt (more info ...) | attempted-admin | 2020-7479 | URL | ||
| 59487 | FILE-IMAGE LibTIFF tiffcrop integer overflow attempt (more info ...) | attempted-user | 2016-9537 | |||
| 59488 | FILE-IMAGE LibTIFF tiffcrop integer overflow attempt (more info ...) | attempted-user | 2016-9537 | |||
| 59494 | SERVER-OTHER HPE Intelligent Management Center dbman decryptMsgAes buffer overflow attempt (more info ...) | attempted-user | 2018-7114 | |||
| 59495 | SERVER-WEBAPP pfSense ACME Package cross site scripting attempt (more info ...) | web-application-attack | 2019-12347 | URL | ||
| 59501 | MALWARE-CNC Win.Infostealer.ZingoStealer outbound connection (more info ...) | trojan-activity | URL | |||
| 59506 | FILE-OTHER Symantec Norton Antivirus ccScanw.dll Unpack ShortLZ memory corruption attempt (more info ...) | attempted-user | 2016-2207 | URL | ||
| 59537 | BROWSER-OTHER Electronic Arts Origin Client template injection attempt (more info ...) | attempted-user | 2019-11354 | |||
| 59542 | SERVER-OTHER Redis HyperLogLog hllSparseToDense heap buffer overflow attempt (more info ...) | attempted-user | 2019-10192 | |||
| 59543 | FILE-OTHER Red Lion Crimson CD3 file port list type confusion attempt (more info ...) | attempted-user | 2019-10996 | |||
| 59544 | FILE-OTHER Red Lion Crimson CD3 file port list type confusion attempt (more info ...) | attempted-user | 2019-10996 | |||
| 59545 | FILE-OTHER HP LoadRunner Controller Scenario file stack buffer overflow attempt (more info ...) | attempted-user | 2015-5426 | |||
| 59546 | FILE-OTHER HP LoadRunner Controller Scenario file stack buffer overflow attempt (more info ...) | attempted-user | 2015-5426 | |||
| 59547 | SERVER-OTHER REDIS HyperLogLog hllCount stack buffer overflow attempt (more info ...) | attempted-user | 2019-10193 | |||
| 59548 | FILE-IMAGE ImageMagick GIF comment off-by-one buffer overflow attempt (more info ...) | attempted-user | 2013-4298 | |||
| 59549 | FILE-IMAGE ImageMagick GIF comment off-by-one buffer overflow attempt (more info ...) | attempted-user | 2013-4298 | |||
| 59550 | SERVER-OTHER Quagga BGP daemon BGP capabilities parsing denial of service attempt (more info ...) | attempted-dos | 2018-5381 | |||
| 59551 | SERVER-OTHER Quagga BGP Daemon bgp_update_receive double free attempt (more info ...) | attempted-user | 2018-5379 | |||
| 59556 | PROTOCOL-SCADA RedLion cd3 untrusted pointer dereference attempt (more info ...) | attempted-user | 2019-10984 | |||
| 59557 | SERVER-WEBAPP Oracle WebLogic Server insecure deserialization exploit attempt (more info ...) | web-application-attack | 2020-2798 | URL | ||
| 59558 | SERVER-WEBAPP Oracle WebLogic Server insecure deserialization exploit attempt (more info ...) | web-application-attack | 2020-2963 | URL | ||
| 59559 | SERVER-OTHER NTPsec ntp_control null pointer dereference attempt (more info ...) | attempted-user | 2019-6445 | |||
| 59580 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (more info ...) | attempted-user | 2019-10947 | |||
| 59581 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (more info ...) | attempted-user | 2019-10947 | |||
| 59582 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (more info ...) | attempted-user | 2019-10947 | |||
| 59583 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor dpb PanelName stack buffer overflow attempt (more info ...) | attempted-user | 2019-10947 | |||
| 59586 | SERVER-OTHER TightVNC viewer rfbServerCutText handler integer overflow attempt (more info ...) | attempted-user | 2019-15678 | |||
| 59588 | POLICY-OTHER Omron device management request detected (more info ...) | policy-violation | URL | |||
| 59589 | POLICY-OTHER Omron EtherCAT request detected (more info ...) | policy-violation | URL | |||
| 59590 | POLICY-OTHER Omron system information request detected (more info ...) | policy-violation | URL | |||
| 59591 | POLICY-OTHER Omron device CPU state change request detected (more info ...) | policy-violation | URL | |||
| 59592 | POLICY-OTHER Omron device CPU clear memory request detected (more info ...) | policy-violation | URL | |||
| 59593 | POLICY-OTHER Omron device CPU reset request detected (more info ...) | policy-violation | URL | |||
| 59594 | POLICY-OTHER Omron FINS get info request detected (more info ...) | policy-violation | URL | |||
| 59595 | POLICY-OTHER OPCUA ReadRequest detected (more info ...) | policy-violation | URL | |||
| 59596 | POLICY-OTHER OPCUA WriteRequest detected (more info ...) | policy-violation | URL | |||
| 59598 | POLICY-OTHER OPCUA GetEndpointsRequest detected (more info ...) | policy-violation | URL | |||
| 59606 | SERVER-WEBAPP Smart Software Solutions CODESYS ControlService stack buffer overflow attempt (more info ...) | attempted-user | 2011-5007 | |||
| 59607 | MALWARE-CNC Doc.Dropper.Lazarus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59611 | SERVER-OTHER Free Software Foundation GnuTLS record application integer overflow attempt (more info ...) | attempted-admin | 2012-1573 | |||
| 59612 | SERVER-OTHER Squid Proxy ESI response denial of service attempt (more info ...) | denial-of-service | 2018-1000024 | URL | ||
| 59619 | SERVER-OTHER Facebook Fizz Plaintext Record Layer integer overflow denial of service attempt (more info ...) | attempted-dos | 2019-3560 | |||
| 59620 | PROTOCOL-VOIP Digium Asterisk chan_skinny SCCP session denial of service attempt (more info ...) | attempted-dos | 2017-17090 | URL | ||
| 59621 | PROTOCOL-VOIP Digium Asterisk chan_skinny SCCP session denial of service attempt (more info ...) | attempted-dos | 2017-17090 | URL | ||
| 59622 | MALWARE-CNC Win.Downloader.PlugX outbound connection (more info ...) | trojan-activity | URL | |||
| 59623 | MALWARE-CNC Win.Downloader.PlugX outbound connection (more info ...) | trojan-activity | URL | |||
| 59624 | MALWARE-CNC Win.Downloader.PlugX outbound connection (more info ...) | trojan-activity | URL | |||
| 59625 | MALWARE-CNC Win.Downloader.PlugX download attempt (more info ...) | trojan-activity | URL | |||
| 59628 | SERVER-OTHER IBM Tivoli Storage Manager Fastback remote code execution attempt (more info ...) | attempted-admin | 2015-1953 | URL | ||
| 59629 | SERVER-OTHER TurboVNC fence message stack based buffer overflow attempt (more info ...) | attempted-user | 2019-15683 | URL | ||
| 59630 | PROTOCOL-TELNET CHIYU IoT device authentication bypass attempt (more info ...) | attempted-user | 2021-31251 | URL | ||
| 59631 | SERVER-OTHER LibVNC LibVNCClient heap buffer overflow attempt (more info ...) | attempted-user | 2018-20020 | |||
| 59634 | SERVER-OTHER Quagga BGP daemon BGP UPDATE message out-of-bounds read attempt (more info ...) | attempted-dos | 2018-5378 | |||
| 59635 | SERVER-OTHER NLNet Labs Unbound NOTIFY denial of service attempt (more info ...) | attempted-dos | 2019-16866 | |||
| 59646 | SERVER-OTHER OpenSSL X509_cmp_time out of bounds read attempt (more info ...) | attempted-dos | 2015-1789 | URL | ||
| 59657 | POLICY-OTHER Red Hat 389 Directory Server Server-Side-Sort denial of service attempt (more info ...) | attempted-dos | 2018-10935 | |||
| 59672 | SERVER-OTHER TightVNC vncviewer HandleCoRREBPP buffer overflow attempt (more info ...) | attempted-user | 2019-8287 | |||
| 59673 | SERVER-OTHER EMC Data Protection Advisor default credential attempt (more info ...) | attempted-admin | 2017-8013 | |||
| 59674 | SERVER-OTHER EMC Data Protection Advisor default credential attempt (more info ...) | attempted-admin | 2017-8013 | |||
| 59675 | SERVER-OTHER EMC Data Protection Advisor default credential attempt (more info ...) | attempted-admin | 2017-8013 | |||
| 59676 | SERVER-OTHER HP Enterprise Intelligent Management Center dbman stack-based buffer attempt (more info ...) | attempted-admin | 2017-8956 | URL | ||
| 59677 | SERVER-OTHER Delta Electronics Delta Industrial Automation COMMGR 1.08 stack buffer overflow attempt (more info ...) | attempted-user | 2018-10594 | |||
| 59682 | SERVER-OTHER Red Hat Directory Server vslapd denial of service attempt (more info ...) | attempted-dos | 2018-14624 | |||
| 59683 | SERVER-OTHER Red Hat Directory Server vslapd denial of service attempt (more info ...) | attempted-dos | 2018-14624 | |||
