Name | Category | Info |
---|---|---|
Bilibili Dec20 | Voice/Video/Media | Bilibili is a Chinese video website. It allows users to view, upload, comment and share videos. |
Name | Category | Info |
---|---|---|
Bilibili Dec20 | Voice/Video/Media | Simulates Bilibili as of December 2020. The user opens the website, browses video lists, watches videos and uploads videos. |
Bilibili Dec20 Authentication | Voice/Video/Media | Simulates Bilibili Authentication as of December 2020. |
ID | References | Category | Info |
---|---|---|---|
G20-peg51 | URLURL | Generic | This strike simulates the HTTP requests sent by a host infected with Sunburst malware. An infected host may periodically send one or more similar HTTP requests. Requests to these URLs should be considered an Indicator of Compromise (IoC). |
Component | Info |
---|---|
StrikeList | New Strike List "Sunburst Indicators of Compromise".
FireEye has released a list of Indicators of Compromise in order to identify hosts infected with Sunburst malware. This strikelist contains strikes that simulate traffic originating from a host infected with Sunburst malware. https://github.com/fireeye/sunburst_countermeasures/tree/main/rules/SUNBURST/snort |
Ticket | Info |
---|---|
ATIBPS-16770 | Added missing descriptions for all the flow level and action level parameters for the FTP application. |
ATIBPS-17143 | Fixed the content-boundary field of HTTP protocol. |
ATIBPS-17186 | Changed the category on CN/IP and DLMS (both protols and superflows) to SCADA. |