Talos has added and modified multiple rules in the file-multimedia, file-pdf, malware-other and server-webapp rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091701.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091700.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091601.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091600.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules)
* 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091501.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules) * 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091500.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091401.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091300.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (snort3-pua-other.rules) * 1:300026 <-> ENABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (snort3-native.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (snort3-pua-other.rules) * 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (snort3-malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (snort3-pua-other.rules) * 1:300025 <-> ENABLED <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt (snort3-native.rules) * 1:300027 <-> ENABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (snort3-native.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (snort3-malware-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (snort3-pua-other.rules) * 1:300028 <-> ENABLED <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt (snort3-native.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:57621 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57631 <-> DISABLED <-> PUA-OTHER WeChat User-Agent string - MicroMessenger (pua-other.rules) * 1:57634 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - PetalBot (pua-other.rules) * 1:57632 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast (pua-other.rules) * 1:57622 <-> DISABLED <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt (malware-other.rules) * 1:57633 <-> DISABLED <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser (pua-other.rules) * 3:57660 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57667 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57668 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57623 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57671 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57672 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57661 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57624 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57627 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57626 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57628 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57629 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57630 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57635 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57636 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57637 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57638 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57639 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57640 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57641 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57642 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57643 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57644 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57663 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57645 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57646 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57647 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57648 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57649 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57664 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57650 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57651 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57666 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57652 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57653 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57662 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57654 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57669 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57625 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1298 attack attempt (file-multimedia.rules) * 3:57655 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57656 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57665 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57657 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57658 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57670 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules) * 3:57659 <-> ENABLED <-> FILE-MULTIMEDIA TRUFFLEHUNTER TALOS-2021-1297 attack attempt (file-multimedia.rules)
* 3:46897 <-> ENABLED <-> SERVER-WEBAPP Cisco Adaptive Security Appliance directory traversal attempt (server-webapp.rules) * 3:57480 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules) * 3:57479 <-> ENABLED <-> FILE-PDF TRUFFLEHUNTER TALOS-2021-1287 attack attempt (file-pdf.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.0.3.1.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.0.3.4.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.0.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.0.1.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.1.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.3.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.4.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.5.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.0.3.1.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.0.3.4.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.0.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.0.1.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.1.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.3.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.4.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3.1.5.0.
The format of the file is:
gid:sid <-> Message
* 1:300025 <-> SERVER-WEBAPP Palo Alto GlobalProtect SSL VPN buffer overflow attempt * 1:300026 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300027 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:300028 <-> SERVER-WEBAPP Digium Asterisk cookie stack buffer overflow attempt * 1:57621 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57622 <-> MALWARE-OTHER Win.Ransomware.REvil variant binary download attempt * 1:57631 <-> PUA-OTHER WeChat User-Agent string - MicroMessenger * 1:57632 <-> PUA-OTHER Known unwanted User-Agent string - LieBaoFast * 1:57633 <-> PUA-OTHER Known unwanted User-Agent string - Mb2345Browser * 1:57634 <-> PUA-OTHER Known unwanted User-Agent string - PetalBot
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