| 59684 | SERVER-OTHER Red Hat Directory Server vslapd denial of service attempt (more info ...) | attempted-dos | 2018-14624 | |||
| 59685 | SERVER-OTHER Red Hat Directory Server vslapd denial of service attempt (more info ...) | attempted-dos | 2018-14624 | |||
| 59686 | SERVER-OTHER Red Hat Directory Server vslapd denial of service attempt (more info ...) | attempted-dos | 2018-14624 | |||
| 59689 | SERVER-OTHER Advantech Webaccess BwPAlarm.dll buffer overflow attempt (more info ...) | attempted-user | 2018-18999 | |||
| 59691 | SERVER-OTHER Quagga BGP Daemon bgp_update_receive double free attempt (more info ...) | attempted-user | 2018-5379 | |||
| 59697 | FILE-IMAGE Apple CUPS gif_read_lzw heap buffer overflow attempt (more info ...) | attempted-user | 2011-3170 | |||
| 59698 | FILE-IMAGE Apple CUPS gif_read_lzw heap buffer overflow attempt (more info ...) | attempted-user | 2011-3170 | |||
| 59700 | POLICY-OTHER Golang get remote command execution attempt (more info ...) | attempted-user | 2018-16873 | URL | ||
| 59701 | POLICY-OTHER Golang get remote command execution attempt (more info ...) | attempted-user | 2018-16873 | URL | ||
| 59702 | POLICY-OTHER Golang get remote command execution attempt (more info ...) | attempted-user | 2018-16873 | URL | ||
| 59703 | POLICY-OTHER Golang get remote command execution attempt (more info ...) | attempted-user | 2018-16873 | URL | ||
| 59704 | POLICY-OTHER Golang get remote command execution attempt (more info ...) | attempted-user | 2018-16873 | URL | ||
| 59705 | SERVER-WEBAPP vBulletin cross-site scripting attempt (more info ...) | web-application-attack | URL | |||
| 59706 | SERVER-WEBAPP vBulletin cross-site scripting attempt (more info ...) | web-application-attack | URL | |||
| 59714 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 59715 | FILE-IMAGE Directshow GIF logical height overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 59716 | FILE-IMAGE Directshow GIF logical width overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 59717 | FILE-IMAGE Directshow GIF logical width overflow attempt (more info ...) | attempted-user | 2013-3174 | |||
| 59732 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1513 attack attempt (more info ...) | policy-violation | 2022-26833 | URL | ||
| 59736 | MALWARE-CNC Win.Trojan.ZxxZ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59752 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59753 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59754 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59755 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59756 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59757 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59758 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59759 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59760 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59761 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59762 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59763 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59764 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59765 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59766 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59767 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59768 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59769 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59770 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59771 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59772 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59773 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59774 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59775 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59776 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59777 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59778 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59779 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59780 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59781 | FILE-OTHER Info-ZIP Unzip malformed extra field buffer overflow attempt (more info ...) | attempted-admin | 2014-9636 | |||
| 59787 | PROTOCOL-SCADA VIPA Automation WinPLC7 buffer overflow attempt (more info ...) | attempted-user | 2017-5177 | |||
| 59788 | FILE-OTHER ABB Panel Builder BeModBus CommandLineOptions stack-based buffer overflow attempt (more info ...) | attempted-user | 2018-10616 | |||
| 59789 | FILE-OTHER ABB Panel Builder BeModBus CommandLineOptions stack-based buffer overflow attempt (more info ...) | attempted-user | 2018-10616 | |||
| 59792 | SERVER-OTHER ISC BIND lightweight resolver protocol denial of service (more info ...) | attempted-dos | 2016-2775 | |||
| 59795 | POLICY-OTHER IBM Data Risk Management administrative login attempt (more info ...) | attempted-admin | 2020-4427 | |||
| 59797 | SERVER-OTHER NetGain Enterprise Manager arbitrary RMI registry insecure deserialization attempt (more info ...) | attempted-user | 2017-17406 | |||
| 59798 | SERVER-OTHER NetGain Enterprise Manager arbitrary RMI registry insecure deserialization attempt (more info ...) | attempted-user | 2017-17406 | |||
| 59799 | SERVER-OTHER NetGain Enterprise Manager arbitrary RMI registry insecure deserialization attempt (more info ...) | attempted-user | 2017-17406 | |||
| 59802 | SERVER-OTHER LibVNCClient FramebufferUpdate Rectangle heap buffer overflow attempt (more info ...) | attempted-user | 2016-9941 | URL | ||
| 59803 | SERVER-OTHER LibVNCClient FramebufferUpdate Rectangle heap buffer overflow attempt (more info ...) | attempted-user | 2016-9941 | URL | ||
| 59825 | SERVER-OTHER OpenVPN read_key buffer overflow attempt (more info ...) | attempted-user | 2017-12166 | URL | ||
| 59833 | SERVER-MAIL Dovecot denial of service attempt (more info ...) | attempted-dos | 2016-8652 | |||
| 59834 | SERVER-MAIL Dovecot denial of service attempt (more info ...) | attempted-dos | 2016-8652 | |||
| 59835 | SERVER-MAIL Dovecot denial of service attempt (more info ...) | attempted-dos | 2016-8652 | |||
| 59842 | SERVER-OTHER ISC BIND rndc control channel denial of service attempt (more info ...) | attempted-dos | 2017-3138 | URL | ||
| 59846 | SERVER-OTHER HP LoadRunner mxdr_string heap buffer overflow attempt (more info ...) | attempted-user | 2017-5789 | URL | ||
| 59847 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor DPB GIFFILE stack buffer overflow attempt (more info ...) | attempted-user | 2020-7002 | URL | ||
| 59848 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor DPB GIFFILE stack buffer overflow attempt (more info ...) | attempted-user | 2020-7002 | URL | ||
| 59850 | FILE-OTHER Eaton HMiSoft VU3 GIFFILE stack buffer overflow attempt (more info ...) | attempted-user | 2020-10639 | |||
| 59852 | SERVER-ORACLE Oracle WebLogic Server IIOP JNDI injection attempt (more info ...) | attempted-user | 2020-14841 | URL | ||
| 59855 | FILE-OTHER Delta Industrial Automation CNCSoft ScreenEditor stack buffer overflow attempt (more info ...) | attempted-user | 2020-16199 | |||
| 59857 | FILE-OTHER Omron CX-One CX-Programmer malicious cxp file download attempt (more info ...) | attempted-user | 2019-6556 | |||
| 59860 | FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (more info ...) | attempted-user | 2011-3834 | URL | ||
| 59861 | FILE-MULTIMEDIA AVI file chunk length integer overflow attempt (more info ...) | attempted-user | 2011-3834 | URL | ||
| 59868 | OS-WINDOWS DHCP failover relationship name denial of service attempt (more info ...) | attempted-dos | 2019-1206 | URL | ||
| 59869 | FILE-OTHER Phoenix Contact Automationworx PLCOpen XML stack buffer overflow attempt (more info ...) | attempted-user | 2020-12497 | |||
| 59870 | FILE-OTHER Phoenix Contact Automationworx PLCOpen XML stack buffer overflow attempt (more info ...) | attempted-user | 2020-12497 | |||
| 59871 | SERVER-OTHER ISC DHCP TCP session exhaustion denial of service attempt (more info ...) | attempted-dos | 2016-2774 | |||
| 59872 | FILE-OTHER Fatek Automation PLC WinProladder Tab stack buffer overflow attempt (more info ...) | attempted-user | 2020-16234 | |||
| 59879 | SERVER-OTHER OpenSSL SRP ciphersuite detected (more info ...) | protocol-command-decode | 2014-3512 | URL | ||
| 59880 | SERVER-OTHER OpenSSL SRP heap buffer overflow attempt (more info ...) | attempted-admin | 2014-3512 | URL | ||
| 59882 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1518 attack attempt (more info ...) | policy-violation | 2022-29481 | URL | ||
| 59883 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1521 attack attempt (more info ...) | policy-violation | 2022-28689 | URL | ||
| 59884 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1520 attack attempt (more info ...) | policy-violation | 2022-26023 | URL | ||
| 59885 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1519 attack attempt (more info ...) | attempted-admin | 2022-30543 | URL | ||
| 59887 | SERVER-WEBAPP HAProxy HTTP2 HPACK out of bounds write attempt (more info ...) | web-application-attack | 2020-11100 | URL | ||
| 59888 | SERVER-WEBAPP HAProxy HTTP2 HPACK out of bounds write attempt (more info ...) | web-application-attack | 2020-11100 | URL | ||
| 59896 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59897 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59898 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59899 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59900 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59901 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59902 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59903 | MALWARE-CNC Andr.Trojan.WolfRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 59907 | SERVER-WEBAPP Eaton Intelligent Power Manager directory traversal attempt (more info ...) | web-application-attack | 2018-12031 | |||
| 59908 | SERVER-WEBAPP Eaton Intelligent Power Manager directory traversal attempt (more info ...) | web-application-attack | 2018-12031 | |||
| 59909 | SERVER-WEBAPP Eaton Intelligent Power Manager directory traversal attempt (more info ...) | web-application-attack | 2018-12031 | |||
| 59917 | SERVER-WEBAPP QNAP NAS Surveillance Station plugin buffer overflow attempt (more info ...) | attempted-user | 2021-28797 | |||
| 59918 | SERVER-WEBAPP QNAP NAS Surveillance Station plugin buffer overflow attempt (more info ...) | attempted-user | 2021-28797 | |||
| 59935 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59936 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59937 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59938 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 59975 | SERVER-WEBAPP Git client path validation command execution attempt (more info ...) | attempted-user | 2014-9390 | |||
| 59980 | SERVER-WEBAPP Splunk search directory traversal attempt (more info ...) | web-application-attack | 2022-26889 | URL | ||
| 59981 | SERVER-WEBAPP Splunk search directory traversal attempt (more info ...) | web-application-attack | 2022-26889 | URL | ||
| 60049 | MALWARE-CNC Win.Rootkit.Daxin HTTP Tunneling attempt (more info ...) | trojan-activity | URL | |||
| 60053 | MALWARE-CNC Win.Trojan.DarkVNC variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60057 | MALWARE-CNC Win.Trojan.Qakbot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60058 | SERVER-OTHER Hewlett Packard Enterprise Intelligent Management Center imiccdm service directory traversal file write attempt (more info ...) | attempted-user | 2018-7102 | |||
| 60059 | MALWARE-CNC Win.Trojan.Gallium variant outbound beaconing attempt (more info ...) | trojan-activity | URL | |||
| 60060 | MALWARE-CNC Win.Trojan.Gallium variant outbound beaconing attempt (more info ...) | trojan-activity | URL | |||
| 60061 | MALWARE-CNC Win.Trojan.Gallium variant outbound beaconing attempt (more info ...) | trojan-activity | URL | |||
| 60066 | SERVER-WEBAPP Parallels H-Sphere cross site scripting attempt (more info ...) | attempted-user | 2022-30777 | |||
| 60067 | SERVER-WEBAPP Parallels H-Sphere cross site scripting attempt (more info ...) | attempted-user | 2022-30777 | |||
| 60068 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60069 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60070 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60081 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60082 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60083 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60084 | SERVER-WEBAPP Trend Micro InterScan Web Security Virtual Appliance command injection attempt (more info ...) | web-application-attack | ||||
| 60088 | SERVER-WEBAPP Kaseya VSA cross site scripting attempt (more info ...) | attempted-user | 2021-30119 | |||
| 60089 | SERVER-WEBAPP Kaseya VSA cross site scripting attempt (more info ...) | attempted-user | 2021-30119 | |||
| 60090 | SERVER-WEBAPP Kaseya VSA cross site scripting attempt (more info ...) | attempted-user | 2021-30119 | |||
| 60091 | SERVER-WEBAPP Kaseya VSA cross site scripting attempt (more info ...) | attempted-user | 2021-30119 | |||
| 60104 | SERVER-WEBAPP PlaySMS unauthenticated template injection attempt (more info ...) | attempted-user | 2020-8664 | |||
| 60115 | FILE-OTHER Fuji Electric Frenic Loader stack-based buffer overflow attempt (more info ...) | attempted-user | 2018-14802 | |||
| 60116 | FILE-OTHER Fuji Electric Frenic Loader stack-based buffer overflow attempt (more info ...) | attempted-user | 2018-14802 | |||
| 60118 | SERVER-WEBAPP Kaseya VSA XML external entity injection attempt (more info ...) | web-application-attack | 2021-30201 | |||
| 60180 | MALWARE-CNC Win.Trojan.CrimsonRAT outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60181 | MALWARE-CNC Win.Trojan.CrimsonRAT outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60182 | MALWARE-CNC Win.Trojan.CrimsonRAT outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60183 | MALWARE-CNC Win.Trojan.CrimsonRAT outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60185 | FILE-OTHER Wecon LeviStudioU DataLogTool history curve set stack-based buffer overflow attempt (more info ...) | attempted-user | 2019-6537 | |||
| 60186 | FILE-OTHER Wecon LeviStudioU DataLogTool history curve set stack-based buffer overflow attempt (more info ...) | attempted-user | 2019-6537 | |||
| 60189 | FILE-OTHER Wecon LeviStudioU DataLogTool history curve set stack-based buffer overflow attempt (more info ...) | attempted-user | 2019-6537 | |||
| 60190 | FILE-OTHER Wecon LeviStudioU DataLogTool history curve set stack-based buffer overflow attempt (more info ...) | attempted-user | 2019-6537 | |||
| 60193 | SERVER-WEBAPP Tenda Router SetIPv6Status command injection attempt (more info ...) | web-application-attack | 2022-28572 | |||
| 60194 | SERVER-WEBAPP Tenda Router SetIPv6Status command injection attempt (more info ...) | web-application-attack | 2022-28572 | |||
| 60195 | SERVER-WEBAPP Tenda Router SetIPv6Status command injection attempt (more info ...) | web-application-attack | 2022-28572 | |||
| 60196 | SERVER-WEBAPP Tenda Router SetIPv6Status command injection attempt (more info ...) | web-application-attack | 2022-28572 | |||
| 60212 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1552 attack attempt (more info ...) | policy-violation | 2022-27805 | URL | ||
| 60215 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1553 attack attempt (more info ...) | policy-violation | 2022-29475 | URL | ||
| 60216 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1553 attack attempt (more info ...) | policy-violation | 2022-29475 | URL | ||
| 60228 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1526 attack attempt (more info ...) | attempted-user | 2022-29465 | URL | ||
| 60229 | FILE-IMAGE TRUFFLEHUNTER TALOS-2022-1526 attack attempt (more info ...) | attempted-user | 2022-29465 | URL | ||
| 60243 | SERVER-WEBAPP Accellion FTA SSRF to command injection attempt (more info ...) | attempted-user | 2021-27102 | URL | ||
| 60245 | FILE-OTHER McAfee Total Protection MTP arbitrary process execution attempt (more info ...) | attempted-admin | 2021-23874 | |||
| 60246 | FILE-OTHER McAfee Total Protection MTP arbitrary process execution attempt (more info ...) | attempted-admin | 2021-23874 | |||
| 60264 | MALWARE-CNC Win.Backdoor.TreeTrunk outbound connection (more info ...) | trojan-activity | URL | |||
| 60266 | MALWARE-CNC Win.Backdoor.TreeTrunk outbound connection (more info ...) | trojan-activity | URL | |||
| 60268 | MALWARE-CNC Win.Backdoor.TreeTrunk outbound connection (more info ...) | trojan-activity | URL | |||
| 60269 | MALWARE-CNC Win.Backdoor.TreeTrunk outbound connection (more info ...) | trojan-activity | URL | |||
| 60270 | MALWARE-CNC Win.Backdoor.TreeTrunk outbound connection (more info ...) | trojan-activity | URL | |||
| 60271 | POLICY-OTHER Docker container registry access detected (more info ...) | policy-violation | 2022-20858 | URL | ||
| 60272 | POLICY-OTHER Docker container registry access detected (more info ...) | policy-violation | 2022-20858 | URL | ||
| 60275 | MALWARE-CNC Win.Trojan.Manjusaka outbound connection (more info ...) | trojan-activity | ||||
| 60289 | SERVER-WEBAPP PrimeTek PrimeFaces plugin expression language injection attempt (more info ...) | attempted-user | 2017-1000486 | |||
| 60312 | FILE-OTHER Omron CX-Supervisor malicious project file download attempt (more info ...) | attempted-user | 2018-19015 | |||
| 60313 | FILE-OTHER Omron CX-Supervisor malicious project file download attempt (more info ...) | attempted-user | 2018-19015 | |||
| 60318 | SERVER-WEBAPP Pi-hole AdminLTE AddMAC authenticated command injection attempt (more info ...) | attempted-user | 2020-8816 | URL | ||
| 60319 | SERVER-OTHER TeamSpeak Server denial of service attempt (more info ...) | attempted-dos | URL | |||
| 60320 | SERVER-OTHER AmongUs Game Server denial of service attempt (more info ...) | attempted-dos | URL | |||
| 60321 | SERVER-OTHER Garry Mod Physics Sandbox denial of service attempt (more info ...) | attempted-dos | URL | |||
| 60322 | SERVER-OTHER Valve Source Engine Query denial of service attempt (more info ...) | attempted-dos | URL | |||
| 60323 | SERVER-OTHER Counter-Strike Global Offensive denial of service attempt (more info ...) | attempted-dos | URL | |||
| 60324 | MALWARE-CNC MultiOS.Trojan.DarkUtilities variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60325 | MALWARE-CNC MultiOS.Trojan.DarkUtilities variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60330 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1583 attack attempt (more info ...) | attempted-admin | 2022-35878 | URL | ||
| 60331 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1583 attack attempt (more info ...) | attempted-admin | 2022-35878 | URL | ||
| 60341 | SERVER-WEBAPP DELL EMC Avamar ADMe information disclosure attempt (more info ...) | web-application-attack | 2019-3737 | |||
| 60342 | SERVER-WEBAPP DELL EMC Avamar ADMe information disclosure attempt (more info ...) | web-application-attack | 2019-3737 | |||
| 60343 | SERVER-WEBAPP DELL EMC Avamar ADMe information disclosure attempt (more info ...) | web-application-attack | 2019-3737 | |||
| 60346 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SolutionSearch.do cross site scripting attempt (more info ...) | web-application-attack | 2019-12541 | |||
| 60347 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SolutionSearch.do cross site scripting attempt (more info ...) | web-application-attack | 2019-12541 | |||
| 60348 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SearchN.do cross site scripting attempt (more info ...) | web-application-attack | 2019-12542 | |||
| 60349 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SearchN.do cross site scripting attempt (more info ...) | web-application-attack | 2019-12542 | |||
| 60350 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus SolutionSearch.do cross site scripting attempt (more info ...) | web-application-attack | 2019-12543 | |||
| 60351 | SERVER-WEBAPP Zoho ManageEngine ServiceDesk Plus PurchaseRequest.do cross site scripting attempt (more info ...) | web-application-attack | 2019-12543 | |||
| 60392 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1580 attack attempt (more info ...) | policy-violation | 2022-34845 | URL | ||
| 60393 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1575 attack attempt (more info ...) | attempted-dos | 2022-35271 | URL | ||
| 60428 | MALWARE-CNC Win.Trojan.BoratRat outbound connection request (more info ...) | trojan-activity | URL | |||
| 60433 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1587 attack attempt (more info ...) | policy-violation | URL | |||
| 60435 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2018-10602 | |||
| 60436 | SERVER-WEBAPP WECON LeviStudio multiple xml parameter overflows attempt (more info ...) | attempted-admin | 2018-10602 | |||
| 60437 | MALWARE-CNC Win.Trojan.ModernLoader inbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60438 | MALWARE-CNC Win.Trojan.ModernLoader inbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60439 | MALWARE-CNC Win.Trojan.ModernLoader outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60440 | MALWARE-CNC Win.Trojan.ModernLoader outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60450 | MALWARE-CNC Win.Trojan.SVCReady outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60454 | SERVER-WEBAPP Zimbra Calendar cross site scripting attempt (more info ...) | attempted-user | 2022-24682 | |||
| 60459 | MALWARE-CNC Win.Malware.VSingle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60460 | MALWARE-CNC Win.Malware.VSingle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60461 | MALWARE-CNC Win.Malware.VSingle variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60462 | MALWARE-CNC Win.Backdoor.YamaBot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60463 | MALWARE-CNC Win.Backdoor.TigerRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60464 | MALWARE-CNC Win.Backdoor.TigerRAT variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60507 | MALWARE-CNC Win.Trojan.Matanbuchus payload download attempt (more info ...) | trojan-activity | URL | |||
| 60508 | MALWARE-CNC Win.Trojan.Matanbuchus malicious transfer attempt (more info ...) | trojan-activity | URL | |||
| 60516 | MALWARE-CNC Win.Trojan.IcedID download attempt (more info ...) | trojan-activity | URL | |||
| 60517 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60518 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60519 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60520 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60521 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60522 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60523 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60524 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60525 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60526 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60527 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60528 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60529 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60530 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60531 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60532 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60533 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60534 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60535 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60536 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60537 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60538 | MALWARE-CNC Lnk.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60539 | MALWARE-CNC Doc.Dropper.Gamaredon malicious download attempt (more info ...) | trojan-activity | URL | |||
| 60573 | POLICY-OTHER Nortek Linear eMerge E3-Series information disclosure attempt (more info ...) | policy-violation | 2022-31269 | |||
| 60574 | OS-OTHER Apple OS X rootpipe privilege escalation attempt (more info ...) | attempted-admin | 2015-1130 | URL | ||
| 60575 | OS-OTHER Apple OS X rootpipe privilege escalation attempt (more info ...) | attempted-admin | 2015-1130 | URL | ||
| 60576 | OS-MOBILE GingerBreak escalation of privilege attempt (more info ...) | attempted-admin | 2011-1823 | URL | ||
| 60577 | OS-MOBILE GingerBreak escalation of privilege attempt (more info ...) | attempted-admin | 2011-1823 | URL | ||
| 60584 | MALWARE-CNC Perl.Webshell.GammaShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60585 | MALWARE-CNC Perl.Webshell.GammaShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60586 | MALWARE-CNC Perl.Webshell.GammaShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60587 | MALWARE-CNC Perl.Webshell.GammaShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60590 | MALWARE-CNC Perl.Webshell.GoShell inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60591 | MALWARE-CNC Perl.Webshell.GoShell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60599 | POLICY-OTHER FortiGate and FortiADC LDAP Connectivity Test credential leak attempt (more info ...) | policy-violation | 2018-13374 | |||
| 60602 | OS-MOBILE Mali GPU memory alias privilege escalation attempt (more info ...) | attempted-admin | 2022-38181 | URL | ||
| 60603 | OS-MOBILE Mali GPU memory alias privilege escalation attempt (more info ...) | attempted-admin | 2022-38181 | URL | ||
| 60625 | OS-OTHER Apple Mac iOS IOKit keyboard driver privilege escalation attempt (more info ...) | attempted-admin | 2014-4404 | |||
| 60626 | OS-OTHER Apple Mac iOS IOKit keyboard driver privilege escalation attempt (more info ...) | attempted-admin | 2014-4404 | |||
| 60630 | SERVER-WEBAPP Sickbeard URI parameter remote command injection attempt (more info ...) | attempted-user | URL | |||
| 60631 | SERVER-WEBAPP Sickbeard URI parameter remote command injection attempt (more info ...) | attempted-user | URL | |||
| 60638 | MALWARE-CNC Win.Backdoor.Agent inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60639 | MALWARE-CNC Win.Backdoor.Agent inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60641 | MALWARE-CNC MultiOS.Backdoor.Agent inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60645 | BROWSER-OTHER WhatsApp Desktop persistent cross-site scripting attempt (more info ...) | attempted-user | 2019-18426 | |||
| 60665 | OS-MOBILE Android ACDB driver ioctl overflow attempt (more info ...) | attempted-admin | 2013-2597 | URL | ||
| 60666 | OS-MOBILE Android ACDB driver ioctl overflow attempt (more info ...) | attempted-admin | 2013-2597 | URL | ||
| 60668 | OS-WINDOWS Virtual Box kernel address tampering attempt (more info ...) | attempted-admin | 2008-3431 | URL | ||
| 60669 | OS-WINDOWS Virtual Box kernel address tampering attempt (more info ...) | attempted-admin | 2008-3431 | URL | ||
| 60681 | OS-MOBILE Android sk_buff use-after-free attempt (more info ...) | attempted-admin | 2021-0920 | URL | ||
| 60682 | OS-MOBILE Android sk_buff use-after-free attempt (more info ...) | attempted-admin | 2021-0920 | URL | ||
| 60690 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1617 attack attempt (more info ...) | attempted-user | 2022-40983 | URL | ||
| 60691 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1617 attack attempt (more info ...) | attempted-user | 2022-40983 | URL | ||
| 60692 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1613 attack attempt (more info ...) | policy-violation | 2022-41030 | URL | ||
| 60728 | MALWARE-CNC Win.Trojan.HannabiGrabber info stealer outbound communication (more info ...) | trojan-activity | URL | |||
| 60732 | SERVER-OTHER Acme mini_httpd 1.18 escape sequence command injection attempt (more info ...) | attempted-user | 2009-4490 | |||
| 60743 | SERVER-WEBAPP Multiple products OpenSSL c_rehash command injection attempt (more info ...) | web-application-attack | 2022-1292 | |||
| 60744 | SERVER-WEBAPP Multiple products OpenSSL c_rehash command injection attempt (more info ...) | web-application-attack | 2022-1292 | |||
| 60745 | SERVER-WEBAPP Multiple products OpenSSL c_rehash command injection attempt (more info ...) | web-application-attack | 2022-1292 | |||
| 60748 | MALWARE-CNC Win.Infostealer.MetaStealer outbound connection (more info ...) | trojan-activity | URL | |||
| 60749 | MALWARE-CNC Win.Infostealer.MetaStealer outbound connection (more info ...) | trojan-activity | URL | |||
| 60755 | MALWARE-CNC Win.Trojan.Astaroth outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60756 | MALWARE-CNC Win.Trojan.Astaroth outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60759 | MALWARE-CNC Ppt.Downloader.Wirte outbound connection (more info ...) | trojan-activity | URL | |||
| 60794 | MALWARE-CNC Win.InfoStealer.Raccoon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60795 | MALWARE-CNC Win.InfoStealer.Raccoon variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60828 | MALWARE-CNC Win.Backdoor.Hoaxshell outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60835 | MALWARE-CNC Win.Trojan.TurlaMosquito outbound connection (more info ...) | trojan-activity | URL | |||
| 60836 | MALWARE-CNC Win.Trojan.TurlaMosquito outbound connection (more info ...) | trojan-activity | URL | |||
| 60843 | MALWARE-CNC Win.Backdoor.TurlaMosquito outbound connection (more info ...) | trojan-activity | URL | |||
| 60844 | MALWARE-CNC Win.Backdoor.Truebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60845 | MALWARE-CNC Win.Backdoor.Truebot variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60846 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1615 attack attempt (more info ...) | attempted-admin | 2022-38066 | URL | ||
| 60847 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2022-1615 attack attempt (more info ...) | attempted-admin | 2022-38066 | URL | ||
| 60853 | INDICATOR-COMPROMISE JXPath remote code execution attempt (more info ...) | web-application-attack | 2022-41852 | URL | ||
| 60854 | INDICATOR-COMPROMISE JXPath remote code execution attempt (more info ...) | web-application-attack | 2022-41852 | URL | ||
| 60855 | SERVER-WEBAPP JXPath remote code execution attempt (more info ...) | web-application-attack | 2022-41852 | URL | ||
| 60858 | SERVER-WEBAPP Zimbra ZmMailMsgView.getAttachmentLinkHtml XSS attempt (more info ...) | web-application-attack | 2018-6882 | URL | ||
| 60859 | SERVER-WEBAPP D-Link DSL-2760U Web-UI WiFi SSID cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60860 | SERVER-WEBAPP D-Link DSL-2760U Web-UI WiFi SSID cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60861 | SERVER-WEBAPP D-Link DSL-2760U Web-UI SAMBA Configuration cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60862 | SERVER-WEBAPP D-Link DSL-2760U Web-UI SAMBA Configuration cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60863 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Printer Server cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60864 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Printer Server cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60865 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Policy Routing cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60866 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Policy Routing cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60867 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Incoming IP Filter cross site scripting attempt (more info ...) | attempted-user | 2013-5223 | URL | ||
| 60868 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Incoming IP Filter cross site scripting attempt (more info ...) | attempted-user | 2013-5223 | URL | ||
| 60869 | SERVER-WEBAPP D-Link DSL-2760U Web-UI SNMP cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60870 | SERVER-WEBAPP D-Link DSL-2760U Web-UI SNMP cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60871 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Interface Grouping cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60872 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Interface Grouping cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60873 | SERVER-WEBAPP D-Link DSL-2760U Web-UI IP Filtering cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60874 | SERVER-WEBAPP D-Link DSL-2760U Web-UI IP Filtering cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60875 | SERVER-WEBAPP D-Link DSL-2760U Web-UI NAT Port Triggering cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60876 | SERVER-WEBAPP D-Link DSL-2760U Web-UI NAT Port Triggering cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60877 | SERVER-WEBAPP D-Link DSL-2760U Web-UI URL Filtering cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60878 | SERVER-WEBAPP D-Link DSL-2760U Web-UI URL Filtering cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60879 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Parental Control cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60880 | SERVER-WEBAPP D-Link DSL-2760U Web-UI Parental Control cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60883 | SERVER-WEBAPP D-Link DSL-2760U Web-UI NTS Settings cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60884 | SERVER-WEBAPP D-Link DSL-2760U Web-UI NTS Settings cross site scripting attempt (more info ...) | web-application-attack | 2013-5223 | URL | ||
| 60889 | SERVER-WEBAPP ES File Explorer File Manager policy bypass attempt (more info ...) | web-application-attack | 2019-6447 | URL | ||
| 60890 | SERVER-WEBAPP ES File Explorer File Manager policy bypass attempt (more info ...) | web-application-attack | 2019-6447 | URL | ||
| 60891 | MALWARE-OTHER Doc.Downloader.MetaStealer file download attempt (more info ...) | trojan-activity | URL | |||
| 60892 | MALWARE-OTHER Doc.Downloader.MetaStealer file download attempt (more info ...) | trojan-activity | URL | |||
| 60902 | MALWARE-CNC Win.Infostealer.MetaStealer variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60903 | MALWARE-CNC Xls.Downloader.AXQ variant outbound connection (more info ...) | trojan-activity | URL | |||
| 60906 | POLICY-OTHER SAP NetWeaver JWFTestAddAssignees potential disclosure vulnerable page (more info ...) | policy-violation | 2016-2388 | URL | ||
| 60910 | SERVER-WEBAPP TP-Link Router Web Server directory traversal attempt (more info ...) | web-application-attack | 2015-3035 | URL | ||
| 60911 | SERVER-WEBAPP TP-Link Router Web Server directory traversal attempt (more info ...) | web-application-attack | 2015-3035 | URL | ||
| 60912 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1650 attack attempt (more info ...) | attempted-user | 2022-43591 | URL | ||
| 60913 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1650 attack attempt (more info ...) | attempted-user | 2022-43591 | URL | ||
| 60914 | POLICY-OTHER TRUFFLEHUNTER TALOS-2022-1612 attack attempt (more info ...) | policy-violation | 2022-40220 | URL | ||
| 60934 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1659 attack attempt (more info ...) | attempted-dos | 2023-23539 | URL | ||
| 60935 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1659 attack attempt (more info ...) | attempted-dos | 2023-23539 | URL | ||
| 60936 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1659 attack attempt (more info ...) | attempted-dos | 2023-23539 | URL | ||
| 60937 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1659 attack attempt (more info ...) | attempted-dos | 2023-23539 | URL | ||
| 60938 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1658 attack attempt (more info ...) | attempted-user | URL | |||
| 60939 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1658 attack attempt (more info ...) | attempted-user | URL | |||
| 60940 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1658 attack attempt (more info ...) | attempted-user | URL | |||
| 60941 | SERVER-OTHER TRUFFLEHUNTER TALOS-2022-1658 attack attempt (more info ...) | attempted-user | URL | |||
| 60943 | MALWARE-CNC Win.Trojan.Gamaredon outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 60962 | MALWARE-TOOLS Win.Dropper.KopiLuwak browser extension download attempt (more info ...) | trojan-activity | URL | |||
| 60963 | MALWARE-TOOLS Win.Dropper.KopiLuwak browser extension download attempt (more info ...) | trojan-activity | URL | |||
| 60976 | INDICATOR-COMPROMISE VMware vSphere Client vROps plugin potential server side request forgery attempt (more info ...) | web-application-attack | 2021-21973 | URL | ||
| 60979 | MALWARE-CNC Win.Trojan.FormBook malicious XLL outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60980 | MALWARE-CNC Win.Trojan.FormBook malicious XLL outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60981 | MALWARE-CNC Win.Trojan.FormBook malicious XLL outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 60982 | MALWARE-CNC Win.Ransomware.Royal variant network share readme file detected (more info ...) | trojan-activity | URL | |||
| 61004 | POLICY-OTHER Oracle Access Manager deprecated OpenSSO access attempt (more info ...) | attempted-user | 2021-35587 | URL | ||
| 61005 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1667 attack attempt (more info ...) | attempted-user | 2022-41793 | URL | ||
| 61006 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1667 attack attempt (more info ...) | attempted-user | 2022-41793 | URL | ||
| 61007 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1672 attack attempt (more info ...) | attempted-user | 2022-37331 | URL | ||
| 61008 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1672 attack attempt (more info ...) | attempted-user | 2022-37331 | URL | ||
| 61009 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1668 attack attempt (more info ...) | attempted-user | 2022-42885 | URL | ||
| 61010 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1668 attack attempt (more info ...) | attempted-user | 2022-42885 | URL | ||
| 61013 | MALWARE-CNC Win.Trojan.FlawedGrace outbound communication attempt (more info ...) | trojan-activity | URL | |||
| 61014 | POLICY-OTHER Foxit Reader exportAsFDF potential arbitrary file write attempt (more info ...) | policy-violation | 2018-14280 | |||
| 61015 | POLICY-OTHER Foxit Reader exportAsFDF potential arbitrary file write attempt (more info ...) | policy-violation | 2018-14280 | |||
| 61016 | POLICY-OTHER Foxit Reader exportAsFDF potential arbitrary file write attempt (more info ...) | policy-violation | 2018-14280 | |||
| 61017 | POLICY-OTHER Foxit Reader exportAsFDF potential arbitrary file write attempt (more info ...) | policy-violation | 2018-14280 | |||
| 61018 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1670 attack attempt (more info ...) | attempted-user | 2022-46280 | URL | ||
| 61019 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1670 attack attempt (more info ...) | attempted-user | 2022-46280 | URL | ||
| 61020 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1671 attack attempt (more info ...) | attempted-user | 2022-43467 | URL | ||
| 61021 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1671 attack attempt (more info ...) | attempted-user | 2022-43467 | URL | ||
| 61022 | FILE-IDENTIFY Tripos Mol2 file download request (more info ...) | misc-activity | ||||
| 61023 | FILE-IDENTIFY Tripos Mol2 file attachment detected (more info ...) | misc-activity | ||||
| 61024 | FILE-IDENTIFY Tripos Mol2 file attachment detected (more info ...) | misc-activity | ||||
| 61025 | FILE-IDENTIFY Tripos Mol2 file attachment detected (more info ...) | misc-activity | ||||
| 61026 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1664 attack attempt (more info ...) | attempted-user | 2022-43607 | URL | ||
| 61027 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1664 attack attempt (more info ...) | attempted-user | 2022-43607 | URL | ||
| 61028 | MALWARE-CNC Win.Backdoor.Turla outbound connection (more info ...) | trojan-activity | ||||
| 61035 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1665 attack attempt (more info ...) | attempted-user | 2022-46289 | URL | ||
| 61036 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1665 attack attempt (more info ...) | attempted-user | 2022-46289 | URL | ||
| 61037 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1665 attack attempt (more info ...) | attempted-user | 2022-46290 | URL | ||
| 61038 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1665 attack attempt (more info ...) | attempted-user | 2022-46290 | URL | ||
| 61039 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1669 attack attempt (more info ...) | attempted-user | 2022-44451 | URL | ||
| 61040 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1669 attack attempt (more info ...) | attempted-user | 2022-44451 | URL | ||
| 61048 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46291 | URL | ||
| 61049 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46291 | URL | ||
| 61050 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46292 | URL | ||
| 61051 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46292 | URL | ||
| 61052 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46293 | URL | ||
| 61053 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46293 | URL | ||
| 61054 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46294 | URL | ||
| 61055 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46294 | URL | ||
| 61056 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46294 | URL | ||
| 61057 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46294 | URL | ||
| 61058 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46295 | URL | ||
| 61059 | FILE-OTHER TRUFFLEHUNTER TALOS-2022-1666 attack attempt (more info ...) | attempted-user | 2022-46295 | URL | ||
| 61074 | MALWARE-CNC JSP.Webshell.JSPShell outbound connection (more info ...) | trojan-activity | URL | |||
| 61094 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1692 attack attempt (more info ...) | policy-violation | URL | |||
| 61154 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1690 attack attempt (more info ...) | misc-attack | URL | |||
| 61155 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1690 attack attempt (more info ...) | misc-attack | URL | |||
| 61160 | MALWARE-CNC JSP.Webshell.JSP2Shell outbound connection (more info ...) | trojan-activity | URL | |||
| 61161 | MALWARE-CNC JSP.Webshell.JSP2Shell inbound connection (more info ...) | trojan-activity | URL | |||
| 61182 | MALWARE-CNC Win.Spyware.Carbon outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61192 | POLICY-OTHER Veeam Backup and Replication empty user name login detected (more info ...) | policy-violation | 2022-26501 | URL | ||
| 61193 | OS-OTHER TRUFFLEHUNTER TALOS-2022-1688 attack attempt (more info ...) | attempted-recon | URL | |||
| 61199 | PROTOCOL-OTHER BGP EVPN MAC/IP Advertisement address length overflow attempt (more info ...) | attempted-dos | 2017-12319 | |||
| 61206 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1701 attack attempt (more info ...) | web-application-attack | 2023-22319 | URL | ||
| 61207 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1701 attack attempt (more info ...) | web-application-attack | 2023-22319 | URL | ||
| 61208 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1701 attack attempt (more info ...) | web-application-attack | 2023-22319 | URL | ||
| 61212 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1698 attack attempt (more info ...) | policy-violation | 2023-25583 | URL | ||
| 61223 | MALWARE-CNC User-Agent Sality malicious user agent (more info ...) | trojan-activity | ||||
| 61224 | MALWARE-CNC User-Agent Houdini malicious user agent (more info ...) | trojan-activity | ||||
| 61250 | MALWARE-CNC Win.Dropper.Rhadamanthys variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61251 | MALWARE-CNC Win.Dropper.Rhadamanthys variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61253 | MALWARE-CNC Win.Trojan.StrongPity variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61259 | MALWARE-CNC Win.Trojan.Gamaredon variant outbound connection (more info ...) | trojan-activity | ||||
| 61263 | MALWARE-CNC Win.Trojan.LaplasClipper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61264 | MALWARE-CNC Win.Trojan.LaplasClipper variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61265 | MALWARE-CNC Win.Downloader.BatLoader variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61304 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61305 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61306 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61307 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61308 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61309 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61310 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61311 | MALWARE-CNC Win.Trojan.njRAT variant download attempt (more info ...) | trojan-activity | URL | |||
| 61376 | POLICY-OTHER Fortra GoAnywhere MFT potential remote code execution attempt (more info ...) | policy-violation | 2023-0669 | |||
| 61377 | POLICY-OTHER Fortra GoAnywhere MFT potential remote code execution attempt (more info ...) | policy-violation | 2023-0669 | |||
| 61378 | FILE-OTHER Intel Network Adapter Diagnostic Driver exploitation attempt (more info ...) | attempted-dos | 2015-2291 | |||
| 61379 | FILE-OTHER Intel Network Adapter Diagnostic Driver exploitation attempt (more info ...) | attempted-dos | 2015-2291 | |||
| 61380 | FILE-OTHER Intel Network Adapter Diagnostic Driver exploitation attempt (more info ...) | attempted-dos | 2015-2291 | |||
| 61381 | FILE-OTHER Intel Network Adapter Diagnostic Driver exploitation attempt (more info ...) | attempted-dos | 2015-2291 | |||
| 61382 | FILE-OTHER Intel Network Adapter Diagnostic Driver exploitation attempt (more info ...) | attempted-dos | 2015-2291 | |||
| 61383 | FILE-OTHER Intel Network Adapter Diagnostic Driver exploitation attempt (more info ...) | attempted-dos | 2015-2291 | |||
| 61388 | MALWARE-OTHER Win.Malware.Agent malicious PowerShell script download attempt (more info ...) | trojan-activity | ||||
| 61389 | MALWARE-OTHER Win.Malware.Agent malicious PowerShell script download attempt (more info ...) | trojan-activity | ||||
| 61391 | MALWARE-CNC Win.Malware.Agent data exfiltration attempt (more info ...) | trojan-activity | ||||
| 61426 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61427 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61428 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61429 | MALWARE-CNC Win.Trojan.Prometei variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61443 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1728 attack attempt (more info ...) | attempted-recon | URL | |||
| 61461 | MALWARE-CNC Win.Malware.Agent variant outbound cnc beacon detected (more info ...) | trojan-activity | ||||
| 61473 | MALWARE-CNC Win.Trojan.BlackLotus variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61475 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1729 attack attempt (more info ...) | attempted-user | 2023-23567 | URL | ||
| 61476 | FILE-IMAGE TRUFFLEHUNTER TALOS-2023-1729 attack attempt (more info ...) | attempted-user | 2023-23567 | URL | ||
| 61489 | MALWARE-CNC Win.Ransomware.Mallox variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61507 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61508 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61509 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61510 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61511 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61512 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61513 | MALWARE-CNC Win.Trojan.Chinotto variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61514 | POLICY-OTHER Veeam Backup and Replication credential dump attempt (more info ...) | policy-violation | 2023-27532 | URL | ||
| 61527 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 61528 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 61529 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 61530 | MALWARE-OTHER Win.Trojan.Agent variant payload download attempt (more info ...) | trojan-activity | URL | |||
| 61556 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 61557 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 61560 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 61561 | MALWARE-OTHER Win.Trojan.Agent variant download attempt (more info ...) | trojan-activity | URL | |||
| 61564 | MALWARE-CNC Win.Trojan.AgentTesla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61565 | MALWARE-CNC Win.Trojan.AgentTesla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61566 | MALWARE-CNC Win.Trojan.AgentTesla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61567 | MALWARE-CNC Win.Trojan.AgentTesla variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61572 | SERVER-OTHER TRUFFLEHUNTER TALOS-2023-1735 attack attempt (more info ...) | attempted-admin | 2023-27395 | URL | ||
| 61576 | OS-MOBILE Samsung Galaxy AppStore unauthorized application install attempt (more info ...) | attempted-user | 2023-21433 | |||
| 61588 | MALWARE-CNC Win.Ransomware.Royal variant outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61612 | MALWARE-CNC Win.Ransomware.Lockbit variant network share readme file detected (more info ...) | trojan-activity | URL | |||
| 61627 | MALWARE-CNC Win.Downloader.BrokenDynamo second stage download attempt (more info ...) | trojan-activity | URL | |||
| 61628 | MALWARE-CNC TRUFFLEHUNTER SFVRT-1049 attack attempt (more info ...) | trojan-activity | ||||
| 61632 | SERVER-WEBAPP GitLab project import command injection attempt (more info ...) | web-application-attack | 2022-2185 | URL | ||
| 61639 | MALWARE-CNC Win.Trojan.SysUpdate variant beaconing attempt (more info ...) | trojan-activity | URL | |||
| 61664 | MALWARE-CNC Osx.Nukesped.Downloader beacon attempt (more info ...) | trojan-activity | URL | |||
| 61665 | MALWARE-CNC Osx.Nukesped.Downloader beacon attempt (more info ...) | trojan-activity | URL | |||
| 61676 | MALWARE-CNC MultiOS.Backdoor.Chollima beacon attempt (more info ...) | trojan-activity | URL | |||
| 61679 | MALWARE-CNC Win.Trojan.Agent variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61680 | MALWARE-CNC Win.Trojan.Agent variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61681 | MALWARE-CNC Win.Trojan.Agent variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61682 | MALWARE-CNC Win.Trojan.Agent variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61683 | MALWARE-CNC Win.Trojan.Agent variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61684 | MALWARE-CNC Win.Trojan.Agent variant inbound connection attempt (more info ...) | trojan-activity | URL | |||
| 61685 | SERVER-OTHER Django large multipart form denial of service attempt (more info ...) | attempted-dos | 2023-24580 | URL | ||
| 61686 | SERVER-OTHER Multiple products oversized HTTP Content-Length header value (more info ...) | attempted-dos | 2023-24580 | URL | ||
| 61689 | MALWARE-CNC Win.Ransomware.CryptoLocker variant outbound connection (more info ...) | trojan-activity | URL | |||
| 61702 | POLICY-OTHER Industrial Control Links ScadaFlex II arbitrary file delete attempt (more info ...) | policy-violation | 2022-25359 | URL | ||
| 61703 | POLICY-OTHER Industrial Control Links ScadaFlex II arbitrary file write attempt (more info ...) | policy-violation | 2022-25359 | URL | ||
| 61721 | SERVER-WEBAPP Zyxel remote support attempt (more info ...) | suspicious-login | 2023-28771 | URL | ||
| 61734 | FILE-IMAGE ImageMagick tEXt profile denial of service attempt (more info ...) | attempted-dos | 2022-44267 | URL | ||
| 61735 | FILE-IMAGE ImageMagick tEXt profile denial of service attempt (more info ...) | attempted-dos | 2022-44267 | URL | ||
| 61761 | MALWARE-CNC Win.Ransomware.Babuk encrypted file exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 61762 | MALWARE-CNC Win.Ransomware.Babuk encrypted file exfiltration attempt (more info ...) | trojan-activity | URL | |||
| 61765 | SERVER-WEBAPP Multiple products cross site scripting attempt (more info ...) | web-application-attack | ||||
| 61839 | MALWARE-CNC Win.Trojan.Horabot data exfiltration attempt (more info ...) | trojan-activity | ||||
| 61841 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61842 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61845 | MALWARE-CNC Win.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61846 | MALWARE-CNC Win.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61847 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61848 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61849 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61850 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61851 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61852 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61853 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61854 | MALWARE-CNC Win.Downloader.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61855 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61856 | MALWARE-CNC Ps1.Trojan.Horabot malicious file download attempt (more info ...) | trojan-activity | ||||
| 61880 | MALWARE-CNC Win.Trojan.RedLine inbound command and control attempt (more info ...) | trojan-activity | URL | |||
| 61891 | MALWARE-TOOLS Win.Tool.RemComSvc download attempt (more info ...) | trojan-activity | URL | |||
| 61892 | MALWARE-TOOLS Win.Tool.RemComSvc download attempt (more info ...) | trojan-activity | URL | |||
| 61901 | MALWARE-CNC Win.Trojan.Redline malicious file download (more info ...) | trojan-activity | URL | |||
| 61902 | MALWARE-CNC Win.Trojan.Redline malicious file download (more info ...) | trojan-activity | URL | |||
| 61903 | MALWARE-CNC Win.Trojan.Gozi malicious file download (more info ...) | trojan-activity | URL | |||
| 61904 | MALWARE-CNC Win.Trojan.Gozi malicious file download (more info ...) | trojan-activity | URL | |||
| 61913 | MALWARE-TOOLS Win.Proxy.frp download attempt (more info ...) | trojan-activity | URL | |||
| 61914 | MALWARE-TOOLS Win.Proxy.frp download attempt (more info ...) | trojan-activity | URL | |||
| 61945 | POLICY-OTHER Draytek Vigor device registration attempt (more info ...) | policy-violation | 2023-33778 | URL | ||
| 61960 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1762 attack attempt (more info ...) | policy-violation | 2023-34365 | URL | ||
| 61965 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1766 attack attempt (more info ...) | attempted-admin | 2023-34426 | URL | ||
| 61966 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1765 attack attempt (more info ...) | attempted-admin | 2023-31272 | URL | ||
| 61967 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1765 attack attempt (more info ...) | attempted-admin | 2023-31272 | URL | ||
| 61968 | SERVER-WEBAPP TRUFFLEHUNTER TALOS-2023-1765 attack attempt (more info ...) | attempted-admin | 2023-31272 | URL | ||
| 61991 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1773 attack attempt (more info ...) | policy-violation | 2023-34994 | URL | ||
| 61992 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1771 attack attempt (more info ...) | policy-violation | 2023-32615 | URL | ||
| 61993 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1772 attack attempt (more info ...) | policy-violation | 2023-34317 | URL | ||
| 61994 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1774 attack attempt (more info ...) | policy-violation | 2023-32271 | URL | ||
| 62003 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1769 attack attempt (more info ...) | policy-violation | 2023-31242 | URL | ||
| 62004 | POLICY-OTHER TRUFFLEHUNTER TALOS-2023-1775 attack attempt (more info ...) | attempted-recon | 2023-35124 | URL | ||
| 62060 | MALWARE-CNC Osx.Backdoor.Rustbucket stage two download attempt (more info ...) | trojan-activity | URL | |||
| 62061 | MALWARE-CNC Osx.Backdoor.Rustbucket stage three download attempt (more info ...) | trojan-activity | URL | |||
| 62084 | MALWARE-CNC Win.Trojan.RomCom outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 62085 | MALWARE-CNC Win.Trojan.RomCom outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 62086 | MALWARE-CNC Win.Trojan.RomCom outbound connection attempt (more info ...) | trojan-activity | URL | |||
| 62091 | SERVER-WEBAPP Zimbra Collaboration Suite cross site scripting attempt (more info ...) | attempted-user | 2023-34192 | URL | ||
| 62092 | SERVER-WEBAPP Zimbra Collaboration Suite cross site scripting attempt (more info ...) | attempted-user | 2023-34192 | URL | ||
| 62102 | SERVER-WEBAPP OpenSSL c_rehash command injection attempt (more info ...) | web-application-attack | 2022-2068 | URL | ||
| 62103 | SERVER-WEBAPP OpenSSL c_rehash command injection attempt (more info ...) | web-application-attack | 2022-2068 | URL | ||
| 62105 | FILE-PDF pdfio denial of service attempt (more info ...) | attempted-dos | 2023-28428 | URL | ||
| 62106 | FILE-PDF pdfio denial of service attempt (more info ...) | attempted-dos | 2023-28428 | URL | ||
| 62126 | MALWARE-CNC Win.Trojan.Agent Fake AnyDesk variant outbound connection (more info ...) | trojan-activity | URL |
